Cyber Security Overview for Water Agency Leaders - WACO, April 2022

Page created by Jimmie Reese
 
CONTINUE READING
Cyber Security Overview for Water Agency Leaders - WACO, April 2022
Cyber Security Overview for Water
         Agency Leaders
                      WACO, April 2022
Cyber Security Overview for Water Agency Leaders - WACO, April 2022
Growing threats to Water
                            From Politico

             We can find dozens of similar
             articles just from March
Cyber Security Overview for Water Agency Leaders - WACO, April 2022
Reality…
• You have been hacked
• You are being hacked
• You will be hacked
Cyber Security Overview for Water Agency Leaders - WACO, April 2022
From the Leg Analyst Office
•   Research Shows Increase in Number of Cyberattacks on,
    and Variation in Cybersecurity Preparedness of, Critical
    Infrastructure Sector Entities
•   Findings Suggest Lack of Dedicated Cybersecurity Funding and
    Staff Limits Preparedness of Critical Infrastructure Sector
    Entities.
Cyber Security Overview for Water Agency Leaders - WACO, April 2022
The Problem
• Threats to critical infrastructure will only increase
• Adversaries move forward five times faster than
  we do
• Finding comparable cyber resources is expensive
   – This will be a growing problem for public sector
     agencies
       • Lack of cyber practitioners
           – 300k open cyber jobs in US
       • Cost of that talent
           – More expensive than our current staff leadership
• We need to prepare strategies, this is a long-term
  issue
Cyber Security Overview for Water Agency Leaders - WACO, April 2022
Current Cybersecurity
            Challenges
                                                                                 Breach Statistics

                                                                                 207 days
                                                                                 To identify a breach

SolarWinds and Microsoft          Florida water hack       Ransomware cases
Exchange hacks brought to light   further exposed the      continue to rise      73 days
the reality of cyber threats      threat                   $3 trillion 2015 to   To contain a breach
                                                           $6 trillion in 2021
                                                                                 $3.86M
                                                                                 Average total cost

COVID-19 and remote work               The U.S., and the world, faces            -$1.53M
has provided threat actors             a huge cybersecurity skills               Average in lost business
opportunity                            gap

                                                                                 Sources: 2020 Cost of a Data Breach Report – The Ponemon Institute
                                                                                 Palo Alto Networks & Crypsis 2020 Incident Response and Data Breach Report
                                                                                 Security Boulevard – https://securityboulevard.com/2021/02/ransomware-
                                                                                 trends-you-need-to-know-in-2021/

                                                                                                                       March 31,
                                                                                                                                                          6
                                                                                                                       2022
Cyber Security Overview for Water Agency Leaders - WACO, April 2022
Four Phases
•   Policies, Assessment and Planning
•   Remediation
•   Monitoring
•   Incident response planning
Cyber Security Overview for Water Agency Leaders - WACO, April 2022
Assessment & Planning
                 Planning from single services and engagements,
                 to an entire security program.

                 Security Roadmap
                 Plan and Program Development
                     • Assessment Planning
                     • Incident Response (IR)
                     • Business Continuity / Disaster Recovery
                     • Identity and Access Management (IAM)
                     • Security Awareness
                 Threat Modeling & Data Classification
                 Remediation Planning
                 Training

March 31, 2022                                                    8
Cyber Security Overview for Water Agency Leaders - WACO, April 2022
Monitoring
• “Sometimes you need machines to defeat machines”,
  Alan Turing, The Imitation Game
• Automation is key
• Work on selecting advanced technologies
   – Goal is to buy one best solution, not many of the same solution
   – Could result in cost savings
   – Good to consider services with the technology

• The top goal: EARLY DETECTION IS KEY
Risk
March 31, 2022   10
From Gartner
Administration & Management

                 Ongoing services to provide cyber administration
                 and oversight.

                 Virtual Chief Information Security Officer (vCISO)
                 Security Oversight and Governance
                 Policies & Processes
                 Vendor Management
                 Remediation Services
                 Incident Response Services
                 Key Role Staffing

March 31, 2022                                                        12
AgencyRegional
       Shared          Services,            Cyber
               MOUs to aggregate cyber strategies and
                                                      JPA
                 technologies for local governments
Joint Powers Authority (JPA)
• Very common tool for California
  Govt
• Legal grouping of agencies for
  mutual benefit
   – Ex. Insurance, animal control
   – CA Govt Code 6500
• Components
   – Bylaws, contracts, RFPs, scope, roles,
     leadership, organization, funding
• Not restricted to vertical agencies

                                              14
Executive Decisions
• Determine if you have the resources to succeed in
  cyber security inhouse
   – If yes, lay out a multi year strategy including funding,
     training, resourcing and policy development
       • Consider being a JPA “anchor”
   – If not, work to create a partner model to include
       •   RFP
       •   Assessment of your environment
       •   Remediation plan
       •   Monitoring
       •   Incident Response
       •   Policy development
       •   Cost containment
       •   Physical security/background checks
Wrapping up
• Create policies for cyber decision making and
  funding
• Objectively assess your agency’s cyber readiness
• Staff or engage teams for proper cyber
  monitoring
• PLAN for an incident, know all the roles, “who
  gets the first call”
You can also read