Cybersecurity Information Sharing Initiative Update
"Stay informed with the latest updates on cybersecurity information sharing in the communications sector. Working Group 5 is actively developing recommendations to enhance cybersecurity measures through collaborative efforts among industry leaders. Explore trust pools, member profiles, deliverables, and timelines for critical insights."
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.
E N D
Presentation Transcript
Working Group 5: Cybersecurity Information Sharing Status Update September 14, 2016 Christopher Boyer, Co-Chair (AT&T) Rod Rasmussen, Co-Chair (Infoblox) Brian Allen, Co-Chair (Time Warner Cable)
WG5 Description In order to improve the communication sector s ability to identify, protect, detect, respond, and recover from cyber attacks, Working Group 5 will develop recommendations to the Council to encourage sharing of cybersecurity information between companies in the communications sector. 2
WG5 Members Name Chris Boyer (Co-Chair) Rod Rasmussen (Co-Chair) Brian Allen (Co-Chair) Greg Intoccia (FCC Liaison) Vern Mosley (FCC Liaison) Martin Dolly Rosemary Leffler Trace Hollifield Kathryn Condello Paul Diamond Mary Haynes John Kelly Jorge Nieves Paul Fournier Rudy Brioche Kevin Kastor Jemin Thakkar Matt Carothers John Marinho Chris Alexander John O'Connor Alexander Gerdenitsch Jennifer Manner David Colberg Daniel Cashman Carlos Carrillo Thomas M. MacLellan Tony Cole Dave Keech Katy Ross Michael O'Reirdan Company AT&T Infoblox Charter Communications FCC FCC AT&T (ATIS) AT&T Bright House Networks CenturyLink CenturyLink Charter Comcast Cable Comcast Cable Comcast Cable Comcast Cable Consolidated Cox Communications Cox Communications CTIA DHS DHS Echostar Echostar EMC FairPoint Communications FireEye FireEye FireEye Frontier Iridium (Wiley Rein) MAAWG Name (cont.) Robert Gessner Mark Hoffer Michael Robinson Bill Mertka Larry Walke Loretta Polk Matt Tooley Dr. Donald H. Sebastian Frank Menzer Kathy Whitbeck Jesse Ward Kazu Gomi Shinichi Yokohama Michael Brown Richard Perlotto II Jason Jenkins Jeff England Allison Growney Brian Scarpelli Joe Viens Kelly Fuller Arthur Trey Jackson Cindy Carson Harold Salters Howard Brown Robert Mayer Eric Osterweil Shawn Wilson Nneka Chiazor Dorothy A. Spears-Dean Greg Lucak Company (cont.) MCTV MCTV MCTV Motorola (ATIS) NAB NCTA NCTA NJ Institute of Tech NOAA Nsight NTCA NTT America NTT America RSA Shadowserver SilverStar SilverStar Sprint TIA Charter Communicaitons WOW, Inc. T-Mobile T-Mobile T-Mobile Tulalip Data Services US Telecom Verisign Verisign Verizon VITA Windstream 3
WG5 Deliverables & Timeline Dec 2015 - Cybersecurity Information Sharing Diagram Mar 2016 - Use Cases Jun 2016 - Impediments/Barriers and Solutions to Cybersecurity Information Sharing Sep 2016 - Cybersecurity Information Sharing Trust Pools Dec 2016 - Cybersecurity Information Sharing Platforms Mar 2017 - Recommendations for Cybersecurity Information Sharing 4
WG5 Example Trust Pools Information sharing trust pools encourage and enable the sharing of cybersecurity information across the Communications sector to all stakeholders necessary to successfully execute the protect, detect, respond, and recover functions of the NIST Cybersecurity Framework. Information sharing trust pools are appropriately scoped groups based on Communications sector needs and capabilities within the cybersecurity community who may identify, assess, analyze, and/or develop recommendations and potentially take action to share information. 5
WG5 Characteristics of Trust Pools Participants define trust to include confidentiality meaning that information is shared within a specific environment or regime responsibly, without leakage or retribution, and that only appropriate/authorized people have access to the information. Participants are stakeholders with common interests/goals, capabilities and ownership (the ability and capability to initiate change affecting the group). Participants within a trust pool are credible members building on an initial informal relationship based on the common scope of interest. The trust pools have a rally point, focus area, or purpose to unite for a common mission and utilize subject matter experts to act upon the needs of the group. 6
WG5 Example Trust Pools Sector Driven Operator driven Anti-phishing Working Group (APWG) USTelecom Cybersecurity Working Group Comms Sector Coordinating Council (CSCC) CTIA Cybersecurity Working Group FIRST Forum for Incident Response Teams (FIRST) NCTA GCCs Government Coordinating Councils Messaging Anti-Abuse Working Group (M3AAWG) ISACs Information Sharing and Analysis Centers Informal Information Networks NCC National Coordinating Center/Comms-ISAC Vetted Security Communities NCI National Council of ISACs ISAOs NCFT National Cyber Forensics and Training Alliance NSIE National Security Information Exchange 7
