Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

InfragardNCR Annual Report 2015

459 views

Published on

On our 10th Anniversary, InfraGard of the National Capital Region (InfraGardNCR) issued it's first Annual Report sharing our numerous accomplishments and programming from 2015. Read our report to find our our efforts to protect our nation's 16 critical infrastructures through improved information sharing.

Published in: Government & Nonprofit
  • Be the first to comment

  • Be the first to like this

InfragardNCR Annual Report 2015

  1. 1. InfraGard National Capital Region Members Alliance Annual Report – 2015
  2. 2. I CONTENTS Contents 3 Letter from Washington Field Office Leadership 4 Letter from Your President 5 Letter from Your Coordinators 6 Sharing Information 7 The Vision and Mission of InfraGardNCR 7 What is Critical Infrastructure? 8 Where are we on information sharing? 10 InfraGardNCR Priorities for 2015-2016 12 A year in the making 14 Your InfragardNCR Board FBI Coordinators 14 Cyber Special Interest Group 16 Membership Report 17 Community Activities and Chapter Awards 18 Information Sharing 19 Membership Contact Information
  3. 3. InfraGardNationalCapitalRegionMembersAlliance AnnualReport–2015 3
  4. 4. 2 LETTER FROM YOUR PRESIDENT Dear Members Friends of InfraGard, As we finalized this Annual Report on our activities to protect our critical infrastructure from attack, the news is overwhelmed with details, questions, and speculation about the terrorist attack in California that killed 14 innocents who devoted their lives to caring for people with the San Bernardino County Department of Public Health. My heart is heavy and my mind is frustrated – how can the media ask this question? Meeting after meeting, our Board struggles to develop and provide the resources you need to prevent this, or other even more common attacks, from reaching your workplace and impacting our way of life. It is such a complicated and difficult task. Just off the top of my head, this scenario reaches nearly all of the top priorities we have identified to help you protect yourselves: Insider threat – it seems that Syed Rizwan Farook joined his colleagues at their holiday party, then returned to the party and in a hail of bullets murdered them. Active shooter – Syed Rizwan Farook and his wife Tashfeen Malik entered the Inland Regional Center with guns and fired 65-75 rounds of ammunition at the gathering. Radicalization – while there are no definitive answers right now on who radicalized whom, the FBI suspects that Malik may have radicalized her husband to perpetrate this murder. At their home were more weapons and bombs they were unable to use before being killed by law enforcement in a shoot out. While we are all prone to believe that “this won’t happen to me” – each of you has signed up for InfraGard to do everything you can to assure it does not. But that is exceedingly difficult. And it is a heroic, noble, and often thankless job. Theextentofthisstruggleisrelativelynew.AftertheeventsofSeptember11th–the9/11Commissionfoundthatpoliticians,reportersandcitizenswereasking the same questions: Why didn’t the FBI know? Why didn’t our government put 2+2 together? How do we assure this does not happen again? And with that, the mission of our law enforcement partners changed dramatically. Their job was no longer just to catch and convict criminals, terrorists and other wrong-doers. Their job now was to see into people’s hearts. To find the clues that would identify people like Farook or Adam Lanza (who killed 26 at Sandy Hook Elementary school) BEFORE they committed their horrific acts. And, incredibly, our FBI partners do it every day. They find, and foil attacks that we know about and so many more that we do not know about. They do this under extremely adverse circumstances often being told that they should not use even the most basic tools to combat highly technological, and advanced adversaries. While politicians consider curtailing further law enforcement tools and grapple with modernizing the law as fast as technology demands – YOU are faced, daily, with the realities: YOU must find the Insider threat. YOU must prevent and prepare for your workplace to become a bloodbath. YOU must protect your physical and IT systems from attack. YOU must find, mitigate, and clean-up damage from cyber attacks. YOU are the frontline. We recognize this, and with the deepest respect and gratitude we offer this Annual Report to let you know how we work to support you. In 2016, WE must overcome the challenges that stymie our ability to prevent our coworkers from being murdered. WE must rethink our strategies and approaches against a ubiquitous threat that leverages all of today’s technology to terrorize, murder, steal, and debilitate us. WE must be laser focused on our mission to protect our people and critical infrastructure assets. WE must work as a team to leverage our knowledge, to use the social media systems WE created to share information, to ask the questions that must be asked to prevent another attack. As a member of InfraGardNCR, you have joined this fight. Your Board, our FBI partners, and many in the nation, thank you. We applaud and encourage you to continue our critical partnership and engage to improve it. Help us work as a coordinated, intelligent, informed team to protect and secure our nation. Yours in Service, Kristina Tanasichuk President, InfraGardNCR I just read an ABC headline that said: FBI Under Fire: Why were shooters not on FBI’s radar? Kristina
  5. 5. Dear NCR members, 2015 has been a busy, productive year for our chapter. Elsewhere in this annual report, you’ll find a summary of our InfraGard programs for this calendar year as well as highlights of our growth in membership. In short, we continue to work closely with your Board of Directors to plan a variety of programs to help you, the owners and operators of critical infrastructure, add value to your efforts to protect your assets more effectively and to mitigate physical and cyber threats you face. We spend a significant amount of our time planning and hosting programs and processing new member applications. We offered InfraGard briefings this year to audiences across the region, listed in the diagram among many others. We also represented the chapter at multiple exercises this year, including a tabletop exercise focused on a multi-sector response to a food-borne virus, and a comprehensive risk assessment for a critical data center cluster led by the U.S. Department of Homeland Security in our area. We worked with the Board to continue our in-reach series, where experts from our chapter come into FBI space to teach FBI Special Agents and Intelligence Analysts about cutting-edge trends that directly affect our cases. This is a significant way in which you, our members, “share information” with the FBI. And of course, we serve as your single point of contact with the FBI. Throughout 2015, we fielded questions and made referrals to colleagues based on a variety of issues you brought to our attention, to include internet romance schemes, mortgage fraud, potential acts of terrorism, spear phishing attempts, and apparent cyber intrusions. We encourage you to reach out to us with any concerns or questions! In 2016, we look forward to bringing you substantive programming that equips you with tools to do your job even better. We will continue to recruit appropriate members for our chapter. We shall maintain our publishing schedule of a weekly e-newsletter to keep you informed about critical infrastructure intelligence products, open-source news reports, and upcoming events of interest. And we ask that you, in 2016, commit to sharing information with each other and with the FBI. Since this is a founding principle of InfraGard, it’s one of our key areas of focus for the coming year. You’ll hear more about this topic in the coming weeks – please check your email for further details from us. Thank you for being part of the National Capital Region chapter! Kara Sidener Amylynn Errera InfraGardNationalCapitalRegionMembersAlliance AnnualReport–2015 5 Kara Sidener Kara.sidener@ic.fbi.gov Amylynn Errera Amylynn.errera@ic.fbi.gov Contact Us InfragardNCR@ic.fbi.gov
  6. 6. 3 SHARING INFORMATION Dulles ISAC Dulles Information Sharing and Analysis Center CMSCC Critical Manufacturing Sector Coordinating Council WFO-CAA Washington Field Office Citizens Academy Alumni NCTC National Counter terrorism Center National Guard GMU George Mason University DC-Rotary Club InfraGard briefings this year offered to audiences across the region
  7. 7. The Vision and Mission of InfraGardNCR Our vision is to share information to prevent and mitigate any attack against our nation’s critical infrastructure. Our mission is to develop the platforms, tools and resources for information sharing, peer-to-peer, between the private sector critical infrastructure owners and operators, and between the private sector and the FBI. InfraGard is a partnership between the FBI and the private sector. Our chapter is an association of persons who represent businesses, academic institutions, state and local law enforcement agencies, and other participants dedicated to sharing information and intelligence to prevent hostile acts against the critical infrastructure of the United States. InfraGard’s information sharing mission is supported at the highest levels of the U.S. government. As recently as February 2015, President Barack Obama signed Executive Order 13691, which encourages private companies, nonprofit organizations, executive departments, and agencies to voluntarily share cyber security information and incidents as a way to enhance the collective cyber security of the United States. InfraGardNationalCapitalRegionMembersAlliance AnnualReport–2015 What is Critical Infrastructure? “Critical infrastructure” refers to the systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters. There are 16 critical infrastructure sectors identified by the U.S. Department of Homeland Security, including: Chemical, Commercial Facilities; Communications; Critical Manufacturing; Dams; Defense Industrial Base; Emergency Services; Energy; Financial Services; Food and Agriculture; Government Facilities; Health and Public Health; Information Technology; Nuclear Reactors, Materials, and Waste; Transportation; and Water and Wastewater Systems. In 2015, those critical infrastructures most represented in InfraGardNCR include: Information Technology, Financial Services, Defense Industrial Base, and Government/ Commercial Facilities. 7
  8. 8. Where are we? As our Board of Directors considered our strategic direction for 2016, we took some time to look at where we are with our information sharing efforts. First – we looked to the progress report, released in March 2015, on the FBI’s implementation of the recommendations in the 9/11 Commission report. The FBI: Protecting the Homeland in the 21st Century reviewed the FBI’s progress on a number of fronts, ultimately concluding that the FBI “transformed itself over the last 10 years” and “made measurable progress building a threat-based, intelligence-driven national security organization.” 4 WHERE ARE WE ON INFORMATION SHARING?
  9. 9. InfraGard is specifically mentioned as part of this transformation and generally was evaluated with a number of other FBI-private sector programs: “the FBI’s relationships across government and the private sector are in various states of evolution depending on the partner, but the trendlines are generally positive. The FBI has done a good job in investing in these relationships, and has detailed or assigned its special agents, intelligence analysts, and other professional staff to a wide array of federal agencies while at the same time hosting these agencies’ personnel at the FBI. The Review Commission applauds these efforts and encourages continued investment in these relationships.” The report further states specific to InfraGard that: “The current limitations on InfraGard stem from the fact that InfraGard coordinators are part-time, and InfraGard is viewed as cyber-focused, when in fact it could have a broader portfolio. If InfraGard were to broaden its focus, however, it would make even more sense to realign it under the Director of Private Sector Engagement (p.95).” As our members know, although InfraGardNCR may be perceived as a “cyber” program, we in fact provide resources and have a broad membership in physical asset protection as well. One of our largest member segments is the government facilities sector. In November 2015, the Bureau acted on the Commission’s recommendations and aligned the InfraGard program under the Office of Private Sector. Second we went back to the 9/11 Commission report. The 9/11 commission report called for the nation to: “Determine, with leadership from the President, guidelines for gathering and sharing information in the new security systems that are needed, guidelines that integrate safeguards for privacy and other essential liberties.” Additionally, the report stated that the system of “need to know” should be replaced by a system of “need to share” through a “unity of effort” for information sharing. Our chapter has seen the commitment and focus of our FBI InfraGard coordinators, and their leadership from the Washington Field Office. There is no question that the FBI is deeply committed to making this partnership work. The private sector also wants to add value and work with the FBI to enhance InfraGard’s value but has some legitimate and still unaddressed challenges: limitations on the ability to share amongst each other particularly for small and mid-sized companies, lack of timely and actionable intelligence, and maintaining a two-way conversation once information is shared. InfraGardNationalCapitalRegionMembersAlliance AnnualReport–2015 9 In November 2015, the Bureau acted on the Commission’s recommendations and aligned InfraGard program Private Sector Office
  10. 10. 5 THE PRIORITIES InfraGardNCR Priorities for 2015-2016 Given how far information sharing has come, your InfraGardNCR board continues to focus on areas that have been identified as challenges by both our membership and by Commissions reporting on the progress of our information sharing efforts since the events of September 11th. We have focused our priorities on improving these challenges AND have adopted several mission areas that our FBI counterparts have identified as critical, including:
  11. 11. InfraGardNationalCapitalRegionMembersAlliance AnnualReport–2015 Share information more effectively • Expand the way we think about information sharing • Utilize new platforms to share information • Work with our FBI partners to speed the dissemination of critical, relevant information • Develop the proper channels for members to share information in a safe/trusted environment Serve our members • Develop and execute our strategic plan for programming that addresses the needs of all of our critical infrastructure sectors • Engage the subject matter experts in our area of operations for more active participation and to further InfraGard’s goals through projects, activities and events • Provide more tactical, practical resources to aid members with their physical and cyber security responsibilities. 1 2 3 4 Protect our critical infrastructure sectors in our area of operations • Identify and tailor events and activities to our four largest member groups • Balance the need for information technology and physical security resources • Continue the focus on cyber security and the evolving vulnerabilities of the “Internet of Everything” • Expand our support for the physical security of critical infrastructure holders Serve the FBI • Identify and develop SME interaction to address the needs of our FBI partners • Be THE private sector resource for best practices and SMEs • Align our mission, programming, and communications to FBI priorities, to include both timely and emerging challenges, like data encryption and active shooters 11
  12. 12. 6 A YEAR IN THE MAKING Member Events Collaboration January 2015 February 2015 April 2015 June 2015 March 2015 May 2015 New Year Networking, Membership and Relationship Development Event Threats Where You Are and How To Mitigate Them National Counterterrorism Tracking Center and DHS/ Infrastructure Protection briefing White House Summit on Cybersecurity and Consumer Protection Joint program with FBI-BA and USSS WFO BA Emerging Trends U.S. Secret Service Protective Analysis Group 5th Annual Mid-Atlantic Intelligence and Law Enforcement Training Seminar Insider Threats for Small and Midsize Businesses Tools and information for understanding the Insider threat with partners from the FBI, CENTRA Technology, and Prescient Edge Your InfraGardNCR Chapter has again executed an exceptional array of programming that provides members with the latest information from our FBI partners, practical tools to combat cyber intrusion and attack, and training resources to be “up to date” on active shooter scenarios and much more. Below is a sampling of our most critical programs:
  13. 13. InfraGardNationalCapitalRegionMembersAlliance AnnualReport–2015 August 2015 October 2015 December 2015 July 2015 September 2015 November 2015 Board prepares for Strategic Plan Review and InfraGard National Congress DHS Personnel Security Forum with partners Government Technology Services Coalition and the Industrial Security Working Group TAC/STRAT: A Tactical and Strategic Look at Cybersecurity with partners George Mason University and Symantec Interoperability Collaboration: DHS Beyond with partner Government Technology Services Coalition Annual Member Meeting Cyber SIG meeting: OPM Breach with FBI Supervisory Special Agent InfraGard National Congress Intellectual Property Summit Cyber SIG meeting: PlugX Malware Inaugural National Critical Infrastructure Security Resilience Month event with U.S. Department of Homeland Security Office of Infrastructure Protection and Crowell Moring 13
  14. 14. 7 THE BOARD Special Agent Kara Sidener kara.sidener@ic.fbi.gov FBI InfraGard Co-Coordinator Special Agent Amylynn Errera amylynn.errera@ic.fbi.gov FBI InfraGard Co-Coordinator Kristina Tanasichuk President Jenifer Fritz Chief Administrative Officer Talley Philpy Vice President, Communications Glenn Wood Vice President, Technology James Collins Chief Financial Officer Danielle Lindholm Vice President, Programs Events Veda Woods Vice President, Partnerships Outreach Your InfragardNCR Board FBI Coordinators Jeff Lolley Co-Chair Chief Information Security Officer Hogan Lovells Mark Tanner Co-Chair President, ARIXMAR Cyber Special Interest Group
  15. 15. InfraGardNationalCapitalRegionMembersAlliance AnnualReport–2015 Sector Chief Program InfraGard’s Sector Chief Program (SCP) escalates communication across the organization by enlisting industry’s top subject matter experts as liaisons to facilitate information sharing and communication between the FBI, local InfraGard Members Alliances (IMAs), and area members. This added exchange fuels the ability of the FBI and government partners to address threats to all 16 critical infrastructure sectors. Sector chiefs also promote key insight into their designated industry sector. Their specific expertise elevates the value of incident response exercises and helps tailor member training programs that increase awareness and build a collective knowledge base toward improved national security. 15 Commercial facilities: Sector Chief Matt Smith Deputy Sector Chief Abrahem Helal Critical manufacturing: Sector Chief Vernon Allen Emergency Services: Sector Chief Erik Gaull Energy: Sector Chief Martin Kessler Nuclear: Sector Chief Michael Cohen Financial Services and Banking: Co-Sector Chief JR Helmig Government Facilities: Sector Chief Bowman Olds Information Technology: Sector Chief Jay Uphouse Deputy Sector Chief Paul Hamman Water, Wastewater Treatment Systems and Dams: Sector Chief Steve Bieber Transportation: Sector Chief Jodi Terhorst Deputy Chair of Sector Chiefs: Raymond Hudson
  16. 16. As of November 2015, our chapter represents over 1900 individuals representing all 16 critical infrastructure sectors. Over 80% of our membership self-identifies in one of the following four sectors: Information Technology, Government Facilities, Defense Industrial Base (DIB) and Banking and Finance. With an average of one new applicant per day, and the Board’s focus on building the representation of key critical infrastructure holders, we anticipate an increase of at least 50% by the end of 2016. 8 OUR MEMBERS 750 Information Technology 230 Defense Industrial Base 80% of Members 290 Government Facilities 155 Banking Finance 1900 Members Chapter Membership
  17. 17. InfraGardNationalCapitalRegionMembersAlliance AnnualReport–2015 Community Activities Chapter Awards 17 • InfraGard National Members Alliance Congress InfraGardNCR Chapter received two national awards, including DHS Protective Security Advisor of the Year and Rookie of the Year. Congratulations to Kelly Wilson and Veda Woods! • National Capital Region’s Homeland Security Plan The Metropolitan Washington Council of Governments briefed members at our inaugural National Critical Infrastructure Security Resilience Month event and our Annual Meeting on the evolving homeland security plan for the region. Members were able to provide substantive comments on how to include the private sector and best practices on information sharing between the public and private sectors. • Inaugural Annual Report Issued our first Annual Report to “share information” about our activities, priorities, and to get member engagement and feedback on our initiatives. If we don’t share what we’re doing, how would you know? • NCISRM The chapter this year launched our inaugural National Critical Infrastructure Security Resilience Month event to bring public and private partners from around the region together to focus on infrastructure security, understand the threats, and build our regional resilience. The event seeks to bring everyone in our region together to provide our best threat information from our FBI partners, share information on best practices, and leverage our collective resources for the latest tactical tools and training to our community. • Publications - “InfraGard: Enhancing Information Sharing through Strategic Programming, Outreach, and Communications,” was published in the October 2015 issue of George Mason University’s Critical Infrastructure Protection (CIP) Report. • WHS BBQ Cook-Off - InfraGardNCR participated in, and helped sponsor, the 2015 Women in Homeland Security BBQ Cook-off that seeks to build the homeland security community. Our chapter won “BEST SAUCE” and helped raise roughly $28,000 for the National Law Enforcement Officers Memorial Fund. Special thanks to Nagi Mei, our team leader, Tracey Mitchell, Richard Routh, Caleb Routh, and Raj Williams!
  18. 18. 9 INFORMATION SHARING Information sharing is the backbone and mission of InfraGard. But what does that mean? Ultimately it is receiving information fast enough to allow you to act and prevent or mitigate an attack. Given burgeoning social media and information flying around at the speed of “share on Facebook”, your chapter has taken significant steps to get you “up to speed” on areas critical to our mission. We are focusing on developing the platforms that will allow you to share URGENT, critical, and educational information to inform your colleagues and build our team of critical infrastructure protectors. But we can build platforms all day long. We need YOU to help populate and curate them. The following initiatives highlight our efforts in 2015: INFORMATION SHARING WITH YOU: Chapter Newsletter - InfraGardNCR leadership continues to focus on communicating with our members in ways that add value to their jobs and to their InfraGard membership. To that end, we have added special features, often tied to InfraGard programs and/ or critical infrastructure monthly themes as established by the Department of Homeland Security, as well as standing features on cyber security news and relevant posts from the InfraGard secure portal. PEER-TO-PEER INFORMATION SHARING: Social Media - Social Media is here whether you like it or not. The terrorists use it to coordinate across the globe....isn’t it time for us to dive in?? It is. Our Chapter has increased engagement on Facebook, LinkedIn, and Twitter. Sharing information in every way that our members may receive their news continues to be a key product of our “information sharing” efforts. In addition to traditional social media, we initiated a Flipboard page where members of the Board, sector chiefs, and select members can “flip” articles of interest to share with our membership. Interested in sharing what you’re reading? Engage with us as an identified or “anonymous” curator to share information! Contact us to learn how to share the information you are reading with your peers. SIG Meetings - Throughout the year our Cyber SIG has hosted monthly meetings to share information on everything from the major cyber hack on the Office of Personnel Management (OPM) that compromised over 20 million people to the Presidential Directive on Private Sector Cybersecurity Information Sharing issued in early 2015. The SIG also did significant in-depth training on specific threats like the PlugX Malware. FBI Briefings- Throughout the year our FBI partners have joined us to provide the latest information on cyber security threats, increased terrorist threats and tactics, and the insider threat, in addition to extensive information on cyber criminals and their vectors of attack. They have discussed everything from broad trends to more specific information on threats. INFORMATION SHARING WITH OUR FBI, INTELLIGENCE OTHER PARTNERS FBI in-reach sessions In 2015 we executed several new programs we’ve deemed “in-reach” that came out of conversations with our FBI partners at our 2014 Strategic Planning meeting. These sessions bring SMEs from our chapter in to discuss the private sector’s perspective and strategies around top FBI priorities like alternate currencies and the dark web. Washington Regional Threat Analysis Center (WRTAC) InfraGardNCR leadership met with Washington Regional Threat Analysis Center (WRTAC) executives to assure that we have a robust relationship and a more active and engaged partnership. The Board is looking for a member to represent InfraGard at the WRTAC – please contact us to find out more. Metropolitan Washington Council of Governments (MWCOG) The Board also reinvigorated our relationship with the Metropolitan Washington Council of Governments – providing input to their regional homeland security plan and more systematically engaging with them on critical infrastructure issues. Office of the Director of National Intelligence (ODNI) InfraGardNCR leadership also met with and discussed areas of mutual concern with the Office of the Director of National Intelligence, Office of Public Private Partnerships. Together we discussed working more closely on top concerns over information sharing among the IC community and how to leverage resources they are developing to combat common threats. Our Information Sharing Efforts
  19. 19. Membership Contact information InfraGardNationalCapitalRegionMembersAlliance AnnualReport–2015 As a member of InfraGardNCR, you are a part of the nation’s team to protect critical infrastructure. Along with your InfraGard membership comes great responsibility. When approved, you represent the nation’s largest volunteer organization dedicated to being part of the solution. We sincerely value members who devote their time, effort, and talent to help build the community, relationships, and trusted environment that it takes to share information and protect our nation. WHY JOIN? InfraGard’s vetted membership consists of thousands of subject matter experts across all 16 critical infrastructures sectors. Members represent professionals from business, academia, government, state, local and tribal government, law enforcement and the military who are dedicated to supporting the mission and protecting critical infrastructure. InfraGard provides its members with a deep understanding of the threats posed by criminals and foreign adversaries and has access to information and tools that equip them with the most current best practices. Additional member benefits include: • Collaboration with peers across InfraGard membership • Information sharing with FBI and Law Enforcement • Timely intelligence briefings • Identification, prioritization, and mitigation of vulnerabilities • Special Interest Groups (SIGs) • Access to iGuardian and Malware Investigator • Training and education programs • Discounts to local seminars and conferences To apply for membership, go to www.infragard.org and click on the “Join Today!” tab. Complete the online application and membership agreements. The application process takes 30-120 days, and you will be notified by email if your application is approved. Have you logged in to the portal lately?? Once a member, you must log in to the secure portal to maintain your membership. Membership status is segmented into the following five categories: 1. Active – These members have logged into the new InfraGard Network (IGN), which came online in the summer of 2013, and are able to freely log in without any account issues. 2. Idle – Members in this category have not logged into the IGN in the last 91-180 days. At this mark, the user’s password lapses and logging in is not possible without an automated password reset or a call to the help desk for password reset assistance. 3. Locked – Members who attempt to login three times without success will become locked out. The automated password reset may be used or the help desk called for reset assist. 4. Dormant – Those who have not logged in for more than 181 days are required to call the help desk for login assistance. 5. Rescinded – These members fall into 3 categories: a. They have been removed for cause and will not be allowed to reapply to InfraGard b. They personally requested removal from InfraGard but can reapply c. They have not signed into the IGN for 366 days and will be required to reapply to InfraGard If you have other questions about membership, please email us at InfraGardNCR@ic.fbi.gov. 19
  20. 20. Contact us at InfraGardNCR@ic.fbi.gov Special thanks to Talley Philpy, Kara Sidener, and Jen Fritz for making this Annual Report possible.

×