national cyber security division (ncsd): approved overview briefing wednesday, july 1, 2003
TRANSCRIPT
National Cyber Security Division (NCSD):
Approved Overview Briefing
Wednesday, July 1, 2003
2
Strategy
A secure and robust national cyber infrastructure is vital to the protection of the nation’s critical infrastructure and key assets
CRITICAL INFRASTRUCTURE
SECTORS• Agriculture• Food• Water• Public Health• Emergency Services• Defense Industry Base• Information and Telecommunications• Energy• Banking & Finance• Chemical Industry & Hazardous Materials • Postal & Shipping
KEY ASSETS
• National Monuments & Icons• Nuclear Power Plants• Dams• Government Facilities• Commercial Assets
CYBER ASSETS
PEOPLE ASSETS
PHYSICAL ASSETS
CRITICAL INFRASTRUCTURE
ASSET CATEGORIES
3The Homeland Security Act and national strategies direct DHS to take the lead on cyber security
Homeland Security Act of 2002Homeland Security Act of 2002
• Directed IAIP to develop a national plan for protecting key resources and critical infrastructure of the United States and the physical and technological assets that support such systems• Directed IAIP, in cooperation with other Federal agencies, state and local government, and the private sector, to recommend measures necessary to protect the key resources and critical infrastructure• Directed IAIP to provide analysis related to the threats or vulnerabilities to critical information systems and provide crisis management support to threats to or attacks on critical information systems
• Directed IAIP to develop a national plan for protecting key resources and critical infrastructure of the United States and the physical and technological assets that support such systems• Directed IAIP, in cooperation with other Federal agencies, state and local government, and the private sector, to recommend measures necessary to protect the key resources and critical infrastructure• Directed IAIP to provide analysis related to the threats or vulnerabilities to critical information systems and provide crisis management support to threats to or attacks on critical information systems
National Strategy to Secure Cyberspace (February, 2003)National Strategy to Secure Cyberspace (February, 2003)
• Designated the Department of Homeland Security as the agency primarily responsible for the implementation of the strategic objectives of the strategy
• Designated the Department of Homeland Security as the agency primarily responsible for the implementation of the strategic objectives of the strategy
National Strategy for Homeland Security (July, 2002)National Strategy for Homeland Security (July, 2002)
• Established “securing cyberspace” as a major initiative in protecting critical infrastructures and key assets• Established “securing cyberspace” as a major initiative in protecting critical infrastructures and key assets
4The National Strategy to Secure Cyberspace articulates five priorities
Priority Implication
• National Cyberspace Security Response System
• Rapid identification, information exchange, and remediation can mitigate damage
• Response system will involve public and private institutions and cyber centers to perform analyses, conduct watch and warning, enable information exchange, and facilitate restoration efforts
• National Cyber Security Threat and Vulnerability Reduction Program
• Coordinated national efforts by government and private sector to identify and remediate serious cyber vulnerabilities through collaborative activities, such as sharing best practices and evaluating and implementing new technologies
• Also: raise awareness, increase criminal justice activities, and develop national security programs to deter cyber threats
• National Cyberspace Security Awareness and Training Program
• Promote comprehensive national awareness program to empower all Americans – businesses, workforce, and general population to secure their own parts of cyberspace
• Foster adequate training and education programs to support Nation’s cyber-security needs
• Increase efficiency of existing federal training• Promote private support for independent certification of cybersecurity
professionals
• Securing Governments’ Cyberspace
• Federal Government:–Continuously assess threats and vulnerabilities to cyber systems–Agency-specific processes
• Identify and document enterprise architecture• Continuously assess threats and vulnerabilities• Implement security controls and remediation efforts
5The National Strategy to Secure Cyberspace articulates five priorities (cont’d.)
Priority Implication
• Securing Governments’ Cyberspace (cont’d.)
• Additional Government-wide Challenges–Authenticate and maintain authorization for users of Federal systems–Secure Federal wireless local area networks–Improve security in government outsourcing and procurement–Develop specific criteria for independent security reviews and reviewers and certification
• State and local governments:–With increasing dependence on integrated systems, state, local and Federal agencies must collectively combat cyber attacks–Information sharing to protect systems is important foundation for ensuring government continuity–DHS will work with state and local govts. And encourage their efforts to establish IT security programs and participate in ISACs with similar governments
• International Cyberspace Security Cooperation
• Ensuring America’s national security–Strengthen counterintelligence efforts in cyberspace–Improve attack attribution and prevention capabilities–Improve coordination for responding to cyber attacks in national security community–Reserve right to respond in an appropriate manner
• International cooperation–Work with international organizations and industry to facilitate and promote global “culture of security”–Develop secure networks–Promote North American cyberspace security–Foster establishment of national and intern’tl watch-and-warning networks to detect and prevent cyber attacks as they emerge
6
Information Analysis and Infrastructure Protection (IAIP)
Directorate
InfrastructureCoordination
Division
InfrastructureProtection
Division
National Cyber
Security Division (NCSD)
KEY FUNCTIONS:• Risk, Threat, & Vulnerability Identification and Reduction• Cyber Security Tracking, Analysis & Response Center (CSTARC)• Outreach, Awareness & Training
InfrastructureProtection
Information Analysis
Risk Assessment Division
Indications and Warning Division
“This new division will be focused on the vitally important task of protecting the nation’s cyber assets so that we may
best protect the nation’s critical infrastructure assets”
DHS Secretary Tom Ridge
As a result, DHS established the National Cyber Security Division (NCSD) as the dedicated Federal focal point for cyber security
7Current NCSD operations are organized into three functional areas
Risk, Threat, Vulnerability Identification & Reduction
Outreach, Awareness, & Training
The mission of the NCSD is to implement the National Strategy to secure
cyberspace and to provide a centralized coordination point for the collection and dissemination of protective measures to
reduce vulnerabilities and risks to the cyber infrastructure
National Cyber Security Division (NCSD) is the National focal point for addressing
cyber security issues in the United States
Partnerships with public and private stakeholders are critical to achievement of
the NCSD mission
NCSD responsibilities include:• Identifying, analyzing and reducing threats and vulnerabilities• Disseminating threat warning information• Coordinating incident response• Providing technical assistance in continuity of operations and recovery planning
The mission of the NCSD is to implement the National Strategy to secure
cyberspace and to provide a centralized coordination point for the collection and dissemination of protective measures to
reduce vulnerabilities and risks to the cyber infrastructure
National Cyber Security Division (NCSD) is the National focal point for addressing
cyber security issues in the United States
Partnerships with public and private stakeholders are critical to achievement of
the NCSD mission
NCSD responsibilities include:• Identifying, analyzing and reducing threats and vulnerabilities• Disseminating threat warning information• Coordinating incident response• Providing technical assistance in continuity of operations and recovery planning
Elements of the NCSD Mission
Cyber Security Tracking, Analysis, & Response Center (CSTARC)
Key NCSD Functional Areas
8These three key mission areas are in alignment with the National Strategy to Secure Cyberspace and highlight the execution focus of the NCSD
Risk, Threat, &
Vulnerability Reduction
Risk, Threat, &
Vulnerability Reduction
Cyber Security Tracking,
Analysis, & Response
Center(CSTARC)
Cyber Security Tracking,
Analysis, & Response
Center(CSTARC)
Outreach, Awareness, & Training
Outreach, Awareness, & Training
Three Key Mission Areas of NCSD
National Strategy to Secure
Cyberspace
Prevent cyber attacks against America’s Critical Infrastructure
Reduce National vulnerability to cyber attacks
Minimize damage and recovery time from cyber attacks that do occur
A National Cyberspace security response system
A National Cyberspace security threat & vulnerability reduction program
A National Cyberspace security awareness training program
Securing Governments’ cyberspace
National Security & International Cyberspace Security Cooperation
Strategic Objectives
of the National Strategy to Secure Cyberspac
e
Critical Priorities
of the National Strategy to Secure Cyberspac
e
9The NCSD is leveraging relationships with and capabilities of public and private sector partners to support current operations
Partnerships Functional Area Description
• Organizations with functions that are now resident in NCSD
– NIPC– FedCIRC*– NCS– CIAO
• Government entity partners– Law enforcement– Federal, State and Local government
organizations– NASCIO– HSA– ISIP
• Private sector partners– Software vendors– Hardware vendors– Security vendors– Key industry associations and groups– IT outsourcers
• Risk, Threat, Vulnerability Identification & Reduction
– Leverage, design, and lead implementation of methodologies and best practices with our partners to assess risks and threats, and to reduce vulnerabilities to attacks
• Cyber Security Tracking, Analysis & Response Center
– Implement CSTARC by consolidating government organizations and leveraging our National and international leadership and expertise across the public sector, the private sector, and academia
• Outreach, Awareness & Training– Design and lead implementation of
training and awareness efforts and campaigns that use a multi-level approach to education industry, government, and the public on the importance of their roles in National cyber security
10Although operational on June 6th, a Planning Team has been established to assist in developing the final NCSD business process optimization and organization design
• NCSD announced and “Day One” capabilities functioning on June 6th
• NCSD Planning team established– Select group of key individuals (with contractor support) with background and
experience are working to consolidate, streamline and improve processes to support NCSD operations
– Responsible for identifying the structure and relationships to support those processes
– Organization design and processes rely heavily on the identification of key stakeholders and partners in the cyber security industry
• In addition to the “day-to-day” work associated with each of the functions, work is being done in each of the functional areas to establish processes for effective operations– Risk, Threat, Vulnerability Identification & Reduction– Cyber Security Tracking, Analysis & Response Center– Outreach, Awareness & Training
11…with an ultimate goal of developing long-term robust capability in cyber security
Current Capabilities Future Capabilities
• Analytic capability to support cyber alerts and warning process for threats and vulnerabilities
• Consolidated list of effective practices for cyber security including best practices risk mitigation of cyber vulnerabilities
• Tracking of threats, vulnerabilities, and incidents via information exchange and dissemination of alerts and warnings to Government and the private sector
• Coordinated operations of 24 X 7 cyber watch centers
• Public awareness, training, and education campaigns including Stay Safe On-Line and others
• Process to improve and expand international cyber security relationships
• Lead the implementation of a standardized National risk, threat, and vulnerability assessment methodology
• Correlate data to assist the critical infrastructure sectors to generate metrics on cyber security readiness and capability on a periodic basis
• Build a mature capability over time that utilizes interdependency analysis (physical and cyber) and adaptive protection to prevent effective attacks
• Implement and operate a single National 24x7 CSTARC for cyberspace security in partnership with the public and private sectors
• Establish standardized and efficient information sharing processes to provide real-time information and warning capabilities across the Nation’s cyber landscape
• Complete the implementation of a comprehensive multi-level campaign to promote cyber security awareness and readiness
• Create public/private outreach groups to assist the entire spectrum of customers in securing their systems through implementation of “effective security practices”
12Next Steps… {This slide should be completed by presenter based on obj. of presentation and audience}
•Continue to protect the Nation’s cyber security infrastructure
•Continue to build strong partnerships within the public and private sectors
•Questions?
•Contact Information
13
Appendix:
Other slides and graphics that may be used in briefings
14The strategy of DHS, as defined by the Nation Strategy for Homeland Security, consists of three key objectives
Three Key Objectives of the National Strategy for Homeland Security
Key Objective IKey Objective I
Prevent terrorist attacks
within the United States
Prevent terrorist attacks
within the United States
Key Objective IIKey Objective II
Reduce America’s
vulnerability to terrorism
Reduce America’s
vulnerability to terrorism
Key Objective IIIKey Objective III
Minimize the damage and recover from
attacks that do occur
Minimize the damage and recover from
attacks that do occur
15IAIP is aligned with these key objectives through four key execution strategies: Evaluation, Communication, Coordination, and Protection
Key Objective IKey Objective I
Prevent terrorist attacks within the
United States
Prevent terrorist attacks within the
United States
Key Objective IIKey Objective II
Reduce America’s vulnerability to
terrorism
Reduce America’s vulnerability to
terrorism
Key Objective IIIKey Objective III
Minimize the damage and recover from attacks that do
occur
Minimize the damage and recover from attacks that do
occur
• Evaluation of terrorist threats• Communication of warnings and information about terrorist threats• Coordination and implementation of protective measures and reporting to prevent terrorist attacks• Protection of the critical infrastructure through implementation and adaptation of protective measures
• Evaluation of terrorist threats• Communication of warnings and information about terrorist threats• Coordination and implementation of protective measures and reporting to prevent terrorist attacks• Protection of the critical infrastructure through implementation and adaptation of protective measures
• Evaluation of threats, risks, and vulnerabilities• Communication of information about terrorist capabilities and priorities• Coordination and implementation of protective measures• Protection through analysis of cross-sector and cross-asset interdependencies
• Evaluation of threats, risks, and vulnerabilities• Communication of information about terrorist capabilities and priorities• Coordination and implementation of protective measures• Protection through analysis of cross-sector and cross-asset interdependencies
• Evaluation of impact of attacks• Communication of cross-sector and cross-asset impacts and responses• Coordination of event response across sectors, assets, and across DHS groups responding to attacks• Protection against future attacks or repeat attacks through lessons learned, forensics, and protective measures
• Evaluation of impact of attacks• Communication of cross-sector and cross-asset impacts and responses• Coordination of event response across sectors, assets, and across DHS groups responding to attacks• Protection against future attacks or repeat attacks through lessons learned, forensics, and protective measures
Alignment through Evaluation, Communication, Coordination, & Protection
16The Infrastructure Protection mission is to rapidly implement protective measures with our partners to reduce the vulnerabilities of America’s critical infrastructure
IP, in partnership with IA and federal, state, local, private, and IP, in partnership with IA and federal, state, local, private, and international entities protects America’s critical infrastructures.international entities protects America’s critical infrastructures.
IP Mission Statement
17The IAIP goal, as defined in the HSA, executes across 13 sectors, five key assets, and three asset categories, in alignment with the National Strategy
17
Information Analysis/Information Protection MissionInformation Analysis/Information Protection Mission
Ag
ricu
lture
Ag
ricu
lture
Food
Food
Wate
rW
ate
r
Pu
blic
Health
Pu
blic
Health
Em
erg
en
cy S
erv
ices
Em
erg
en
cy S
erv
ices
Govern
men
tG
overn
men
t
Defe
nse In
du
stry
Base
Defe
nse In
du
stry
Base
Info
rmatio
n a
nd
Tele
com
mu
nic
atio
ns
Info
rmatio
n a
nd
Tele
com
mu
nic
atio
ns
En
erg
yEn
erg
y
Tra
nsp
orta
tion
Tra
nsp
orta
tion
Ban
kin
g &
Fin
an
ce
Ban
kin
g &
Fin
an
ce
Ch
em
ical In
du
stry
& H
aza
rdou
s M
ate
rials
Ch
em
ical In
du
stry
& H
aza
rdou
s M
ate
rials
Posta
l & S
hip
pin
gP
osta
l & S
hip
pin
g
Critical Infrastructure SectorsCritical Infrastructure Sectors
Evaluation:
Assessing Value &
Prioritizing Capabilities
Coordination:
Extracting Value &
Leveraging Capabilities
Protection:
Preserving Value &
Maintaining Capabilities
Communication:
Disseminating Value & Sharing
Capabilities
Key ActivitiesMatrix
Key ActivitiesMatrix
Identify critical infrastructures, threats, &
incidents Assess & analyze risks and
vulnerabilities Develop protective
measures
Leverage operational expertise
Administer warning capabilityCorrelate threat information, monitor and report status
Coordinate with
industry/federal partners
Track and respond to
legislative trends
Assist EP&R in incident
response
Support implementation
of protective measures
Asset Categories
Asset Categories
Physical Assets
People Assets
Key AssetsKey AssetsN
atio
nal M
on
um
en
ts &
Icon
sN
atio
nal M
on
um
en
ts &
Icon
s
Nu
cle
ar P
ow
er P
lan
tsN
ucle
ar P
ow
er P
lan
ts
Dam
sD
am
s
Govern
men
t Facilitie
sG
overn
men
t Facilitie
s
Com
merc
ial A
ssets
Com
merc
ial A
ssets
Strategy Continuu
m
Cyber Assets
18To IAIP has implemented a dedicated National Cyber Security Division (NCSD) within IP, that will lead protection of the Nation’s critical cyber assets across three key mission areas
Three Key Mission Areas of the NCSD
With partnerships as the foundation for implementation, the NCSD will immediately drive design and implementation of protective
measures to reduce America’s vulnerability to cyber attack
Partnerships – The critical enabler of all of the key activitiesPartnerships – The critical enabler of all of the key activities
Risk, Threat, & Vulnerability
Identification & Reduction
Risk, Threat, & Vulnerability
Identification & Reduction
Leverage, design, and lead implementation of methodologies and best
practices with our partners to assess risks
and threats, and to reduce vulnerabilities to
attacks
Leverage, design, and lead implementation of methodologies and best
practices with our partners to assess risks
and threats, and to reduce vulnerabilities to
attacks
Cyber Security Tracking, Analysis,&
Response Center(CSTARC)
Cyber Security Tracking, Analysis,&
Response Center(CSTARC)
Implement CSTARC by consolidating government
organizations and leveraging our National
and international leadership and expertise across the public sector, the private sector, and
academia.
Implement CSTARC by consolidating government
organizations and leveraging our National
and international leadership and expertise across the public sector, the private sector, and
academia.
Outreach, Awareness, & Training
Outreach, Awareness, & Training
Design and lead implementation of
training and awareness efforts and campaigns that use a multi-level approach to educate
industry, government, and the public on the
importance of their roles in National cyber security
Design and lead implementation of
training and awareness efforts and campaigns that use a multi-level approach to educate
industry, government, and the public on the
importance of their roles in National cyber security
19The National Cyber Security Division mission statement
The National Cyber Security Division (NCSD) is the National The National Cyber Security Division (NCSD) is the National focal point for addressing cyber security issues in the United focal point for addressing cyber security issues in the United States. The NCSD mission includes identifying, analyzing and States. The NCSD mission includes identifying, analyzing and reducing threats and vulnerabilities; disseminating threat reducing threats and vulnerabilities; disseminating threat warning information; coordinating incident response; and warning information; coordinating incident response; and providing technical assistance in continuity of operations and providing technical assistance in continuity of operations and recovery planning. The NCSD also serves as the single recovery planning. The NCSD also serves as the single National point of contact for the public and private sector National point of contact for the public and private sector regarding cyber security issues, including outreach, awareness, regarding cyber security issues, including outreach, awareness, and training.and training.
NCSD Mission Statement
20The implementation plan for the NCSD focuses on delivering capabilities immediately, while building a streamlined team and business process, using a staged three-phased approach
Phase I:
IMPLEMENT IMMEDIATE OPERATING CAPABILITY
1 Apr 2003 1 Jun 2003 1 Oct 2003 1 Mar 20041 Apr 2003 1 Jun 2003 1 Oct 2003 1 Mar 2004
Activities:
• Implement coordinated cyber-security program within DHS/IAIP
• Formally announce new organization and recruit a leadership team
• Continue to deliver “Day One” capabilities
Activities:
• Complete organization and process streamlining and consolidation design
• Validate and implement streamlined organization and processes
• Complete hiring of permanent leadership team
• Deliver “180-day” capabilities
Activities:
• Complete implementation of streamlined organization and processes
• Operation of “180-day” capabilities under way
• Deliver strategic “full operational” capabilities
Phase II:
IMPLEMENT INTERIM
OPERATING CAPABILITY
Phase III:
IMPLEMENT FULL
OPERATING CAPABILITY
21
June 15 July 30 August 15 August 30 September 15June 15 July 30 August 15 August 30 September 15
The engagement plan uses a phased approach to show results quickly and to add value throughout the execution of the project
Assessment of Current functions,
processes, capabilities, and
organizations
Analysis to determine gaps and overlaps in
functions, processes,
capabilities, and organizations
Design of consolidated and
streamlined organization and
processes
Implementation plan to mitigate risks associated
with the new organization and
processes
Activities:
• Analyze inventory of functions, processes, capabilities, and organizations from assessment task to determine duplications or overlaps in responsibility
• Analyze inventory of functions, processes, capabilities, and organizations from assessment task to determine gaps in critical required capabilities as defined by the NCSD strategy and the National Strategy
Activities:
• Formulate “to be” business process model for new streamlined and consolidated organization
• Design organizational structure to support streamlined business process
• Validate design with key stakeholders
Activities:
• Develop implementation plan and current function and organization transition plan
• Validate implementation and transition plan with key stakeholders
• Develop key implementation risks and risk mitigation plans
Deliverables:
• Current process diagram and model including key activities, processes, products and services for each organization represented.
• Overlap and gap analysis of current Federal Government cyber security functions, processes, capabilities, and organizations including communication processes with the private sector
Deliverables:
• Options for “To be” streamlined and consolidated business process model
• Options for organizational structure to implement new streamlined and consolidated cyber security capability
• Recommendations and selection criteria for options and recommendations
Deliverables:
• Validated implementation and transition plan
• Validated risk mitigation plan
• Executive decision briefing for NCSD leader and Assistant Secretary of IP
Activities:
• Identify and inventory existing organizations, functions, capabilities, and organizations
• Interview stakeholders and leaders and members of these organizations and review work products and documentation
• Develop complete inventory of current cyber security functions, processes, capabilities, and organizations
Deliverables:
• Interview templates, schedule, and project plan
• Complete inventory of stakeholders
• Interview documentation
• Description key activities, processes, products and services for each organization represented.
22The methodology for the engagement uses supply chain analysis to evaluate the activities, products, and processes of the NCSD
SuppliersSuppliers
Supplier Products &
Services
Supplier Products &
Services
Supplier ChannelsSupplier Channels
CustomersCustomers
Customer ChannelsCustomer Channels
NCSD Products &
Services
NCSD Products &
Services
NCSD Mission
NCSD Key
Activities
Key Question:
What organizations provide the products and services required by the NCSD?
Key Question:
What products and services do the suppliers give to the NCSD to enable its mission?
Key Question:
How do suppliers send/provide products, and services to the NCSD?
Key Question:
What products and services does the NCSD produce to protect America’s critical infrastructure?
Key Question:
How does the NCSD deliver products and services to its customers?
Key Question:
Who are the customers and recipients of NCSD products and services?
23A preliminary list of stakeholders has been identified for the NCSD from all of the critical infrastructure sectors across a wide spectrum of public and private organizations
AcademiaAcademia
• CERT/CC• GA Tech• JHU• Purdue• Dartmouth• I3P
• CERT/CC• GA Tech• JHU• Purdue• Dartmouth• I3P
Federal & Civilian
Agencies (non-DHS/DoD
)
Federal & Civilian
Agencies (non-DHS/DoD
)• NIST• OMB• CIO Council• HSC• FedCIRC• OSTP• NSC• USSS• DOJ• FBI• CSIRC• NSF• IGs• Congress
• NIST• OMB• CIO Council• HSC• FedCIRC• OSTP• NSC• USSS• DOJ• FBI• CSIRC• NSF• IGs• Congress
State & Local GovernmentsState & Local Governments
• NASCIO• Governor Executive Offices• Law enforcement (state)• Law enforcement (local)• HSA• Local government organizations• Multi-state ISAC• ISIP• Congress
• NASCIO• Governor Executive Offices• Law enforcement (state)• Law enforcement (local)• HSA• Local government organizations• Multi-state ISAC• ISIP• Congress
Department of Homeland Security
Department of Homeland Security
• IAIP Divisions• S&T• EP&R• Homeland Security Center• NCS
• IAIP Divisions• S&T• EP&R• Homeland Security Center• NCS
Department of Defense
Department of Defense
• JTF-CNO• DoD-CERT• NSIRC• NorthCOM• ASD/C3I• NSA• DOD-IG• STRATCOM
• JTF-CNO• DoD-CERT• NSIRC• NorthCOM• ASD/C3I• NSA• DOD-IG• STRATCOM
Private SectorPrivate Sector
• Sector ISACs• Software vendors• Hardware vendors• Security vendors• IT outsourcers• Key industry associations and groups• ISAC Council• DNS root operators• ISA
• Sector ISACs• Software vendors• Hardware vendors• Security vendors• IT outsourcers• Key industry associations and groups• ISAC Council• DNS root operators• ISA
International Government &
NGOs
International Government &
NGOs
• ISO• International CERTs
• ISO• International CERTs
This list must be quickly validated and completed by the beginning of the interview process
Preliminary DRAFT ListPreliminary DRAFT List
24To execute the assessment, the team must first interview several key players within the NCSD, DHS, DoD, and industry and then solicit wider input
Task 1 – Interview Key Players and Formalize
Questionnaires for other Players
Task 1 – Interview Key Players and Formalize
Questionnaires for other Players
• NCSD subgroups:– VTRRIA– CSTARC– OA&T
• FedCIRC• OMB• HSC• CERT-CC• JTF-CNO/DoD-CERT• IAIP/ICD• IAIP/IPD• “Top 5” industry associations• “Top 5” security vendors
• NCSD subgroups:– VTRRIA– CSTARC– OA&T
• FedCIRC• OMB• HSC• CERT-CC• JTF-CNO/DoD-CERT• IAIP/ICD• IAIP/IPD• “Top 5” industry associations• “Top 5” security vendors
Task 2 – Solicit Input from Other Players through
Briefings & Questionnaires
Task 2 – Solicit Input from Other Players through
Briefings & Questionnaires
• Academia• Other industry associations• Other federal agencies• State and local governments• NORTHCOM• etc..
• Academia• Other industry associations• Other federal agencies• State and local governments• NORTHCOM• etc..
Task 3 – Follow up Briefings and
Questionnaires with Phone Calls/In-person
Meetings
Task 3 – Follow up Briefings and
Questionnaires with Phone Calls/In-person
Meetings• Academia• Other industry associations• Other federal agencies• State and local governments• NORTHCOM• etc..
• Academia• Other industry associations• Other federal agencies• State and local governments• NORTHCOM• etc..
The result will be a complete inventory of the suppliers, products, channels, and customers in the cyber security protection supply chain. This inventory will allow us to quickly assess overlaps and
gaps in the supply chain and to quickly prioritize actions for mitigating gaps and eliminating overlaps.
25
26