slide1
Download
Skip this Video
Download Presentation
Overview __________________________________________________

Loading in 2 Seconds...

play fullscreen
1 / 9

Overview __________________________________________________ - PowerPoint PPT Presentation


  • 184 Views
  • Uploaded on

United States Coast Guard Office of Port and Facility Compliance (CG-FAC) Cyber Security and the Marine Transportation System. Overview __________________________________________________. Coast Guard Cyber Security Strategy Cyber Security Framework (CSF) What does it mean for Industry?

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Overview __________________________________________________' - uriel


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
slide1

United States Coast GuardOffice of Port and Facility Compliance (CG-FAC)Cyber Security and the Marine Transportation System

slide2

Overview

__________________________________________________

  • Coast Guard Cyber Security Strategy
  • Cyber Security Framework (CSF)
  • What does it mean for Industry?
  • Cyber Suspicious Activity/Cyber Incident Reporting
  • Cyber Security Resources
  • Q & A
uscg cyber security strategy
USCG Cyber Security Strategy
  • USCG Cyber Security Strategy has three parts:
      • Computer Network Defense
      • Decision Advantage
      • MTS Cyber Security
uscg cyber security strategy1
USCG Cyber Security Strategy
  • MTS Cyber Security incorporates cyber aspects across USCG missions:
      • Assessments
      • Standards
      • Response
slide5

Cyber Security Framework (CSF)

__________________________________________________

  • CSF Consists of established and widely accepted IT industry:
    • Standards
    • Guidelines
    • Best Practices
  • Adoption is NOT mandatory, but PROMOTED by USCG
  • Requires interface between Operations and IT leadership and management to effectively adopt.
  • CSF adoption occurs when an organization uses the framework as a key part of its systematic process to ID, assess, prioritize, and/or communicate cyber risk
slide6

CSF Adoption Tools

__________________________________________________

  • Cyber security Assessment Tools
  • Cyber Resiliency Review (CRR) is a DHS assessment tool that measures the implementation of key cyber security capacities and capabilities. The goal of the CRR is to ensure that core process-based capabilities exist, are measureable, and are meaningful as predictors for an organization‘s ability to manage cyber risk.. For more information about the CRR, contact the DHS Computer Security Evaluation Program (CSEP) at [email protected]
  • Cybersecurity Capability Maturity Model (C2M2) a self-administered or facilitated mechanism to evaluate, prioritize, and improve cyber security capabilities. The model enables organizations to score their cyber security practices against the model process. Scores are used to determined risk tolerance for each domain and influence organizational efforts to improve scoring thus improving cyber security. This model is based on the electricity subsector’s model. Coast Guard is working with the Dept of Energy to retool the model for the maritime industry.
  • Cybersecurity Evaluation Tool (CSET) is a desktop software tool that guides users through a step-by-step process for basic assessment of the cyber security posture of their industrial control system and enterprise information technology networks. CSET is available for download or in DVD format. To learn more or download a copy, visit http://www.us-cert.gov/control_systems/satool.html. To obtain a DVD copy, send an e-mail with your mailing address to [email protected]
what does this mean to industry
What does this mean to industry?
  • Recommends:
  • Weighing cyber risks into assessments
  • Take advantage of the tools that are available to you
  • Make your concerns known to the Coast Guard and DHS
  • Stay proactive!
slide8

Cyber Suspicious Activity/Incident Reporting & Mitigation

__________________________________________________

  • Report Cyber suspicious activity and security incidents (breaches of security) to the NRC at 800-424-8802.
  • Reporting is REQUIRED for incidents meeting the definition in 33 CFR 101.305
    • (a) Notification of suspicious activities.
    • (b) Notification of breaches of security.
    • (c) Notification of transportation security incident (TSI).
  • Industry can seek assistance from US-CERT or ICS-CERT for reducing the opportunity for & mitigating cyber attacks
slide9

USCG - MTS Cyber Security

__________________________________________________

ad