SlideShare une entreprise Scribd logo

Developing ESF 18 for Cyber Response

David Sweigert
David Sweigert

The document discusses developing Emergency Support Function (ESF) no. 18 for cyber security and response. It outlines that ESF 18 is intended to provide awareness of cyber threats, highlight challenges of managing cyber events, and create awareness of integrating cyber response capabilities into emergency management plans. The document also explains that ESFs help coordinate response efforts across disciplines and that developing ESF 18 could help catalogue cyber response resources and define roles for defending against cyber attacks and restoring critical systems during disasters.

Technologie
1  sur  25
Developing Emergency Support Function (ESF) no. 18 Dave Sweigert, EMS, CISSP, CISA, PMP February, 2014 Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
Intended audience • Managers of political sub-divisions, nonprofit organizations, corporations and others tasked with planning for an integrated response to a disaster or emergency incident that may involve issues related to cyber security or cyber terrorism. Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
Objective • Provide awareness of cyber terrorism and cyber warfare threats • Create awareness of Emergency Support Function no. 18 – Cyber Security/Response • Highlight challenges to emergency management of cyber events Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
BACKGROUND Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
Evolving impacts of cyber attacks • Cyber warfare activities • Part of coordinated multi-disciplinary attacks (bio, chemical, infrastructure) • Disruption of critical infrastructure • (grid down, loss of Internet, terrorism). Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
No longer just a “data breach” problem • Public safety systems can be comprised to put response activities in the dark • Disruptions of public alert and warning systems to increase terror in public • Illegitimate social media hacks to provide false and misleading press releases Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
CYBER WARFARE & CYBER TERRORISM Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
EMERGENCY MANAGEMENT (EM) AND CYBER RESPONSE Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
Coordinating cyber response • Emergency Support Functions (ESFs) provide buckets of disciplines to help manage incident response • ESF 18 – Cyber Security/Response – a developing area to support comprehensive emergency management with cyber capabilities Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
Emergency Support Function (ESF): • ESFs provide for a coordinated response • ESFs used to plan in all four (4) phases of EM: Mitigation, Preparedness, Response, Recovery • ESFs offer a coordinating structure • ESFs help coordinate information flow Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
Emergency Support Function (ESF): • ESF support for communications and shared messaging to avoid contradictory statements and assessments • Promotes common operating picture • Organizes and identifies overlapping functions (e.g., ESF – 2 Communications) Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
Emergency Support Function (ESF): • ESFs are the grouping of governmental and certain private sector capabilities into an organizational structure to provide support, resources, program implementation, and services that are most likely needed to save lives, protect property and the environment, restore essential services and critical infrastructure, and help victims and communities return to normal following domestic incidents. Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
Traditional ESFs Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
UNDERSTANDING CYBER RESPONSE CAPABILITIES Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
ESF 18 – catalogue capabilities • Rapid deployment of basic Internet services following destruction of infrastructure? • Use of technical specialists to defend against aggressive cyber attacks? • Coordination of network monitoring and restoral activities for critical public safety systems (911 dispatch, radio, comm)? Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
CONCLUSION Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
ESF 18 – Cyber Security / Response • Developing area of Emergency Management (EM) • Understand the significance of cyber warfare and cyber terrorism • Build awareness of integrating cyber response planning into overall EM plans (EOPs, continuity plans, etc.) Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
About the author: An Air Force veteran, Dave Sweigert acquired significant security engineering experience with military and defense contractors before earning two Masters’ degrees (Project Management and Information Security). He holds the following certifications: California Emergency Management Specialist (EMS), Project Management Professional (PMP) , Certified Information Security Systems Professional (CISSP), and Certified Information Systems Auditor (CISA). Mr. Sweigert has over twenty years experience in information assurance, risk management, governance frameworks and litigation support. Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014

Recommandé

Risk Management using ITSG-33
Risk Management using ITSG-33Risk Management using ITSG-33
Risk Management using ITSG-33CTE Solutions Inc.
 
S215 unit 2
S215 unit 2S215 unit 2
S215 unit 2University of Alaska, Fairbanks
 
S215 unit 0
S215 unit 0S215 unit 0
S215 unit 0University of Alaska, Fairbanks
 
Panamá papers, otro “listado falciani” con sociedades y cuentas offshore
Panamá papers, otro “listado falciani” con sociedades y cuentas offshorePanamá papers, otro “listado falciani” con sociedades y cuentas offshore
Panamá papers, otro “listado falciani” con sociedades y cuentas offshoreMarcos Bravo Catalán
 
Safety Security Emergency Preparedness
Safety Security Emergency PreparednessSafety Security Emergency Preparedness
Safety Security Emergency PreparednessUrbanetectonics
 
Coordination in Emergency
Coordination in EmergencyCoordination in Emergency
Coordination in EmergencyZAKARI ABDULLAHI TUKUR
 
TAKLIMAT PENYELARASAN PELAKSANAAN KiDT 2016 UNTUK SEKOLAH (PPD SIBU).pptx
TAKLIMAT PENYELARASAN PELAKSANAAN KiDT 2016 UNTUK SEKOLAH (PPD SIBU).pptxTAKLIMAT PENYELARASAN PELAKSANAAN KiDT 2016 UNTUK SEKOLAH (PPD SIBU).pptx
TAKLIMAT PENYELARASAN PELAKSANAAN KiDT 2016 UNTUK SEKOLAH (PPD SIBU).pptxSyam SP
 
Nota bantuan teknikal ki dt 2016
Nota bantuan teknikal ki dt 2016Nota bantuan teknikal ki dt 2016
Nota bantuan teknikal ki dt 2016eyanehan
 

Recommandé

Risk Management using ITSG-33
Risk Management using ITSG-33Risk Management using ITSG-33
Risk Management using ITSG-33CTE Solutions Inc.
 
S215 unit 2
S215 unit 2S215 unit 2
S215 unit 2University of Alaska, Fairbanks
 
S215 unit 0
S215 unit 0S215 unit 0
S215 unit 0University of Alaska, Fairbanks
 
Panamá papers, otro “listado falciani” con sociedades y cuentas offshore
Panamá papers, otro “listado falciani” con sociedades y cuentas offshorePanamá papers, otro “listado falciani” con sociedades y cuentas offshore
Panamá papers, otro “listado falciani” con sociedades y cuentas offshoreMarcos Bravo Catalán
 
Safety Security Emergency Preparedness
Safety Security Emergency PreparednessSafety Security Emergency Preparedness
Safety Security Emergency PreparednessUrbanetectonics
 
Coordination in Emergency
Coordination in EmergencyCoordination in Emergency
Coordination in EmergencyZAKARI ABDULLAHI TUKUR
 
TAKLIMAT PENYELARASAN PELAKSANAAN KiDT 2016 UNTUK SEKOLAH (PPD SIBU).pptx
TAKLIMAT PENYELARASAN PELAKSANAAN KiDT 2016 UNTUK SEKOLAH (PPD SIBU).pptxTAKLIMAT PENYELARASAN PELAKSANAAN KiDT 2016 UNTUK SEKOLAH (PPD SIBU).pptx
TAKLIMAT PENYELARASAN PELAKSANAAN KiDT 2016 UNTUK SEKOLAH (PPD SIBU).pptxSyam SP
 
Nota bantuan teknikal ki dt 2016
Nota bantuan teknikal ki dt 2016Nota bantuan teknikal ki dt 2016
Nota bantuan teknikal ki dt 2016eyanehan
 
GKK Tindakan Kecemasan
GKK Tindakan KecemasanGKK Tindakan Kecemasan
GKK Tindakan KecemasanNurhasmi Abd Rahman
 
GAMBARAN TINGKAT KECEMASAN IBU HAMIL TRIMESTER III DALAM MENGHADAPI PERSALINA...
GAMBARAN TINGKAT KECEMASAN IBU HAMIL TRIMESTER III DALAM MENGHADAPI PERSALINA...GAMBARAN TINGKAT KECEMASAN IBU HAMIL TRIMESTER III DALAM MENGHADAPI PERSALINA...
GAMBARAN TINGKAT KECEMASAN IBU HAMIL TRIMESTER III DALAM MENGHADAPI PERSALINA...Warnet Raha
 
TRIO BC/DR
TRIO BC/DRTRIO BC/DR
TRIO BC/DRDiego Laranjeira
 
Latihan kecemasan 2014
Latihan kecemasan 2014Latihan kecemasan 2014
Latihan kecemasan 2014Munirah Ramli
 
Unit 4 e security
Unit 4 e securityUnit 4 e security
Unit 4 e securityDr. C.V. Suresh Babu
 
Module 5 security
Module 5 securityModule 5 security
Module 5 securityIT
 
csa2014 IBC
csa2014 IBCcsa2014 IBC
csa2014 IBCapyn
 
TDL3 Rootkit Background
TDL3 Rootkit BackgroundTDL3 Rootkit Background
TDL3 Rootkit BackgroundDavid Sweigert
 
Overview of SMB, NetBIOS and other network attacks
Overview of SMB, NetBIOS and other network attacksOverview of SMB, NetBIOS and other network attacks
Overview of SMB, NetBIOS and other network attacksDavid Sweigert
 
Wireless Disassociation and Deauthentication Attacks
Wireless Disassociation and Deauthentication AttacksWireless Disassociation and Deauthentication Attacks
Wireless Disassociation and Deauthentication AttacksDavid Sweigert
 
Disaster Recovery planning within HIPAA framework
Disaster Recovery planning within HIPAA frameworkDisaster Recovery planning within HIPAA framework
Disaster Recovery planning within HIPAA frameworkDavid Sweigert
 
Russian Hacker Cyber Threats to US Voting Infrastructure
Russian Hacker Cyber Threats to US Voting InfrastructureRussian Hacker Cyber Threats to US Voting Infrastructure
Russian Hacker Cyber Threats to US Voting InfrastructureDavid Sweigert
 
NIST Malware Attack Prevention SP 800-83
NIST Malware Attack Prevention SP 800-83NIST Malware Attack Prevention SP 800-83
NIST Malware Attack Prevention SP 800-83David Sweigert
 
Handbook for Cyber Incident Response
Handbook for Cyber Incident ResponseHandbook for Cyber Incident Response
Handbook for Cyber Incident ResponseDavid Sweigert
 
Psychology of the Insider Threat
Psychology of the Insider ThreatPsychology of the Insider Threat
Psychology of the Insider ThreatDavid Sweigert
 
Cyber Security Risk Assessment Awareness for Emergency Managers
Cyber Security Risk Assessment Awareness for Emergency ManagersCyber Security Risk Assessment Awareness for Emergency Managers
Cyber Security Risk Assessment Awareness for Emergency ManagersDavid Sweigert
 
Integration of Cyber Events into Emergency Planning
Integration of Cyber Events into Emergency PlanningIntegration of Cyber Events into Emergency Planning
Integration of Cyber Events into Emergency PlanningDavid Sweigert
 
Cybersecurity is the practice of protecting computer systems, networks, and d...
Cybersecurity is the practice of protecting computer systems, networks, and d...Cybersecurity is the practice of protecting computer systems, networks, and d...
Cybersecurity is the practice of protecting computer systems, networks, and d...codexrv7
 
Emergency Services Sector Cybersecurity Initiative UASI briefing
Emergency Services Sector Cybersecurity Initiative UASI briefingEmergency Services Sector Cybersecurity Initiative UASI briefing
Emergency Services Sector Cybersecurity Initiative UASI briefingDavid Sweigert
 
Cert adli wahid_iisf2011
Cert adli wahid_iisf2011Cert adli wahid_iisf2011
Cert adli wahid_iisf2011Directorate of Information Security | Ditjen Aptika
 
Understanding cyber resilience
Understanding cyber resilienceUnderstanding cyber resilience
Understanding cyber resilienceChristophe Foulon, CISSP
 
Securing Humanitarian Connectivity
Securing Humanitarian ConnectivitySecuring Humanitarian Connectivity
Securing Humanitarian ConnectivityCisco Crisis Response
 

Contenu connexe

En vedette

GAMBARAN TINGKAT KECEMASAN IBU HAMIL TRIMESTER III DALAM MENGHADAPI PERSALINA...
GAMBARAN TINGKAT KECEMASAN IBU HAMIL TRIMESTER III DALAM MENGHADAPI PERSALINA...GAMBARAN TINGKAT KECEMASAN IBU HAMIL TRIMESTER III DALAM MENGHADAPI PERSALINA...
GAMBARAN TINGKAT KECEMASAN IBU HAMIL TRIMESTER III DALAM MENGHADAPI PERSALINA...Warnet Raha
 
Latihan kecemasan 2014
Latihan kecemasan 2014Latihan kecemasan 2014
Latihan kecemasan 2014Munirah Ramli
 
Module 5 security
Module 5 securityModule 5 security
Module 5 securityIT
 
csa2014 IBC
csa2014 IBCcsa2014 IBC
csa2014 IBCapyn
 
TDL3 Rootkit Background
TDL3 Rootkit BackgroundTDL3 Rootkit Background
TDL3 Rootkit BackgroundDavid Sweigert
 
Overview of SMB, NetBIOS and other network attacks
Overview of SMB, NetBIOS and other network attacksOverview of SMB, NetBIOS and other network attacks
Overview of SMB, NetBIOS and other network attacksDavid Sweigert
 
Wireless Disassociation and Deauthentication Attacks
Wireless Disassociation and Deauthentication AttacksWireless Disassociation and Deauthentication Attacks
Wireless Disassociation and Deauthentication AttacksDavid Sweigert
 
Disaster Recovery planning within HIPAA framework
Disaster Recovery planning within HIPAA frameworkDisaster Recovery planning within HIPAA framework
Disaster Recovery planning within HIPAA frameworkDavid Sweigert
 
Russian Hacker Cyber Threats to US Voting Infrastructure
Russian Hacker Cyber Threats to US Voting InfrastructureRussian Hacker Cyber Threats to US Voting Infrastructure
Russian Hacker Cyber Threats to US Voting InfrastructureDavid Sweigert
 
NIST Malware Attack Prevention SP 800-83
NIST Malware Attack Prevention SP 800-83NIST Malware Attack Prevention SP 800-83
NIST Malware Attack Prevention SP 800-83David Sweigert
 
Handbook for Cyber Incident Response
Handbook for Cyber Incident ResponseHandbook for Cyber Incident Response
Handbook for Cyber Incident ResponseDavid Sweigert
 
Psychology of the Insider Threat
Psychology of the Insider ThreatPsychology of the Insider Threat
Psychology of the Insider ThreatDavid Sweigert
 

En vedette (15)

GKK Tindakan Kecemasan
GKK Tindakan KecemasanGKK Tindakan Kecemasan
GKK Tindakan Kecemasan
 
GAMBARAN TINGKAT KECEMASAN IBU HAMIL TRIMESTER III DALAM MENGHADAPI PERSALINA...
GAMBARAN TINGKAT KECEMASAN IBU HAMIL TRIMESTER III DALAM MENGHADAPI PERSALINA...GAMBARAN TINGKAT KECEMASAN IBU HAMIL TRIMESTER III DALAM MENGHADAPI PERSALINA...
GAMBARAN TINGKAT KECEMASAN IBU HAMIL TRIMESTER III DALAM MENGHADAPI PERSALINA...
 
TRIO BC/DR
TRIO BC/DRTRIO BC/DR
TRIO BC/DR
 
Latihan kecemasan 2014
Latihan kecemasan 2014Latihan kecemasan 2014
Latihan kecemasan 2014
 
Unit 4 e security
Unit 4 e securityUnit 4 e security
Unit 4 e security
 
Module 5 security
Module 5 securityModule 5 security
Module 5 security
 
csa2014 IBC
csa2014 IBCcsa2014 IBC
csa2014 IBC
 
TDL3 Rootkit Background
TDL3 Rootkit BackgroundTDL3 Rootkit Background
TDL3 Rootkit Background
 
Overview of SMB, NetBIOS and other network attacks
Overview of SMB, NetBIOS and other network attacksOverview of SMB, NetBIOS and other network attacks
Overview of SMB, NetBIOS and other network attacks
 
Wireless Disassociation and Deauthentication Attacks
Wireless Disassociation and Deauthentication AttacksWireless Disassociation and Deauthentication Attacks
Wireless Disassociation and Deauthentication Attacks
 
Disaster Recovery planning within HIPAA framework
Disaster Recovery planning within HIPAA frameworkDisaster Recovery planning within HIPAA framework
Disaster Recovery planning within HIPAA framework
 
Russian Hacker Cyber Threats to US Voting Infrastructure
Russian Hacker Cyber Threats to US Voting InfrastructureRussian Hacker Cyber Threats to US Voting Infrastructure
Russian Hacker Cyber Threats to US Voting Infrastructure
 
NIST Malware Attack Prevention SP 800-83
NIST Malware Attack Prevention SP 800-83NIST Malware Attack Prevention SP 800-83
NIST Malware Attack Prevention SP 800-83
 
Handbook for Cyber Incident Response
Handbook for Cyber Incident ResponseHandbook for Cyber Incident Response
Handbook for Cyber Incident Response
 
Psychology of the Insider Threat
Psychology of the Insider ThreatPsychology of the Insider Threat
Psychology of the Insider Threat
 

Similaire à Developing ESF 18 for Cyber Response

Cyber Security Risk Assessment Awareness for Emergency Managers
Cyber Security Risk Assessment Awareness for Emergency ManagersCyber Security Risk Assessment Awareness for Emergency Managers
Cyber Security Risk Assessment Awareness for Emergency ManagersDavid Sweigert
 
Integration of Cyber Events into Emergency Planning
Integration of Cyber Events into Emergency PlanningIntegration of Cyber Events into Emergency Planning
Integration of Cyber Events into Emergency PlanningDavid Sweigert
 
Cybersecurity is the practice of protecting computer systems, networks, and d...
Cybersecurity is the practice of protecting computer systems, networks, and d...Cybersecurity is the practice of protecting computer systems, networks, and d...
Cybersecurity is the practice of protecting computer systems, networks, and d...codexrv7
 
Emergency Services Sector Cybersecurity Initiative UASI briefing
Emergency Services Sector Cybersecurity Initiative UASI briefingEmergency Services Sector Cybersecurity Initiative UASI briefing
Emergency Services Sector Cybersecurity Initiative UASI briefingDavid Sweigert
 
Meteo Risk Response Presentation at International Disaster and Risk Conferenc...
Meteo Risk Response Presentation at International Disaster and Risk Conferenc...Meteo Risk Response Presentation at International Disaster and Risk Conferenc...
Meteo Risk Response Presentation at International Disaster and Risk Conferenc...Global Risk Experts
 
Effective cybersecurity for small and midsize businesses
Effective cybersecurity for small and midsize businessesEffective cybersecurity for small and midsize businesses
Effective cybersecurity for small and midsize businessesShawn Tuma
 
The Economics of Cyber Security
The Economics of Cyber SecurityThe Economics of Cyber Security
The Economics of Cyber SecurityJohn Gilligan
 
Cyber Incident Response Team NIMS Public Comment
Cyber Incident Response Team NIMS Public CommentCyber Incident Response Team NIMS Public Comment
Cyber Incident Response Team NIMS Public CommentDavid Sweigert
 
Cyber Incident Response Team - NIMS - Public Comment
Cyber Incident Response Team - NIMS - Public CommentCyber Incident Response Team - NIMS - Public Comment
Cyber Incident Response Team - NIMS - Public CommentDavid Sweigert
 
SC7 Workshop 3: Enhancing cyber defence of cyber space systems
SC7 Workshop 3: Enhancing cyber defence of cyber space systemsSC7 Workshop 3: Enhancing cyber defence of cyber space systems
SC7 Workshop 3: Enhancing cyber defence of cyber space systemsBigData_Europe
 
Is Cyber Resilience Really That Difficult?
Is Cyber Resilience Really That Difficult?Is Cyber Resilience Really That Difficult?
Is Cyber Resilience Really That Difficult?John Gilligan
 
Creating a Culture of Security
Creating a Culture of SecurityCreating a Culture of Security
Creating a Culture of SecurityTechSoup
 
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...PECB
 
Shield Your Data: Master Cyber Security Essentials
Shield Your Data: Master Cyber Security EssentialsShield Your Data: Master Cyber Security Essentials
Shield Your Data: Master Cyber Security EssentialsFutureSkills Prime
 
ERM 1200 Introduction to Emergency ManagementModule 2 Chapter
ERM 1200 Introduction to Emergency ManagementModule 2 ChapterERM 1200 Introduction to Emergency ManagementModule 2 Chapter
ERM 1200 Introduction to Emergency ManagementModule 2 ChapterTanaMaeskm
 

Similaire à Developing ESF 18 for Cyber Response (20)

Cyber Security Risk Assessment Awareness for Emergency Managers
Cyber Security Risk Assessment Awareness for Emergency ManagersCyber Security Risk Assessment Awareness for Emergency Managers
Cyber Security Risk Assessment Awareness for Emergency Managers
 
Integration of Cyber Events into Emergency Planning
Integration of Cyber Events into Emergency PlanningIntegration of Cyber Events into Emergency Planning
Integration of Cyber Events into Emergency Planning
 
Cybersecurity is the practice of protecting computer systems, networks, and d...
Cybersecurity is the practice of protecting computer systems, networks, and d...Cybersecurity is the practice of protecting computer systems, networks, and d...
Cybersecurity is the practice of protecting computer systems, networks, and d...
 
Emergency Services Sector Cybersecurity Initiative UASI briefing
Emergency Services Sector Cybersecurity Initiative UASI briefingEmergency Services Sector Cybersecurity Initiative UASI briefing
Emergency Services Sector Cybersecurity Initiative UASI briefing
 
Cert adli wahid_iisf2011
Cert adli wahid_iisf2011Cert adli wahid_iisf2011
Cert adli wahid_iisf2011
 
Understanding cyber resilience
Understanding cyber resilienceUnderstanding cyber resilience
Understanding cyber resilience
 
Securing Humanitarian Connectivity
Securing Humanitarian ConnectivitySecuring Humanitarian Connectivity
Securing Humanitarian Connectivity
 
Cyber Lead
Cyber LeadCyber Lead
Cyber Lead
 
CNDSP Assessment Template
CNDSP Assessment TemplateCNDSP Assessment Template
CNDSP Assessment Template
 
Meteo Risk Response Presentation at International Disaster and Risk Conferenc...
Meteo Risk Response Presentation at International Disaster and Risk Conferenc...Meteo Risk Response Presentation at International Disaster and Risk Conferenc...
Meteo Risk Response Presentation at International Disaster and Risk Conferenc...
 
Effective cybersecurity for small and midsize businesses
Effective cybersecurity for small and midsize businessesEffective cybersecurity for small and midsize businesses
Effective cybersecurity for small and midsize businesses
 
The Economics of Cyber Security
The Economics of Cyber SecurityThe Economics of Cyber Security
The Economics of Cyber Security
 
Cyber Incident Response Team NIMS Public Comment
Cyber Incident Response Team NIMS Public CommentCyber Incident Response Team NIMS Public Comment
Cyber Incident Response Team NIMS Public Comment
 
Cyber Incident Response Team - NIMS - Public Comment
Cyber Incident Response Team - NIMS - Public CommentCyber Incident Response Team - NIMS - Public Comment
Cyber Incident Response Team - NIMS - Public Comment
 
SC7 Workshop 3: Enhancing cyber defence of cyber space systems
SC7 Workshop 3: Enhancing cyber defence of cyber space systemsSC7 Workshop 3: Enhancing cyber defence of cyber space systems
SC7 Workshop 3: Enhancing cyber defence of cyber space systems
 
Is Cyber Resilience Really That Difficult?
Is Cyber Resilience Really That Difficult?Is Cyber Resilience Really That Difficult?
Is Cyber Resilience Really That Difficult?
 
Creating a Culture of Security
Creating a Culture of SecurityCreating a Culture of Security
Creating a Culture of Security
 
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
 
Shield Your Data: Master Cyber Security Essentials
Shield Your Data: Master Cyber Security EssentialsShield Your Data: Master Cyber Security Essentials
Shield Your Data: Master Cyber Security Essentials
 
ERM 1200 Introduction to Emergency ManagementModule 2 Chapter
ERM 1200 Introduction to Emergency ManagementModule 2 ChapterERM 1200 Introduction to Emergency ManagementModule 2 Chapter
ERM 1200 Introduction to Emergency ManagementModule 2 Chapter
 

Plus de David Sweigert

The hacking methods of the Singularity Event doomsday cult (TYLER A.I.)
The hacking methods of the Singularity Event doomsday cult (TYLER A.I.)The hacking methods of the Singularity Event doomsday cult (TYLER A.I.)
The hacking methods of the Singularity Event doomsday cult (TYLER A.I.)David Sweigert
 
Law Enforcement Cyber Incident Reporting
Law Enforcement Cyber Incident Reporting Law Enforcement Cyber Incident Reporting
Law Enforcement Cyber Incident Reporting David Sweigert
 
Sample Network Analysis Report based on Wireshark Analysis
Sample Network Analysis Report based on Wireshark AnalysisSample Network Analysis Report based on Wireshark Analysis
Sample Network Analysis Report based on Wireshark AnalysisDavid Sweigert
 
National Cyber Security Awareness Month poster
National Cyber Security Awareness Month posterNational Cyber Security Awareness Month poster
National Cyber Security Awareness Month posterDavid Sweigert
 
Department of Defense standard 8570 - CompTia Advanced Security Practitioner
Department of Defense standard 8570 - CompTia Advanced Security Practitioner Department of Defense standard 8570 - CompTia Advanced Security Practitioner
Department of Defense standard 8570 - CompTia Advanced Security Practitioner David Sweigert
 
National Cyber Security Awareness Month - October 2017
National Cyber Security Awareness Month - October 2017National Cyber Security Awareness Month - October 2017
National Cyber Security Awareness Month - October 2017David Sweigert
 
California Attorney General Notification Penal Code 646.9
California Attorney General Notification Penal Code 646.9California Attorney General Notification Penal Code 646.9
California Attorney General Notification Penal Code 646.9David Sweigert
 
Congressional support of Ethical Hacking and Cyber Security
Congressional support of Ethical Hacking and Cyber SecurityCongressional support of Ethical Hacking and Cyber Security
Congressional support of Ethical Hacking and Cyber SecurityDavid Sweigert
 
EXAM NOTES for DOD Standard 8570 CompTia Advanced Security Practitioner (CASP)
EXAM NOTES for DOD Standard 8570 CompTia Advanced Security Practitioner (CASP)EXAM NOTES for DOD Standard 8570 CompTia Advanced Security Practitioner (CASP)
EXAM NOTES for DOD Standard 8570 CompTia Advanced Security Practitioner (CASP)David Sweigert
 
Application of Racketeering Law to Suppress CrowdStalking Threats
Application of Racketeering Law to Suppress CrowdStalking ThreatsApplication of Racketeering Law to Suppress CrowdStalking Threats
Application of Racketeering Law to Suppress CrowdStalking ThreatsDavid Sweigert
 
Canada Communications Security Establishment - Threat Vector Chart
Canada Communications Security Establishment - Threat Vector ChartCanada Communications Security Establishment - Threat Vector Chart
Canada Communications Security Establishment - Threat Vector ChartDavid Sweigert
 
Port of Charleston evacuation case study: The cognitive threat of conspiracy ...
Port of Charleston evacuation case study: The cognitive threat of conspiracy ...Port of Charleston evacuation case study: The cognitive threat of conspiracy ...
Port of Charleston evacuation case study: The cognitive threat of conspiracy ...David Sweigert
 
National Incident Management System (NIMS) NQS DRAFT
National Incident Management System (NIMS) NQS DRAFTNational Incident Management System (NIMS) NQS DRAFT
National Incident Management System (NIMS) NQS DRAFTDavid Sweigert
 
National Incident Management System - NQS Public Feedback
National Incident Management System - NQS Public FeedbackNational Incident Management System - NQS Public Feedback
National Incident Management System - NQS Public FeedbackDavid Sweigert
 
Nursing meets Hacking -- Medical Computer Emergency Response Teams -- MedCERT
Nursing meets Hacking -- Medical Computer Emergency Response Teams -- MedCERTNursing meets Hacking -- Medical Computer Emergency Response Teams -- MedCERT
Nursing meets Hacking -- Medical Computer Emergency Response Teams -- MedCERTDavid Sweigert
 
National Preparedness Goals 2015 2nd edition
National Preparedness Goals 2015 2nd editionNational Preparedness Goals 2015 2nd edition
National Preparedness Goals 2015 2nd editionDavid Sweigert
 
Healthcare Sector-wide Disaster Prepardness Plan
Healthcare Sector-wide Disaster Prepardness PlanHealthcare Sector-wide Disaster Prepardness Plan
Healthcare Sector-wide Disaster Prepardness PlanDavid Sweigert
 
Cyber Risk Assessment for the Emergency Services Sector - DHS
Cyber Risk Assessment for the Emergency Services Sector - DHSCyber Risk Assessment for the Emergency Services Sector - DHS
Cyber Risk Assessment for the Emergency Services Sector - DHSDavid Sweigert
 
Exam notes for the Certified in Homeland Security -- Level II
Exam notes for the Certified in Homeland Security -- Level IIExam notes for the Certified in Homeland Security -- Level II
Exam notes for the Certified in Homeland Security -- Level IIDavid Sweigert
 
NIST Cybersecurity Event Recovery Guide 800-184
NIST Cybersecurity Event Recovery Guide 800-184NIST Cybersecurity Event Recovery Guide 800-184
NIST Cybersecurity Event Recovery Guide 800-184David Sweigert
 

Plus de David Sweigert (20)

The hacking methods of the Singularity Event doomsday cult (TYLER A.I.)
The hacking methods of the Singularity Event doomsday cult (TYLER A.I.)The hacking methods of the Singularity Event doomsday cult (TYLER A.I.)
The hacking methods of the Singularity Event doomsday cult (TYLER A.I.)
 
Law Enforcement Cyber Incident Reporting
Law Enforcement Cyber Incident Reporting Law Enforcement Cyber Incident Reporting
Law Enforcement Cyber Incident Reporting
 
Sample Network Analysis Report based on Wireshark Analysis
Sample Network Analysis Report based on Wireshark AnalysisSample Network Analysis Report based on Wireshark Analysis
Sample Network Analysis Report based on Wireshark Analysis
 
National Cyber Security Awareness Month poster
National Cyber Security Awareness Month posterNational Cyber Security Awareness Month poster
National Cyber Security Awareness Month poster
 
Department of Defense standard 8570 - CompTia Advanced Security Practitioner
Department of Defense standard 8570 - CompTia Advanced Security Practitioner Department of Defense standard 8570 - CompTia Advanced Security Practitioner
Department of Defense standard 8570 - CompTia Advanced Security Practitioner
 
National Cyber Security Awareness Month - October 2017
National Cyber Security Awareness Month - October 2017National Cyber Security Awareness Month - October 2017
National Cyber Security Awareness Month - October 2017
 
California Attorney General Notification Penal Code 646.9
California Attorney General Notification Penal Code 646.9California Attorney General Notification Penal Code 646.9
California Attorney General Notification Penal Code 646.9
 
Congressional support of Ethical Hacking and Cyber Security
Congressional support of Ethical Hacking and Cyber SecurityCongressional support of Ethical Hacking and Cyber Security
Congressional support of Ethical Hacking and Cyber Security
 
EXAM NOTES for DOD Standard 8570 CompTia Advanced Security Practitioner (CASP)
EXAM NOTES for DOD Standard 8570 CompTia Advanced Security Practitioner (CASP)EXAM NOTES for DOD Standard 8570 CompTia Advanced Security Practitioner (CASP)
EXAM NOTES for DOD Standard 8570 CompTia Advanced Security Practitioner (CASP)
 
Application of Racketeering Law to Suppress CrowdStalking Threats
Application of Racketeering Law to Suppress CrowdStalking ThreatsApplication of Racketeering Law to Suppress CrowdStalking Threats
Application of Racketeering Law to Suppress CrowdStalking Threats
 
Canada Communications Security Establishment - Threat Vector Chart
Canada Communications Security Establishment - Threat Vector ChartCanada Communications Security Establishment - Threat Vector Chart
Canada Communications Security Establishment - Threat Vector Chart
 
Port of Charleston evacuation case study: The cognitive threat of conspiracy ...
Port of Charleston evacuation case study: The cognitive threat of conspiracy ...Port of Charleston evacuation case study: The cognitive threat of conspiracy ...
Port of Charleston evacuation case study: The cognitive threat of conspiracy ...
 
National Incident Management System (NIMS) NQS DRAFT
National Incident Management System (NIMS) NQS DRAFTNational Incident Management System (NIMS) NQS DRAFT
National Incident Management System (NIMS) NQS DRAFT
 
National Incident Management System - NQS Public Feedback
National Incident Management System - NQS Public FeedbackNational Incident Management System - NQS Public Feedback
National Incident Management System - NQS Public Feedback
 
Nursing meets Hacking -- Medical Computer Emergency Response Teams -- MedCERT
Nursing meets Hacking -- Medical Computer Emergency Response Teams -- MedCERTNursing meets Hacking -- Medical Computer Emergency Response Teams -- MedCERT
Nursing meets Hacking -- Medical Computer Emergency Response Teams -- MedCERT
 
National Preparedness Goals 2015 2nd edition
National Preparedness Goals 2015 2nd editionNational Preparedness Goals 2015 2nd edition
National Preparedness Goals 2015 2nd edition
 
Healthcare Sector-wide Disaster Prepardness Plan
Healthcare Sector-wide Disaster Prepardness PlanHealthcare Sector-wide Disaster Prepardness Plan
Healthcare Sector-wide Disaster Prepardness Plan
 
Cyber Risk Assessment for the Emergency Services Sector - DHS
Cyber Risk Assessment for the Emergency Services Sector - DHSCyber Risk Assessment for the Emergency Services Sector - DHS
Cyber Risk Assessment for the Emergency Services Sector - DHS
 
Exam notes for the Certified in Homeland Security -- Level II
Exam notes for the Certified in Homeland Security -- Level IIExam notes for the Certified in Homeland Security -- Level II
Exam notes for the Certified in Homeland Security -- Level II
 
NIST Cybersecurity Event Recovery Guide 800-184
NIST Cybersecurity Event Recovery Guide 800-184NIST Cybersecurity Event Recovery Guide 800-184
NIST Cybersecurity Event Recovery Guide 800-184
 

Dernier

Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 

Dernier (20)

Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 

Developing ESF 18 for Cyber Response

  • 1. Developing Emergency Support Function (ESF) no. 18 Dave Sweigert, EMS, CISSP, CISA, PMP February, 2014 Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
  • 2. Intended audience • Managers of political sub-divisions, nonprofit organizations, corporations and others tasked with planning for an integrated response to a disaster or emergency incident that may involve issues related to cyber security or cyber terrorism. Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
  • 3. Objective • Provide awareness of cyber terrorism and cyber warfare threats • Create awareness of Emergency Support Function no. 18 – Cyber Security/Response • Highlight challenges to emergency management of cyber events Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
  • 4. BACKGROUND Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
  • 5. Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
  • 6. Evolving impacts of cyber attacks • Cyber warfare activities • Part of coordinated multi-disciplinary attacks (bio, chemical, infrastructure) • Disruption of critical infrastructure • (grid down, loss of Internet, terrorism). Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
  • 7. No longer just a “data breach” problem • Public safety systems can be comprised to put response activities in the dark • Disruptions of public alert and warning systems to increase terror in public • Illegitimate social media hacks to provide false and misleading press releases Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
  • 8. CYBER WARFARE & CYBER TERRORISM Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
  • 9. Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
  • 10. Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
  • 11. Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
  • 12. Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
  • 13. EMERGENCY MANAGEMENT (EM) AND CYBER RESPONSE Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
  • 14. Coordinating cyber response • Emergency Support Functions (ESFs) provide buckets of disciplines to help manage incident response • ESF 18 – Cyber Security/Response – a developing area to support comprehensive emergency management with cyber capabilities Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
  • 15. Emergency Support Function (ESF): • ESFs provide for a coordinated response • ESFs used to plan in all four (4) phases of EM: Mitigation, Preparedness, Response, Recovery • ESFs offer a coordinating structure • ESFs help coordinate information flow Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
  • 16. Emergency Support Function (ESF): • ESF support for communications and shared messaging to avoid contradictory statements and assessments • Promotes common operating picture • Organizes and identifies overlapping functions (e.g., ESF – 2 Communications) Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
  • 17. Emergency Support Function (ESF): • ESFs are the grouping of governmental and certain private sector capabilities into an organizational structure to provide support, resources, program implementation, and services that are most likely needed to save lives, protect property and the environment, restore essential services and critical infrastructure, and help victims and communities return to normal following domestic incidents. Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
  • 18. Traditional ESFs Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
  • 20. Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
  • 21. Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
  • 22. ESF 18 – catalogue capabilities • Rapid deployment of basic Internet services following destruction of infrastructure? • Use of technical specialists to defend against aggressive cyber attacks? • Coordination of network monitoring and restoral activities for critical public safety systems (911 dispatch, radio, comm)? Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
  • 23. CONCLUSION Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
  • 24. ESF 18 – Cyber Security / Response • Developing area of Emergency Management (EM) • Understand the significance of cyber warfare and cyber terrorism • Build awareness of integrating cyber response planning into overall EM plans (EOPs, continuity plans, etc.) Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014
  • 25. About the author: An Air Force veteran, Dave Sweigert acquired significant security engineering experience with military and defense contractors before earning two Masters’ degrees (Project Management and Information Security). He holds the following certifications: California Emergency Management Specialist (EMS), Project Management Professional (PMP) , Certified Information Security Systems Professional (CISSP), and Certified Information Systems Auditor (CISA). Mr. Sweigert has over twenty years experience in information assurance, risk management, governance frameworks and litigation support. Dave Sweigert, EMS, PMP, CISA, CISSP 2/1/2014