Election Infrastructure Security Initiative

Election Infrastructure Security Initiative Texas Election Law Seminar November 29th, 2018 Harvey Perriott; Chief Protective Security George Reeves; Cyber Security Advisor Elections: Critical to American Democracy Given the vital role elections play in this country, it is clear that certain systems and assets of election infrastructure meet the definition of critical infrastructure, in fact and in law. DHS Election Infrastructure Designation Statement, Jan. 6, 2017 Critical infrastructure is defined as: Systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters. 6 Election Infrastructure Election infrastructure refers to assets, systems, and networks most critical to the security and resilience of the election process, such as: Storage facilities

Polling places Voter registration databases, and the information technology infrastructure and systems used to maintain such databases. Information technology infrastructure and systems used to count, audit, and display election results. 3 National Infrastructure Protection Plan The National Infrastructure Protection Plan (NIPP) 2013 established a framework for national, coordinated efforts to protect critical infrastructure by managing risk in each of 16 sectors. NIPPs voluntary partnership model is the primary means of coordinating public and private sector infrastructure protection efforts through collaboration: Sector-Specific Agency (SSA) Government Coordinating Council (GCC) Sector Coordinating Council (SCC)

Coordinates security and resilience efforts in each sector. Forum for stakeholders from different levels of government. Forum for private sector entities to work jointly among themselves and with the GCC and SSA. 4 DHS Employs A Whole of Nation Approach Securing election infrastructure is a national priority and no one entity can be successful working alone - it takes a whole of nation approach. Just as most critical infrastructure is not federally owned or managed, election infrastructure is outside federal control. DHS values and builds partnerships based on a foundation of trust, information sharing. Academ ia

Priva te Secto r Federal Agencies State and Local Gov 5 DHS Works With A Variety Of State and Local Partners DHS works with partners in all levels of government: 6 DHSs Critical Infrastructure Partner Role DHS is the sector-specific agency (SSA) responsible to and for the Election Infrastructure Subsector (EIS). As its SSA, DHS remains a partner to, not an overseer of, state and local election officials, and supports the work of state and local election officials.

DHS funds the Multi-State Information Sharing and Analysis Center to provide information services to state and local election officials. To further develop and support the state and local partnership, DHS created the Election Task Force (ETF) as part of a wholeof-nation approach to unify federal efforts to ensure security and resilience of election infrastructure. 10 EIS Government Coordinating Council Formed in October 2017, the EIS Government Coordinating Council (GCC) is a 27-member body of 24 state and local government representatives and 3 federal government representatives The EIS GCC: Provides a forum for government to work jointly on an array of efforts to support election infrastructure through collective and individual expertise and resources. Will receive classified threat information as well as threat and vulnerability information. Will also help determine who else in the election community should receive that information so they are both recipients and involved in the sharing of information. 8 EIS Sector Coordinating Council

Formation of the EIS Sector Coordinating Council (SCC) is underway. The EIS SCC will be a self-governing group, enabling privatesector critical infrastructure owners and operators and industry representatives to work jointly on sector-specific strategies, policies, and activities. The EIS SCC will coordinate and collaborate with the EIS GCC and DHS as its SSA to address critical infrastructure security and resilience policies and efforts for election infrastructure. 9 ETF: Federal Support for Election Infrastructure Formed in October 2017, the Election Task Force coordinates and synchronizes all federal activity on behalf of election infrastructure. ETFs work is guided by three primary goals: Understand threat and characterize risk to election infrastructure to inform planning, resourcing, and prioritization of EI efforts. Provide services to EI stakeholders to help reduce both cyber and physical risk to state infrastructures, ensure access to actionable threat information, and maintain situational awareness of trends across the sector. Mature the organization of the EI Subsector to ensure a representative and effective security-informed partnership. 11

Election Task Force Members 11 DHS Election Infrastructure Services DHS offers a broad range of services and programs to help secure election infrastructure. Services and programs are free, and all are voluntary and provided upon request. Contact Cybersecurity Advisors (CSA) to discuss how to select, prioritize, and sequence available services and educational programs based on specific needs. 12 Summary of DHS Services: Physical Assessments Needs DHS Services Summary Assist Visit (AV) On-site engagement to inform and educate

owners and operators on threats from terrorism, the criticality of their facilities, and available Office of Infrastructure Protection (IP) and Department of Homeland Security (DHS) resources. The AV can include a security walkthrough using a DHS Security Checklist developed specifically for Election Infrastructure. Infrastructure Survey Tool (IST) Facilitated survey to Identify and document critical infrastructure overall security and resilience, and provide information for protective measures planning and resource allocation. Hometown Security A source for providing tools and resources to protect public gathering venues. Identify and Limit Vulnerabiliti es

To learn more about our products and services, please visit https://www.dhs.gov/ecip and https://www.dhs.gov/hometown-security. 13 Cybersecurity Service Centers 24/7 cybersecurity operations centers that maintain close coordination among the private sector, government officials, the intelligence community, and law enforcement to provide situational awareness and incident response, as appropriate. Contact Information For more information on DHS cyber programs, visit www.dhs.gov/cyber For access to the full range of DHS cyber resources, email [email protected] To become an MS-ISAC member, visit www.cisecurity.org/ms-isac/ 14 Summary of DHS Services: Cybersecurity Assessments Needs Identify and

Limit Vulnerabiliti es DHS Services Summary Cyber Hygiene Scanning Broadly assess Internet-accessible systems for known vulnerabilities and configuration errors on a persistent basis. As potential issues are identified DHS works with impacted stakeholders to mitigate threats and risks to their systems prior to their exploitation. Risk and Vulnerability Assessment (RVA) Phishing Campaign Assessment Penetration testing

Social engineering Wireless access discovery Database scanning Operating system scanning Measures susceptibility to email attack Delivers simulated phishing emails Quantifies click-rate metrics over a 10-week period 15 15 Summary of DHS Services: Cybersecurity Assessments, Contd Needs Cyber Risk and IT Security Program Assessment DHS Services Summary

Cyber Resilience Review (CRR) One-day, onsite engagement conducted on an enterprise-wide basis to give insight on areas of strength and weakness, guidance on increasing organizational cybersecurity posture, preparedness, and ongoing investment strategies. External Dependencies Management Assessment To access the activities and practices used by an organization to manage risk arising from external dependencies that constitute the information and communication technology service supply chain. Cyber Infrastructure Survey (CIS) Assesses an organizations implementation and compliance with more than 80 cybersecurity

controls. 16 16 Summary of DHS Services: Detect and Prevent Needs Detect Network Threats DHS Services Cyber Threat Hunting Summary Utilizes advanced hunting capabilities to identify adversary presence in a network that evades traditional security controls. For more information, call (888) 282-0870 Enhance

Network Protection Enhanced Cyber Services (ECS) Intrusion prevention service to augment, not replace, existing cybersecurity capabilities. Leverages sensitive and classified cyber threat indicators to block malicious traffic from entering customer networks. Service offerings, available through accredited commercial service providers, include: Domain Name Service (DNS) Sinkholing Email (SMTP) Filtering Netflow Analysis For more information, visit www.dhs.gov/enhanced-cybersecurity-ser vices 17 17 Summary of DHS Services: Information Sharing & Awareness Needs

Cyber Alerts and Advisories DHS Services National Cyber Awareness System (NCAS) Summary Timely information about security topics and threats via subscription to a mailing list. NCCIC provides current activity, alerts, bulletins, and security tips to stakeholders. For more information, visit www.us-cert/gov/ncas Collaboration Homeland Security Information Network (HSIN) The NCCIC portal provides stakeholders a

platform to securely collaborate and share cybersecurity information, threat analysis and products within trusted communities of interest. For more information, contact [email protected] Connect to HSIN at https://auth.dhs.gov/oam/hsinlogin/HSINL ogin 18 18 Summary of DHS Services: Information Sharing & Awareness, Contd Needs Exchange of Cyber Threat Indicators DHS Services Automated Indicator Sharing (AIS)

Summary Enables real-time bidirectional exchange of cyber threat indicators at machine speed, with the goal of reducing the number of cyber attacks. For more information, visit www.us-cert.gov/ais Share Indicators at www.us-cert.gov/forms/share-indicators Applying Security Expertise and Best Practices Cybersecurity Advisors (CSAs) & Protective Security Advisors (PSAs) Regionally located personnel who engage state and local governments, election crime coordinators, and vendors to offer immediate and sustained assistance, coordination, and outreach to prepare and protect from cyber and physical threats.

For more information, visit www.dhs.gov/protective-security-advisors 19 19 Summary of DHS Services: Training & Education Needs Educational Material DHS Services Stop.Think Connect. Toolkit Summary Resources and materials to help promote cybersecurity awareness. Provides a better understanding of cyber threats and empowers people to be safer and more secure online. For more information, visit www.dhs.gov/stopthinkconnect

Federal Virtual Training Environment (FedVTE) Career Development National Initiative for Cybersecurity Careers and Studies Catalog (NICCS) Online and on-demand cybersecurity training system for Federal/SLTT government personnel and veterans. Courses range from beginner to advanced levels. Training is accessible from any Internet enabled computer. For more information, visit https://fedvte.usalearning.gov Catalog of more than 3,000 cybersecurity-related courses both online and in-person from more than 125 different providers across the nation. Courses are aligned to the specialty areas of the National Cybersecurity Workforce Framework. For more information, visit www.niccs.us-cert.gov/training

20 20 Summary of DHS Services: Training & Education, Contd Needs DHS Services National Cyber Exercises and Planning Program (NCEPP) Summary Provide cyber exercise planning workshops and seminars, and conduct tabletop, full-scale and functional exercises for organizations to rehearse their response to staged incidents, allowing organizations to develop "muscle memory" and identify areas that may need to be improved in order to prepare for a real-world situation. For more information, contact [email protected]

Exercises & Planning IP Stakeholder Readiness & Exercise Program Conduct discussion- and operation-based exercises focused on enhancing critical infrastructure security and resilience. Provide resources for the critical infrastructure community to conduct independent tabletop exercises through the SectorSpecific Tabletop Exercise Program (SSTEP). For more information, contact [email protected] 21 Summary of DHS Services: Incident Response Needs Analysis of Malicious Code

DHS Services Advanced Malware Analysis Center Summary Provides 24/7 dynamic analyses of malicious code. Stakeholders submit samples via an online website and receive a technical document outlining the results of the analysis. Experts will detail recommendations for malware removal and recovery activities. This service can be performed in concert with Incident Response services, should the incident warrant the need. To submit malware for analysis, visit www.malware.us-cert.gov Mitigation and Recovery Incident Response Provides 24/7 intrusion analysis in response to a cyber incident. Dispatches skilled personnel when a cyber incident occurs to assist in identifying malicious actors,

technical analysis, containment, mitigation guidance, and post-incident recovery. Report an incident, at www.us-cert.gov/forms/report For more information, visit www.us-cert.gov 22 22 Provides cybersecurity support to SLTT governments. Furthers DHS efforts to secure cyberspace by distributing early warnings of cyber threats to SLTT governments. Shares security incident information and analysis. Runs a 24/7 watch and warning security operations center. Funded by DHS. For more information, see https://www.cisecurity.org/ms-isac. 23 23 For more information: Harvey Perriott Chief, Protective Security Region VI

[email protected] George Reeves Cyber Security Advisor [email protected]

Recently Viewed Presentations

  • Byzantine Fault Tolerance Eleanor Birrell November 23, 2010

    Byzantine Fault Tolerance Eleanor Birrell November 23, 2010

    Authenticators. MACs cannot be authenticated by a third party. Solution: create vector of MACs (called . authenticator) with one code for each node
  • Cyflwyniad PowerPoint

    Cyflwyniad PowerPoint

    Fframwaith wedi'i fapio ar draws y pynciau yn CA3. / Framework mapped across subjects at KS3. Staff wedi derbyn hyfforddiant priodol yn ôl yr angen/Staff have received relevant training. Tasgau wedi eu creu a'u gweithredu mewn rhai adrannau/Tasks created and...
  • EY Exempt Organization Tax Services Future Tax ...

    EY Exempt Organization Tax Services Future Tax ...

    Controlled foreign corporation (CFC) - a foreign corporation that has US shareholders that own - directly, indirectly or constructively on any day of the tax year of the foreign corporation - more than 50% of: The total combined voting power...
  • Study within a Trial (SWAT) to increase the

    Study within a Trial (SWAT) to increase the

    Title to go here. Body copy to go here. What is a SWAT? 'A self contained research study that has been embedded within a host trial with the aim of evaluating or exploring alternative ways of delivering or organizing a...
  • Introductory Chemistry: Concepts & Connections 4th Edition by ...

    Introductory Chemistry: Concepts & Connections 4th Edition by ...

    An example is density problems. mass volume density = Algebraic Analysis Example What is the mass of 22.5 cm3 of iron metal with a density of 7.874 g/cm3? m 22.5 cm3 7.874 g/cm3 = m = (22.5 cm3) × 7.874...
  • Joints

    Joints

    Nobody knows why joints crack. It may be from tiny air bubbles that form in the joint, or from a tight tendon and ligament snapping over a bone when moving. Cracking your joints on purpose can damage the joint surface....
  • 2019 Statewide Medical & Health Exercise (SWMHE) in Ventura ...

    2019 Statewide Medical & Health Exercise (SWMHE) in Ventura ...

    External Objectives. Immediately after shaking has subsided, players will assess safety of individuals and the integrity of the building in accordance with the site's emergency plan and submit a Situation Status Report (SitRep) to the Ventura County Health Care Coalition.
  • Recommended Du`as in Ramadan - 1

    Recommended Du`as in Ramadan - 1

    Prepared by Tablígh Sub-Committee of ISIJ of Toronto and updated by SICM (Mahfil Ali) Recommended Du'ás in Rama_án * * Prepared by Tablígh Sub-Committee of ISIJ of Toronto and updated by SICM (Mahfil Ali) Recommended Du'ás in Rama_án ... Recommended...