Public Power Cybersecurity Management Program by Branndon Kelley

public power cybersecurity public power n.w
1 / 25
Embed
Share

This program by Hometown Connections, Inc. involves assessing current cybersecurity state, mitigating issues, ongoing monitoring of threats, and comprehensive assessments. It includes vulnerability scans, policy reviews, incident response exercises, and executive presentations.

  • Cybersecurity
  • Management Program
  • Branndon Kelley
  • Vulnerability Scans
  • Incident Response
rayaanacharya
anel Follow

Uploaded on | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. Public Power Cybersecurity Public Power Cybersecurity Management Program Management Program Branndon Kelley Hometown Connections, Inc. September 2022

  2. Cybersecurity Program Cybersecurity Program Assess Assess current state (baseline) Mitigate Implementing Cybersecurity improvements and remediating issues found during assessments Monitor & Manage Ongoing monitoring of Cyber threats to infrastructure and vulnerabilities Monitor & Manage Assess Mitigate P. 2

  3. Assessment Monitor & Manage Assess Mitigate P. 3

  4. Cybersecurity Assessment Overview Cybersecurity Assessment Overview Each Assessment Includes Internal & External Vulnerability Scans Firewall Configuration Review IT Cybersecurity Policies & Procedures Review Center For Internet Security (CIS) Controls and Cybersecurity Capability Maturity Model (C2M2) Assessments Phishing Exercise Incident Response Tabletop Exercise Final Report with Findings, Recommendations, Roadmap & Budget Executive Presentation to Leadership and/or Council P. 4

  5. Cybersecurity Assessment Phases Cybersecurity Assessment Phases Phase One Kickoff & Data Collection Phase Two Remote Work Activities Phase Three Data Analysis & Final Report/Presentation P. 5

  6. Cybersecurity Assessment Report Cybersecurity Assessment Report P. 6

  7. Cybersecurity Assessment Report Cybersecurity Assessment Report P. 7

  8. Cybersecurity Assessment Value Cybersecurity Assessment Value Upon completion of the assessment, a utility will have: An understanding of the utility s cybersecurity maturity benchmarked with other public power utilities. A report on how well best practice guidelines are currently deployed within the utility s network(s) as it relates to the CIS controls and C2M2 Framework. A list of vulnerabilities and critical systems that are exposed. A better understanding of Cyber Incident response and a playbook for building / improving upon this important area. A short-term (0-9 months) and longer-term (9-18 months) roadmap for remediation priorities along with budget costs. Results from phishing/cyber awareness exercise. An understanding of the current security and recoverability processes along with recommendations for areas of improvement. A report and presentation that can be shared with leadership summarizing all the above items. P. 8

  9. Reasons why a municipality / utility would do this Reasons why a municipality / utility would do this Don t know where to start in fixing Cybersecurity. Need to know how much budget to allocate and/or in what order to address things. Challenged with getting leadership onboard to allocate budget and address issues. Need an independent expert to validate the need and approach. Been a while since last assessment by a third party. Want to get a new baseline to see how we are doing and where to go next. Want to make sure we are spending in the right areas to maximize our Cybersecurity return on investment. To support compliance efforts and certifications Examples: NIST, NERC-CIP, Public Power RP3 Certification Maintain a good credit rating (Moody's) and/or eligibility and lower premiums for Cyber Insurance P. 9

  10. Obtaining a quote Obtaining a quote Complete short data questionnaire / scoping call Sized as small / medium or large based on: # of firewalls & internet connections. # network switches and network segments. # of endpoints (computers, servers, printers). # of business applications (Billing, GIS, SCADA, OMS, WOMS). # of third party IT vendors in use. # of cybersecurity systems in place (picked from a list). # of written IT policies. Any custom application development done in house? P. 10

  11. Mitigate Monitor & Manage Assess Mitigate P. 11

  12. Mitigation Examples Mitigation Examples Helping a Michigan based municipality design and implement a more secure network architecture. Helping municipalities implement additional controls, procedures and better cybersecurity technologies. Helping with vulnerability remediation and verification. Additionally, mitigating Cyber risk also involves Cybersecurity Training P. 12

  13. Cybersecurity 101 Workshop P. 13

  14. Cybersecurity 101 Workshop Cybersecurity 101 Workshop Duration: 6 Hours Target Audience: Utility Staff, General Managers, Billing Staff, IT Morning Sessions: The Overall Threat Landscape Ransomware and Public Power Cyber Insurance Requirements Cybersecurity: Operational Technology (OT) vs Information Technology (IT) Building an Effective Cybersecurity Awareness Program P. 14

  15. Cybersecurity 101 Workshop Cybersecurity 101 Workshop Afternoon Sessions: Threat Awareness Information: What s available? What should you subscribe to? Incident Response Exercise Building and implementing an Incident Response Plan Vulnerability Management: What you should ask your IT staff Closing Session: Tying it all together / Recap P. 15

  16. Cybersecurity 101 Workshop Cybersecurity 101 Workshop - - Testimonials Testimonials The cybersecurity workshop facilitated by Hometown Connections served as a great reminder that we need to stay vigilant in the everchanging digital world. The speaker s wealth of knowledge helped our organization become aware of cyber threats and assisted us in creating a game plan so that we can remain proactive and prepared Bryan Brackemyre, Indiana Municipal Power Agency I ve been to several cybersecurity training sessions, but after Hometown Connection s cybersecurity class, everything finally clicked for me. Of all the trainings I go to, cybersecurity is my number one priority, and this workshop provided amazing information and resources for our community Shari Johnson, Town of Advance P. 16

  17. Monitor & Manage Monitor & Manage Assess Mitigate P. 17

  18. Cybersecurity Program Cybersecurity Program - - Future Future Phase I and II of program focus is on assessment and mitigation. Upcoming offering will include Mitigation and Monitoring and Cybersecurity Management Cybersecurity Monitoring Vulnerability Management P. 18

  19. Monitor & Manage Monitor & Manage Solution Components Solution Components Managed Detection and Response Provides 24 7 monitoring of municipality networks, endpoints, and cloud environments and that can help detect, respond, and recover from cyber-attacks. Vulnerability Management System A network and/or agent-based vulnerability scanning solution that has the capability to scan a municipality s network and identify all unresolved vulnerabilities. Solution should include high level reports that show vulnerabilities ranked using the Common Vulnerability Scoring System (CVSS). Consolidated Dashboard / View for HCI (Optional) In addition to each customer having their own dashboard view, a key component of this solution will be to allow HCI to be able to have a consolidated dashboard showing information for each of their utility members This would allow HCI to provide added value, assist with opening tickets, helping members with more complex security investigations and issues, hold vulnerability remediation meetings, and provide other cyber assistance services as needed. P. 19

  20. Monitor & Manage Monitor & Manage Proposed Architecture Proposed Architecture Municipality Environments Each environment would be accessible to only that municipality / utility. Each municipality / utility would only have access to their data. Central Dashboard Would display data and alerts from all utility environments in a segmented view. Aggregate rollups for displays and reporting. P. 20

  21. Request For Quote Request For Quote AMP, via Hometown Connections, issued a Request For Quote to 12 separate vendors providing services in this space. In addition to the above the Request For Quote was posted on the Hometown Connections website sent to APPA for them to post as well The Request For Quote had 22 total requirements listed. In addition to the requirements, we asked the vendor to address project management, delivery, onboarding, and ongoing support. Pricing was requested via a standardized pricing template so vendors could be compared apples to apples. P. 21

  22. Request For Quote Timeline RFQ Released Sent to 12 Vendors and posted on Hometown Connections website. Also sent to APPA for Posting. Presented to HCI Executive Management Team RFQ Submissions Due Held Demonstrations with 5 vendors. Received 7 Response 17 Sep. 4 8 Oct. 20 Oct. 1 Oct. 11 19 Oct. 22 Nov. Deadline for Questions and Clarifications Evaluated initial responses. Selected vendors to demo. Evaluation Team met to discuss results P. 22

  23. Request For Quote Request For Quote - - Respondents Respondents Sent RFQ (12) AESI (Hometown Partner) Alertlogic Arctic Wolf Arista Brain Trace Crowdstrike IPKeys Qualys Rapid 7 Red Canary SecureWorks Sophos AESI (Hometown Partner) Alertlogic Honeywell IPKeys Novacoast Rapid 7 Sophos RESPONDED (7) P. 23

  24. Request For Quote Request For Quote Finalist Recommendations Finalist Recommendations Two finalists identified Met the base requirements in RFQ Both are focused on providing services to municipalities. Best overall pricing of solutions evaluated. Doing one pilot with each finalist. Both pilots in progress now with two municipalities... Delaware Municipality Michigan Municipality P. 24

  25. Thank You Thank You

Related


Industrial Cybersecurity Market Worth $49.53 Billion by 2030

Industrial Cybersecurity Market Worth $49.53 Billion by 2030

RAJUL
Cybersecurity Career Path Overview

Cybersecurity Career Path Overview

rusty
Comprehensive Airport Cybersecurity Quick Guide and Assessment Tool

Comprehensive Airport Cybersecurity Quick Guide and Assessment Tool

emmitt
Ensuring Business Security: Cybersecurity Webinar Insights

Ensuring Business Security: Cybersecurity Webinar Insights

amelia
Workshop on Cybersecurity Professionalism & Ethics

Workshop on Cybersecurity Professionalism & Ethics

acke_ddy
Cybersecurity Workforce Management: Engage, Empower, Elevate

Cybersecurity Workforce Management: Engage, Empower, Elevate

dena835
Cybersecurity and Computer Science Education Projects at UH Maui College

Cybersecurity and Computer Science Education Projects at UH Maui College

karm_14
Shovel-Ready Projects Initiative for Cybersecurity Innovation in Canada

Shovel-Ready Projects Initiative for Cybersecurity Innovation in Canada

aberm
Enhancing Cybersecurity Education in the Nuclear Sector: Insights and Recommendations

Enhancing Cybersecurity Education in the Nuclear Sector: Insights and Recommendations

kmarr
Enhancing Cybersecurity for Improved Insurability and Risk Management

Enhancing Cybersecurity for Improved Insurability and Risk Management

trac_745
Financial Management and Cybersecurity: Essential Tips for Treasurers

Financial Management and Cybersecurity: Essential Tips for Treasurers

mariama
Leadership and Power Dynamics

Leadership and Power Dynamics

lupi_99
Ethics in Cybersecurity: Evolution, Challenges, and Solutions

Ethics in Cybersecurity: Evolution, Challenges, and Solutions

kdett
IRIS H2020 Project - Enhancing Cybersecurity for SMART CITIES

IRIS H2020 Project - Enhancing Cybersecurity for SMART CITIES

airt550
Defense Industrial Base (DIB) Cybersecurity Training Overview

Defense Industrial Base (DIB) Cybersecurity Training Overview

xayl_3
Cybersecurity Strategy in Japan - Roles of NISC and Basic Act Overview

Cybersecurity Strategy in Japan - Roles of NISC and Basic Act Overview

athie
CYBEX - Cybersecurity Information Exchange Techniques

CYBEX - Cybersecurity Information Exchange Techniques

mkas
Shadow: Scalable and Deterministic Network Experimentation in Cybersecurity

Shadow: Scalable and Deterministic Network Experimentation in Cybersecurity

haer447
Framework Roadmap Overview - July 2018

Framework Roadmap Overview - July 2018

inia775
Cybersecurity Resources for Public Utility Commissions

Cybersecurity Resources for Public Utility Commissions

veral
The National Initiative for Cybersecurity Education (NICE)

The National Initiative for Cybersecurity Education (NICE)

kbatm
Importance of Cybersecurity Information Sharing for Better Defense

Importance of Cybersecurity Information Sharing for Better Defense

daet519

More Related Content