U.S. Department of Homeland SecurityOffice of Cybersecurity & Communications

Council of State Governments Cybersecurity Session

November 3, 2017

▪ CS&C’s Mission – ensure the security, resiliency, and reliability of the Nation’s cyber and communications infrastructure

▪ CS&C works to prevent or minimize disruptions to our critical information infrastructure in order to protect the public, the economy, government services, and the overall security of the United States.

▪ Prepare for, protect against, and respond to incidents that could degrade or overwhelm the networks, systems, and assets that make up our Nation’s information technology, cyber, and communications infrastructure

▪ Protect Federal Civilian networks (.gov, .com)

▪ Host, conduct exercises to prepare Federal, state, local, and private sectors for cyber attack

Cybersecurity & Communications (CS&C)

Stakeholder Engagement & Cyber Infrastructure

Resilience (SECIR)

▪ The SECIR division serves as the Department’s

primary coordination point for cybersecurity

stakeholder engagement and national security and

emergency preparedness communications activities.

▪ SECIR also leads a number of key cybersecurity and

communications resilience programs.

▪ Each of the divisions within CS&C rely upon SECIR

to streamline coordination and engagement with

government and industry partners, while SECIR

leverages the capabilities and subject matter experts

across CS&C to meet stakeholder needs.

National Cybersecurity & Communications

Integration Center (NCCIC)

▪ The NCCIC is a 24x7 cyber situational

awareness, incident response, and management

center that is a national nexus of cyber and

communications integration for Federal civilian

agencies, the intelligence community, law

enforcement, State and local government, and

the private sector

5UNCLASSIFIED

6UNCLASSIFIED

Office of Emergency Communications (OEC)

▪ OEC supports and promotes communications

used by emergency responders and government

officials to keep America safe, secure, and

resilient.

▪ Leads the Nation’s operable and interoperable

public safety and national security and

emergency preparedness communications

efforts

▪ Provides training, coordination, tools, and

guidance to help its federal, state, local, tribal,

territorial and industry partners develop their

emergency communications capabilities

▪ OEC’s programs and services coordinate

emergency communications planning,

preparation and evaluation, to ensure safer,

better-prepared communities nationwide.

Deloitte-NASCIO Cybersecurity Study 2016 2014

Frequency of cybersecurity discussion with executive leadership

• Monthly

• Quarterly

• Annually

45% 16% 6%

30% 18% 8%

Frequency of cybersecurity reporting to the governor

• Monthly

• Quarterly

• Annually

• Ad hoc

29% 2%

12% 39%

17% 4%

15% 40%

Frequency of cybersecurity reporting to the state legislature

• Monthly

• Quarterly

• Annually

• Ad hoc

4% 6%

29% 35%

0% 0%

28% 40%

Top 5 barriers in addressing cybersecurity challenges

• Lack of sufficient funding

• Inadequate availability of cybersecurity professionals

• Lack of documented processes

• Increasing sophistication of threats

• Lack of visibility and influence within the enterprise

80% ↑ 51% ↓ 45% ↑ 45% ↓ 33% ↓

75.5% 59.2% 32.7% 61.2% 49.0%

Top human resource factors that negatively impact CISO’s ability to develop, support and maintain cybersecurity workforce

• State’s salary rates and pay grade structure

• Lack qualified candidates due to federal agencies/private sector demand

• Workforce leaving for private sector

• Intrastate attrition for higher salary positions

• Lengthy hiring process

• Lack of defined career path and opportunities

96% 59% 47%

* * *

89.9% *

71.4% 32.7% 53.1% 67.3%

National Preparedness Report 2015 2012

• Addressing cybersecurity capability gaps perceived as entirely or mostly a state responsibility

70% 49%

• Percent of 53 states and territories surveyed by NEMA indicating need for continued Federal support to augment cybersecurity efforts

100% *

o Percent identifying financial assistance as among federal resources needed

60%

o Percent identifying training opportunities as among federal resources needed

94%

o Percent identifying technical assistance as among federal resources needed

91%

o Percent identifying support for sharing best practices between states as among federal resources needed

85%

MS-ISAC Nationwide Cyber Security Review

Top security concerns

• Lack of security program funding (State and local)

• Increasing sophistication of threats (State and local)

• Lack of documented processes (local)

• Lack of a cybersecurity strategy (local)

• Lack of available security professionals (tribal, but emerging across SLTT)

10UNCLASSIFIED