STATE OF WISCONSIN Cybersecurity Strategy Strategy 2017.pdf · The Cyber Incident Response Annex is an element of the Wisconsin Emergency Response Plan (WERP) that provides a scalable,

STATE OF WISCONSINCybersecurity Strategy

State of WisconsinDepartment of AdministrationDivision of Enterprise Technology

2 State of Wisconsin - Cybersecurity Strategy

What’s InsideExecutive Summary ....................................................................................................3

Introduction .................................................................................................................4

Strategic Priorities .......................................................................................................5

Priority 1 - Utilize Enterprise Collaboration to Optimize Security Capabilities .....6

Priority 2 - Protect the State of Wisconsin from Cyber Incidents .............................9

Priority 3 - Improve the Awareness of Cyber Risks Statewide ................................11

Priority 4 - Protect Critical Infrastructure Across the State ........................................13

Priority 5 - Improve the Resiliency of our Workforce and Citizens .........................15

Future Initiatives ...........................................................................................................17

Appendix .....................................................................................................................20

Version 4; July 26, 2017

3State of Wisconsin - Cybersecurity Strategy

Executive Summary

The State of Wisconsin faces ongoing cyber risks. Malicious software, phishing attempts, and criminal activity can be launched from any location. The state’s infrastructure must be protected from these threats. Wisconsin must prioritize the infrastructure and data that we protect, assess risks and hazards, and make prudent investments in cybersecurity and cyber-defense capabilities to achieve our security goals and objectives. To mitigate risks in cyberspace requires a comprehensive strategy to counter and, if necessary, withstand disruptive and destructive attacks.

Challenges in maintaining cybersecurity are numerous. Hostile activities of hacktivists and criminals attempt to bring their malicious intent to the very systems Wisconsin relies upon. To put this into perspective, the worldwide costs of cyber-crime damage are estimated to hit $6 trillion annually by 2021. As a state, we must defend against such potential losses to protect our economic, professional, and personal livelihoods.

The federal, state, and local governments each play a role in setting clear and transparent guidelines and strategies for securing the state from cyber attacks and disruptions. This strategy document provides a high-level overview of all the major cybersecurity-related efforts being undertaken in the State of Wisconsin through robust security and continuity programs. Ensuring the State of Wisconsin is secure and resilient online is an essential component of building a more competitive and productive economy.

The state developed its cybersecurity strategy through five essential priorities to protect Wisconsin residents:

Priority 1: Utilize Enterprise Collaboration to Optimize Security CapabilitiesPriority 2: Protect the State of Wisconsin from Cyber Incidents Priority 3: Improve the Awareness of Cyber Risks StatewidePriority 4: Protect Critical Infrastructure Across the StatePriority 5: Improve the Resiliency of our Workforce and Citizens


Cyber incidents show no sign of abating. The more pervasive IT becomes in our daily lives, the more risk it entails. Developments such as the Internet of Things, estimated to grow to over 23 million devices by 2019, will only further embed the internet into our environment and increase the potential for malicious action. The list of victims is long. Major retailers, governments, universities, militaries: no one has been untouched by malicious cyber incidents. The scale and speed of cyber incidents continue to grow.

Since 2009, there has been an increase in cyber incidents directed at power generation and oil companies. These attacks have used a variety of techniques such as spear phishing, social engineering, and Windows operating system vulnerabilities. None of these approaches is very advanced or hard to develop and manage. Although evidence suggests the growing trend in these attacks appears to target individual entities, instead of primary infrastructure, a mass coordinated attack cannot be discounted.

In order to meet this growing threat, the state will continue its commitment to developing state cyber- response capabilities in coordination with local and federal partners, sharing information during an incident, raising awareness of cybersecurity, and developing public/private partnerships to better protect critical infrastructure from cyber threats. The state will also establish and improve processes to prepare for and respond to cyber events. A centerpiece of Wisconsin’s strategy is the National Institute of Standards and Technology (NIST) Framework. The NIST Framework presents a common structure of procedures and practices in a manner that allows for communication of cybersecurity activities and outcomes across the enterprise. The NIST Framework consists of five concurrent and continuous functions — Identify, Protect, Detect, Respond, Recover. When considered together, these functions provide a high-level, life-cycle view of an enterprise’s management of cybersecurity. It provides a common, accessible set of reference points for everyone to plan, build and strengthen their cybersecurity capabilities — not just individually, but also collectively. Collectively is how Wisconsin will protect its citizens and data.

Introduction

NIST Framework

Identify Protect Detect Respond Recover•Asset Management•Business Environment•Governance•Risk Assessment•Risk Management strategy

•Access Control•Awareness and training•Data security•Information protection processes and procedures•Maintenance•Protective technology

•Anomalies and events•Security continuous monitoring•Detection processes

•Response planning•Communications•Analysis•Mitigation•Improvements

•Recover planning•Improvements•Communications


Strategic Priorities

The State of Wisconsin continues to focus on maintaining a secure technology environment. We shape, design, evaluate, and drive opportunities related to enhancing IT security by raising the awareness of security threats and vulnerabilities.

Priority 1: Utilize Enterprise Collaboration to Optimize Security Capabilities

Priority 3: Improve the Awareness of Cyber Risks Statewide

Priority 4: Protect Critical Infrastructure Across the State

Priority 5: Improve the Resiliency of our Workforce and Citizens

Priority 2: Protect the State of Wisconsin from Cyber Incidents

The state developed the Cybersecurity Strategy to address five priorities to protect the citizens of Wisconsin:


Priority 1 - Utilize Enterprise Collaboration to Optimize Security Capabilities

Wisconsin faces an evolving and expanding array of cyber threats. Unintentional threats can be caused by routine software upgrades or defective equipment that inadvertently disrupt systems. Intentional threats can be both targeted and untargeted attacks by criminal groups, hackers, terrorists, organization insiders, and foreign nations engaged in crime, political activism, or espionage and information warfare. Protecting against cyber attacks is complicated by the fact that attackers, cloaked by anonymity and ambiguity, can attempt to reach critical State of Wisconsin systems from anywhere. The magnitude of the threat is compounded by the ever-increasing sophistication of cyber-incident techniques, such as incidents that combine multiple techniques. Given the interconnected nature of computer networks, responding to cyber threats is a shared responsibility by the whole community. Collaboration, communication, and engagement between the public and private sectors and across state, local, and tribal jurisdictions is essential to detect and identify, protect against, respond to, and recover from cyber incidents.

Wisconsin has taken a comprehensive, enterprise approach though which the state will defend against and respond to cyber disruptions and attacks. The state has framed this approach in its Cyber Disruption Response Strategy, a companion document to this strategy. Wisconsin has operationalized this framework in the Cyber Incident Response Annex. Both documents reflect a statewide, enterprise approach to cybersecurity. These documents support future development, plans, and rehearsals. These plans reflect descriptive roles and responsibilities, tasks, integration, and actions required to protect the state’s cyber infrastructure in a unified manner across all areas of the NIST Framework.

The state has established best practices in cybersecurity with a framework to ensure that the state can effectively protect against, prepare for, and recover from cyber threats that affect the State of Wisconsin. Our Cyber Security Strategy fully recognizes the critical need to work collectively across the state to help protect the citizens of Wisconsin against cyber threats. The state shares cyber information before a cyber incident and raises awareness of cybersecurity issues during an incident, ensuring swift and effective response action.


Priority 1 - continued

Cyber Disruption Response Strategy To help frame the approach to cybersecurity, the state created a guide to help critical infrastructure owners and operators function in collaborative, public/private partnerships, specifically in Critical Infrastructure/Key Resources (CIKR), in response to a cyber disruption event. CIKR is organized into 16 sectors whose assets, systems, and networks, whether physical or virtual, are considered so vital to the State of Wisconsin that their incapacitation or disruption would have a debilitating effect on economic security, public health, and safety. The strategy helps logically organize state assets into a cohesive and comprehensive response capability to protect the systems, networks and data Wisconsin relies upon.

Cyber Incident Response Annex The state’s essential and emergency services, as well as its critical infrastructure, rely on the uninterrupted use of the internet and communications systems, including data, monitoring, and control systems. Many elements of cyber-incident response are analogous to other types of natural or technological emergencies. Wisconsin’s approach to cyber-incident response is consistent with an all-hazards approach by integrating and building upon the all-hazards response capabilities already in place.

The Cyber Incident Response Annex is an element of the Wisconsin Emergency Response Plan (WERP) that provides a scalable, flexible framework for preparing for, responding to, and recovering from a significant cyber incident by:

• Identifying roles, responsibilities, and actions required to respond to a significant cyber event, both public and private.

• Organizing cybersecurity efforts across public and CIKR sectors.

• Describing the coordination structure that integrates the various cybersecurity governance teams (Senior Policy Advisors Group, Cybersecurity Management Team, and the Wisconsin Cyber Disruption Response Advisory Group).

• Establishing a framework for information sharing as well as effective and resilient communications systems and protocols to ensure continuity of communications during and after cybersecurity events.

• Providing guidance to counties, tribes, and local units of government regarding available state assets and resources.

Cyber Disruption Response Operational PlansIn support of the strategy and annex, the Division of Enterprise Technology (DET) Cyber Response Teams, Wisconsin Emergency Management, the Wisconsin Statewide Information Center and the Wisconsin National Guard are developing Cyber Disruption Response Operational Plans. The operational plans outline the activities that, in the case of a cyber disruption, help to organize cybersecurity efforts among CIKR; coordinate responses; and establish specific procedures for information sharing and continuity of communications during and after cybersecurity events. The operational plans also include training plans and guidelines for full-scale, inter-team, cyber-response exercises.

Key Organizations Supporting the StrategyThe five organizations listed below provide the critical processes, personnel and technology for executing the strategies and plans described above. Each brings a particular capability to cyber-incident response and shares information in a one-to-many fashion, supporting a swift response.



Division of Enterprise Technology. The DET Enterprise Service Desk (ESD) monitors the state cyber domain on a 24-hour basis for threats or disruptions using a variety of automated systems. DET ESD notifies its three partner organizations of any detected or suspected threat or attack against state information technology assets. If required, DET ESD mobilizes the needed assets to respond to an incident.

Wisconsin Statewide Information Center. The Wisconsin Department of Justice (DOJ)/Wisconsin Statewide Information Center (WSIC) serves as the state’s primary information sharing center . The WSIC gathers and analyzes information from numerous sources and produces intelligence products for federal, state, and local government agencies, the private sector, and the public. The information it provides directly supports precise and appropriate cyber preparedness and incident response.

Wisconsin Emergency Management. Wisconsin Emergency Management (WEM) coordinates effective disaster response and recovery efforts in support of local governments. Through planning, training and exercising, WEM enhances the state’s ability to prepare for, mitigate, respond to, and recover from both natural and technological emergencies. WEM’s capabilities are critical in the event a cyber incident manifests itself in widespread and lasting physical effects.

Wisconsin National Guard/Joint Operations Center. The Wisconsin National Guard (WI NG) plays a key role in the state’s overall cyber strategy. The Joint Operations Center (JOC) is another 24x7 operation with links to key Department of Defense information systems that support cyber-incident response.

The University of Wisconsin-Madison’s Security Operations Center. The UW-Madison has established and is furthering the development of a Security Operations Center (SOC). The SOC utilizes a professional management staff to run and administer the center, but uses student interns for watch officer and analyst needs. By employing students, the SOC has the added benefit of producing professionally trained and experienced cybersecurity personnel that will be prepared for the workforce to address the cybersecurity labor deficit. This provides benefit to the university and its tens of thousands of users and vast, diverse networks. However, in keeping with the enterprise focus on cybersecurity and to work collectively, the UW SOC is postured to reinforce and complement state cybersecurity operations as it grows in capability. The SOC is a critical asset for the UW and will be a key strength for the state going forward.

Wisconsin’s approach to cyber-incident response is consistent with an all-hazards approach by integrating and building upon the all-hazards response capabilities already in place.


Priority 2 - Protect the State of Wisconsin from Cyber Incidents

The question of what to defend is extraordinarily difficult, but difficult does not mean impossible. Efforts to determine probability and impact for hazards are limited by inadequate historical precedence, an evolving variety of attack mediums, and an increasingly large number of potential targets. In addition, the pervasive presence of information technology likely assures a high probability of occurrence. The hazard impact will vary greatly depending on the intended purpose of the attack, type of attack, and targets of attack. The state has undertaken a number of efforts to prevent and mitigate the potential impacts of future attacks. The first step is to defend and protect its systems and data from the edge of the network to its core with adaptable and agile technology.

Protecting the Network. The state’s Division of Enterprise Technology (DET) recently implemented an advanced firewall platform and a Network Access Control (NAC) solution at the state data center. Depending on the security profile of a user’s device, NAC can restrict the data and systems available to the user, as well as employ anti-threat applications such as firewalls, anti-virus software and spyware detection programs. DET’s NAC implementation greatly increases network protection through identifying and controlling who and what connects to state networks, ensuring only authorized devices do so.

Staying Ahead of Threats. DET is implementing a Vulnerability Management Program that utilizes consistent assessment and reporting tools for the enterprise. This effort involves using the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities, especially in software and firmware, to diminish the risk of compromise associated with known vulnerabilities. The program includes deploying specifically designed software tools that collect system configuration data and assess the information collected to identify and remediate vulnerabilities. The program promotes an evolutionary change in the defense of the network to mitigate risks and to ensure State of Wisconsin IT systems are configured appropriately and securely.

Wisconsin’s state government has a clear responsibility to protect the state network and its data and respond to cyber incidents. To support this priority, the state has deployed technology to protect its hardware and data from the edge of the network, throughout all of its supporting network and systems, and to its most valuable asset, citizen data.


Secure Access. DET is deploying a multifactor authentication strategy that combines two or more credentials to ensure authorized access to systems, applications, and data. Two-factor authentication, much stronger than password alone, helps prevent unauthorized persons from accessing physical locations, computing devices, networks, and databases.

Today’s technology is incredibly powerful and capable, but a plan solely based on it would be incomplete. Accordingly, Wisconsin has built three Cyber Responses Teams (CRTs) of expert personnel to respond to incidents. Team members are made up of cybersecurity professionals from DET, other state agencies, and local and county government. The Wisconsin Army National Guard (WI NG) and the private sector provide two additional teams. The Cyber Response Teams use a whole community approach to provide training, experience and mutual aid to Wisconsin’s governmental organizations in a cyber incident.

• Each CRT consists of a minimum of 10 volunteer cybersecurity personnel trained on Certified Incident Handling Engineer courses, in accordance with NIST SP 800-61, Revision 2, “Computer Security Incident Handling Guide.” Grant funding from the U.S. Department of Homeland Security provides the resources to initially stand up three teams. The future goal is the formation of one team to be located in each of WEM’s six regions. All teams specifically support local units of government in Wisconsin in mitigating, responding to, and recovering from a significant cyber incident.

• The WI NG maintains a Defensive Cyberspace Operations-Element Team (DCO E-Team) of 10 personnel that include the same capabilities as the state CRTs. The National Guard also develops comprehensive training plans that establish team training standards and include completion of individual and team training courses in section exercises and team-based training drills.

Wisconsin will provide support to local, tribal, and private agencies similar to what occurs during physical emergencies. State support will take the form of deploying cyber capabilities in coordination with federal and regional partners. Until that support is needed, the state CRTs and DCO-E Team jointly conduct an annual, full-scale, inter-team, cyber response exercise that includes public and private participation and tests a disruption of one of Wisconsin’s CIKR sectors. The exercise validates published procedures for the deployment of National Guard and State of Wisconsin assets in response to a cyber incident.

Combining adaptable technology with expert cyber personnel, provides the capabilities to protect essential state assets and operational resilience in the event of a cyber disruption.



Priority 3 - Improve the Awareness of Cyber Risks Statewide

With the continually changing face of cyber threats, the State of Wisconsin requires a proactive approach to risk identification and prioritization. An enterprise security strategy, with policies and procedures, will form a consistent, effective, and protective technological process to create awareness of statewide cyber risks. Key in this priority is the need to work collaboratively between public and private entities as cyber knows no boundaries. The state continuously works to develop public/private partnerships to better protect critical infrastructure from cyber threats.

As information technology expands and becomes more pervasive in our work and personal lives, so does cyber risk. The convenience of affordable and high-powered processing, ubiquitous internet access, and plentiful storage is matched with a dependence and a demand for this technology. Implementing new systems, services and applications, however, must be analyzed for risks. Some of these technologies, combined in new and useful ways, also potentially create new avenues for threats. To improve awareness of these risks, Wisconsin utilizes a number of formal processes and work groups to analyze and assess risk as well as pre-arranged communication protocols to ensure risk information is communicated.

Threat and Hazard Identification and Risk Assessment. DET’s approach to risk assessment is to work with Wisconsin Emergency Management (WEM) annually to update the cyber-incident portion of the Threat and Hazard Identification and Risk Assessment (THIRA). DET conducts risk assessments with other agencies and cooperating Critical Infrastructure and Key Resource (CIKR) partners to identify the vulnerabilities to cyber attack. The enterprise risk assessment processes compose the core of the information security framework. These are the processes that establish the rules and guidelines of the security policy while transforming the objectives of an information security framework into specific plans for the implementation of key controls that minimize threats and vulnerabilities.

Each part of the infrastructure should be assessed for its risk profile. From the assessment, decisions can be made to effectively and efficiently allocate the enterprise’s resources toward achieving the most appropriate security policies. The process of performing such a risk assessment can be complex, and accounts for secondary and other influences of when to decide on how to address security for the various IT resources. The THIRA is a key element in the process to reduce risk.



Wisconsin Cyber Strategic and Planning Working Group. The Wisconsin Cyber Strategic and Planning Working Group (WCSPWG) was formed to provide strategic and planning direction for cyber resources pertaining to cybersecurity for CIKR sectors as defined by the Department of Homeland Security. The group consists of representatives from all state agencies, the Wisconsin National Guard, many CIKR cybersecurity leaders, and numerous private companies, including technology companies. The Working Group, which meets monthly, advises and aligns resources with the Wisconsin Homeland Security Council’s responsibilities through public/private partnerships. It also provides governance authority for cyber attacks against CIKR sectors concerning risk assessments, communications, responses and training exercises. Further, the WCSPWG promotes situational awareness for Wisconsin’s citizens, business units and government units against data breaches.

WCSPWG established a governance structure to improve situational awareness and cyber response among cooperating critical infrastructure owners and operators through enhanced communications and collaboration regarding cyber threats. The State of Wisconsin improves the quality and timeliness of information sharing related to cyber incidents and response by the following:

• Speed the notification process by disconnecting analysis from notification, and establish a time frame for mandatory exception reporting that uses specific formats for incident notification and law enforcement activities.

• Establish protocols to encourage information sharing among private-sector partners and assure that information is protected.

• Create and maintain a Cyber Liaison Officer (CLO) program, similar to the Threat Liaison Officer (TLO) and Fusion Liaison Officer (FLO) programs. This program, once functional, will greatly expand cyber information-sharing capabilities and increase situational awareness.

Governor’s Cybersecurity Summit. For an annual touchstone for cybersecurity efforts and to provide high-level cybersecurity knowledge and experience exchange, cybersecurity leaders and experts from throughout Wisconsin meet annually for the Governor’s Cybersecurity Summit. In this capstone event, participants and presenters share insights on protecting critical infrastructure and systems and acquire additional perspectives on cyber disruption response planning. A new emphasis for the summit is understanding the impact of global interconnectivity on security. This valuable event grows in attendance and depth of topics each year, providing a professionally rewarding experience for all.

“We need to join forces to fight cyber threats and attacks. The summit is an excellent opportunity to bring businesses and government leaders together to discuss cybersecurity issues and learn about the latest cyber threats.” - Governor Scott Walker


Priority 4 - Protect Critical Infrastructure Across the State

To protect our critical infrastructure across the state, Wisconsin focuses on the premise that when an attack happens we are prepared to maintain cyber resiliency, which is the ability to anticipate, withstand, recover, and evolve from a cyber attack. We have an executable recovery plan that minimizes impact to state operations should a state system failure occur.

Security is about preparedness and planning for contingencies, and Wisconsin has an executable recovery plan that minimizes impact to state operations should a system failure or major disruption occur. Continuity of Operations and Continuity of Government (COOP/COG) exercises are reported by each agency to the Department of Administration (DOA) on an annual basis. This program is formalized in DOA’s Information Technology Disaster Recovery (ITDR) process.

The Wisconsin ITDR program. The Wisconsin ITDR program, integrated across the statewide IT community, defines the development and implementation of an effective, efficient, and sustainable IT resilience and recovery plan to prepare for, protect against, and respond to emergency situations. A critical element of the ITDR is a comprehensive analysis of state business plans and processes. This provides ITDR planners an understanding of customer needs and how to recover systems in a prioritized manner following an event. The ITDR program’s goals include minimizing disruption to business operations through Recovery Time Objective (RTO) prioritization; safeguarding vital records; preserving availability of essential IT services; providing rapid restoration of critical systems; and assuring compliance to regulations.



COOP/COG. These plans serve to protect critical infrastructure by working with key partners across government to enhance business continuity and implement ITDR plans.

• State agency continuity plans are managed in a shared software application to deconflict resource allocation and manage annual updates, training and exercising of the plans. The state will explore the feasibility of sharing the software application with local units of government.

• Each state agency conducts annual COOP/COG exercises and reports compliance to DOA, which has state lead for COOP/COG assurance.

• Implementation of the Sustainable Planner and ITDR Planning System across more than 50 Wisconsin state agencies, the Legislature and Governor/Lt. Governor offices helps to ensure greater resiliency for state government and its ability to serve Wisconsin citizens and businesses despite natural or man-made disruptions. COOP/COG planning is laborious and complex as employee contact information, building addresses and locations, external partners and vendors, as well as IT applications, must be accommodated in these plans. The state’s reduced data entry and selectable, standardized data elements in the planner make it easier for employees to do a Business Impact Analysis (BIA) and keep current plans up to date, greatly improving accuracy and consistency of planning information.

• To complement COOP/COG plans, the State of Wisconsin also implemented an Emergency Alert Messaging System that allows state employees across the entire enterprise to receive emergency notifications on telephones, email and mobile devices (both government and personal). The emergency notifications can be sent 24/7. This system speeds recovery actions should they ever be necessary.


Priority 5 - Improve the Resiliency of our Workforce and Citizens

Government employees and private citizens are the last layer of security between a threat and a potential vulnerability. The state has created a culture of cybersecurity awareness throughout state agencies and promotes vigilance against the array of old, new, and emerging threats.

Reminding all our users of the importance of cybersecurity is critical and cannot be overemphasized. To this end, DET is coordinating cybersecurity awareness training for state employees throughout the enterprise. Wisconsin endeavors to make information about cybersecurity for the user available and easy to understand. A special emphasis must be on our young potential talent pool. Demands for cybersecurity knowledge and skills will continue to grow. To satisfy this demand, our state educational institutions are modifying and updating their programs to accommodate the need and prepare for the future.

In Government. Wisconsin has worked to create and champion a culture of cybersecurity awareness for our state workforce. Throughout state agencies, the Enterprise IT Security Awareness training is a 24/7 online program providing an interactive learning experience for cybersecurity. The topics include information protection, phishing, security when dealing with the internet, email, and mobile devices. This delivery format is designed to meet two main goals. The first is to provide regular IT security training to ensure we are proactively safeguarding state data and assets. The second is to promote a culture of IT security awareness that will reduce cybersecurity risk. This training helps state employees to understand the threats and take the right steps toward protecting our systems and data.

To achieve security within our infrastructure, we need to adapt a solid cyber hygiene strategy, that is, making sure we are protecting and maintaining systems and devices appropriately and using cybersecurity’s best practices for anything and everything that connects to the web. This includes organizing security in hardware, software and IT infrastructure, continuous network monitoring, and employee awareness and training. The state’s Cyber Hygiene Campaign consists of:

• Count: Know what’s connected to and running on your network.

• Configure: Implement key security settings to help protect your system.

• Control: Limit and manage those who have admin privileges to change, bypass or override security settings.

• Patch: Regularly update all applications, software and operating systems.

• Repeat: Regularize the top priorities to form a solid foundation of cybersecurity for your organization.



Our citizens. Wisconsin is improving awareness of cyber threats and response issues statewide through a communication program that leverages information sources from all levels of government and the private sector to provide timely, accurate information to the public. This will go beyond the activities we have done for Cybersecurity Awareness Month in October and the cyber content that is available for citizens on the ReadyWisconsin and DOA websites. Some key cyber resources for the public include the DOA Cybersecurity Customer Page, Ready Wisconsin/Cyber Crime, and the Department of Agriculture, Trade and Consumer Protection’s Identity Theft Protection page. (These links can also be found in the Appendix, page 20.)

Our students. As cybersecurity concerns rise nationally, universities in Wisconsin have begun to establish centers that focus on cybersecurity education and community involvement. They also focus on technical and industry-focused research to understand best cybersecurity practices. Universities recognize that security and privacy are important and it’s not just about receiving a technical education – Wisconsin residents need to understand and share knowledge just like the cyber criminals are sharing. These centers will help prepare students for cybersecurity professions and provide education and events on cybersecurity topics. Meanwhile, a progressive program of cyber training is available to emergency responders that integrates federal and state-sponsored cyber training into the WEM training portal.

The state is establishing an education curriculum for cyber professionals from K-12 to graduate-level courses and degrees in collaboration with the UW System, technical colleges, and private universities. This will develop a pathway for students to begin their career in cybersecurity. The State of Wisconsin also has an internship program that focuses on maintaining a first-class, innovative workforce. Our “Grow Our Own” strategy, which includes the ongoing and comprehensive internship program, produces results, and leads to full-time hires after graduation.


Future Initiatives

Educate and maintain a specialized workforce as a fundamental component of cybersecurity to ensure the State of Wisconsin’s future success. It will provide the state with a diverse cyber-training program to the private and public workforce for career growth opportunities. This program will focus on adopting content for the vital protection of the state’s infrastructure and data security.

The State of Wisconsin is pursuing multiple options to create opportunities in this ever-growing career path. Public and private industries need to work together to develop world-class skilled and certified cybersecurity professionals within the state, and keep them here.


Cybersecurity Workforce Development - Cyber Education K-12 and beyond – The state will establish an education curriculum for cyber professional from K-12 to graduate-level courses and degrees across Wisconsin in collaboration with the UW System, Technical Colleges and Marquette University. This will develop a pathway for students to begin their career in cybersecurity.

Women in cybersecurity - The National Center for Women

and Information Technology (NCWIT) Award for Aspirations in Computing honors young

women active and interested in computing and encourages them to pursue their passion for technology. NCWIT and its Wisconsin affiliate seek high school-level young women to apply for the NCWIT Award for Aspirations in Computing.

Future Initiatives - continued

APPROXIMATELY10%

of the current cybersecurity workforce is composed of women.

Source: nist.gov/nice(ISC)2 2015 Women In Security: Wisely Positioned for the Future in InfoSec


Future Initiatives - continued

Through competition at Regional Leadership Conferences, the State Leadership Conference, and the National Leadership Conference, students have the opportunity to compete in events to test their business knowledge and skills. Many of these competitions require considerable research and practice; others are staged at the conferences.

The biggest skill gaps of today’s cybersecurity professionals

72% Ability to Understand the Business

46%

42%

Technical Skills

Communication Skills

Source: nist.gov/niceState of Cybersecurity: Implications for 2015 An ISACA and RSA Conference Survey

The Wisconsin Future Business Awards Program recognizes and rewards excellence in a broad range of business and career-related areas. It prepares students for successful careers in business through support for curriculum development and innovative assessment tools.

Veterans entering the workforcein 2015-2019 is estimated to be around 230,000-245,000 per year. The Department of Homeland Security offers free cybersecurity training to any veterans who are interested in pursuing a career in the cybersecurity field. Wisconsin also offers a special veterans-only job site to aid in their job search.

(Veteran job aid links can be found in the appendix on page 21)

Source: dpi.wi.gov/sites/default/files/imce/cte/pdf/BIT_Section_II.pdf

Integrating Career and Technical Education into Wisconsin schools

Elementary schools integrate concepts through their curriculum

Middle school and high school students have access to CTE courses that build interest for college

More students are exceptionally prepared for these particular fields of study once they graduate high school

Veterans Leaving the Military2015-2019 Estimates

Source: Costs of War “US Military Veterans’ Difficult Transitions Back toCivilian Life and the VA’s Response” by Anna Zogas, University of Washington

230,000 - 245,000per year


Appendix

Key public cybersecurity resources:

• DOA DET Cybersecurity Customer Page -

› https://det.wi.gov/security/Pages/default.aspx

• Ready Wisconsin/Cyber Crime -

› http://readywisconsin.wi.gov/Informed/Informed.asp?maintab=4

› http://readywisconsin.wi.gov/cyber/default.asp

• Department of Agriculture, Trade and Consumer Protection’s Identity Theft Protection page -

› https://datcp.wi.gov/Pages/Programs_Services/IdentityTheft.aspx

• State of Wisconsin’s Job Board for Veterans -

› http://wiscjobsforvets.wi.gov/public/index.asp

• Free Cybersecurity Training for Veterans -

› https://niccs.us-cert.gov/training/fedvte

• Cyber-related Degree Programs and Scholarships for Veterans -

› https://niccs.us-cert.gov/education/national-centers-academic-excellence-cae


This page has been intentionally left blank.

Documents

STATE OF WISCONSIN Cybersecurity Strategy Strategy 2017.pdf · The Cyber Incident Response Annex is an element of the Wisconsin Emergency Response Plan (WERP) that provides a scalable,