Awareness of Cyber Security - Response for Emergency Support Function 18 planning
•
2 likes•1,732 views
The document discusses developing Emergency Support Function (ESF) no. 18 for cyber security and response. It outlines that ESF 18 is intended to provide awareness of cyber threats, highlight challenges of managing cyber events, and create awareness of integrating cyber response capabilities into emergency management plans. The document also explains that ESFs help coordinate response efforts across disciplines and that developing ESF 18 could help catalogue cyber response resources and define roles for defending against cyber attacks and restoring critical systems during disasters.
Report
Share
Awareness of Cyber Security - Response for Emergency Support Function 18 planning
- 1. Developing Emergency Support Function (ESF) no. 18 Dave Sweigert, EMS, CISSP, CISA, PMP February, 2014 Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
- 2. Intended audience • Managers of political sub-divisions, nonprofit organizations, corporations and others tasked with planning for an integrated response to a disaster or emergency incident that may involve issues related to cyber security or cyber terrorism. Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
- 3. Objective • Provide awareness of cyber terrorism and cyber warfare threats • Create awareness of Emergency Support Function no. 18 – Cyber Security/Response • Highlight challenges to emergency management of cyber events Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
- 4. BACKGROUND Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
- 5. Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
- 6. Evolving impacts of cyber attacks • Cyber warfare activities • Part of coordinated multi-disciplinary attacks (bio, chemical, infrastructure) • Disruption of critical infrastructure • (grid down, loss of Internet, terrorism). Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
- 7. No longer just a “data breach” problem • Public safety systems can be comprised to put response activities in the dark • Disruptions of public alert and warning systems to increase terror in public • Illegitimate social media hacks to provide false and misleading press releases Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
- 8. CYBER WARFARE & CYBER TERRORISM Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
- 9. Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
- 10. Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
- 11. Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
- 12. Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
- 13. EMERGENCY MANAGEMENT (EM) AND CYBER RESPONSE Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
- 14. Coordinating cyber response • Emergency Support Functions (ESFs) provide buckets of disciplines to help manage incident response • ESF 18 – Cyber Security/Response – a developing area to support comprehensive emergency management with cyber capabilities Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
- 15. Emergency Support Function (ESF): • ESFs provide for a coordinated response • ESFs used to plan in all four (4) phases of EM: Mitigation, Preparedness, Response, Recovery • ESFs offer a coordinating structure • ESFs help coordinate information flow Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
- 16. Emergency Support Function (ESF): • ESF support for communications and shared messaging to avoid contradictory statements and assessments • Promotes common operating picture • Organizes and identifies overlapping functions (e.g., ESF – 2 Communications) Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
- 17. Emergency Support Function (ESF): • ESFs are the grouping of governmental and certain private sector capabilities into an organizational structure to provide support, resources, program implementation, and services that are most likely needed to save lives, protect property and the environment, restore essential services and critical infrastructure, and help victims and communities return to normal following domestic incidents. Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
- 18. Traditional ESFs Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
- 19. UNDERSTANDING CYBER RESPONSE CAPABILITIES Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
- 20. Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
- 21. Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
- 22. ESF 18 – catalogue capabilities • Rapid deployment of basic Internet services following destruction of infrastructure? • Use of technical specialists to defend against aggressive cyber attacks? • Coordination of network monitoring and restoral activities for critical public safety systems (911 dispatch, radio, comm)? Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
- 23. CONCLUSION Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
- 24. ESF 18 – Cyber Security / Response • Developing area of Emergency Management (EM) • Understand the significance of cyber warfare and cyber terrorism • Build awareness of integrating cyber response planning into overall EM plans (EOPs, continuity plans, etc.) Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
- 25. About the author: An Air Force veteran, Dave Sweigert acquired significant security engineering experience with military and defense contractors before earning two Masters’ degrees (Project Management and Information Security). He holds the following certifications: California Emergency Management Specialist (EMS), Project Management Professional (PMP) , Certified Information Security Systems Professional (CISSP), and Certified Information Systems Auditor (CISA). Mr. Sweigert has over twenty years experience in information assurance, risk management, governance frameworks and litigation support. Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014