Demystifying Cybersecurity: Protecting Your Agency and Getting Started

Slide Note
Embed
Share

Learn how to protect your agency from cyber threats by conducting Cyber Threat Assessments, identifying vulnerabilities, and creating an effective Cyber Incident Action Plan. Understand the steps involved in assessing threats, analyzing risks, and responding to cyber-attacks to safeguard your organization's data and operations.

khey215
khey215 Follow

Uploaded on Sep 28, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript

  1. CYBERSECURITY - DEMYSTIFIED PROTECTING YOUR AGENCY AND HOW TO GET STARTED

  2. GETTING STARTED CYBER TREAT ASSESSMENTS What is a Cyber Threat Assessment? A Cyber Threat Assessment is a specialized version of a Risk Assessment. Agencies and Organizations should be taking a close look at their computer systems, remote access services and cloud based accounts. From exposing weaknesses in systems to issues with compliance, a cybersecurity threat assessment enables organizations to uncover hidden vulnerabilities in people, processes and technology before a malicious actor can exploit them. 1 1https://www.optiv.com/security-threat-assessment

  3. CYBER THREAT ASSESSMENTS WHAT DO YOU NEED TO DO? #1 Characterize EACH of your data systems (what kind of data, who uses it, vendor, retention policy, where does the data come from and where does it go, where is it stored, where and how is it backed-up), pre-determine the data recovery process #2 Identify threats and exploits (i.e. unauthorized access, data exposure, and disruption of service) #3 Determine risk impact (impacts if the threat was exercised: High, Medium, or Low) #4 Analyze the environment (identify threat prevention, detection, mitigation) #5 Determine a likelihood rating (how likely is a given exploit) #6 Calculate your risk rating Impact (if exploited) * Likelihood (of exploit) = Risk Rating

  4. CYBER INCIDENT ACTION PLAN Your agency has done all the right things, Cybersecurity Threat Assessments, end user training but the bad actors have succeeded and you find yourself a victim of a cyber-attack. Now what do you do? You follow your Cybersecurity Incidence Response Plan! An effective response plan needs to guide company personnel at all levels in managing a potential data breach in a way that supports rapid and thoughtful response activities.

  5. CYBER INCIDENT ACTION PLAN WHERE TO START? Phase 1: Prepare This phase will take the most work, it s not easy! Whether an agency prepares their own Incident Action Plan, or if a professional contract is put in place, there are steps to consider in plan development. Before beginning formal planning, ECC, PSAP/9-1-1, LMR managers should discuss cyber threats with their agency s or department s senior managers, their servicing IT departments, IT vendors, and with budget officials to ensure planning is understood at various management levels, especially as regards the issue of ransom demands. These policy discussions can help define and qualify responsibilities (especially vendors contractual responsibilities for cyber security) before having to deal with an attack.

  6. PHASE 2: IDENTIFY Identification or detection of a data breach looks for deviations from normal operations and activities.

  7. PHASE 3: CONTAIN When a breach has been detected, the normal reaction is to fix it NOW. This is when an agencies training kicks in FOLLOW YOUR INCIDENT RESPONSE PLAN and training! Evidence can be inadvertently destroyed if you don t follow the proper steps. Follow the advice and direction of your computer forensic team. Remember: DON T panic DON T make hasty decisions DON T wipe and re-install your systems (yet)

  8. PHASE 4: ERADICATE The vulnerability that led to the breach needs to be eliminated. This can be agency policies, procedures, or a technology solution. All traces of malware should be securely removed, and systems should be patched and updated. If this activity is outside the scope of an agencies IT department, additional subject matter experts may be needed and should be noted in the Incident Response Plan.

  9. PHASE 5: RECOVER Once ALL traces of the breach have been eliminated, systems are patched, updated and tested, THEN the compromised system can be reintroduced. (This can take weeks or even months) This step s complexity greatly depends on a successful off-site, off-network back up plan

  10. PHASE 6: REVIEW It is critical that an after-action meeting is held and a report is developed. Learn what worked or didn t work from the Incident Response Plan and make any necessary adjustments.

  11. HELP I CANT DO ALL OF THIS! Pick one or two things that you can do: Increase (or start) personnel cybersecurity awareness training Strong passwords with an expiration cycle Personal device and USB policies Learning to monitor for and reporting the signs of a system breach Unexpected user lockouts Repeated system crashes Abnormal behavior during browsing: popups, redirects, etc. Everyone needs to know the plan BEFORE something happens Display Ransomware Posters for personnel awareness

  12. NEW CISA RANSOMWARE GUIDANCE It s not just Ransomware This document provides best practices for preventing network infection General best practices and network hardening guidance Template Response Plan checklist https://www.cisa.gov/sites/default/files/p ublications/CISA_MS- ISAC_Ransomware%20Guide_S508C.pdf

  13. RESOURCES ARE AVAILABLE Cybersecurity Essentials Framework and toolkits provide great resources for each step of the process https://www.cisa.gov/publication/cisa-cyber-essentials https://www.cisa.gov/publication/cyber-essentials-toolkits (each includes great resources) Ransomware Posters designed for PSAPs, but are relevant to every radio dispatch facility and agency office https://www.dps.texas.gov/IOD/interop/swicDocuments.htm Texas SWIC Office Guidance Documents: https://www.dps.texas.gov/IOD/interop/swicDocuments.htm (posted in SWIC Document Library soon) Getting Started Cyber Threat Assessment Getting Started Cyber Incidence Response Plan

Related


Comprehensive Airport Cybersecurity Quick Guide and Assessment Tool

Comprehensive Airport Cybersecurity Quick Guide and Assessment Tool

emmitt
Ensuring Business Security: Cybersecurity Webinar Insights

Ensuring Business Security: Cybersecurity Webinar Insights

amelia
Shovel-Ready Projects Initiative for Cybersecurity Innovation in Canada

Shovel-Ready Projects Initiative for Cybersecurity Innovation in Canada

aberm
Cybersecurity Career Path Overview

Cybersecurity Career Path Overview

rusty
Cybersecurity Workforce Management: Engage, Empower, Elevate

Cybersecurity Workforce Management: Engage, Empower, Elevate

dena835
Workshop on Cybersecurity Professionalism & Ethics

Workshop on Cybersecurity Professionalism & Ethics

acke_ddy
Cybersecurity and Computer Science Education Projects at UH Maui College

Cybersecurity and Computer Science Education Projects at UH Maui College

karm_14
Enhancing Cybersecurity for Improved Insurability and Risk Management

Enhancing Cybersecurity for Improved Insurability and Risk Management

trac_745
Financial Management and Cybersecurity: Essential Tips for Treasurers

Financial Management and Cybersecurity: Essential Tips for Treasurers

mariama
Which and How of Cybersecurity Frameworks

Which and How of Cybersecurity Frameworks

castor
Cybersecurity Expert Shiva V. Parasram - Profile and Advice

Cybersecurity Expert Shiva V. Parasram - Profile and Advice

deniz
NBIS Onboarding Kick-Off Checklist & Memorandum of Understanding

NBIS Onboarding Kick-Off Checklist & Memorandum of Understanding

zak
Professionalism in Cybersecurity: Developing Essential Skills

Professionalism in Cybersecurity: Developing Essential Skills

demarku
Enhancing California's Election Cybersecurity Readiness

Enhancing California's Election Cybersecurity Readiness

mallory
Cybersecurity and Personal Finance: A Tale of Appily Ever After

Cybersecurity and Personal Finance: A Tale of Appily Ever After

elspeth
Cybersecurity Industry Call for Innovation (CyberCall)

Cybersecurity Industry Call for Innovation (CyberCall)

nomi
Empowering NNSA Cyber Professionals Through Enterprise Tools and Data Analytics

Empowering NNSA Cyber Professionals Through Enterprise Tools and Data Analytics

bloom
Automated Signature Extraction for High Volume Attacks in Cybersecurity

Automated Signature Extraction for High Volume Attacks in Cybersecurity

klos_k
Franco-Japanese Cybersecurity Workshop Highlights and Future Plans

Franco-Japanese Cybersecurity Workshop Highlights and Future Plans

dkist
Adversarial Machine Learning in Cybersecurity: Challenges and Defenses

Adversarial Machine Learning in Cybersecurity: Challenges and Defenses

thirza
Cybersecurity Risk Management in K-12 Education: Challenges and Strategies

Cybersecurity Risk Management in K-12 Education: Challenges and Strategies

betsy
Exploring Adversarial Machine Learning in Cybersecurity

Exploring Adversarial Machine Learning in Cybersecurity

bartholomew
Cybersecurity Tabletop Exercise Overview

Cybersecurity Tabletop Exercise Overview

rudi
Cybersecurity Entrepreneurship Workshop Highlights

Cybersecurity Entrepreneurship Workshop Highlights

flint

More Related Content

Instrument human capital cybersecurity mkb bedrijven
Instrument human capital cybersecurity mkb bedrijven
Cybersecurity and Supply Chain Risk Management: Best Practices for Procurement
Cybersecurity and Supply Chain Risk Management: Best Practices for Procurement
Challenges in Cybersecurity Implementation: A Philippine Perspective
Challenges in Cybersecurity Implementation: A Philippine Perspective
C2M2 Version 2.1 Cybersecurity Model Overview
C2M2 Version 2.1 Cybersecurity Model Overview
Empowering Women in Cyber: CyberFirst Girls Competition
Empowering Women in Cyber: CyberFirst Girls Competition
REWIRE Cybersecurity Skills Alliance
REWIRE Cybersecurity Skills Alliance
CYBERSECURITY AWARENESS MONTH 2023
CYBERSECURITY AWARENESS MONTH 2023
Cybersecurity Risks for Remote CISTAR Facilities Study
Cybersecurity Risks for Remote CISTAR Facilities Study
Understanding Cybersecurity Threats and Facebook Security
Understanding Cybersecurity Threats and Facebook Security
CodeCrunch: Getting Started Guide for CS1020 AY2015/6 Sem.2
CodeCrunch: Getting Started Guide for CS1020 AY2015/6 Sem.2
Cyber Security Career Opportunities
Cyber Security Career Opportunities
Understanding Information Security Policies for Effective Cybersecurity
Understanding Information Security Policies for Effective Cybersecurity
Understanding the THRIVE Framework for System Change
Understanding the THRIVE Framework for System Change
Information Security Awareness Training for Personally Identifiable Information at LACCD
Information Security Awareness Training for Personally Identifiable Information at LACCD
Cybersecurity Best Practices for Password Protection and Incident Response
Cybersecurity Best Practices for Password Protection and Incident Response
Comprehensive Bug Hunting Toolkit for Cybersecurity Enthusiasts
Comprehensive Bug Hunting Toolkit for Cybersecurity Enthusiasts
Maximizing PARIS Results Through Agency Coordination and Data Sharing Techniques
Maximizing PARIS Results Through Agency Coordination and Data Sharing Techniques
Effective Collaboration Between Client Agency and Litigation Counsel
Effective Collaboration Between Client Agency and Litigation Counsel
Understanding the Law of Agency in Business
Understanding the Law of Agency in Business
Overview of Housing Agency Spending Review 2022
Overview of Housing Agency Spending Review 2022
Tobacco-Free Campus Policy Implementation 2015
Tobacco-Free Campus Policy Implementation 2015
Understanding Judicial Review of Agency Facts
Understanding Judicial Review of Agency Facts
Cybersecurity Lab Assignments and Walkthroughs
Cybersecurity Lab Assignments and Walkthroughs
Understanding Digital Transformation in the Age of Cybersecurity Insight
Understanding Digital Transformation in the Age of Cybersecurity Insight