SlideShare a Scribd company logo

Breach: When Bad Things Happen to Good Governments

Paul W. Taylor
Paul W. Taylor

You've been at the session, now here are the slides

Government & Nonprofit
1 of 34
Download to read offline
When Bad Things Happen to Good Governments
ü The  Year  of  the  Breach   ü Real-­‐Time  Response  I  (Panel)   ü The  Cases:  2  You  Know,  2  You  Don’t     ü Real-­‐Time  Response  II  (Panel)   ü What  Have  We  Learned?   ü The  1  Thing  (Panel)   Our  Time  Together  
Cyber  Security   Breach   Hack   DDoS   Malware   Phishing   Malware   Spyware   Ransom-­‐ware   Viruses   Worms   Botnets   InformaDon  Security  
Source:  Center  for  Digital  Government,  Digital  States,  Coun0es,  Ci0es,  2014.   Public  IT  PrioriDes   1.   Cybersecurity   2.   Shared  Services   3.   Cloud   4.   Mobility   5.   Staffing   1.   Cybersecurity   2.   Staffing   3.  Shared  Services   4.   Mobility   5.   Cost  Control   1.   Open  Gov/Data   2.   Mobility   3.  Cybersecurity   4.   Staffing/Portal   5.   DR/  COOP   STATE  CIOs   COUNTY  CIOs   CITY  CIOs  
Elected  +  Appointed  Officials   What  Respondents  want  in  a  Network   0%   20%   40%   60%   80%   100%   Redundancy   Ease  of  Maintenance   Availability   Security   Network   Source:  Center  for  Digital  Government,  2015.  
How  Did  We  Get  Here?  
Sources:  ABC  |  KRON  TV  |  WCPO  TV  |  WWLP  TV  |  WOCH  TV  |WTNH  TV  |  KOIN  TV  |  WSJ  |  AP  |  Sony  |  WH.gov   Ripped  from  the  Headlines  
The  Rise  of  Hacking  Crews   Vikingdom2015:  From  Russia  with  Malice  
Dr.  Strangelove  or:  How  I  Learned  to  Stop  Worrying  and  Love  the  Bomb   Source:  Universal  Studios  (1964)     Déjà  vu  All  Over  Again   Here  we  are  again,  50  years  later  
How  I  Learned  to  Stop  Worrying  and   Love  Cybersecurity   Our  Panel  
Career  Defining  Breaches  
Managing  the  News  Cycle  
Managing  the  News  Cycle  
Michael  Brown   August  9,  2014  
Dateline:  Ferguson   Flickr:  Chuck  Jines  
August  9,  2014  –  January  7,  2015   Sources:  Operafon  Ferguson/  Al  Jazeera  America   Global-­‐Local  HackDvism  
Meanwhile  in  the  Capitol…   Google  Maps  
Dateline:  Jefferson  City   Flickr:  Steve  Warren   DAYS  THAT  MISSOURI  WAS  A  WORLDWIDE   Hackfvist  Target:  123  
Target:  Governor  Nixon   Flickr:  Steve  Warren  
Target:  Governor  Nixon   colorofchange.org  
The  Grand  Jury  Decision   Scoh  Olson/  Gehy  Images   November  24,  2014  
Launch  and  Learn   Flickr:  Steve  Warren   The  one  unfinished  part  of  the     state’s  cybersecurity  program   and  plan  when  crisis  hit:   DDoS  
Key  Learnings:  Jefferson  City   Flickr:  Steve  Warren   1  Understand  HackDvism  MoDves  and  Methods   2  Understand  DDoS  Aaacks   3  Assess  Your  Network  and  Infrastructure   4  PrioriDze  Assets   5  Establish  and  Exercise  a  War  Room   6  Integrate  Network  OperaDons  Center  (NOC)     7  Integrate  Security  OperaDons  Center  (SOC)     8  Develop  a  Plan   9  Monitor  Social  Media   10  Remain  Nimble  and  Adaptable  
From  the  War  Room   There  is  Something  for     Everyone  to  Do  
ü Cybersecurity  =  risk  management.   ü Security  incidents  are  inevitable.     ü Prepare.   ü Fund  and  support.   ü Plan  PR  mifgafon.     Elected  and  Appointed  Officials   What  Have  We  Learned?   The  LiAle  Red  Breach  Book  
What  Have  We  Learned?   The  LiAle  Red  Breach  Book   Chief  InformaDon/  Technology  Officers   ü Own  the  plan.   ü No  surprises.     ü Champion  a  strong  cybersecurity   culture.    
ü Idenffy  and  apply  best  pracfces.     ü Evaluate  and  recommend   strategies,  programs  and  tools.     ü Monitor  and  manage  crifcal   systems  and  infrastructure.   Chief  InformaDon  Security  Officers   What  Have  We  Learned?   The  LiAle  Red  Breach  Book  
ü Know  security  implicafons  of   delivery  systems.   ü Encourage  employees  to  take   security  seriously.   ü Apply  agency  resources  to  support   cyber  security  as  appropriate.   Agency  or  Line  of  Business  Managers   What  Have  We  Learned?   The  LiAle  Red  Breach  Book  
ü Understand  good  cyber  security  is   good  for  everybody.   ü Train.   ü See  something,  say  something.   ü If  you  don’t  know  what  it  is,  don’t   click  on  it.   Front  Line  Employees   What  Have  We  Learned?   The  LiAle  Red  Breach  Book  
ü Adopt  security  best  pracfces.   ü Adhere  to  government  security   requirements.   ü Share  informafon  regarding   suspicious  acfvity,  incidents  or   potenfal  breaches.   Service  Delivery  Partners    Private   Non  Profit   What  Have  We  Learned?   The  LiAle  Red  Breach  Book  
Encouraged  through  awareness  campaigns  to:   ü Do  the  basics  well.     ü Stay  alert  for  common  tricks.     ü Help  authorifes  fight  cybercrime.   General  Public  -­‐  NeDzens   What  Have  We  Learned?   The  LiAle  Red  Breach  Book  
Thing   1   The  Exit  QuesDon  
govtech.com/security  

Recommended

Social Media For Investigations By Detective Jeff Bangild Toronto Police #Boo...
Social Media For Investigations By Detective Jeff Bangild Toronto Police #Boo...Social Media For Investigations By Detective Jeff Bangild Toronto Police #Boo...
Social Media For Investigations By Detective Jeff Bangild Toronto Police #Boo...Scott Mills
 
CyberTerrorism - A case study for Emergency Management
CyberTerrorism - A case study for Emergency ManagementCyberTerrorism - A case study for Emergency Management
CyberTerrorism - A case study for Emergency ManagementRicardo Reis
 
Social Engineering
Social EngineeringSocial Engineering
Social EngineeringNicholas Davis
 
cybersecurity-101_4
cybersecurity-101_4cybersecurity-101_4
cybersecurity-101_4Pasquale Tursi
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical HackingMuzaffar Ahmad
 
Art of Social Engineering Presented by Accellis Technology Group
Art of Social Engineering Presented by Accellis Technology GroupArt of Social Engineering Presented by Accellis Technology Group
Art of Social Engineering Presented by Accellis Technology GroupAccellis Technology Group
 
Effective Cybersecurity Communication Skills
Effective Cybersecurity Communication SkillsEffective Cybersecurity Communication Skills
Effective Cybersecurity Communication SkillsJack Whitsitt
 
Yours Anecdotally: Developing a Cybersecurity Problem Space
Yours Anecdotally: Developing a Cybersecurity Problem SpaceYours Anecdotally: Developing a Cybersecurity Problem Space
Yours Anecdotally: Developing a Cybersecurity Problem SpaceJack Whitsitt
 

More Related Content

What's hot

Hacking Law Reform LAWS4305 2003
Hacking Law Reform LAWS4305 2003Hacking Law Reform LAWS4305 2003
Hacking Law Reform LAWS4305 2003Peter Timusk
 
Why i choose information system and osint learning
Why i choose information system and osint learningWhy i choose information system and osint learning
Why i choose information system and osint learningLaurensius Jeffrey Chandra
 
The Major Types of Cybercrime
The Major Types of CybercrimeThe Major Types of Cybercrime
The Major Types of CybercrimeRubi Orbeta
 
NIST Cybersecurity Framework Background and Review | Jack Whitsitt
NIST Cybersecurity Framework Background and Review | Jack WhitsittNIST Cybersecurity Framework Background and Review | Jack Whitsitt
NIST Cybersecurity Framework Background and Review | Jack WhitsittJack Whitsitt
 
The Art of Human Hacking : Social Engineering
The Art of Human Hacking : Social Engineering The Art of Human Hacking : Social Engineering
The Art of Human Hacking : Social Engineering OWASP Foundation
 
Webinar - Cyber Hygiene: Stay Clean at Work and at Home
Webinar - Cyber Hygiene: Stay Clean at Work and at HomeWebinar - Cyber Hygiene: Stay Clean at Work and at Home
Webinar - Cyber Hygiene: Stay Clean at Work and at HomeWPICPE
 
Jason Samide - State of Security & 2016 Predictions
Jason Samide - State of Security & 2016 PredictionsJason Samide - State of Security & 2016 Predictions
Jason Samide - State of Security & 2016 Predictionscentralohioissa
 
InfraGard Cyber Tips: October, 2015
InfraGard Cyber Tips: October, 2015InfraGard Cyber Tips: October, 2015
InfraGard Cyber Tips: October, 2015Ryan Renicker CFA
 
Social engineering 101 or The Art of How You Got Owned by That Random Stranger
Social engineering 101 or The Art of How You Got Owned by That Random StrangerSocial engineering 101 or The Art of How You Got Owned by That Random Stranger
Social engineering 101 or The Art of How You Got Owned by That Random StrangerSteven Hatfield
 
Reining in the Data ITAG tech360 Penn State Great Valley 2015
Reining in the Data ITAG tech360 Penn State Great Valley 2015 Reining in the Data ITAG tech360 Penn State Great Valley 2015
Reining in the Data ITAG tech360 Penn State Great Valley 2015 Andrew Schwabe
 
Cloud Proxy Technology – Hacker Halted 2019 – Jeff Silver
Cloud Proxy Technology – Hacker Halted 2019 – Jeff SilverCloud Proxy Technology – Hacker Halted 2019 – Jeff Silver
Cloud Proxy Technology – Hacker Halted 2019 – Jeff SilverEC-Council
 
Cybersecurity for Emergency Managers
Cybersecurity for Emergency ManagersCybersecurity for Emergency Managers
Cybersecurity for Emergency ManagersSarah K Miller
 
Cyber security awareness for students
Cyber security awareness for students Cyber security awareness for students
Cyber security awareness for studentsAkhil Nadh PC
 
Cyber Crime Meeting
Cyber Crime MeetingCyber Crime Meeting
Cyber Crime Meetingmkammerer
 
Introduction to National Critical Infrastructure Cyber Security: Background a...
Introduction to National Critical Infrastructure Cyber Security: Background a...Introduction to National Critical Infrastructure Cyber Security: Background a...
Introduction to National Critical Infrastructure Cyber Security: Background a...Jack Whitsitt
 
Social engineering attacks
Social engineering attacksSocial engineering attacks
Social engineering attacksRamiro Cid
 
BSidesPGH - Never Surrender - Reducing Social Engineering Risk
BSidesPGH - Never Surrender - Reducing Social Engineering RiskBSidesPGH - Never Surrender - Reducing Social Engineering Risk
BSidesPGH - Never Surrender - Reducing Social Engineering RiskRob Ragan
 

What's hot (20)

Hacking Law Reform LAWS4305 2003
Hacking Law Reform LAWS4305 2003Hacking Law Reform LAWS4305 2003
Hacking Law Reform LAWS4305 2003
 
Why i choose information system and osint learning
Why i choose information system and osint learningWhy i choose information system and osint learning
Why i choose information system and osint learning
 
The Major Types of Cybercrime
The Major Types of CybercrimeThe Major Types of Cybercrime
The Major Types of Cybercrime
 
NIST Cybersecurity Framework Background and Review | Jack Whitsitt
NIST Cybersecurity Framework Background and Review | Jack WhitsittNIST Cybersecurity Framework Background and Review | Jack Whitsitt
NIST Cybersecurity Framework Background and Review | Jack Whitsitt
 
The Art of Human Hacking : Social Engineering
The Art of Human Hacking : Social Engineering The Art of Human Hacking : Social Engineering
The Art of Human Hacking : Social Engineering
 
Webinar - Cyber Hygiene: Stay Clean at Work and at Home
Webinar - Cyber Hygiene: Stay Clean at Work and at HomeWebinar - Cyber Hygiene: Stay Clean at Work and at Home
Webinar - Cyber Hygiene: Stay Clean at Work and at Home
 
Jason Samide - State of Security & 2016 Predictions
Jason Samide - State of Security & 2016 PredictionsJason Samide - State of Security & 2016 Predictions
Jason Samide - State of Security & 2016 Predictions
 
InfraGard Cyber Tips: October, 2015
InfraGard Cyber Tips: October, 2015InfraGard Cyber Tips: October, 2015
InfraGard Cyber Tips: October, 2015
 
Social engineering 101 or The Art of How You Got Owned by That Random Stranger
Social engineering 101 or The Art of How You Got Owned by That Random StrangerSocial engineering 101 or The Art of How You Got Owned by That Random Stranger
Social engineering 101 or The Art of How You Got Owned by That Random Stranger
 
Social Engineering
Social EngineeringSocial Engineering
Social Engineering
 
Reining in the Data ITAG tech360 Penn State Great Valley 2015
Reining in the Data ITAG tech360 Penn State Great Valley 2015 Reining in the Data ITAG tech360 Penn State Great Valley 2015
Reining in the Data ITAG tech360 Penn State Great Valley 2015
 
Cloud Proxy Technology – Hacker Halted 2019 – Jeff Silver
Cloud Proxy Technology – Hacker Halted 2019 – Jeff SilverCloud Proxy Technology – Hacker Halted 2019 – Jeff Silver
Cloud Proxy Technology – Hacker Halted 2019 – Jeff Silver
 
Internet security
Internet securityInternet security
Internet security
 
Cybersecurity for Emergency Managers
Cybersecurity for Emergency ManagersCybersecurity for Emergency Managers
Cybersecurity for Emergency Managers
 
Cyber security awareness for students
Cyber security awareness for students Cyber security awareness for students
Cyber security awareness for students
 
Cyber Crime Meeting
Cyber Crime MeetingCyber Crime Meeting
Cyber Crime Meeting
 
Introduction to National Critical Infrastructure Cyber Security: Background a...
Introduction to National Critical Infrastructure Cyber Security: Background a...Introduction to National Critical Infrastructure Cyber Security: Background a...
Introduction to National Critical Infrastructure Cyber Security: Background a...
 
Social engineering attacks
Social engineering attacksSocial engineering attacks
Social engineering attacks
 
BSidesPGH - Never Surrender - Reducing Social Engineering Risk
BSidesPGH - Never Surrender - Reducing Social Engineering RiskBSidesPGH - Never Surrender - Reducing Social Engineering Risk
BSidesPGH - Never Surrender - Reducing Social Engineering Risk
 
Abso lutely!
Abso lutely!Abso lutely!
Abso lutely!
 

Similar to Breach: When Bad Things Happen to Good Governments

Breach: When Bad Things Happen to Good Governments
Breach: When Bad Things Happen to Good GovernmentsBreach: When Bad Things Happen to Good Governments
Breach: When Bad Things Happen to Good GovernmentsPaul W. Taylor
 
2022 Rea & Associates' Cybersecurity Conference
2022 Rea & Associates' Cybersecurity Conference 2022 Rea & Associates' Cybersecurity Conference
2022 Rea & Associates' Cybersecurity Conference Rea & Associates
 
Using Technology and People to Improve your Threat Resistance and Cyber Security
Using Technology and People to Improve your Threat Resistance and Cyber SecurityUsing Technology and People to Improve your Threat Resistance and Cyber Security
Using Technology and People to Improve your Threat Resistance and Cyber SecurityStephen Cobb
 
Cybersecurity Risk Governance
Cybersecurity Risk GovernanceCybersecurity Risk Governance
Cybersecurity Risk GovernanceDan Michaluk
 
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Joe Bartolo
 
Combating cyber crimes chinatu
Combating cyber crimes chinatuCombating cyber crimes chinatu
Combating cyber crimes chinatuChinatu Uzuegbu
 
Security Unplugged
Security UnpluggedSecurity Unplugged
Security Unpluggedsean_mckim
 
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copyBest_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copyStephanie McVitty
 
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...APNIC
 
Airport IT&T 2013 John McCarthy
Airport IT&T 2013 John McCarthyAirport IT&T 2013 John McCarthy
Airport IT&T 2013 John McCarthyRussell Publishing
 
How to Catch a Wolf in Sheep's Clothing
How to Catch a Wolf in Sheep's ClothingHow to Catch a Wolf in Sheep's Clothing
How to Catch a Wolf in Sheep's ClothingThinAir
 
Insider Threat - How Do You Find a Wolf in Sheep's Clothing?
Insider Threat - How Do You Find a Wolf in Sheep's Clothing?Insider Threat - How Do You Find a Wolf in Sheep's Clothing?
Insider Threat - How Do You Find a Wolf in Sheep's Clothing?dianadvo
 
Ewert_Military Information Systems Risk Management
Ewert_Military Information Systems Risk ManagementEwert_Military Information Systems Risk Management
Ewert_Military Information Systems Risk ManagementThomas Ewert
 
Practical approach to combating cyber crimes
Practical approach to combating cyber crimesPractical approach to combating cyber crimes
Practical approach to combating cyber crimesChinatu Uzuegbu
 
Bug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
Bug Bounties, Ransomware, and Other Cyber Hype for Legal CounselBug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
Bug Bounties, Ransomware, and Other Cyber Hype for Legal Counselbugcrowd
 
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...Casey Ellis
 
Bug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
Bug Bounties, Ransomware, and Other Cyber Hype for Legal CounselBug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
Bug Bounties, Ransomware, and Other Cyber Hype for Legal CounselCasey Ellis
 
Threat Intelligence + SIEM: A Force to be Reckoned With
Threat Intelligence + SIEM: A Force to be Reckoned WithThreat Intelligence + SIEM: A Force to be Reckoned With
Threat Intelligence + SIEM: A Force to be Reckoned WithSolarWinds
 
The Open Group San Diego Panel Explores Global Cybersecurity Issues for Impro...
The Open Group San Diego Panel Explores Global Cybersecurity Issues for Impro...The Open Group San Diego Panel Explores Global Cybersecurity Issues for Impro...
The Open Group San Diego Panel Explores Global Cybersecurity Issues for Impro...Dana Gardner
 

Similar to Breach: When Bad Things Happen to Good Governments (20)

Breach: When Bad Things Happen to Good Governments
Breach: When Bad Things Happen to Good GovernmentsBreach: When Bad Things Happen to Good Governments
Breach: When Bad Things Happen to Good Governments
 
2022 Rea & Associates' Cybersecurity Conference
2022 Rea & Associates' Cybersecurity Conference 2022 Rea & Associates' Cybersecurity Conference
2022 Rea & Associates' Cybersecurity Conference
 
Using Technology and People to Improve your Threat Resistance and Cyber Security
Using Technology and People to Improve your Threat Resistance and Cyber SecurityUsing Technology and People to Improve your Threat Resistance and Cyber Security
Using Technology and People to Improve your Threat Resistance and Cyber Security
 
Cybersecurity Risk Governance
Cybersecurity Risk GovernanceCybersecurity Risk Governance
Cybersecurity Risk Governance
 
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
 
Combating cyber crimes chinatu
Combating cyber crimes chinatuCombating cyber crimes chinatu
Combating cyber crimes chinatu
 
Security Unplugged
Security UnpluggedSecurity Unplugged
Security Unplugged
 
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copyBest_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
 
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
 
Airport IT&T 2013 John McCarthy
Airport IT&T 2013 John McCarthyAirport IT&T 2013 John McCarthy
Airport IT&T 2013 John McCarthy
 
How to Catch a Wolf in Sheep's Clothing
How to Catch a Wolf in Sheep's ClothingHow to Catch a Wolf in Sheep's Clothing
How to Catch a Wolf in Sheep's Clothing
 
Insider Threat - How Do You Find a Wolf in Sheep's Clothing?
Insider Threat - How Do You Find a Wolf in Sheep's Clothing?Insider Threat - How Do You Find a Wolf in Sheep's Clothing?
Insider Threat - How Do You Find a Wolf in Sheep's Clothing?
 
Ewert_Military Information Systems Risk Management
Ewert_Military Information Systems Risk ManagementEwert_Military Information Systems Risk Management
Ewert_Military Information Systems Risk Management
 
Practical approach to combating cyber crimes
Practical approach to combating cyber crimesPractical approach to combating cyber crimes
Practical approach to combating cyber crimes
 
Bug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
Bug Bounties, Ransomware, and Other Cyber Hype for Legal CounselBug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
Bug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
 
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
 
Bug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
Bug Bounties, Ransomware, and Other Cyber Hype for Legal CounselBug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
Bug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
 
presCyberNISC2015
presCyberNISC2015presCyberNISC2015
presCyberNISC2015
 
Threat Intelligence + SIEM: A Force to be Reckoned With
Threat Intelligence + SIEM: A Force to be Reckoned WithThreat Intelligence + SIEM: A Force to be Reckoned With
Threat Intelligence + SIEM: A Force to be Reckoned With
 
The Open Group San Diego Panel Explores Global Cybersecurity Issues for Impro...
The Open Group San Diego Panel Explores Global Cybersecurity Issues for Impro...The Open Group San Diego Panel Explores Global Cybersecurity Issues for Impro...
The Open Group San Diego Panel Explores Global Cybersecurity Issues for Impro...
 

More from Paul W. Taylor

NLGA Exponential Technology and Governance
NLGA Exponential Technology and GovernanceNLGA Exponential Technology and Governance
NLGA Exponential Technology and GovernancePaul W. Taylor
 
Exponential Government + the Courts
Exponential Government + the CourtsExponential Government + the Courts
Exponential Government + the CourtsPaul W. Taylor
 
GovTech Social Academy Podcast Tutorial
GovTech Social Academy Podcast TutorialGovTech Social Academy Podcast Tutorial
GovTech Social Academy Podcast TutorialPaul W. Taylor
 
The Equipt to Innovate(tm) Lightning Round: Governing's Government Performanc...
The Equipt to Innovate(tm) Lightning Round: Governing's Government Performanc...The Equipt to Innovate(tm) Lightning Round: Governing's Government Performanc...
The Equipt to Innovate(tm) Lightning Round: Governing's Government Performanc...Paul W. Taylor
 
Envision 2016 State of the Industry: Public Sector IT (US)
Envision 2016 State of the Industry: Public Sector IT (US)Envision 2016 State of the Industry: Public Sector IT (US)
Envision 2016 State of the Industry: Public Sector IT (US)Paul W. Taylor
 
Dull, Difficult, and Essential: Managing Public Records
Dull, Difficult, and Essential: Managing Public RecordsDull, Difficult, and Essential: Managing Public Records
Dull, Difficult, and Essential: Managing Public RecordsPaul W. Taylor
 
UST Holloran Center and SLLF: Technological, societal, and behavioral changes...
UST Holloran Center and SLLF: Technological, societal, and behavioral changes...UST Holloran Center and SLLF: Technological, societal, and behavioral changes...
UST Holloran Center and SLLF: Technological, societal, and behavioral changes...Paul W. Taylor
 
The Future of Education: There is No Easy Button
The Future of Education: There is No Easy ButtonThe Future of Education: There is No Easy Button
The Future of Education: There is No Easy ButtonPaul W. Taylor
 
Records Management: The Future is Not What it Used to Be
Records Management: The Future is Not What it Used to BeRecords Management: The Future is Not What it Used to Be
Records Management: The Future is Not What it Used to BePaul W. Taylor
 
IT Transformation and the Civic Hack
IT Transformation and the Civic HackIT Transformation and the Civic Hack
IT Transformation and the Civic HackPaul W. Taylor
 
Dealing with (and Avoiding) the #SocialMediaFail
Dealing with (and Avoiding) the #SocialMediaFailDealing with (and Avoiding) the #SocialMediaFail
Dealing with (and Avoiding) the #SocialMediaFailPaul W. Taylor
 
FutureSkills: Refreshing IT Skills in State and Local Government
FutureSkills: Refreshing IT Skills in State and Local GovernmentFutureSkills: Refreshing IT Skills in State and Local Government
FutureSkills: Refreshing IT Skills in State and Local GovernmentPaul W. Taylor
 

More from Paul W. Taylor (13)

NLGA Exponential Technology and Governance
NLGA Exponential Technology and GovernanceNLGA Exponential Technology and Governance
NLGA Exponential Technology and Governance
 
Exponential Government + the Courts
Exponential Government + the CourtsExponential Government + the Courts
Exponential Government + the Courts
 
GovTech Social Academy Podcast Tutorial
GovTech Social Academy Podcast TutorialGovTech Social Academy Podcast Tutorial
GovTech Social Academy Podcast Tutorial
 
The Equipt to Innovate(tm) Lightning Round: Governing's Government Performanc...
The Equipt to Innovate(tm) Lightning Round: Governing's Government Performanc...The Equipt to Innovate(tm) Lightning Round: Governing's Government Performanc...
The Equipt to Innovate(tm) Lightning Round: Governing's Government Performanc...
 
Envision 2016 State of the Industry: Public Sector IT (US)
Envision 2016 State of the Industry: Public Sector IT (US)Envision 2016 State of the Industry: Public Sector IT (US)
Envision 2016 State of the Industry: Public Sector IT (US)
 
Dull, Difficult, and Essential: Managing Public Records
Dull, Difficult, and Essential: Managing Public RecordsDull, Difficult, and Essential: Managing Public Records
Dull, Difficult, and Essential: Managing Public Records
 
UST Holloran Center and SLLF: Technological, societal, and behavioral changes...
UST Holloran Center and SLLF: Technological, societal, and behavioral changes...UST Holloran Center and SLLF: Technological, societal, and behavioral changes...
UST Holloran Center and SLLF: Technological, societal, and behavioral changes...
 
The Future of Education: There is No Easy Button
The Future of Education: There is No Easy ButtonThe Future of Education: There is No Easy Button
The Future of Education: There is No Easy Button
 
Living for the City
Living for the CityLiving for the City
Living for the City
 
Records Management: The Future is Not What it Used to Be
Records Management: The Future is Not What it Used to BeRecords Management: The Future is Not What it Used to Be
Records Management: The Future is Not What it Used to Be
 
IT Transformation and the Civic Hack
IT Transformation and the Civic HackIT Transformation and the Civic Hack
IT Transformation and the Civic Hack
 
Dealing with (and Avoiding) the #SocialMediaFail
Dealing with (and Avoiding) the #SocialMediaFailDealing with (and Avoiding) the #SocialMediaFail
Dealing with (and Avoiding) the #SocialMediaFail
 
FutureSkills: Refreshing IT Skills in State and Local Government
FutureSkills: Refreshing IT Skills in State and Local GovernmentFutureSkills: Refreshing IT Skills in State and Local Government
FutureSkills: Refreshing IT Skills in State and Local Government
 

Recently uploaded

World Health Day theme 2024 is 'My health, my right’.
World Health Day theme 2024 is 'My health, my right’.World Health Day theme 2024 is 'My health, my right’.
World Health Day theme 2024 is 'My health, my right’.Christina Parmionova
 
Health rights correspond to a checklisk.
Health rights correspond to a checklisk.Health rights correspond to a checklisk.
Health rights correspond to a checklisk.Christina Parmionova
 
Madison Cat Project Foster Training - Lesson 1
Madison Cat Project Foster Training - Lesson 1Madison Cat Project Foster Training - Lesson 1
Madison Cat Project Foster Training - Lesson 1KelleyWasmund
 
PPT Item # 4&5 - 415 & 423 Evans Ave. Replat.pdf
PPT Item # 4&5 - 415 & 423 Evans Ave. Replat.pdfPPT Item # 4&5 - 415 & 423 Evans Ave. Replat.pdf
PPT Item # 4&5 - 415 & 423 Evans Ave. Replat.pdfahcitycouncil
 
ECOSOC YOUTH FORUM 2024 - Side Events Schedule -16 April.
ECOSOC YOUTH FORUM 2024 - Side Events Schedule -16 April.ECOSOC YOUTH FORUM 2024 - Side Events Schedule -16 April.
ECOSOC YOUTH FORUM 2024 - Side Events Schedule -16 April.Christina Parmionova
 
2023 Barangay Officials pre assumption PPT.pptx
2023 Barangay Officials pre assumption PPT.pptx2023 Barangay Officials pre assumption PPT.pptx
2023 Barangay Officials pre assumption PPT.pptxMariaFionaDuranMerqu
 
Item # 6 - TBG Partners Landscape Architectural Design Services
Item # 6 - TBG Partners Landscape Architectural Design ServicesItem # 6 - TBG Partners Landscape Architectural Design Services
Item # 6 - TBG Partners Landscape Architectural Design Servicesahcitycouncil
 
Phase 8 Hope For Venezuelan Refugees Soup Meal Program-Periods 4-6.
Phase 8 Hope For Venezuelan Refugees Soup Meal Program-Periods 4-6.Phase 8 Hope For Venezuelan Refugees Soup Meal Program-Periods 4-6.
Phase 8 Hope For Venezuelan Refugees Soup Meal Program-Periods 4-6.Cristal Montañéz
 
Item # 7 - Demolition & Replacement Structure Processes
Item # 7 - Demolition & Replacement Structure ProcessesItem # 7 - Demolition & Replacement Structure Processes
Item # 7 - Demolition & Replacement Structure Processesahcitycouncil
 
Focusing on the rights of women and girls
Focusing on the rights of women and girlsFocusing on the rights of women and girls
Focusing on the rights of women and girlsChristina Parmionova
 
Item # 4&5 - 415 & 423 Evans Ave. Replat
Item # 4&5 - 415 & 423 Evans Ave. ReplatItem # 4&5 - 415 & 423 Evans Ave. Replat
Item # 4&5 - 415 & 423 Evans Ave. Replatahcitycouncil
 
GOVERNMENT OF NCT OF DELHI DIRECTORATE OF EDUCATION
GOVERNMENT OF NCT OF DELHI DIRECTORATE OF EDUCATIONGOVERNMENT OF NCT OF DELHI DIRECTORATE OF EDUCATION
GOVERNMENT OF NCT OF DELHI DIRECTORATE OF EDUCATIONShivamShukla147857
 
World Health Day 2024 - Zero Discrimination, Affordable treatments, Respectfu...
World Health Day 2024 - Zero Discrimination, Affordable treatments, Respectfu...World Health Day 2024 - Zero Discrimination, Affordable treatments, Respectfu...
World Health Day 2024 - Zero Discrimination, Affordable treatments, Respectfu...Christina Parmionova
 
ISEIDP in Chikkaballapura, Karnataka, India
ISEIDP in Chikkaballapura, Karnataka, IndiaISEIDP in Chikkaballapura, Karnataka, India
ISEIDP in Chikkaballapura, Karnataka, IndiaTrinity Care Foundation
 
Everyone, everywhere has the right to good mental health.
Everyone, everywhere has the right to good mental health.Everyone, everywhere has the right to good mental health.
Everyone, everywhere has the right to good mental health.Christina Parmionova
 
NL-FR Partnership - Water management roundtable 20240403.pdf
NL-FR Partnership - Water management roundtable 20240403.pdfNL-FR Partnership - Water management roundtable 20240403.pdf
NL-FR Partnership - Water management roundtable 20240403.pdfBertrand Coppin
 
1- Phase 8 Hope For Venezuelan Refugees Soup Program-Periods 4-6.pdf
1- Phase 8 Hope For Venezuelan Refugees Soup Program-Periods 4-6.pdf1- Phase 8 Hope For Venezuelan Refugees Soup Program-Periods 4-6.pdf
1- Phase 8 Hope For Venezuelan Refugees Soup Program-Periods 4-6.pdfCristal Montañéz
 
Madison Cat Project - Foster Training: Lesson 1
Madison Cat Project - Foster Training: Lesson 1Madison Cat Project - Foster Training: Lesson 1
Madison Cat Project - Foster Training: Lesson 1KelleyWasmund
 
April 7th - World Health Day 2024 - My Health. My Right.
April 7th - World Health Day 2024 - My Health. My Right.April 7th - World Health Day 2024 - My Health. My Right.
April 7th - World Health Day 2024 - My Health. My Right.Christina Parmionova
 
UN DESA: Finance for Development 2024 Report
UN DESA: Finance for Development 2024 ReportUN DESA: Finance for Development 2024 Report
UN DESA: Finance for Development 2024 ReportEnergy for One World
 

Recently uploaded (20)

World Health Day theme 2024 is 'My health, my right’.
World Health Day theme 2024 is 'My health, my right’.World Health Day theme 2024 is 'My health, my right’.
World Health Day theme 2024 is 'My health, my right’.
 
Health rights correspond to a checklisk.
Health rights correspond to a checklisk.Health rights correspond to a checklisk.
Health rights correspond to a checklisk.
 
Madison Cat Project Foster Training - Lesson 1
Madison Cat Project Foster Training - Lesson 1Madison Cat Project Foster Training - Lesson 1
Madison Cat Project Foster Training - Lesson 1
 
PPT Item # 4&5 - 415 & 423 Evans Ave. Replat.pdf
PPT Item # 4&5 - 415 & 423 Evans Ave. Replat.pdfPPT Item # 4&5 - 415 & 423 Evans Ave. Replat.pdf
PPT Item # 4&5 - 415 & 423 Evans Ave. Replat.pdf
 
ECOSOC YOUTH FORUM 2024 - Side Events Schedule -16 April.
ECOSOC YOUTH FORUM 2024 - Side Events Schedule -16 April.ECOSOC YOUTH FORUM 2024 - Side Events Schedule -16 April.
ECOSOC YOUTH FORUM 2024 - Side Events Schedule -16 April.
 
2023 Barangay Officials pre assumption PPT.pptx
2023 Barangay Officials pre assumption PPT.pptx2023 Barangay Officials pre assumption PPT.pptx
2023 Barangay Officials pre assumption PPT.pptx
 
Item # 6 - TBG Partners Landscape Architectural Design Services
Item # 6 - TBG Partners Landscape Architectural Design ServicesItem # 6 - TBG Partners Landscape Architectural Design Services
Item # 6 - TBG Partners Landscape Architectural Design Services
 
Phase 8 Hope For Venezuelan Refugees Soup Meal Program-Periods 4-6.
Phase 8 Hope For Venezuelan Refugees Soup Meal Program-Periods 4-6.Phase 8 Hope For Venezuelan Refugees Soup Meal Program-Periods 4-6.
Phase 8 Hope For Venezuelan Refugees Soup Meal Program-Periods 4-6.
 
Item # 7 - Demolition & Replacement Structure Processes
Item # 7 - Demolition & Replacement Structure ProcessesItem # 7 - Demolition & Replacement Structure Processes
Item # 7 - Demolition & Replacement Structure Processes
 
Focusing on the rights of women and girls
Focusing on the rights of women and girlsFocusing on the rights of women and girls
Focusing on the rights of women and girls
 
Item # 4&5 - 415 & 423 Evans Ave. Replat
Item # 4&5 - 415 & 423 Evans Ave. ReplatItem # 4&5 - 415 & 423 Evans Ave. Replat
Item # 4&5 - 415 & 423 Evans Ave. Replat
 
GOVERNMENT OF NCT OF DELHI DIRECTORATE OF EDUCATION
GOVERNMENT OF NCT OF DELHI DIRECTORATE OF EDUCATIONGOVERNMENT OF NCT OF DELHI DIRECTORATE OF EDUCATION
GOVERNMENT OF NCT OF DELHI DIRECTORATE OF EDUCATION
 
World Health Day 2024 - Zero Discrimination, Affordable treatments, Respectfu...
World Health Day 2024 - Zero Discrimination, Affordable treatments, Respectfu...World Health Day 2024 - Zero Discrimination, Affordable treatments, Respectfu...
World Health Day 2024 - Zero Discrimination, Affordable treatments, Respectfu...
 
ISEIDP in Chikkaballapura, Karnataka, India
ISEIDP in Chikkaballapura, Karnataka, IndiaISEIDP in Chikkaballapura, Karnataka, India
ISEIDP in Chikkaballapura, Karnataka, India
 
Everyone, everywhere has the right to good mental health.
Everyone, everywhere has the right to good mental health.Everyone, everywhere has the right to good mental health.
Everyone, everywhere has the right to good mental health.
 
NL-FR Partnership - Water management roundtable 20240403.pdf
NL-FR Partnership - Water management roundtable 20240403.pdfNL-FR Partnership - Water management roundtable 20240403.pdf
NL-FR Partnership - Water management roundtable 20240403.pdf
 
1- Phase 8 Hope For Venezuelan Refugees Soup Program-Periods 4-6.pdf
1- Phase 8 Hope For Venezuelan Refugees Soup Program-Periods 4-6.pdf1- Phase 8 Hope For Venezuelan Refugees Soup Program-Periods 4-6.pdf
1- Phase 8 Hope For Venezuelan Refugees Soup Program-Periods 4-6.pdf
 
Madison Cat Project - Foster Training: Lesson 1
Madison Cat Project - Foster Training: Lesson 1Madison Cat Project - Foster Training: Lesson 1
Madison Cat Project - Foster Training: Lesson 1
 
April 7th - World Health Day 2024 - My Health. My Right.
April 7th - World Health Day 2024 - My Health. My Right.April 7th - World Health Day 2024 - My Health. My Right.
April 7th - World Health Day 2024 - My Health. My Right.
 
UN DESA: Finance for Development 2024 Report
UN DESA: Finance for Development 2024 ReportUN DESA: Finance for Development 2024 Report
UN DESA: Finance for Development 2024 Report
 

Breach: When Bad Things Happen to Good Governments

  • 1. When Bad Things Happen to Good Governments
  • 2. ü The  Year  of  the  Breach   ü Real-­‐Time  Response  I  (Panel)   ü The  Cases:  2  You  Know,  2  You  Don’t     ü Real-­‐Time  Response  II  (Panel)   ü What  Have  We  Learned?   ü The  1  Thing  (Panel)   Our  Time  Together  
  • 3. Cyber  Security   Breach   Hack   DDoS   Malware   Phishing   Malware   Spyware   Ransom-­‐ware   Viruses   Worms   Botnets   InformaDon  Security  
  • 4. Source:  Center  for  Digital  Government,  Digital  States,  Coun0es,  Ci0es,  2014.   Public  IT  PrioriDes   1.   Cybersecurity   2.   Shared  Services   3.   Cloud   4.   Mobility   5.   Staffing   1.   Cybersecurity   2.   Staffing   3.  Shared  Services   4.   Mobility   5.   Cost  Control   1.   Open  Gov/Data   2.   Mobility   3.  Cybersecurity   4.   Staffing/Portal   5.   DR/  COOP   STATE  CIOs   COUNTY  CIOs   CITY  CIOs  
  • 5. Elected  +  Appointed  Officials   What  Respondents  want  in  a  Network   0%   20%   40%   60%   80%   100%   Redundancy   Ease  of  Maintenance   Availability   Security   Network   Source:  Center  for  Digital  Government,  2015.  
  • 6. How  Did  We  Get  Here?  
  • 7. Sources:  ABC  |  KRON  TV  |  WCPO  TV  |  WWLP  TV  |  WOCH  TV  |WTNH  TV  |  KOIN  TV  |  WSJ  |  AP  |  Sony  |  WH.gov   Ripped  from  the  Headlines  
  • 8. The  Rise  of  Hacking  Crews   Vikingdom2015:  From  Russia  with  Malice  
  • 9. Dr.  Strangelove  or:  How  I  Learned  to  Stop  Worrying  and  Love  the  Bomb   Source:  Universal  Studios  (1964)     Déjà  vu  All  Over  Again   Here  we  are  again,  50  years  later  
  • 10. How  I  Learned  to  Stop  Worrying  and   Love  Cybersecurity   Our  Panel  
  • 12. Managing  the  News  Cycle  
  • 13. Managing  the  News  Cycle  
  • 14. Michael  Brown   August  9,  2014  
  • 15. Dateline:  Ferguson   Flickr:  Chuck  Jines  
  • 16.
  • 17. August  9,  2014  –  January  7,  2015   Sources:  Operafon  Ferguson/  Al  Jazeera  America   Global-­‐Local  HackDvism  
  • 18. Meanwhile  in  the  Capitol…   Google  Maps  
  • 19. Dateline:  Jefferson  City   Flickr:  Steve  Warren   DAYS  THAT  MISSOURI  WAS  A  WORLDWIDE   Hackfvist  Target:  123  
  • 20. Target:  Governor  Nixon   Flickr:  Steve  Warren  
  • 21. Target:  Governor  Nixon   colorofchange.org  
  • 22. The  Grand  Jury  Decision   Scoh  Olson/  Gehy  Images   November  24,  2014  
  • 23. Launch  and  Learn   Flickr:  Steve  Warren   The  one  unfinished  part  of  the     state’s  cybersecurity  program   and  plan  when  crisis  hit:   DDoS  
  • 24. Key  Learnings:  Jefferson  City   Flickr:  Steve  Warren   1  Understand  HackDvism  MoDves  and  Methods   2  Understand  DDoS  Aaacks   3  Assess  Your  Network  and  Infrastructure   4  PrioriDze  Assets   5  Establish  and  Exercise  a  War  Room   6  Integrate  Network  OperaDons  Center  (NOC)     7  Integrate  Security  OperaDons  Center  (SOC)     8  Develop  a  Plan   9  Monitor  Social  Media   10  Remain  Nimble  and  Adaptable  
  • 25. From  the  War  Room   There  is  Something  for     Everyone  to  Do  
  • 26. ü Cybersecurity  =  risk  management.   ü Security  incidents  are  inevitable.     ü Prepare.   ü Fund  and  support.   ü Plan  PR  mifgafon.     Elected  and  Appointed  Officials   What  Have  We  Learned?   The  LiAle  Red  Breach  Book  
  • 27. What  Have  We  Learned?   The  LiAle  Red  Breach  Book   Chief  InformaDon/  Technology  Officers   ü Own  the  plan.   ü No  surprises.     ü Champion  a  strong  cybersecurity   culture.    
  • 28. ü Idenffy  and  apply  best  pracfces.     ü Evaluate  and  recommend   strategies,  programs  and  tools.     ü Monitor  and  manage  crifcal   systems  and  infrastructure.   Chief  InformaDon  Security  Officers   What  Have  We  Learned?   The  LiAle  Red  Breach  Book  
  • 29. ü Know  security  implicafons  of   delivery  systems.   ü Encourage  employees  to  take   security  seriously.   ü Apply  agency  resources  to  support   cyber  security  as  appropriate.   Agency  or  Line  of  Business  Managers   What  Have  We  Learned?   The  LiAle  Red  Breach  Book  
  • 30. ü Understand  good  cyber  security  is   good  for  everybody.   ü Train.   ü See  something,  say  something.   ü If  you  don’t  know  what  it  is,  don’t   click  on  it.   Front  Line  Employees   What  Have  We  Learned?   The  LiAle  Red  Breach  Book  
  • 31. ü Adopt  security  best  pracfces.   ü Adhere  to  government  security   requirements.   ü Share  informafon  regarding   suspicious  acfvity,  incidents  or   potenfal  breaches.   Service  Delivery  Partners    Private   Non  Profit   What  Have  We  Learned?   The  LiAle  Red  Breach  Book  
  • 32. Encouraged  through  awareness  campaigns  to:   ü Do  the  basics  well.     ü Stay  alert  for  common  tricks.     ü Help  authorifes  fight  cybercrime.   General  Public  -­‐  NeDzens   What  Have  We  Learned?   The  LiAle  Red  Breach  Book  
  • 33. Thing   1   The  Exit  QuesDon