1 / 14

NERCPI Regional Cyber Disruption Planning 2012 Cyber Disruption Summit 21 February 2012

Cyber Disruption Planning. Catastrophic cyber planning is an evolving conceptTrue emergencies vs. inconveniencesPublic Safety reliance on ITFully interconnected worldSCADASmartGridStuxnet. Cyber Disruption Scenarios. Many disparate events lead to a finite number of effectsLoss of InternetLos

kirsten
Download Presentation

NERCPI Regional Cyber Disruption Planning 2012 Cyber Disruption Summit 21 February 2012

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

    2. Cyber Disruption Planning Catastrophic cyber planning is an evolving concept True emergencies vs. inconveniences Public Safety reliance on IT Fully interconnected world SCADA SmartGrid Stuxnet

    3. Cyber Disruption Scenarios Many disparate events lead to a finite number of effects Loss of Internet Loss of internal network resources Loss of desktop assets Loss of power Loss of physical access to assets Approach limits risk by maintaining focus on the impact(s) of a given disruption

    4. Planning Process Identify Assets CIKR vs Cyber Assets Determine Capabilities of Assets and Personnel Analyze Risk to Assets and Region Current State Can our jurisdictions handle a catastrophe? What triggers a catastrophe?

    5. Original State

    6. Project Goal

    7. Cyber Disruption Teams (CDT) CDT scalable to function locally or Regionally CDTs part of ESF-2 The CDT can serve two functions: IT SME support for incident commanders Incident commander during cyber-centric events

    8. Regional Structure CDT within each jurisdiction Template adapted differently in each jurisdiction Regional Cyber Disruption Response Annex High level multi-state CDT coordination Annex to RCCP Training Strategy Recommendations to be implemented by CDTs, based on standards

    9. Benefits of Collaboration Collaboration between EM and IT Better understanding by EM of their reliance on IT systems Breaking down language barriers between IT and EM communities IT response can benefit from Implementing EM response “battle rhythm”

    10. Lessons Learned Interdependencies across utility sectors Shows Importance of departmental IT Coop Plans Prioritization is key for structured restoration Span of control differs between EM and IT EM/Public Safety cover entire state assets IT covers executive branch assets

    11. Lessons Learned Evidence Collection underscores need for Law Enforcement Presence Regional cooperation for information sharing; resource sharing on the horizon Awareness briefings require IT and EM understanding among CDT leads

    12. Project Challenges Perception that existing cyber planning and response efforts can address catastrophic incidents Keeping focus among ever-changing cyber threat landscape Resisting the temptation to “solve” technical issues; keep participants at appropriate level of detail. Information Sharing How/When to incorporate Federal assets

    13. Project Completion ‘Completion’ is a misnomer for this project Can look towards 1 – 3 – 5 year goals: 1 yr – Memorialize gains and lessons learned 3 yrs – CDTs have grown in membership and representation. Other agencies have formed CDTs. 5 yrs – Cyber disruption response more closely mirrors other types of response (law enforcement, fire, etc.) Centers of Excellence

More Related