Cyber Security Overview for Water Agency Leaders - WACO, April 2022
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
From the Leg Analyst Office • Research Shows Increase in Number of Cyberattacks on, and Variation in Cybersecurity Preparedness of, Critical Infrastructure Sector Entities • Findings Suggest Lack of Dedicated Cybersecurity Funding and Staff Limits Preparedness of Critical Infrastructure Sector Entities.
The Problem • Threats to critical infrastructure will only increase • Adversaries move forward five times faster than we do • Finding comparable cyber resources is expensive – This will be a growing problem for public sector agencies • Lack of cyber practitioners – 300k open cyber jobs in US • Cost of that talent – More expensive than our current staff leadership • We need to prepare strategies, this is a long-term issue
Current Cybersecurity Challenges Breach Statistics 207 days To identify a breach SolarWinds and Microsoft Florida water hack Ransomware cases Exchange hacks brought to light further exposed the continue to rise 73 days the reality of cyber threats threat $3 trillion 2015 to To contain a breach $6 trillion in 2021 $3.86M Average total cost COVID-19 and remote work The U.S., and the world, faces -$1.53M has provided threat actors a huge cybersecurity skills Average in lost business opportunity gap Sources: 2020 Cost of a Data Breach Report – The Ponemon Institute Palo Alto Networks & Crypsis 2020 Incident Response and Data Breach Report Security Boulevard – https://securityboulevard.com/2021/02/ransomware- trends-you-need-to-know-in-2021/ March 31, 6 2022
Four Phases • Policies, Assessment and Planning • Remediation • Monitoring • Incident response planning
Assessment & Planning Planning from single services and engagements, to an entire security program. Security Roadmap Plan and Program Development • Assessment Planning • Incident Response (IR) • Business Continuity / Disaster Recovery • Identity and Access Management (IAM) • Security Awareness Threat Modeling & Data Classification Remediation Planning Training March 31, 2022 8
Monitoring • “Sometimes you need machines to defeat machines”, Alan Turing, The Imitation Game • Automation is key • Work on selecting advanced technologies – Goal is to buy one best solution, not many of the same solution – Could result in cost savings – Good to consider services with the technology • The top goal: EARLY DETECTION IS KEY
Risk March 31, 2022 10
From Gartner
Administration & Management Ongoing services to provide cyber administration and oversight. Virtual Chief Information Security Officer (vCISO) Security Oversight and Governance Policies & Processes Vendor Management Remediation Services Incident Response Services Key Role Staffing March 31, 2022 12
AgencyRegional Shared Services, Cyber MOUs to aggregate cyber strategies and JPA technologies for local governments
Joint Powers Authority (JPA) • Very common tool for California Govt • Legal grouping of agencies for mutual benefit – Ex. Insurance, animal control – CA Govt Code 6500 • Components – Bylaws, contracts, RFPs, scope, roles, leadership, organization, funding • Not restricted to vertical agencies 14
Executive Decisions • Determine if you have the resources to succeed in cyber security inhouse – If yes, lay out a multi year strategy including funding, training, resourcing and policy development • Consider being a JPA “anchor” – If not, work to create a partner model to include • RFP • Assessment of your environment • Remediation plan • Monitoring • Incident Response • Policy development • Cost containment • Physical security/background checks
Wrapping up • Create policies for cyber decision making and funding • Objectively assess your agency’s cyber readiness • Staff or engage teams for proper cyber monitoring • PLAN for an incident, know all the roles, “who gets the first call”
You can also read