dhs cybersecurity webinar

14
Office of Cybersecurity & Communications

Upload: businessforward

Post on 15-Apr-2017

598 views

Category:

Technology


0 download

TRANSCRIPT

Page 1: DHS Cybersecurity Webinar

Office of Cybersecurity amp Communications

Cybersecurity and SMBsbull SMBs are at riskbull Resource constraints = operationssecurity tradeoffbull Growing target of cyber-attacksbull Less likely to have robust security systemsbull May not possess the same resources or knowledge

as larger businessesbull May not be able to recover from an attack

DHS offers resources programs and tools to help SMBs

SMB Trend TableTrend Description Example

Endpoint Security

Weaknesses

Weak authentication or cryptography that allows

malicious actors to infiltrate a network to destroy or disable

systems andor steal data

In 2014 at least 600 businesses including SMB

were targeted by the malicious POS software Backoff

User Security Vulnerabilities

User failure or malicious conduct among employees

andor contractors

In 2013 a single outside contractor provided hackers

with an entry point that compromised 70 million Target

shoppers

Software as a Service (SaaS) Vulnerabilities

Large and often unknown vulnerabilities posed by SaaS including accounting software cloud storage web platforms

and email

In 2015 a cryptography exploit known as FREAK

exposed more than 5 million web pages and applications to

vulnerabilities that would render them untrusted

Cybersecurity Where to Start1 Understand and Address Common Vulnerabilities

bull National Vulnerability Database (httpsnvdnistgov)

2 Determine what Cyber Events you Monitorbull Threat incident and activity reportsbull NIST Cybersecurity Framework

3 Conduct a Business Impact Assessmentbull Critical business functionsbull Contingency plans

4 Join an Information Sharing and Analysis Organization (ISAO)bull httpwwwdhsgovisao

5 Use DHS Programs and Resourcesbull httpwwwus-certgovccubedvp

Cybersecurity Tips for LeadershipFramework

Core Function

Activity

Identify Conduct Needs Assessment

ProtectTechnical Defenses bull Access Controls and Passwordsbull Encrypted Communications

Detect Monitor Systems

Respond amp Recover

bull Employee Training and Communications

bull Policies and Proceduresbull Business Continuity and Disaster

Recovery

Cybersecurity Tools and ResourcesOver 40 resources currently featured including the Cyber Resilience Review (CRR)

Pages are organized by stakeholder group bull Academia Business Federal

State Local Tribal and Territorial (SLTT)

bull New Stakeholder Page Small and Midsize Business (SMB)

Resources are aligned to Framework core functionbull Identify Protect Detect

Respond Recover

wwwus-certgovccubedvp

Cybersecurity Tools and Resourcesbull Cyber Resilience Review (CRR)

bull No-cost voluntary assessment to evaluate IT resilience

bull C3 Voluntary Program Small and Midsize Business (SMB) Toolkitbull Understanding the Threat

Landscapebull Top Resources for SMBbull Cybersecurity for Startupsbull C3 Voluntary Program Outreach amp

Messaging Kitbull SMB Leadership Agendabull Hands-On Resource Guide

Cybersecurity Tools and Resources

bull StopThinkConnect Resource Guidebull Online Resource Guide specifically tailored to SMB

bull Federal Small Biz Cyber Plannerbull Helps businesses create custom cybersecurity plans

bull NACD Cyber-Risk Oversight Handbookbull Five steps leadership should consider as they seek to

enhance their oversight of cyber risks

Cybersecurity Tools and Resources

bull Cyber Information Sharing and Collaboration Program (CISCP)bull Enhances cybersecurity collaboration between DHS

and critical infrastructurebull Leverages government and industry expertise to

respond to cybersecurity incidents

bull Enhanced Cybersecurity Services (ECS) programbull Supports voluntary information

sharing to protect critical infrastructure systems

2015 Activities amp Initiatives Growing Communities of Interest

bull Regional event series

bull Small and Midsized Business Roadshow

bull Webinar series

bull Building communities of interest

bull Partner Program

Building Communities of Interestbull Stakeholders sharing regional andor industry

identity

bull Community support in cybersecurity and risk management

bull Built around use of NIST Cybersecurity Framework

bull Independent information sharing

bull Goal Self-sustaining networks across the nation

Partner Program

bull Enhance their cyber resilience

bull Use the NIST Cybersecurity Framework

bull Build communities of interest around cybersecurity and risk management

bull Spread the word about the Csup3 Voluntary Program and its resources

The Csup3 Voluntary Program will provide Partners assistance so that they can

How to Get Involvedbull Take advantage of C3 Voluntary Program resources

bull Visit the C3 Voluntary Program website at

bull Familiarize yourself with the Cybersecurity Framework

bull Download the Cyber Resilience Review (CRR) or contact DHS for an on-site assessment

bull Download the SMB Toolkit

bull Join or establish an ISAO infohqdhsgov

bull Spread the word across your community

bull Become a C3 Voluntary Program Partner coming in 2015 bull E-mail CCubedVPhqdhsgov

wwwus-certgovccubedvp

ccubedvpwwwus-certgov

ccubedvp

  • Slide 1
  • Slide 2
  • Slide 3
  • Slide 4
  • Slide 5
  • Cybersecurity Tools and Resources
  • Cybersecurity Tools and Resources (2)
  • Cybersecurity Tools and Resources (3)
  • Cybersecurity Tools and Resources
  • 2015 Activities amp Initiatives Growing Communities of Interest
  • Building Communities of Interest
  • Partner Program
  • Slide 13
  • Slide 14
Page 2: DHS Cybersecurity Webinar

Cybersecurity and SMBsbull SMBs are at riskbull Resource constraints = operationssecurity tradeoffbull Growing target of cyber-attacksbull Less likely to have robust security systemsbull May not possess the same resources or knowledge

as larger businessesbull May not be able to recover from an attack

DHS offers resources programs and tools to help SMBs

SMB Trend TableTrend Description Example

Endpoint Security

Weaknesses

Weak authentication or cryptography that allows

malicious actors to infiltrate a network to destroy or disable

systems andor steal data

In 2014 at least 600 businesses including SMB

were targeted by the malicious POS software Backoff

User Security Vulnerabilities

User failure or malicious conduct among employees

andor contractors

In 2013 a single outside contractor provided hackers

with an entry point that compromised 70 million Target

shoppers

Software as a Service (SaaS) Vulnerabilities

Large and often unknown vulnerabilities posed by SaaS including accounting software cloud storage web platforms

and email

In 2015 a cryptography exploit known as FREAK

exposed more than 5 million web pages and applications to

vulnerabilities that would render them untrusted

Cybersecurity Where to Start1 Understand and Address Common Vulnerabilities

bull National Vulnerability Database (httpsnvdnistgov)

2 Determine what Cyber Events you Monitorbull Threat incident and activity reportsbull NIST Cybersecurity Framework

3 Conduct a Business Impact Assessmentbull Critical business functionsbull Contingency plans

4 Join an Information Sharing and Analysis Organization (ISAO)bull httpwwwdhsgovisao

5 Use DHS Programs and Resourcesbull httpwwwus-certgovccubedvp

Cybersecurity Tips for LeadershipFramework

Core Function

Activity

Identify Conduct Needs Assessment

ProtectTechnical Defenses bull Access Controls and Passwordsbull Encrypted Communications

Detect Monitor Systems

Respond amp Recover

bull Employee Training and Communications

bull Policies and Proceduresbull Business Continuity and Disaster

Recovery

Cybersecurity Tools and ResourcesOver 40 resources currently featured including the Cyber Resilience Review (CRR)

Pages are organized by stakeholder group bull Academia Business Federal

State Local Tribal and Territorial (SLTT)

bull New Stakeholder Page Small and Midsize Business (SMB)

Resources are aligned to Framework core functionbull Identify Protect Detect

Respond Recover

wwwus-certgovccubedvp

Cybersecurity Tools and Resourcesbull Cyber Resilience Review (CRR)

bull No-cost voluntary assessment to evaluate IT resilience

bull C3 Voluntary Program Small and Midsize Business (SMB) Toolkitbull Understanding the Threat

Landscapebull Top Resources for SMBbull Cybersecurity for Startupsbull C3 Voluntary Program Outreach amp

Messaging Kitbull SMB Leadership Agendabull Hands-On Resource Guide

Cybersecurity Tools and Resources

bull StopThinkConnect Resource Guidebull Online Resource Guide specifically tailored to SMB

bull Federal Small Biz Cyber Plannerbull Helps businesses create custom cybersecurity plans

bull NACD Cyber-Risk Oversight Handbookbull Five steps leadership should consider as they seek to

enhance their oversight of cyber risks

Cybersecurity Tools and Resources

bull Cyber Information Sharing and Collaboration Program (CISCP)bull Enhances cybersecurity collaboration between DHS

and critical infrastructurebull Leverages government and industry expertise to

respond to cybersecurity incidents

bull Enhanced Cybersecurity Services (ECS) programbull Supports voluntary information

sharing to protect critical infrastructure systems

2015 Activities amp Initiatives Growing Communities of Interest

bull Regional event series

bull Small and Midsized Business Roadshow

bull Webinar series

bull Building communities of interest

bull Partner Program

Building Communities of Interestbull Stakeholders sharing regional andor industry

identity

bull Community support in cybersecurity and risk management

bull Built around use of NIST Cybersecurity Framework

bull Independent information sharing

bull Goal Self-sustaining networks across the nation

Partner Program

bull Enhance their cyber resilience

bull Use the NIST Cybersecurity Framework

bull Build communities of interest around cybersecurity and risk management

bull Spread the word about the Csup3 Voluntary Program and its resources

The Csup3 Voluntary Program will provide Partners assistance so that they can

How to Get Involvedbull Take advantage of C3 Voluntary Program resources

bull Visit the C3 Voluntary Program website at

bull Familiarize yourself with the Cybersecurity Framework

bull Download the Cyber Resilience Review (CRR) or contact DHS for an on-site assessment

bull Download the SMB Toolkit

bull Join or establish an ISAO infohqdhsgov

bull Spread the word across your community

bull Become a C3 Voluntary Program Partner coming in 2015 bull E-mail CCubedVPhqdhsgov

wwwus-certgovccubedvp

ccubedvpwwwus-certgov

ccubedvp

  • Slide 1
  • Slide 2
  • Slide 3
  • Slide 4
  • Slide 5
  • Cybersecurity Tools and Resources
  • Cybersecurity Tools and Resources (2)
  • Cybersecurity Tools and Resources (3)
  • Cybersecurity Tools and Resources
  • 2015 Activities amp Initiatives Growing Communities of Interest
  • Building Communities of Interest
  • Partner Program
  • Slide 13
  • Slide 14
Page 3: DHS Cybersecurity Webinar

SMB Trend TableTrend Description Example

Endpoint Security

Weaknesses

Weak authentication or cryptography that allows

malicious actors to infiltrate a network to destroy or disable

systems andor steal data

In 2014 at least 600 businesses including SMB

were targeted by the malicious POS software Backoff

User Security Vulnerabilities

User failure or malicious conduct among employees

andor contractors

In 2013 a single outside contractor provided hackers

with an entry point that compromised 70 million Target

shoppers

Software as a Service (SaaS) Vulnerabilities

Large and often unknown vulnerabilities posed by SaaS including accounting software cloud storage web platforms

and email

In 2015 a cryptography exploit known as FREAK

exposed more than 5 million web pages and applications to

vulnerabilities that would render them untrusted

Cybersecurity Where to Start1 Understand and Address Common Vulnerabilities

bull National Vulnerability Database (httpsnvdnistgov)

2 Determine what Cyber Events you Monitorbull Threat incident and activity reportsbull NIST Cybersecurity Framework

3 Conduct a Business Impact Assessmentbull Critical business functionsbull Contingency plans

4 Join an Information Sharing and Analysis Organization (ISAO)bull httpwwwdhsgovisao

5 Use DHS Programs and Resourcesbull httpwwwus-certgovccubedvp

Cybersecurity Tips for LeadershipFramework

Core Function

Activity

Identify Conduct Needs Assessment

ProtectTechnical Defenses bull Access Controls and Passwordsbull Encrypted Communications

Detect Monitor Systems

Respond amp Recover

bull Employee Training and Communications

bull Policies and Proceduresbull Business Continuity and Disaster

Recovery

Cybersecurity Tools and ResourcesOver 40 resources currently featured including the Cyber Resilience Review (CRR)

Pages are organized by stakeholder group bull Academia Business Federal

State Local Tribal and Territorial (SLTT)

bull New Stakeholder Page Small and Midsize Business (SMB)

Resources are aligned to Framework core functionbull Identify Protect Detect

Respond Recover

wwwus-certgovccubedvp

Cybersecurity Tools and Resourcesbull Cyber Resilience Review (CRR)

bull No-cost voluntary assessment to evaluate IT resilience

bull C3 Voluntary Program Small and Midsize Business (SMB) Toolkitbull Understanding the Threat

Landscapebull Top Resources for SMBbull Cybersecurity for Startupsbull C3 Voluntary Program Outreach amp

Messaging Kitbull SMB Leadership Agendabull Hands-On Resource Guide

Cybersecurity Tools and Resources

bull StopThinkConnect Resource Guidebull Online Resource Guide specifically tailored to SMB

bull Federal Small Biz Cyber Plannerbull Helps businesses create custom cybersecurity plans

bull NACD Cyber-Risk Oversight Handbookbull Five steps leadership should consider as they seek to

enhance their oversight of cyber risks

Cybersecurity Tools and Resources

bull Cyber Information Sharing and Collaboration Program (CISCP)bull Enhances cybersecurity collaboration between DHS

and critical infrastructurebull Leverages government and industry expertise to

respond to cybersecurity incidents

bull Enhanced Cybersecurity Services (ECS) programbull Supports voluntary information

sharing to protect critical infrastructure systems

2015 Activities amp Initiatives Growing Communities of Interest

bull Regional event series

bull Small and Midsized Business Roadshow

bull Webinar series

bull Building communities of interest

bull Partner Program

Building Communities of Interestbull Stakeholders sharing regional andor industry

identity

bull Community support in cybersecurity and risk management

bull Built around use of NIST Cybersecurity Framework

bull Independent information sharing

bull Goal Self-sustaining networks across the nation

Partner Program

bull Enhance their cyber resilience

bull Use the NIST Cybersecurity Framework

bull Build communities of interest around cybersecurity and risk management

bull Spread the word about the Csup3 Voluntary Program and its resources

The Csup3 Voluntary Program will provide Partners assistance so that they can

How to Get Involvedbull Take advantage of C3 Voluntary Program resources

bull Visit the C3 Voluntary Program website at

bull Familiarize yourself with the Cybersecurity Framework

bull Download the Cyber Resilience Review (CRR) or contact DHS for an on-site assessment

bull Download the SMB Toolkit

bull Join or establish an ISAO infohqdhsgov

bull Spread the word across your community

bull Become a C3 Voluntary Program Partner coming in 2015 bull E-mail CCubedVPhqdhsgov

wwwus-certgovccubedvp

ccubedvpwwwus-certgov

ccubedvp

  • Slide 1
  • Slide 2
  • Slide 3
  • Slide 4
  • Slide 5
  • Cybersecurity Tools and Resources
  • Cybersecurity Tools and Resources (2)
  • Cybersecurity Tools and Resources (3)
  • Cybersecurity Tools and Resources
  • 2015 Activities amp Initiatives Growing Communities of Interest
  • Building Communities of Interest
  • Partner Program
  • Slide 13
  • Slide 14
Page 4: DHS Cybersecurity Webinar

Cybersecurity Where to Start1 Understand and Address Common Vulnerabilities

bull National Vulnerability Database (httpsnvdnistgov)

2 Determine what Cyber Events you Monitorbull Threat incident and activity reportsbull NIST Cybersecurity Framework

3 Conduct a Business Impact Assessmentbull Critical business functionsbull Contingency plans

4 Join an Information Sharing and Analysis Organization (ISAO)bull httpwwwdhsgovisao

5 Use DHS Programs and Resourcesbull httpwwwus-certgovccubedvp

Cybersecurity Tips for LeadershipFramework

Core Function

Activity

Identify Conduct Needs Assessment

ProtectTechnical Defenses bull Access Controls and Passwordsbull Encrypted Communications

Detect Monitor Systems

Respond amp Recover

bull Employee Training and Communications

bull Policies and Proceduresbull Business Continuity and Disaster

Recovery

Cybersecurity Tools and ResourcesOver 40 resources currently featured including the Cyber Resilience Review (CRR)

Pages are organized by stakeholder group bull Academia Business Federal

State Local Tribal and Territorial (SLTT)

bull New Stakeholder Page Small and Midsize Business (SMB)

Resources are aligned to Framework core functionbull Identify Protect Detect

Respond Recover

wwwus-certgovccubedvp

Cybersecurity Tools and Resourcesbull Cyber Resilience Review (CRR)

bull No-cost voluntary assessment to evaluate IT resilience

bull C3 Voluntary Program Small and Midsize Business (SMB) Toolkitbull Understanding the Threat

Landscapebull Top Resources for SMBbull Cybersecurity for Startupsbull C3 Voluntary Program Outreach amp

Messaging Kitbull SMB Leadership Agendabull Hands-On Resource Guide

Cybersecurity Tools and Resources

bull StopThinkConnect Resource Guidebull Online Resource Guide specifically tailored to SMB

bull Federal Small Biz Cyber Plannerbull Helps businesses create custom cybersecurity plans

bull NACD Cyber-Risk Oversight Handbookbull Five steps leadership should consider as they seek to

enhance their oversight of cyber risks

Cybersecurity Tools and Resources

bull Cyber Information Sharing and Collaboration Program (CISCP)bull Enhances cybersecurity collaboration between DHS

and critical infrastructurebull Leverages government and industry expertise to

respond to cybersecurity incidents

bull Enhanced Cybersecurity Services (ECS) programbull Supports voluntary information

sharing to protect critical infrastructure systems

2015 Activities amp Initiatives Growing Communities of Interest

bull Regional event series

bull Small and Midsized Business Roadshow

bull Webinar series

bull Building communities of interest

bull Partner Program

Building Communities of Interestbull Stakeholders sharing regional andor industry

identity

bull Community support in cybersecurity and risk management

bull Built around use of NIST Cybersecurity Framework

bull Independent information sharing

bull Goal Self-sustaining networks across the nation

Partner Program

bull Enhance their cyber resilience

bull Use the NIST Cybersecurity Framework

bull Build communities of interest around cybersecurity and risk management

bull Spread the word about the Csup3 Voluntary Program and its resources

The Csup3 Voluntary Program will provide Partners assistance so that they can

How to Get Involvedbull Take advantage of C3 Voluntary Program resources

bull Visit the C3 Voluntary Program website at

bull Familiarize yourself with the Cybersecurity Framework

bull Download the Cyber Resilience Review (CRR) or contact DHS for an on-site assessment

bull Download the SMB Toolkit

bull Join or establish an ISAO infohqdhsgov

bull Spread the word across your community

bull Become a C3 Voluntary Program Partner coming in 2015 bull E-mail CCubedVPhqdhsgov

wwwus-certgovccubedvp

ccubedvpwwwus-certgov

ccubedvp

  • Slide 1
  • Slide 2
  • Slide 3
  • Slide 4
  • Slide 5
  • Cybersecurity Tools and Resources
  • Cybersecurity Tools and Resources (2)
  • Cybersecurity Tools and Resources (3)
  • Cybersecurity Tools and Resources
  • 2015 Activities amp Initiatives Growing Communities of Interest
  • Building Communities of Interest
  • Partner Program
  • Slide 13
  • Slide 14
Page 5: DHS Cybersecurity Webinar

Cybersecurity Tips for LeadershipFramework

Core Function

Activity

Identify Conduct Needs Assessment

ProtectTechnical Defenses bull Access Controls and Passwordsbull Encrypted Communications

Detect Monitor Systems

Respond amp Recover

bull Employee Training and Communications

bull Policies and Proceduresbull Business Continuity and Disaster

Recovery

Cybersecurity Tools and ResourcesOver 40 resources currently featured including the Cyber Resilience Review (CRR)

Pages are organized by stakeholder group bull Academia Business Federal

State Local Tribal and Territorial (SLTT)

bull New Stakeholder Page Small and Midsize Business (SMB)

Resources are aligned to Framework core functionbull Identify Protect Detect

Respond Recover

wwwus-certgovccubedvp

Cybersecurity Tools and Resourcesbull Cyber Resilience Review (CRR)

bull No-cost voluntary assessment to evaluate IT resilience

bull C3 Voluntary Program Small and Midsize Business (SMB) Toolkitbull Understanding the Threat

Landscapebull Top Resources for SMBbull Cybersecurity for Startupsbull C3 Voluntary Program Outreach amp

Messaging Kitbull SMB Leadership Agendabull Hands-On Resource Guide

Cybersecurity Tools and Resources

bull StopThinkConnect Resource Guidebull Online Resource Guide specifically tailored to SMB

bull Federal Small Biz Cyber Plannerbull Helps businesses create custom cybersecurity plans

bull NACD Cyber-Risk Oversight Handbookbull Five steps leadership should consider as they seek to

enhance their oversight of cyber risks

Cybersecurity Tools and Resources

bull Cyber Information Sharing and Collaboration Program (CISCP)bull Enhances cybersecurity collaboration between DHS

and critical infrastructurebull Leverages government and industry expertise to

respond to cybersecurity incidents

bull Enhanced Cybersecurity Services (ECS) programbull Supports voluntary information

sharing to protect critical infrastructure systems

2015 Activities amp Initiatives Growing Communities of Interest

bull Regional event series

bull Small and Midsized Business Roadshow

bull Webinar series

bull Building communities of interest

bull Partner Program

Building Communities of Interestbull Stakeholders sharing regional andor industry

identity

bull Community support in cybersecurity and risk management

bull Built around use of NIST Cybersecurity Framework

bull Independent information sharing

bull Goal Self-sustaining networks across the nation

Partner Program

bull Enhance their cyber resilience

bull Use the NIST Cybersecurity Framework

bull Build communities of interest around cybersecurity and risk management

bull Spread the word about the Csup3 Voluntary Program and its resources

The Csup3 Voluntary Program will provide Partners assistance so that they can

How to Get Involvedbull Take advantage of C3 Voluntary Program resources

bull Visit the C3 Voluntary Program website at

bull Familiarize yourself with the Cybersecurity Framework

bull Download the Cyber Resilience Review (CRR) or contact DHS for an on-site assessment

bull Download the SMB Toolkit

bull Join or establish an ISAO infohqdhsgov

bull Spread the word across your community

bull Become a C3 Voluntary Program Partner coming in 2015 bull E-mail CCubedVPhqdhsgov

wwwus-certgovccubedvp

ccubedvpwwwus-certgov

ccubedvp

  • Slide 1
  • Slide 2
  • Slide 3
  • Slide 4
  • Slide 5
  • Cybersecurity Tools and Resources
  • Cybersecurity Tools and Resources (2)
  • Cybersecurity Tools and Resources (3)
  • Cybersecurity Tools and Resources
  • 2015 Activities amp Initiatives Growing Communities of Interest
  • Building Communities of Interest
  • Partner Program
  • Slide 13
  • Slide 14
Page 6: DHS Cybersecurity Webinar

Cybersecurity Tools and ResourcesOver 40 resources currently featured including the Cyber Resilience Review (CRR)

Pages are organized by stakeholder group bull Academia Business Federal

State Local Tribal and Territorial (SLTT)

bull New Stakeholder Page Small and Midsize Business (SMB)

Resources are aligned to Framework core functionbull Identify Protect Detect

Respond Recover

wwwus-certgovccubedvp

Cybersecurity Tools and Resourcesbull Cyber Resilience Review (CRR)

bull No-cost voluntary assessment to evaluate IT resilience

bull C3 Voluntary Program Small and Midsize Business (SMB) Toolkitbull Understanding the Threat

Landscapebull Top Resources for SMBbull Cybersecurity for Startupsbull C3 Voluntary Program Outreach amp

Messaging Kitbull SMB Leadership Agendabull Hands-On Resource Guide

Cybersecurity Tools and Resources

bull StopThinkConnect Resource Guidebull Online Resource Guide specifically tailored to SMB

bull Federal Small Biz Cyber Plannerbull Helps businesses create custom cybersecurity plans

bull NACD Cyber-Risk Oversight Handbookbull Five steps leadership should consider as they seek to

enhance their oversight of cyber risks

Cybersecurity Tools and Resources

bull Cyber Information Sharing and Collaboration Program (CISCP)bull Enhances cybersecurity collaboration between DHS

and critical infrastructurebull Leverages government and industry expertise to

respond to cybersecurity incidents

bull Enhanced Cybersecurity Services (ECS) programbull Supports voluntary information

sharing to protect critical infrastructure systems

2015 Activities amp Initiatives Growing Communities of Interest

bull Regional event series

bull Small and Midsized Business Roadshow

bull Webinar series

bull Building communities of interest

bull Partner Program

Building Communities of Interestbull Stakeholders sharing regional andor industry

identity

bull Community support in cybersecurity and risk management

bull Built around use of NIST Cybersecurity Framework

bull Independent information sharing

bull Goal Self-sustaining networks across the nation

Partner Program

bull Enhance their cyber resilience

bull Use the NIST Cybersecurity Framework

bull Build communities of interest around cybersecurity and risk management

bull Spread the word about the Csup3 Voluntary Program and its resources

The Csup3 Voluntary Program will provide Partners assistance so that they can

How to Get Involvedbull Take advantage of C3 Voluntary Program resources

bull Visit the C3 Voluntary Program website at

bull Familiarize yourself with the Cybersecurity Framework

bull Download the Cyber Resilience Review (CRR) or contact DHS for an on-site assessment

bull Download the SMB Toolkit

bull Join or establish an ISAO infohqdhsgov

bull Spread the word across your community

bull Become a C3 Voluntary Program Partner coming in 2015 bull E-mail CCubedVPhqdhsgov

wwwus-certgovccubedvp

ccubedvpwwwus-certgov

ccubedvp

  • Slide 1
  • Slide 2
  • Slide 3
  • Slide 4
  • Slide 5
  • Cybersecurity Tools and Resources
  • Cybersecurity Tools and Resources (2)
  • Cybersecurity Tools and Resources (3)
  • Cybersecurity Tools and Resources
  • 2015 Activities amp Initiatives Growing Communities of Interest
  • Building Communities of Interest
  • Partner Program
  • Slide 13
  • Slide 14
Page 7: DHS Cybersecurity Webinar

Cybersecurity Tools and Resourcesbull Cyber Resilience Review (CRR)

bull No-cost voluntary assessment to evaluate IT resilience

bull C3 Voluntary Program Small and Midsize Business (SMB) Toolkitbull Understanding the Threat

Landscapebull Top Resources for SMBbull Cybersecurity for Startupsbull C3 Voluntary Program Outreach amp

Messaging Kitbull SMB Leadership Agendabull Hands-On Resource Guide

Cybersecurity Tools and Resources

bull StopThinkConnect Resource Guidebull Online Resource Guide specifically tailored to SMB

bull Federal Small Biz Cyber Plannerbull Helps businesses create custom cybersecurity plans

bull NACD Cyber-Risk Oversight Handbookbull Five steps leadership should consider as they seek to

enhance their oversight of cyber risks

Cybersecurity Tools and Resources

bull Cyber Information Sharing and Collaboration Program (CISCP)bull Enhances cybersecurity collaboration between DHS

and critical infrastructurebull Leverages government and industry expertise to

respond to cybersecurity incidents

bull Enhanced Cybersecurity Services (ECS) programbull Supports voluntary information

sharing to protect critical infrastructure systems

2015 Activities amp Initiatives Growing Communities of Interest

bull Regional event series

bull Small and Midsized Business Roadshow

bull Webinar series

bull Building communities of interest

bull Partner Program

Building Communities of Interestbull Stakeholders sharing regional andor industry

identity

bull Community support in cybersecurity and risk management

bull Built around use of NIST Cybersecurity Framework

bull Independent information sharing

bull Goal Self-sustaining networks across the nation

Partner Program

bull Enhance their cyber resilience

bull Use the NIST Cybersecurity Framework

bull Build communities of interest around cybersecurity and risk management

bull Spread the word about the Csup3 Voluntary Program and its resources

The Csup3 Voluntary Program will provide Partners assistance so that they can

How to Get Involvedbull Take advantage of C3 Voluntary Program resources

bull Visit the C3 Voluntary Program website at

bull Familiarize yourself with the Cybersecurity Framework

bull Download the Cyber Resilience Review (CRR) or contact DHS for an on-site assessment

bull Download the SMB Toolkit

bull Join or establish an ISAO infohqdhsgov

bull Spread the word across your community

bull Become a C3 Voluntary Program Partner coming in 2015 bull E-mail CCubedVPhqdhsgov

wwwus-certgovccubedvp

ccubedvpwwwus-certgov

ccubedvp

  • Slide 1
  • Slide 2
  • Slide 3
  • Slide 4
  • Slide 5
  • Cybersecurity Tools and Resources
  • Cybersecurity Tools and Resources (2)
  • Cybersecurity Tools and Resources (3)
  • Cybersecurity Tools and Resources
  • 2015 Activities amp Initiatives Growing Communities of Interest
  • Building Communities of Interest
  • Partner Program
  • Slide 13
  • Slide 14
Page 8: DHS Cybersecurity Webinar

Cybersecurity Tools and Resources

bull StopThinkConnect Resource Guidebull Online Resource Guide specifically tailored to SMB

bull Federal Small Biz Cyber Plannerbull Helps businesses create custom cybersecurity plans

bull NACD Cyber-Risk Oversight Handbookbull Five steps leadership should consider as they seek to

enhance their oversight of cyber risks

Cybersecurity Tools and Resources

bull Cyber Information Sharing and Collaboration Program (CISCP)bull Enhances cybersecurity collaboration between DHS

and critical infrastructurebull Leverages government and industry expertise to

respond to cybersecurity incidents

bull Enhanced Cybersecurity Services (ECS) programbull Supports voluntary information

sharing to protect critical infrastructure systems

2015 Activities amp Initiatives Growing Communities of Interest

bull Regional event series

bull Small and Midsized Business Roadshow

bull Webinar series

bull Building communities of interest

bull Partner Program

Building Communities of Interestbull Stakeholders sharing regional andor industry

identity

bull Community support in cybersecurity and risk management

bull Built around use of NIST Cybersecurity Framework

bull Independent information sharing

bull Goal Self-sustaining networks across the nation

Partner Program

bull Enhance their cyber resilience

bull Use the NIST Cybersecurity Framework

bull Build communities of interest around cybersecurity and risk management

bull Spread the word about the Csup3 Voluntary Program and its resources

The Csup3 Voluntary Program will provide Partners assistance so that they can

How to Get Involvedbull Take advantage of C3 Voluntary Program resources

bull Visit the C3 Voluntary Program website at

bull Familiarize yourself with the Cybersecurity Framework

bull Download the Cyber Resilience Review (CRR) or contact DHS for an on-site assessment

bull Download the SMB Toolkit

bull Join or establish an ISAO infohqdhsgov

bull Spread the word across your community

bull Become a C3 Voluntary Program Partner coming in 2015 bull E-mail CCubedVPhqdhsgov

wwwus-certgovccubedvp

ccubedvpwwwus-certgov

ccubedvp

  • Slide 1
  • Slide 2
  • Slide 3
  • Slide 4
  • Slide 5
  • Cybersecurity Tools and Resources
  • Cybersecurity Tools and Resources (2)
  • Cybersecurity Tools and Resources (3)
  • Cybersecurity Tools and Resources
  • 2015 Activities amp Initiatives Growing Communities of Interest
  • Building Communities of Interest
  • Partner Program
  • Slide 13
  • Slide 14
Page 9: DHS Cybersecurity Webinar

Cybersecurity Tools and Resources

bull Cyber Information Sharing and Collaboration Program (CISCP)bull Enhances cybersecurity collaboration between DHS

and critical infrastructurebull Leverages government and industry expertise to

respond to cybersecurity incidents

bull Enhanced Cybersecurity Services (ECS) programbull Supports voluntary information

sharing to protect critical infrastructure systems

2015 Activities amp Initiatives Growing Communities of Interest

bull Regional event series

bull Small and Midsized Business Roadshow

bull Webinar series

bull Building communities of interest

bull Partner Program

Building Communities of Interestbull Stakeholders sharing regional andor industry

identity

bull Community support in cybersecurity and risk management

bull Built around use of NIST Cybersecurity Framework

bull Independent information sharing

bull Goal Self-sustaining networks across the nation

Partner Program

bull Enhance their cyber resilience

bull Use the NIST Cybersecurity Framework

bull Build communities of interest around cybersecurity and risk management

bull Spread the word about the Csup3 Voluntary Program and its resources

The Csup3 Voluntary Program will provide Partners assistance so that they can

How to Get Involvedbull Take advantage of C3 Voluntary Program resources

bull Visit the C3 Voluntary Program website at

bull Familiarize yourself with the Cybersecurity Framework

bull Download the Cyber Resilience Review (CRR) or contact DHS for an on-site assessment

bull Download the SMB Toolkit

bull Join or establish an ISAO infohqdhsgov

bull Spread the word across your community

bull Become a C3 Voluntary Program Partner coming in 2015 bull E-mail CCubedVPhqdhsgov

wwwus-certgovccubedvp

ccubedvpwwwus-certgov

ccubedvp

  • Slide 1
  • Slide 2
  • Slide 3
  • Slide 4
  • Slide 5
  • Cybersecurity Tools and Resources
  • Cybersecurity Tools and Resources (2)
  • Cybersecurity Tools and Resources (3)
  • Cybersecurity Tools and Resources
  • 2015 Activities amp Initiatives Growing Communities of Interest
  • Building Communities of Interest
  • Partner Program
  • Slide 13
  • Slide 14
Page 10: DHS Cybersecurity Webinar

2015 Activities amp Initiatives Growing Communities of Interest

bull Regional event series

bull Small and Midsized Business Roadshow

bull Webinar series

bull Building communities of interest

bull Partner Program

Building Communities of Interestbull Stakeholders sharing regional andor industry

identity

bull Community support in cybersecurity and risk management

bull Built around use of NIST Cybersecurity Framework

bull Independent information sharing

bull Goal Self-sustaining networks across the nation

Partner Program

bull Enhance their cyber resilience

bull Use the NIST Cybersecurity Framework

bull Build communities of interest around cybersecurity and risk management

bull Spread the word about the Csup3 Voluntary Program and its resources

The Csup3 Voluntary Program will provide Partners assistance so that they can

How to Get Involvedbull Take advantage of C3 Voluntary Program resources

bull Visit the C3 Voluntary Program website at

bull Familiarize yourself with the Cybersecurity Framework

bull Download the Cyber Resilience Review (CRR) or contact DHS for an on-site assessment

bull Download the SMB Toolkit

bull Join or establish an ISAO infohqdhsgov

bull Spread the word across your community

bull Become a C3 Voluntary Program Partner coming in 2015 bull E-mail CCubedVPhqdhsgov

wwwus-certgovccubedvp

ccubedvpwwwus-certgov

ccubedvp

  • Slide 1
  • Slide 2
  • Slide 3
  • Slide 4
  • Slide 5
  • Cybersecurity Tools and Resources
  • Cybersecurity Tools and Resources (2)
  • Cybersecurity Tools and Resources (3)
  • Cybersecurity Tools and Resources
  • 2015 Activities amp Initiatives Growing Communities of Interest
  • Building Communities of Interest
  • Partner Program
  • Slide 13
  • Slide 14
Page 11: DHS Cybersecurity Webinar

Building Communities of Interestbull Stakeholders sharing regional andor industry

identity

bull Community support in cybersecurity and risk management

bull Built around use of NIST Cybersecurity Framework

bull Independent information sharing

bull Goal Self-sustaining networks across the nation

Partner Program

bull Enhance their cyber resilience

bull Use the NIST Cybersecurity Framework

bull Build communities of interest around cybersecurity and risk management

bull Spread the word about the Csup3 Voluntary Program and its resources

The Csup3 Voluntary Program will provide Partners assistance so that they can

How to Get Involvedbull Take advantage of C3 Voluntary Program resources

bull Visit the C3 Voluntary Program website at

bull Familiarize yourself with the Cybersecurity Framework

bull Download the Cyber Resilience Review (CRR) or contact DHS for an on-site assessment

bull Download the SMB Toolkit

bull Join or establish an ISAO infohqdhsgov

bull Spread the word across your community

bull Become a C3 Voluntary Program Partner coming in 2015 bull E-mail CCubedVPhqdhsgov

wwwus-certgovccubedvp

ccubedvpwwwus-certgov

ccubedvp

  • Slide 1
  • Slide 2
  • Slide 3
  • Slide 4
  • Slide 5
  • Cybersecurity Tools and Resources
  • Cybersecurity Tools and Resources (2)
  • Cybersecurity Tools and Resources (3)
  • Cybersecurity Tools and Resources
  • 2015 Activities amp Initiatives Growing Communities of Interest
  • Building Communities of Interest
  • Partner Program
  • Slide 13
  • Slide 14
Page 12: DHS Cybersecurity Webinar

Partner Program

bull Enhance their cyber resilience

bull Use the NIST Cybersecurity Framework

bull Build communities of interest around cybersecurity and risk management

bull Spread the word about the Csup3 Voluntary Program and its resources

The Csup3 Voluntary Program will provide Partners assistance so that they can

How to Get Involvedbull Take advantage of C3 Voluntary Program resources

bull Visit the C3 Voluntary Program website at

bull Familiarize yourself with the Cybersecurity Framework

bull Download the Cyber Resilience Review (CRR) or contact DHS for an on-site assessment

bull Download the SMB Toolkit

bull Join or establish an ISAO infohqdhsgov

bull Spread the word across your community

bull Become a C3 Voluntary Program Partner coming in 2015 bull E-mail CCubedVPhqdhsgov

wwwus-certgovccubedvp

ccubedvpwwwus-certgov

ccubedvp

  • Slide 1
  • Slide 2
  • Slide 3
  • Slide 4
  • Slide 5
  • Cybersecurity Tools and Resources
  • Cybersecurity Tools and Resources (2)
  • Cybersecurity Tools and Resources (3)
  • Cybersecurity Tools and Resources
  • 2015 Activities amp Initiatives Growing Communities of Interest
  • Building Communities of Interest
  • Partner Program
  • Slide 13
  • Slide 14
Page 13: DHS Cybersecurity Webinar

How to Get Involvedbull Take advantage of C3 Voluntary Program resources

bull Visit the C3 Voluntary Program website at

bull Familiarize yourself with the Cybersecurity Framework

bull Download the Cyber Resilience Review (CRR) or contact DHS for an on-site assessment

bull Download the SMB Toolkit

bull Join or establish an ISAO infohqdhsgov

bull Spread the word across your community

bull Become a C3 Voluntary Program Partner coming in 2015 bull E-mail CCubedVPhqdhsgov

wwwus-certgovccubedvp

ccubedvpwwwus-certgov

ccubedvp

  • Slide 1
  • Slide 2
  • Slide 3
  • Slide 4
  • Slide 5
  • Cybersecurity Tools and Resources
  • Cybersecurity Tools and Resources (2)
  • Cybersecurity Tools and Resources (3)
  • Cybersecurity Tools and Resources
  • 2015 Activities amp Initiatives Growing Communities of Interest
  • Building Communities of Interest
  • Partner Program
  • Slide 13
  • Slide 14
Page 14: DHS Cybersecurity Webinar

ccubedvpwwwus-certgov

ccubedvp

  • Slide 1
  • Slide 2
  • Slide 3
  • Slide 4
  • Slide 5
  • Cybersecurity Tools and Resources
  • Cybersecurity Tools and Resources (2)
  • Cybersecurity Tools and Resources (3)
  • Cybersecurity Tools and Resources
  • 2015 Activities amp Initiatives Growing Communities of Interest
  • Building Communities of Interest
  • Partner Program
  • Slide 13
  • Slide 14