Upload
marcia-gadbois
View
249
Download
2
Tags:
Embed Size (px)
Citation preview
Topics Covered
• E-Book Purpose
• Key Objectives
• Outline Of Content
• Training Plans
– Cybersecurity Programs
– Boot Camp
• About ENMU-Ruidoso
• Q & A?
2
CAE-2Y Accredited
Purpose
• Provide a quick reference guide to the framework
• Promote awareness of
– Cybersecurity Critical Infrastructure Framework
– SCADA Cybersecurity threats and vulnerabilities
– The importance of risk assessments
– How to use the framework
– Look into applying security to Indusoft Web Studio
3
CAE-2Y Accredited
Key Objectives
• Knowledge of SCADA and cybersecurity environment
– Types of SCADA systems
– Threats and risks
• Understanding of framework
• Knowledge of tools and processes for risk analysis
• Ability to apply risk management processes to obtain the right framework tier for an organization. 4
CAE-2Y Accredited
Outline Of Content
• Chapter 1 - SCADA Cybersecurity Introduction and Review– What is SCADA
– Overview of Cybersecurity Vulnerabilities
– Understanding Control System Cyber Vulnerabilities
• Chapter 2 – Cybersecurity Framework Introduction– Framework Introduction
– Risk Management and
– the Cybersecurity Framework
5
CAE-2Y Accredited
Outline Of Content
• Chapter 3 – Cybersecurity Framework Basics
– Basic framework overview
– Framework core
• Chapter 4 – How to Use the Framework
– Basic Review of Cybersecurity Practices
– Establishing or Improving a Cybersecurity Program
– Communicating Cybersecurity Requirements with Stakeholders
• Chapter 5 – Indusoft Security Guide
– Embedded in this chapter.6
CAE-2Y Accredited
Outline Of Content
• Appendix (Framework Core, CSET Tool, References, and Glossary)
7
CAE-2Y Accredited
CSET 6.1 Tool
8
https://ics-cert.us-cert.gov/Assessments
CAE-2Y Accredited
Training Plans: Cybersecurity Programs
• Computer and Network Security Certification Program (Online) Credited or Self-paced
• This program is specifically designed to prepare students as Information Systems Security (INFOSEC) Professionals, NSTISSI No. 4011and CNSSI No. 4016 Entry Level Risk Analysts and is CAE-2Y Accredited. – IS 131: Network Security Fundamentals-3
– IS 136: Guide to Disaster Recovery- 3
– IS 153/L: Introduction to Information System- 4
– IS 253: Firewalls and How They Work- 3
– IS 257: Network Defense and Counter Measures- 3
– IS 258: Cyber Ethics, Professionalism, and Career Development- 3
9
CAE-2Y Accredited
Training Plans: Cybersecurity Programs
• Associates of Applied Science Degree - Information Systems Cybersecurity (Online) Credited (CAE-2Y,4011 & 4016-E, DOD 8570) Career pathway to 4-yr degrees
• The focus of this program will be on the key components of
information systems assurance and cybersecurity:
– People
– Software
– Hardware
– Data
– Security
– Communication technologies
– How these components can be integrated and managed to create
competitive advantage. 10
CAE-2Y Accredited
Training Plans: Boot Camp
• 4 day Boot Camp covering:– Course Orientation and Introduction to Cybersecurity and SCADA
• CompTIA-Security+ Key Topics
• SCADA Cybersecurity Recommended Practice/ Infrastructure
Guiding Principles/National Infrastructure Protection Plan– IS-821 Critical Infrastructure and Key Resources Support Annex
– IS-860.a National Infrastructure Protection Plan (NIPP)
• Cybersecurity Critical Infrastructure Framework / CAP
Process/Intro to a SCADA Product (IDUSOFT)
• CSET Department of Homeland Security Risk Assessment Process
and Tools Using the Cybersecurity Critical Infrastructure Framework
11
CAE-2Y Accredited
About ENMU-Ruidoso
The National Security Agency and the Department of Homeland Security have designated Eastern New Mexico University - Ruidoso National Center of Academic Excellence in Information
Assurance/Cybersecurity Defense through academic year 2019.
Based on the universities ability to meet the increasing demands of the program criteria will serve the nation well in contributing to the protection of the National Information Infrastructure. Meets the eleven Knowledge Units learning objectives
Recognized by the National Initiative in Cybersecurity Education (NICE) as a certified Training Institution for the NIST National Cybersecurity Workforce Framework. http://csrc.nist.gov/nice/index.htm
12
CAE-2Y Accredited
http://www.us-cert.gov/control_systems/csstandards.html
CAE-2Y Accredited