Robert H. MayerUSTelecom Vice President, Industry and State AffairsAnthony JonesUSTelecom Director, Critical Infrastructure and Compliance

DISCLAIMER: This material is provided for informational and educational purposes only.  USTelecom does not assume responsibility for the accuracy or currency of the information provided herein which has been aggregated from publicly available sources. The primary sources should be consulted for further information on any specific topic.

© 2012 United States Telecom Association. All Rights Reserved.

CYBERSECURITY TOOLKIT

The 2012 USTelecom Cybersecurity Toolkit is designed to provide a broad set of stakeholders with a current, comprehensive, web-enabled and user-friendly tool to access the complex and innovative world of cybersecurity.

While the Internet offers an abundance of exceptional resources to choose from, we have selected sites which we believe allow the novice, the expert, and those somewhere in between to locate a wealth of organized information that can be accessed in a self-guided manner.

This effort is dedicated to the countless professionals in government, industry, academia and not-for-profit organizations who work tirelessly to ensure that our digital society and the information and broadband infrastructure that it relies upon remains safe, secure and resilient.

We trust you will find this tool to be a useful, valued and often-used resource.

Walter B. McCormick, Jr.

USTelecom President & CEO

INTRODUCTION

HOME INDEX NEXT SLIDE PREVIOUS SLIDE

TOOLKIT GUIDE 1-2-3

VIEW POWERPOINT IN “SLIDE SHOW” MODE

CLICK ON ANY RAISED BUTTON TO ACTIVATE LINK

USE TOOLBAR BELOW TO NAVIGATE TOOLKIT

HOME INDEX PREVIOUS SLIDENEXT SLIDE

1

2

3

.

.

.

TABLE OF CONTENTS

HOME INDEX PREVIOUS SLIDENEXT SLIDE

CYBERSPACE AND THE INTERNET

SHARED AND DIVERSE ECOSYSTEM

BASIC SECURITY CONCEPTS

THREAT SOURCE ASSESSMENT

COMMON ATTACK METHOD

1

2

3

4

5

CONTINUE

TABLE OF CONTENTS

HOME INDEX PREVIOUS SLIDENEXT SLIDE

CYBER POLICY ECOSYSTEM

PARTNERSHIP VENUES

THE WHITE HOUSE

DEPARTMENT OF HOMELAND SECURITY

DEPARTMENT OF COMMERCE

6

7

8

9 10

CONTINUE

TABLE OF CONTENTS

HOME INDEX PREVIOUS SLIDENEXT SLIDE

DEPARTMENT OF JUSTICE

FEDERAL COMMUNICATIONS COMMISSION

DEPARTMENT OF DEFENSE

U.S. CONGRESS

KEY STATUTES

11

12 13 14

15

CONTINUE

TABLE OF CONTENTS

HOME INDEX PREVIOUS SLIDENEXT SLIDE

INTERNATIONAL STANDARDS BODIES

USTELECOM MEMBER SERVICES

CYBER RESOURCE CENTER

INDEX

ACKNOWLEDGEMENTS AND CONTACTS

16

17 18 19

20

Single, interconnected, worldwide system of computer networks that share:

the Internet Architecture Board (IAB) specified protocol suite and

the name and address spaces managed by the Internet Corp. for Assigned Names and Numbers (ICANN).

INTERNET

CYBERSPACE AND THE INTERNET

HOME INDEX PREVIOUS SLIDESITE MAPHOME INDEX PREVIOUS SLIDENEXT SLIDE

A global domain within the information environment consisting of the inter-dependent network of information technology infrastructures, including:

the Internet, telecommunications

networks, computer systems, and embedded

processors and controllers

CYBERSPACE

INTERNET SERVICE PROVIDERS

GLOBAL BACKBONE PROVIDERS

A SHARED AND DIVERSE ECOSYSTEM

HOME INDEX PREVIOUS SLIDENEXT SLIDE

CONTENT DELIVERY NETWORK PROVIDERS

WEB HOSTING PROVIDERS

E-COMMERCE PROVIDERS

CONTINUE

THE ECOSYSTEM (Cont.)

HOME INDEX PREVIOUS SLIDENEXT SLIDE

SOCIAL NETWORK SERVICES

EQUIPMENT AND DEVICES

SEARCH SERVICE PROVIDERS

APPLICATION DEVELOPERS

OPERATING SYSTEM DEVELOPERS

CLOUD SERVICE PROVIDERS

Cyber Insecurity

VULNERABILITY SOCIAL ENGINEERINGEAVESDROPPING

EXPLOITSTROJANSVIRUSESWORMSDENIAL OF SERVICE

PAYLOADSBACKDOORSROOTKITSKEYLOGGERS

BASIC SECURITY CONCEPTS

HOME INDEX PREVIOUS SLIDENEXT SLIDE

Cybersecurity is defined as “the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment and organization and user’s assets.”

International Telecommunications Union - TX 1205

Cyber SecuritySECURE OPERATING SYSTEMS

SECURITY ARCHITECTURE

SECURITY BY DESIGNSECURE CODING

THREAT SOURCE ASSESSMENT

HOME INDEX PREVIOUS SLIDENEXT SLIDE

U.S GOVERNMENT THREAT SOURCE

ASSESSMENT(US CERT)

NATION STATES

TERRORISTS ORGANIZED CRIME

HACKERS

COMMON ATTACK METHODS

HOME PREVIOUS SLIDENEXT SLIDE

CROSS SITE SCRIPTING

DENIAL OF SERVICE

PHISHING

ZIP BOMBSQL INJECTION

TROJAN HORSE LOGIC BOMB

WORM

VIRUS WAR DRIVING

ZERO-DAYEXPLOITS

APTs

BOTNETS

INDEX

OFFICIAL DEPICTION OF CYBERPOLICY ECOSYSTEM

HOME INDEX NEXT SLIDE PREVIOUS SLIDE

SOURCE: WHITE HOUSE WEBSITE

ILLUSTRATIVE AND UNOFFICIAL DEPICTION

HOME INDEX NEXT SLIDE PREVIOUS SLIDE

CONGRESS

INTERNATIONAL

PARTNERSHIPS

MS_ISAC

US CERT

IT-SCC

CSCCFS-ISAC

ESF-#2IT-ISAC

NCCIC

DOJ

NIST

FBI

DOD

LAW ENFORCEMENTDHS

NSA

Treasury

NCC

DOC

EOP

NTIASTANDARDS

ORGS

Cyber UCGNCIRP

DOS

WCIT2012NATO

DHS-CS&C

IS-IRC

NTOC

NOCs

USSS

InfraGard

CERTs

CNCI

Int’l. Cyber Strategy COMMS-ISACDC3

DIB

DNI

CSRIC

ATIS

IBG

DHS-IP

JTF-GNONITRD

OSTP

NCIJTF

GOP-CTF

House-CSTF

WG7:BOTNETs

CISPA

SOPA

WG2A:CyberBPs

NERCITU

IEEE

THE WHITE HOUSE

ICS-CERT

INTELLIGENCE

24+ GOVERNMENTAGENCIES

DEFENSE

PRIVATE SECTOR

SAMPLE OF PARTNERSHIP AND COLLABORATION VENUES

HOME INDEX PREVIOUS SLIDE

IndustryBotnetGroup (IBG)

Comms ISAC

NEXT SLIDE

THE WHITE HOUSE

“Cyberspace touches nearly every part of our daily lives. It's the broadband networks beneath us and the wireless signals around us, the local networks in our schools and hospitals and businesses, and the massive grids that power our nation. It's the classified military and intelligence networks that keep us safe, and the World Wide Web that has made us more interconnected than at any time in human history.”

- The White House Website

60 DAYCYBERSECURITY POLICY REVIEW

HOME INDEX PREVIOUS SLIDENEXT SLIDE

THE COMPREHENSIVE NATIONAL CYBERSECURITY INITIATIVE (CNCI)

NATIONAL INITIATIVE FOR CYBERSECURITY EDUCATION

(NICE)

NATIONAL STRATEGY FOR TRUSTED IDENTITIES IN

CYBERSPACE (NSTIC)

WHITE HOUSE CYBERSECURITY OVERVIEW

HOME INDEX PREVIOUS SLIDENEXT SLIDE

THE WHITE HOUSE

OFFICE OF SCIENCE AND TECHNOLOGY POLICY (OSTP)

KEY OFFICES/PROGRAMS

NATIONAL SCIENCE AND TECHNOLOGY COUNCIL (NSTC)

NATIONAL INFORMATION TECHNOLOGY RESEARCH AND DEVELOPMENT (NITRD)

INTERAGENCY WORKING GROUP ON CYBER SECURITY AND INFORMATION ASSURANCE (CSIA IWG)

HOME INDEX PREVIOUS SLIDENEXT SLIDE

WHITE HOUSE REPORTS AND PUBLICATIONS OF INTEREST

CYBERSPACEPOLICYREVIEW

NATIONAL STRATEGY FOR TRUSTED I.D.

IN CYBERSPACE

THE NATIONAL STRATEGY TO

SECURE CYBERSPACE

POLICYREVIEW

SUPPORT DOCUMENTS

SupportingDocuments

INTER-NATIONAL

STRATEGY FOR CYBERSPACE

DEPARTMENT OFHOMELAND SECURITY

HOME INDEX NEXT SLIDE PREVIOUS SLIDE

“Cybersecurity is a shared responsibility – the responsibility of government, our private sector partners, and every computer user… DHS has set out on a path to build a cyber system that supports secure and resilient infrastructure, encourages innovation, and protects openness, privacy and civil liberties.”

- DHS Secretary Janet Napolitano

May 30, 2012

PARTNERSHIP STRUCTURE

KEY OFFICES AND PROGRAMS

EDUCATION/AWARENESS

TRAINING/EXERCISES REPORTS AND PUBLICATIONS

OPERATIONS

DEPARTMENT OFHOMELAND SECURITY

CYBERSECURITY OVERVIEW

DEPARTMENT OFHOMELAND SECURITY

HOME INDEX PREVIOUS SLIDENEXT SLIDE

PUBLIC-PRIVATE PARTNERSHIP STRUCTURE

CRITICAL INFRASTRUCTURESECTOR PARTNERSHIPS

REGIONAL PARTNERSHIPS ANDMISSION COLLABORATION

CRITICAL INFRASTRUCTUREPARTNERSHIP ADVISORY

COUNCIL (CIPAC)

NATIONAL INFRASTRUCTURE PROTECTION PLAN (NIPP)

PROTECTED CRITICAL INFRASTRUCTURE INFORMATION

(PCII) PROGRAM

NATIONAL SECURITY TELECOMMUNICATIONS

ADVISORY COUNCIL (NSTAC)

DEPARTMENT OFHOMELAND SECURITY

HOME INDEX PREVIOUS SLIDENEXT SLIDE

KEY OFFICES AND PROGRAMS

OFFICE OF CYBERSECURITY AND COMMUNICATIONS (CS&C)

NATIONAL RESPONSE FRAMEWORK

NATIONAL COMMUNICATIONS

SYSTEM (NCS)

NATIONAL CYBERSECURITY DIVISION (NCSD)

OFFICE OF EMERGENCY COMMUNICATIONS (OEC)

CYBER INCIDENT ANNEX

NATIONAL CYBER INCIDENT RESPONSE PLAN (NCIRP)

NATIONAL CYBER AWARENESS SYSTEM

DEPARTMENT OFHOMELAND SECURITY

HOME INDEX PREVIOUS SLIDENEXT SLIDE

ICE CYBER CRIME CENTER (C3)

KEY OFFICES AND PROGRAMS (CONT.)

OPERATIONS

FEMANATIONAL INCIDENT

MANAGEMENT SYSTEM (NIMS)

ELECTRONIC CRIMES TASK FORCES

AND WORKING GROUPS

NATIONAL COORDINATING

CENTER FORTELECOM

(NCC)

NATIONAL CYBERSECURITY

COMMUNICATIONSINTEGRATION

CENTER (NCCIC)

U.S. CERT

INDUSTRIAL CONTROL SYSTEMS (ICS) CERT

DEPARTMENT OFHOMELAND SECURITY

HOME INDEX PREVIOUS SLIDENEXT SLIDE

EDUCATION AND AWARENESS

EDUCATION AND WORKFORCE

DEVELOPMENT

NATIONAL CYBER SECURITY AWARENESS MONTH STOP, THINK AND CONNECT

TRAINING AND EXERCISES

NATIONAL LEVEL EXERCISES

CONTROL SYSTEM

SECURITY TRAINING

DHS/FEMA CERTIFIED

CYBERSECURITY TRAINING

CYBER STORM EXERCISES

DHS REPORTS AND PUBLICATIONSOF INTEREST

HOME INDEX NEXT SLIDE PREVIOUS SLIDE

ENABLING DISTRIBUTED SECURITY IN CYBERSPACE

NATIONAL CYBER INCIDENT

RESPONSE PLAN

NATIONAL INFRASTRUCTURE PROTECTION PLAN

(NIPP)

BLUEPRINT FOR A SECURE CYBER

FUTURE

CONTINUE

DHS REPORTS AND PUBLICATIONSOF INTEREST (CONT.)

HOME INDEX NEXT SLIDE PREVIOUS SLIDE

COMM SECTOR-SPECIFIC PLAN

CYBER STORM IIFINAL REPORT

PRIVACY COMPLIANCE

REVIEW EINSTEIN PROGRAM

QUADRENNIALHOMELAND

SECURITYREPORT

DEPARTMENT OF COMMERCE

HOME INDEX NEXT SLIDE PREVIOUS SLIDE

NATIONAL TELECOMMUNICATIONS AND INFORMATION

ADMINISTRATION (NTIA) INTERNET POLICY OVERVIEW

INTERNET POLICY TASK FORCE

CYBERSECURITY INITIATIVESMODELS TO ADVANCE VOLUNTARY

CORPORATE NOTIFICATION TO CONSUMERS

BOTNETS AND MALWAREDOMAIN NAME SYSTEMS (DNS)

ADOPTION AND DEPLOYMENTIPv6

CYBERSECURITY INNOVATIONS ANDTHE INTERNET ECONOMY

DEPARTMENT OF COMMERCE

HOME INDEX NEXT SLIDE PREVIOUS SLIDE

NATIONAL INFORMATION AND STANDARDS TECHNOLOGY (NIST)

INFORMATION TECHNOLOGYPORTAL OVERVIEW

NATIONAL CYBERSECURITY CENTER OF EXCELLENCE

NATIONAL VULNERABILITY DATABASE

SMALL BUSINESS CORNER ANDWORKSHOPS

SMART GRID CYBER SECURITY WORKING GROUP

CYBERSECURITY PROGRAMSINFORMATION TECHNOLOGY

LABORATORY (ITL)

COMPUTER SECURITY RESOURCE CENTER

NATIONAL INITIATIVE FOR CYBERSECURITY EDUCATION (NICE)

DEPARTMENT OF COMMERCE PUBLICATIONS AND REPORTS

OF INTEREST

HOME INDEX NEXT SLIDE PREVIOUS SLIDE

GUIDE TO NISTSECURITY

DOCUMENTS

CYBERSECURITYINNOVATION AND

THE INTERNET ECONOMY

GLOSSARY OF KEY INFORMATION

SECURITY TERMS

CLOUD COMPUTING

SYNOPSIS

DEPARTMENT OF JUSTICE

HOME INDEX NEXT SLIDE PREVIOUS SLIDE

FEDERAL BUREAU INVESTIGATION

CYBER OVERVIEW

DOJ CYBER PROGRAMS AND INITIATIVES

INTERNET CRIME COMPLAINT CENTER (IC3)

INFRAGUARD

CYBER ACTION TEAMS

STRATEGIC ALLIANCE CYBER CRIME WORKING GROUP

COMPUTER CRIME TASK FORCES

NATIONAL CYBER INVESTIGATIVE JOINT TASK FORCE (NCIJTF)

CRIMINAL DIVISIONCOMPUTER CRIME

INTELLECTUAL PROPERTY

OFFICE OF U.S ATTORNEYS

CYBERCRIME OVERVIEW

DEPARTMENT OF JUSTICE

HOME INDEX NEXT SLIDE PREVIOUS SLIDE

OTHER DOJ PROGRAMS

COMPUTER HACKING AND INTELLECTUAL PROPERTY (CHIP) UNIT

SECRET SERVICE COMPUTERFORENSIC TRAINING CENTER

COUNTER INTELLIGENCE STRATEGIC PARTNERSHIPS

COMMON INTERNET FRAUD

SCHEMES

COMPUTER AND INTERNET CRIME

REPORTING

DEPARTMENT OF JUSTICE REPORTS AND PUBLICATIONS

OF INTEREST

HOME INDEX NEXT SLIDE PREVIOUS SLIDE

Cyber TerrorBy William L. Tafoya, Ph.D.

Cyber TerrorBy William L. Tafoya, Ph.D.

CYBERTERROR

FBI ABILITY TO ADDRESS CYBER

INTRUSION THREAT

2011 FBI INTERNET CRIME REPORT

Smishing andVishing

CYBER CRIMES TO WATCH OUT

FOR

FEDERAL COMMUNICATIONSCOMMISSION (FCC)

HOME INDEX NEXT SLIDE PREVIOUS SLIDE

"Over the years, the FCC has worked through its Federal Advisory Committee, the Communications Security, Reliability, and Interoperability Council – CSRIC – to develop voluntary industry wide best practices that promote reliable networks, including for 911 calling. CSRIC and its working groups is made up of industry leaders, academics, and innovators in communications, Federal partners, public safety entities, state and local government officials, and Internet registries.”

- The FCC Website

FEDERAL COMMUNICATIONS COMMISSION CYBER SECURITY

OVERVIEW

THE NETWORK RELIABILITY AND INTEROPERABILITY (NRIC)

COUNCIL

COMMUNICATIONS SECURITY, RELIABILITY AND

INTEROPERABILITY COUNCIL (CSRIC) II

PREVIOUS VOLUNTARY COUNCILS

FEDERAL COMMUNICATIONSCOMMISSION (FCC)

HOME INDEX NEXT SLIDE PREVIOUS SLIDE

RECENT CSRIC III CYBER REPORTS

DNSSEC SECURE BGP

ANTI BOTNET

COMMUNICATIONS SECURITY, RELIABILITY AND INTEROPERABILITY

COUNCIL (CSRIC) III

CYBER FOR SMALL

BUSINESS

CURRENTCSRIC III

WORKING GROUPS

PUBLIC SAFETY AND HOMELAND SECURITY

BUREAU

HOME

“Our assessment is that cyber attacks will be a significant component of future conflicts. Over thirty countries are creating cyber units in their militaries. It is unrealistic to believe that each one will limit its capabilities to defense. Moreover, the centrality of information technology to the U.S. military and society virtually guarantees that future adversaries will target it.”

- Deputy Secretary of

Defense William Lynn

DEPARTMENT OF DEFENSE

INDEX NEXT SLIDE PREVIOUS SLIDE

DEPARTMENT OF DEFENSEUNITED STATES

CYBER COMMAND

DOD CYBER STRATEGY

DOD CYBER CRIME CENTER (DC3)

DOD COMPUTERCRIME PROGRAM COMPLETE ARTICLE HERE

DEPARTMENT OF DEFENSE REPORTS AND PUBLICATIONS

OF INTEREST

HOME INDEX NEXT SLIDE PREVIOUS SLIDE

DOD STRATEGY FOR OPERATING IN CYBERSPACE

USAF CYBER COMMAND

STRATEGIC VISION

DOD CYBERSPACE POLICY REPORT

ACCESS LIBRARY OF CONGRESS WEBSITE FOR

STATUS ON CYBERSECURITY LEGISLATION

U.S. CONGRESS

HOME INDEX NEXT SLIDE PREVIOUS SLIDE

“There is no single congressional committee or executive agency with primary responsibility over all aspects of cybersecurity; each entity involved pursues cybersecurity from a limited vantage point dictated by committee jurisdiction. Many different initiatives exist, but because of fragmentation of missions and responsibilities, ‘stove-piping,’ and a lack of mutual awareness between stakeholders, it is difficult to ascertain where there may be programmatic overlap or gaps in cybersecurity policy.”

- Congressional Research Service

CONGRESSIONALCYBERSECURITY

CAUCUS

CONGRESSIONAL RESEARCH SERVICE AND GAO REPORTS

HOME INDEX NEXT SLIDE PREVIOUS SLIDE

CYBERSECURITY:AUTHORITATIVE REPORTS AND

RESOURCES (7/24/12)

FEDERAL LAWS RELATING TO

CYBERSECURITY(7/25/12)

CYBERSECURITY: SELECTED LEGAL

ISSUES (4/20/12)

GOVERNMENT ACOUNTABILITY

OFFICE (GAO)CYBER REPORTS

KEY STATUTES ADDRESSINGCYBERSECURITY

COMPUTER FRAUD AND ABUSE ACT OF 1986

ELECTRONIC COMMUNICATIONS PRIVACY ACT (ECPA) OF 1986

COMPUTER SECURITY ACT OF 1987

PAPER WORK REDUCTION ACT OF 1995

PAPER WORK REDUCTION ACT OF 1995

CLINGER-COHEN ACT OF 1996

HOME INDEX PREVIOUS SLIDENEXT SLIDE

CONTINUE

KEY STATUTES ADDRESSINGCYBERSECURITY (CONT.)

HOMELAND SECURITY ACT OF 2002

THE U.S. PATRIOT ACT OF 2001

THE E-GOVERNMENT ACT OF 2002

THE FEDERAL INFORMATION SECURITY MANAGEMENT ACT OF 2002 (FISMA)

HOME INDEX PREVIOUS SLIDENEXT SLIDE

THE CYBER SECURITY RESEARCH AND DEVELOPMENT ACT OF 2002

SEE CONGRESSIONAL RESEARCH REPORT

TABLE 2LAWS IDENTIFIED AS HAVING RELEVANT

CYBERSECURITY PROVISIONS

INTERNATIONAL STANDARDSBODIES

HOME INDEX PREVIOUS SLIDENEXT SLIDE

INTERNET CORPORATION FOR ASSIGNED NAMES AND

NUMBERS (ICANN)

THE INTERNET SOCIETY (ISOC)

INTERNET ARCHITECTURE BOARD (IAB)

REGIONAL INTERNET REGISTRIES (RIRS)

INTERNET ENGINEERING TASK FORCE (IETF)

INTERNATIONAL TELECOMMUNICATIONS

UNION (ITU)

THE INTERNET ASSIGNED NUMBER AUTHORITY (IANA)

USTELECOM MEMBER CYBER SERVICES AND RESOURCES

HOME INDEX PREVIOUS SLIDENEXT SLIDE

AT&TCENTURYLINK

WINDSTREAM

FAIRPOINT

VERIZONHAWAIIAN

TELCOM

CONSOLIDATEDCOMMUNICATIONS

NTTCOMMUNICATIONS

CYBERSECURITYRESOURCE CENTER

HOME INDEX PREVIOUS SLIDENEXT SLIDE

ACADEMICCYBERSECURITY

CENTERS

SELF-HELP AND

AWARENESS

BEST PRACTICESAND INDUSTRY

GUIDELINES

SITUATIONALAWARENESS

   

SITUATIONAL AWARENESS

HOME INDEX PREVIOUS SLIDENEXT SLIDE

U.S CERTCURRENTACTIVITY

SANSINTERNET

STORM CENTER

KEYNOTE INTERNETHEALTH REPORT

DOWNRIGHTNOW

ARBORNETWORKS

ATLAS

MULTI-STATEISAC - CYBER DASHBOARD

CYBER SECURITYOPERATIONAL

PICTURE

INTERNETTRAFFICREPORT

BEST PRACTICESINDUSTRY GUIDELINES

HOME INDEX PREVIOUS SLIDENEXT SLIDE

FCC NRIC BEST PRACTICES

DATABASE

U.S CERTSECURITY

PUBLICATIONS

NIST SECURITYRESEARCH AND

GUIDELINES

ANSI STANDARDSGUIDANCE

DOCUMENTS

DHSBUILD SECURITY IN

BEST PRACTICES

CLOUD COMPUTING BEST PRACTICES

WIKIPEDIASTANDARDSREFERENCES

IETFBEST CURRENT

PRACTICES (RFCs)

ACADEMIC CENTERS

HOME INDEX PREVIOUS SLIDENEXT SLIDE

CARNEGIE MELLONCYLAB

GEORGIA TECHINFORMATION

SECURITYCENTER

UNIVERSITY OF CALIFORNIA

BERKELEY DETER TESTBED PROJECT

GEORGE WASHINGTON CYBER SECURITY

POLICY AND RESEARCH INSTITUTE

UNIVERSITY OF TEXASSAN ANTONIO

INSTITUTE FOR CYBER SECURITY (ICS)

CYBER WATCHCONSORTUIM

UNIVERSITY OF MARYLAND

CYBERSECURITY CENTER

STANFORD UNIVERSITY

CYBERSECURITYCENTER

SELF-HELP AND AWARENESS

HOME INDEX PREVIOUS SLIDENEXT SLIDE

BADWAREBUSTERS

MICROSOFT MALWAREPROTECTION

CENTER

ALL ABOUTCOOKIES

GET CYBERSAFE

ABOUT.COMANTI-VIRUSSOFTWARE

U.S CHAMBERSECURITY ESSENTIALS

FOR BUSINESS

TEN WAYS TO IMPROVE COMPUTER

SECURITY

STAYSAFE

ONLINE

AAcknowledgements 55

Academic 44 47

Akamai 9 10

Amazon 9 10

Application Developers 10

Arbor Networks 45

AT&T 9 10 43

B Backbone Providers 9

Badware Busters 48

Basic Security Concepts 12

Best Practices 12 34 44 46

Blueprint for a Secure Cyber Future 26

Botnet 14 16 17 28 38

D - E PAGE 3 OF 7

F - IPAGE 4 OF 7

L - RPAGE 5 OF 7

S - UPAGE 6 OF 7

C PAGE 2 OF 7

A - B PAGE 1 OF 7

HOME INDEX PREVIOUS SLIDENEXT SLIDE

INDEX

V - W PAGE 7 OF 7

CCarnegie Mellon CYLAB 47

CenturyLink 9 10 43

CERT 13 16 24 45 46

Cloud Computing 10 30 46

Comcast 9 10

Communications Sector Coordinating Council (CSCC) 16

Communications Security, Reliability and Interoperability Council (CSRIC) 16 34 35

Comprehensive National Cybersecurity Initiative (CNCI) 16 18

Congress 6 16 38 39

Content Delivery Providers 9

Crime 13 24 31 32 33 36

Critical Infrastructure Partnership Advisory Council (CIPAC) 22

CSRIC 16 34 35

Cyber Policy Ecosystem 15

Cybersecurity (defined) 12

Cyberspace (described) 8

HOME INDEX PREVIOUS SLIDENEXT SLIDE

INDEX

C PAGE 2 OF 7

D - E PAGE 3 OF 7

A - B PAGE 1 OF 7

F - IPAGE 4 OF 7

L - RPAGE 5 OF 7

S - UPAGE 6 OF 7

V - W PAGE 7 OF 7

DDashboards 45

Department of Commerce 6 28 29 30

Department of Defense 6 16 36 37

Department of Homeland Security 5 21 22 23 24 25 27 35 41

Department of Justice 6 31 32 33

DHS Cyber Education/Awareness 21 25

DHS Cybersecurity Overview 21

DHS Key Offices & Programs 21 23 24

DHS Office of Cybersecurity & Communications (CS&C) 16 23

DHS Operations 21 24

DOD Cyber Crime Center 36

DOJ Cyber Programs 21 23 24

DownRightNow.com 45

EeBay 9 10

E-Commerce Providers 9 10

Education & Awareness 25 29

HOME INDEX PREVIOUS SLIDENEXT SLIDE

INDEX

C PAGE 2 OF 7

A - B PAGE 1 OF 7

D - E PAGE 3 OF 7

F - IPAGE 4 OF 7

L - RPAGE 5 OF 7

S - UPAGE 6 OF 7

V - W PAGE 7 OF 7

FFacebook 9 10

FairPoint 9 10 43

FBI Cyber Overview 31

FCC Cyber Security Overview 34

Federal Communications Commission (FCC) 34 35

GGAO 39

Get Cyber Safe 48

Global Backbone Providers 9

Glossary of Key Information Security Terms 30

Google 9 10

IIndustrial Control Systems (ICS) CERT 24

Industry Botnet Group 17

International Strategy for Cyberspace 7 12 42

Internet Policy Task Force (NTIA) 24

Internet Service Providers 9

IPv6 28

HOME INDEX PREVIOUS SLIDE

INDEX

NEXT SLIDE

A - B PAGE 1 OF 7

C PAGE 2 OF 7

D - E PAGE 3 OF 7

F - IPAGE 4 OF 7

L - RPAGE 5 OF 7

S - UPAGE 6 OF 7

V - W PAGE 7 OF 7

L - MLaws 39 40

Legal Issues 39

Legislation 38

Level 3 9 10

Microsoft 9 10

NNational Cyber Awareness System 23

National Cyber Incident Response Plan (NCIRP) 23

National Cybersecurity Communications Integration Center (NCCIC) 24

National Initiative for Cybersecurity Education (NICE) 18 28

National Strategy for Trusted Identities (NSTIC) 18

NTIA Cyber Security Initiatives 28

NTT Communications 42

O - ROffice of Science & Technology Policy (OSTP) 16 19

Operating System Developers 9 10

Partnerships 5 16 17 21 22 32

Real-Time Dashboards 45

HOME INDEX PREVIOUS SLIDENEXT SLIDE

INDEX

A - B PAGE 1 OF 7

C PAGE 2 OF 7

D - E PAGE 3 OF 7

F - IPAGE 4 OF 7

L - RPAGE 5 OF 7

S - UPAGE 6 OF 7

V - W PAGE 7 OF 7

SSANS Internet Storm Center 45

Search Service Providers 10

Self-Help 44 48

Situational Awareness 44 45

Small Business 29 35

Smart Grid 29

Social Network Services 10

Sprint 9 10

Standards 7 16 29 42 46

Stay Safe Online 48

Symantec 9 10

T - UTraining & Exercises 21 25 32

U.S. CERT 13 16 24 45 46

U.S. CERT Current Activity 45

U.S. Chamber Security Essentials for Business 48

University of California Berkeley DETER Testbed Project 47

University of Maryland Cybersecurity Center 47

HOME INDEX PREVIOUS SLIDENEXT SLIDE

INDEX

A - B PAGE 1 OF 7

C PAGE 2 OF 7

D - E PAGE 3 OF 7

F - IPAGE 4 OF 7

L - RPAGE 5 OF 7

S - UPAGE 6 OF 7

V - W PAGE 7 OF 7

VVerizon 9 10 43

WWhite House 5 15 16 18 19 20

White House Cybersecurity Overview 18

White House Key Cyber Offices/Programs 19

White House Cyberpace Policy Review 18 20

White House Reports & Publications 20

HOME INDEX PREVIOUS SLIDE

INDEX

NEXT SLIDE

A - B PAGE 1 OF 7

C PAGE 2 OF 7

D - E PAGE 3 OF 7

F - IPAGE 4 OF 7

L - RPAGE 5 OF 7

S - UPAGE 6 OF 7

V - W PAGE 7 OF 7

This toolkit was made possible with the input of many individuals in the cybersecurity stakeholder community. Special thanks go to the following government organizations for their generous advice and assistance throughout the development of the USTelecom Cybersecurity Toolkit:

The developers want to particularly thank our USTelecom interns who supported us with their research, creativity, and inspiring passion for learning.

ACKNOWLEGEMENTSAND CONTACTS

Anthony V. JonesUSTelecom Director of Critical InfrastructureBus: (202) 326-7277E-mail: ajones@ustelecom.org

Robert H. MayerUSTelecom Vice President of Industry and State AffairsBus: (202) 326-7221E-mail: rmayer@ustelecom.org

HOME INDEX NEXT SLIDE PREVIOUS SLIDE

Department of CommerceDepartment of DefenseDepartment of Justice

Department of Homeland SecurityFederal Communications Commission

The White House

Oliver EislerDavid Feenstra

Rachel KellermanElizabeth Tauke