Cyber Security Overview for Water Agency Leaders - WACO, April 2022
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
Cyber Security Overview for Water
Agency Leaders
WACO, April 2022
Growing threats to Water
From Politico
We can find dozens of similar
articles just from March
Reality… • You have been hacked • You are being hacked • You will be hacked
From the Leg Analyst Office
• Research Shows Increase in Number of Cyberattacks on,
and Variation in Cybersecurity Preparedness of, Critical
Infrastructure Sector Entities
• Findings Suggest Lack of Dedicated Cybersecurity Funding and
Staff Limits Preparedness of Critical Infrastructure Sector
Entities.
The Problem
• Threats to critical infrastructure will only increase
• Adversaries move forward five times faster than
we do
• Finding comparable cyber resources is expensive
– This will be a growing problem for public sector
agencies
• Lack of cyber practitioners
– 300k open cyber jobs in US
• Cost of that talent
– More expensive than our current staff leadership
• We need to prepare strategies, this is a long-term
issue
Current Cybersecurity
Challenges
Breach Statistics
207 days
To identify a breach
SolarWinds and Microsoft Florida water hack Ransomware cases
Exchange hacks brought to light further exposed the continue to rise 73 days
the reality of cyber threats threat $3 trillion 2015 to To contain a breach
$6 trillion in 2021
$3.86M
Average total cost
COVID-19 and remote work The U.S., and the world, faces -$1.53M
has provided threat actors a huge cybersecurity skills Average in lost business
opportunity gap
Sources: 2020 Cost of a Data Breach Report – The Ponemon Institute
Palo Alto Networks & Crypsis 2020 Incident Response and Data Breach Report
Security Boulevard – https://securityboulevard.com/2021/02/ransomware-
trends-you-need-to-know-in-2021/
March 31,
6
2022
Four Phases • Policies, Assessment and Planning • Remediation • Monitoring • Incident response planning
Assessment & Planning
Planning from single services and engagements,
to an entire security program.
Security Roadmap
Plan and Program Development
• Assessment Planning
• Incident Response (IR)
• Business Continuity / Disaster Recovery
• Identity and Access Management (IAM)
• Security Awareness
Threat Modeling & Data Classification
Remediation Planning
Training
March 31, 2022 8
Monitoring • “Sometimes you need machines to defeat machines”, Alan Turing, The Imitation Game • Automation is key • Work on selecting advanced technologies – Goal is to buy one best solution, not many of the same solution – Could result in cost savings – Good to consider services with the technology • The top goal: EARLY DETECTION IS KEY
Risk March 31, 2022 10
From Gartner
Administration & Management
Ongoing services to provide cyber administration
and oversight.
Virtual Chief Information Security Officer (vCISO)
Security Oversight and Governance
Policies & Processes
Vendor Management
Remediation Services
Incident Response Services
Key Role Staffing
March 31, 2022 12AgencyRegional
Shared Services, Cyber
MOUs to aggregate cyber strategies and
JPA
technologies for local governmentsJoint Powers Authority (JPA)
• Very common tool for California
Govt
• Legal grouping of agencies for
mutual benefit
– Ex. Insurance, animal control
– CA Govt Code 6500
• Components
– Bylaws, contracts, RFPs, scope, roles,
leadership, organization, funding
• Not restricted to vertical agencies
14Executive Decisions
• Determine if you have the resources to succeed in
cyber security inhouse
– If yes, lay out a multi year strategy including funding,
training, resourcing and policy development
• Consider being a JPA “anchor”
– If not, work to create a partner model to include
• RFP
• Assessment of your environment
• Remediation plan
• Monitoring
• Incident Response
• Policy development
• Cost containment
• Physical security/background checksWrapping up • Create policies for cyber decision making and funding • Objectively assess your agency’s cyber readiness • Staff or engage teams for proper cyber monitoring • PLAN for an incident, know all the roles, “who gets the first call”
You can also read
