Transcription
VOLUME 2 ISSUE 11November 2021THISMONTH’SFOCUSCRITICAL INFRASTRUCTURESECURITY AND RESILIENCEPROTECTING CRITICAL INFRASTRUCTURE:A SHARED RESPONSIBILITYDID YOU KNOW?The critical infrastructurecommunity includes theowners and operatorsof critical infrastructure,ofcials across all levels ofgovernment, and all whobeneft from our nation’scritical infrastructure.CDSE – Center forDevelopment of SecurityExcellenceThere are 16 critical infrastructure sectors whose assets, systems, and networks(whether physical or virtual) are considered so vital to the United States that theirincapacitation or destruction would have a debilitating efect on security, the economy,public health or safety, or any combination thereof. The Cybersecurity and InfrastructureSecurity Agency (CISA) promotes Infrastructure Security Month (ISM), an annual efort inNovember to educate and engage all levels of government, infrastructure owners andoperators, and the American public about the vital role critical infrastructure plays in thenation’s wellbeing.CRITICAL INFRASTRUCTURE riticalManufacturingDamsDefense IndustrialBaseEmergencyServicesEnergyFinancial ServicesFood & AgricultureGovernmentFacilitiesHealthcare &Public HealthInformationTechnologyNuclear Reactors,Materials & WasteTransportationSystemsWater &WastewaterSystems@TheCDSECenter for Development ofSecurity ExcellenceSign up for the latest security awareness newsletters at https://www.cdse.edu/news/index.html1
VOLUME 2 ISSUE 11November 2021PROTECTING CRITICALINFRASTRUCTURE: A SHAREDRESPONSIBILITY (CONT’D)The theme for ISM2021 is “CriticalInfrastructure Security andResilience: Build it In” as areminder to all audiencesabout how important it isto consider infrastructuresecurity and resilience fromdesign concept all the waythrough developmentand implementation. CISAalso released a toolkitdetailing how it willspotlight a diferent aspectof infrastructure securityevery week of ISM.On October 29, 2021,the White Houseissued a PresidentialProclamation about ISMwhere President Joe Bidenstated, “Threats to thecritical infrastructure thatwe all depend on, whichunderpins our economicand national security, areamong the most signifcantand growing concerns forour Nation, including cyberthreats, physical threats,and climate threats We must do everythingWEEK 1(November 1-7)Interconnected and Independent CriticalInfrastructure: Shared risk means building inshared responsibility.WEEK 2(November 8-14)Planning for Soft Target Security: Build in securityfor mass gatherings starting with your planning.WEEK 3(November 15-21)Building Resilience into Critical Infrastructure.WEEK 4(November 22-30)Securing our Elections: Build resilience into ourdemocratic processes.INFORMATION FROM THE BLACKMATTER RANSOMWARECYBERSECURITY ADVISORY:Actions You Can Take Now to Protect AgainstBlackMatter Ransomware Implement and enforcebackup and restoration policies and procedures. Use strong, uniquepasswords. Use multi-factorauthentication.we can to safeguard andstrengthen the systemsthat protect us; provideenergy to power ourhomes, schools, hospitals,businesses, and vehicles;maintain our ability toconnect; and ensure thatwe have reliable access tosafe drinking water.”Shining a spotlight oncritical infrastructure iscrucial due to modern,sophisticated cybercrimesthat put the U.S. at risk.Earlier this year, majorcyberattacks causedissues up and down thesupply chain. Since ournation relies on criticalinfrastructure for health,energy, communications,and other vital services, itis equally important thateveryone understandtheir role and take actionto ensure our criticalinfrastructure remainsstrong, secure, andfunctional.On October 18, 2021,CISA, the Federal Bureauof Investigation (FBI), Implement networksegmentation andtraversal monitoring.and the National SecurityAgency (NSA) published acybersecurity advisoryregarding BlackMatterransomware cyberintrusions targetingmultiple U.S. criticalinfrastructure entities,including two U.S. foodand agriculture sectororganizations. The advisoryincludes technical details,analysis, and assessmentof this cyber threat, aswell as several mitigationactions to reduce the riskto this ransomware. “Thisadvisory highlights theevolving and persistentnature of criminal cyberactors and the need fora collective public andprivate approach to reducethe impact and prevalenceof ransomware attacks,” saidEric Goldstein, ExecutiveAssistant Director forCybersecurity, CISA. “CISA,FBI and NSA are takingevery step possible totry to make it harder forcyber criminals to operate.Americans can help us inthis long-term endeavor byvisiting Stopransomware.Sign up for the latest security awareness newsletters at https://www.cdse.edu/news/index.html2
VOLUME 2 ISSUE 11November 2021PROTECTING CRITICALINFRASTRUCTURE: A SHAREDRESPONSIBILITY (CONT’D)gov to learn how to reducetheir risk of becoming avictim of ransomware.”In addition to cybersecurityincidents, criticalinfrastructure is underthreat from a myriad ofnatural (climatological,meteorological, biological,geophysical, hydrological,etc.) and manmade (supplychain attacks, untrustedinvestment, foreigninfuence operations,unscheduled disruptions,criminal incidents andterror attacks, etc.) events.Homeland SecurityPresidential Directive-7(HSPD-7) is a directivethat assigns criticalinfrastructure protectionresponsibilities to theDepartment of Defense(DOD) and otherorganizations. DOD isresponsible for two rolesfor critical infrastructureprotection. First, as afederal department, andsecond, as the SectorSpecifc Agency for theDefense Industrial Base(one of the sixteen sectorspreviously mentioned).Within DOD, the AssistantSecretary of Defense forHomeland Defense andAmericas’ Security Afairs,ASD(HD&ASA), has thelead for providing policy,guidance, oversight, andresource advocacy for bothroles. Visit the DefenseCritical InfrastructureProgram (DCIP) webportal to learn more aboutthe program.One of the key messages ofISM is that we all share inthe responsibility to protectcritical infrastructure.The CISA InfrastructureSecurity Month Toolkitlists many diferent waysfor organizations andindividuals to get involvedin supporting criticalinfrastructure securityand resilience. One of theprimary actions is throughpromoting awareness andtaking training. Trainingis vital to the success ofa critical infrastructuresecurity and resilienceprogram. The trainingcan cover general securityconcepts, best practices, orspecifc topics such as:Physicalsecurity bestpracticesSupplychain ying& ReportingSuspiciousActivityInsider threatCybersecurityCredentialingAntiterrorismThe Center forDevelopment of SecurityExcellence (CDSE) and CISAhave a multitude of trainingand awareness productscovering various criticalinfrastructure protectiontopics. Visit and share thetraining and resourcesfrom both organizationslisted in this newsletter toenhance individual andagency knowledge/skills.Join us and do your part tosecure our nation’s criticalinfrastructure.Sign up for the latest security awareness newsletters at https://www.cdse.edu/news/index.html3
VOLUME 2 ISSUE 11November 2021CDSE AND DOD TRAINING AND RESOURCESEstablishing and maintaining a secure and resilient infrastructureprotection program requires a multidisciplinary approach. CDSEhas training courses and resources in many of the disciplinesneeded to promote awareness and skills to protect ourcritical infrastructure.COUNTERINTELLIGENCEELEARNING COURSESThe Counterintelligence (CI)Awareness Program’s purposeis to make DOD and IndustrySecurity personnel aware oftheir responsibility to reportunusual activities or behaviorsand various threats from foreignintelligence entities, otherillicit collectors of U.S. defenseinformation, and terrorists.CDSE provides training andawareness resources to help thetarget workforces understandthe threat and implement theirreporting duties.JOB AIDSProtecting Assets inthe NISPCounterintelligenceAwareness for DefenseCritical InfrastructureThwarting theEnemy: ProvidingCounterintelligence &Threat Awareness to theDefense Industrial BaseSupply Chain RiskManagementCounterintelligenceAwareness and Reportingfor DODTOOLKITSCI Awareness Toolkit Training and Awareness Reporting/Requirements Cyber CI CounterterrorismUnderstanding Espionage Foreign Travel and Visitsand National Security Supply Chain RiskCrimesManagementSuspicious EmailsDEFENSE CRITICAL INFRASTRUCTUREPROGRAM (DCIP)The DCIP web portal is dedicated to providinginformation about the Defense CriticalInfrastructure Program (DCIP). It is hostedby ASD(HD&ASA), The purpose of this webportal is to inform and educate the generalpublic, members of the armed forces, and ourinteragency and intergovernmental partners, aswell as to assist in outreach to our private sectorpartners. Visit the web portal today to learnmore about DCIP.Sign up for the latest security awareness newsletters at https://www.cdse.edu/news/index.html4
VOLUME 2 ISSUE 11November 2021CYBERSECURITYINDUSTRIAL SECURITYCybersecurity is the ability to protect or defend the useof cyberspace from attacks. CDSE ofers a wide range oftraining and awareness products to increase awarenessof cyber threats and develop the skills your workforceneeds to combat and mitigate those threats.CDSE’s Industrial Security Program is a multi-disciplinarysecurity program focused on the protection of classifedinformation developed by, or entrusted to, U.S. industryoperating under the National Industrial Security Program(NISP). CDSE provides training and awareness productson subjects ranging from the safeguarding classifedinformation to transmission and transportation forindustry.ELEARNING/INSTRUCTOR-LED (ILT)COURSESCybersecurityAwarenessAssessing Riskand ApplyingSecurity Controlsto NISP Systems(ILT)WEBINARSCybersecurity andTelework: Concerns,Challenges andPractical Solutions:Part 1Part 2Part 3(Collaboration Tool)TOOLKITSCybersecurity Social Media SupplyChain RiskManagement Training andAwarenessELEARNING COURSESNISP ReportingRequirementsVIDEOInsider ThreatOverview for FSOsTOOLKITSFacility SecurityOfcer (FSO)Acquisition ReportingDeliverUncompromised RiskManagement eLearningINSIDER THREATPHYSICAL SECURITYInsider Threat Programs are designed to deter, detect,and mitigate actions by insiders who represent a threatto national security. CDSE provides multiple products tohelp personnel/organizations learn how to identify andmitigate insider threats. These products are located inthe Insider Threat Toolkit tabs listed below along with twosector specifc job aids developed last year:The Physical Security (PHYSEC) Program is that part ofsecurity concerned with active and passive measures,designed to prevent the unauthorized access topersonnel, equipment, installations, materials, andinformation; and to safeguard them against espionage,sabotage, terrorism, damage, and criminal activity. Hereis an abbreviated list of CDSE’s PHYSEC training andresources:ELEARNING COURSESInsider ThreatAwarenessEstablishing anInsider ThreatAwarenessProgram for YourOrganizationInsider ThreatMitigationResponsesJOB AIDSInsider ThreatPrograms forthe CriticalManufacturingSectorInsider RiskPrograms for theHealthcare andPublic HealthSectorInsider RiskMitigationPrograms: Foodand AgricultureSectorTOOLKITSInsider Threat CriticalInfrastructure Kinetic Violence Research Training andAwarenessELEARNING COURSESAntiterrorismOfcer (ATO)Level IIIntroduction toPhysical SecurityPhysical SecurityMeasuresJOB AIDSSecurity-inDepth (SID) vs.Crime PreventionThroughEnvironmentalDesign (CPTED)TOOLKITSPhysical SecurityToolkit Physical SecurityPlanning ElectronicSecurity System SecurityMeasuresPhysical SecurityPlanning andImplementationPhysical Securityand AssetProtection (ILT)Sign up for the latest security awareness newsletters at https://www.cdse.edu/news/index.html5
VOLUME 2 ISSUE 11November 2021REGISTRATION NOW OPENFOR THE GETTING STARTEDSEMINARThe next Getting Started Seminar(GSS)for FSOs is scheduled to start February 8,2022 and it is entirely virtual! This courseis not only a great way to get started as anew FSO, but also a way for experienced FSOs to stayinformed about policy changes, procedural changes,emerging trends, threats, concerns, etc. Students work incollaboration with other security professionals, exploringsecurity topics through practical exercises. To learn moreand register today, visit ed-Courses/IS121/CISA RESOURCESCISA works with businesses,communities, and government atevery level to help make the nation’scritical infrastructure more resilientto cyber and physical threats. Learnmore by viewing these CISA trainingand awareness resources:Infrastructure SecurityMonthA Guide to CriticalInfrastructure Securityand Resilience2021 InfrastructureSecurity Month ToolkitCDSE WEBSITE MIGRATIONThe CDSE website has recently migratedto a new server and is working to resolvesome issues users are experiencingwhen accessing the site. These may beresolved by entering in the full site URL:https://www.cdse.edu in your browser, but someof the issues may be related to site certificates.Additional updates to follow.Business ResourcesCritical InfrastructureTrainingCritical InfrastructureSectorsStop Ransomware2021 INSIDER THREATVIRTUAL CONFERENCEPRESENTATIONS NOWAVAILABLEThe 2021 Insider Threat Virtual Conference was heldon September 2, 2021. The conference was open tosecurity professionals in Government and industry andwas jointly hosted by Defense Counterintelligence andSecurity Agency (DCSA) and Ofce of the Under Secretaryof Defense for Intelligence & Security OUSD(I&S). Theevent brought security professionals and policy makersfrom across the U.S. Government and industry togetherto kick of the National Insider Threat Awareness Month(NITAM) campaign. The theme for this year’s conferenceand campaign was “Workplace Culture and Insider Threat.”If you missed the conference, or would like to revisit thepresentations, the recordings are now available in ourwebinar archive under Insider Threat.Sign up for the latest security awareness newsletters at https://www.cdse.edu/news/index.html6
VOLUME 2 ISSUE 11November 2021WHAT STUDENTS ARE SAYINGCybersecurity Awareness and Reporting for DODEmployees (CI116.16) eLearning Course“This is excellent. The terms are well-explained and elaboratedfor someone with no experience in the feld. I like howeverything is worded and all the terms are defned before theyare used. Everything is divided into clearly marked categoriesand one has the option to follow their own path in learning thecontent. There are also fun facts about spies that help connectthe content to real-life examples.”Thwarting the Enemy: Providing CI and ThreatAwareness for the Defense Industrial Base (CI111.16)eLearning Course“Very interesting, practical presentation of the material. One ofthe best online trainings I’ve done.”Physical Security and Asset Protection (PY201.01)Instructor-led Course“The hands-on opportunity and peer interactions to process theinformation were invaluable to get insight and understand howto implement the information. Resources given were also vitalto let me be able to independently adjust my own protocols andcorrect errors and gaps in our security practices and setups.”“I have 100 building’s I need to protect and this course gave methe tools needed to do so.”REGISTER FOR SPRINGEDUCATION CLASSESRegistration is now open for the spring semester of CDSEEducation classes that run from January 10 to May 6, 2022.Classes fll quickly, so please register early to secure yourspot in the spring semester.CDSE Education Program ofers: Tuition-free, fexible Real-world practicalassignments Virtual networkingwith professionalsthroughout the securitycommunity 100% virtual instructorled courses Five Security EducationCertifcate programsYou can learn more about the available classes andregister for them by accessing the links here:https://www.cdse.edu/education/courses.html. Toregister, log into STEPP via:https://cdse.usalearning.gov/login/index.php. If you have any questions,or need additional information, contactthe CDSE Education Programat: dss.ncr.dss-cdse.mbx.cdseeducation@mail.milCDSE NEWSCDSE ofers an email subscriber news service to get thelatest CDSE news, updates, and information. You may bereceiving the Pulse through your subscription, but if youwere forwarded this newsletter from another source andwould like to subscribe to the Pulse or one of our otherpublications, visit our news page to sign up or update youraccount today -https://www.cdse.edu/news/index.html.Insider ThreatBulletinsFlashQuarterlyProduct ReportSign up for the latest security awareness newsletters at https://www.cdse.edu/news/index.html7
training and awareness products. to increase awareness . of cyber threats and develop the skills your workforce needs to combat and mitigate those threats. ELEARNING/ INSTRUCTOR-LED (ILT) COURSES WEBINARS TOOLKITS Cybersecurity Awareness Assessing Risk Security Controls to NISP Systems (ILT) Cybersecurity and Telework: Concerns, Challenges and
