Cybersecurity Information Sharing

Developing recommendations for improved communication sector cybersecurity, Working Group 5 aims to facilitate information sharing among companies. Key milestones include the creation of cybersecurity trust pools, platforms, and recommendations for sharing critical information. The group comprises a diverse membership representing various organizations within the communications sector, dedicated to enhancing cyber resilience through collaboration and cooperation.

• Cybersecurity
• Information Sharing
• Communications Sector
• Recommendations
• Collaboration

bellinger_a Follow

Uploaded on Mar 02, 2025 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

Presentation Transcript

1. Working Group 5: Cybersecurity Information Sharing Status Update December 21, 2016 Chris Boyer, Co-Chair (AT&T) Rod Rasmussen, Co-Chair (Infoblox)

2. WG5 Description/Timeline In order to improve the communication sector s ability to identify, protect, detect, respond, and recover from cyber attacks, Working Group 5 will develop recommendations to the Council encourage sharing of cybersecurity information between companies in the communications sector. Dec 2015 - Cybersecurity Information Sharing Diagram Mar 2016 - Use Cases Jun 2016 - Impediments/Barriers and Solutions to Cybersecurity Information Sharing Sep 2016 - Cybersecurity Information Sharing Trust Pools Dec 2016 - Cybersecurity Information Sharing Platforms Mar 2017 - Recommendations for Cybersecurity Information Sharing 2

3. WG5 Members Name Chris Boyer (Co-Chair) Rod Rasmussen (Co-Chair) Greg Intoccia (FCC Liaison) Vern Mosley (FCC Liaison) Martin Dolly Rosemary Leffler Trace Hollifield Kathryn Condello Paul Diamond Mary Haynes John Kelly Jorge Nieves Paul Fournier Rudy Brioche Kevin Kastor Jemin Thakkar Matt Carothers John Marinho Chris Alexander John O'Connor Alexander Gerdenitsch Jennifer Manner David Colberg Daniel Cashman Carlos Carrillo Thomas M. MacLellan Tony Cole Dave Keech Ethan Lucarelli Michael O'Reirdan Company AT&T Infoblox FCC FCC AT&T (ATIS) AT&T Bright House Networks CenturyLink CenturyLink Charter Comcast Cable Comcast Cable Comcast Cable Comcast Cable Consolidated Cox Communications Cox Communications CTIA DHS DHS Echostar Echostar EMC FairPoint Communications FireEye FireEye FireEye Frontier Iridium (Wiley Rein) MAAWG Name (cont.) Robert Gessner Mark Hoffer Bill Mertka Larry Walke Loretta Polk Matt Tooley Dr. Donald H. Sebastian Frank Menzer Kathy Whitbeck Jesse Ward Kazu Gomi Shinichi Yokohama Michael Brown Richard Perlotto II Jason Jenkins Jeff England Allison Growney Brian Scarpelli Joe Viens Chris R. Roosenraad Arthur Trey Jackson Cindy Carson Harold Salters Howard Brown Robert Mayer Eric Osterweil Shawn Wilson Nneka Chiazor Dorothy A. Spears-Dean Greg Lucak Kelly Fuller Company (cont.) MCTV MCTV Motorola (ATIS) NAB NCTA NCTA NJ Institute of Tech NOAA Nsight NTCA NTT America NTT America RSA Shadowserver SilverStar SilverStar Sprint TIA Charter Charter T-Mobile T-Mobile T-Mobile Tulalip Data Services US Telecom Verisign Verisign Verizon VITA Windstream WOW, Inc. 3

4. Notional Diagram Communications Sector Information Sharing DHS Coordinated Information Sharing Process Government Contracts Trusted Peers & Commercial Partners State Fusion Centers/ISAOs/ Other Sector ISACs etc. NCCIC/ Public/Private Partners Network Service Providers (NSP) Group DHS/CS&C DHS Portal ECS/E3A Customers FCC/State PUCs NCC Formal/Informal Peer Organizations Comm-ISAC Federal/State Customers (DoD, GSA, PSAPs etc.) Commercial Security Services/Third Party Partners Other Critical Infrastructure Sectors (Financial Services, Electric, IT etc.) Communications Sector Members (NOTE: All Information Received is Validated Prior to Action) ISP Internal Use Federal/State Partners (EOP, DHS, Governor s Office, Ags etc.)) Internal IT Enterprise Systems Hi-level network vulnerability information/ CTIs/ No PII ISP Service Delivery Network Sector Policy & Planning Law Enforcement Cyber threat indicators shared b/w ISPs and commercial partners Packaged information provided to managed service customers Comms Sector Coordinating Council (CSCC)/Government Coordinating Council (GCC) Federal, State & Local Law Enforcement + Organizations (FBI NCIJTF, Infragaurd) Information shared w/ law enforcement pursuant to warrant and/or criminal issue State, Local, Tribal, Territorial SCC/GCC Consumers / Managed Security Customers Information about ISPs cyber risk management programs shared with state government CTIs shared with the Comms- ISAC/NCCIC/Other sectors

5. Information Sharing Conduits Informal Phone Call E-mail Teleconference Professional Membership Working Group Professional Conference Webinar Technical Liaison Technical Seminar or Conference Tabletop Exercise Full Scale Exercise Automated Sharing Tasking: Evaluate available structures and platforms of Communications sector stakeholders to routinely share cybersecurity information (threat indicators and warnings, anomalous indicators, and post-incident information) within the constraints of existing law . Formal

6. Information Sharing Matrix National Service Providers Teleconference Phone Formal/Informal Peer Organizations Conference/Seminar Commercial Security Services/Third Party Partners Distro List Email Consumers/Managed Security Customers Federal, State & Local Law Enforcement DHS/CS&C ECS/E3A Customers AIS Other Sectors NCC Comm ISAC Fed/State Partners DHS/NCCIC Portal US-CERT/ Sector ISACs