SlideShare a Scribd company logo

20130917-CyberInitiativeJointLetter

D
Doug DePeppe, Esq.
1 of 2
Download to read offline
AN OPEN LETTER CALLING FOR CYBER RESILIENCE AND NATIONAL FOCUS ON LOCALITY-BASED CYBER CAPACITY The purpose of this letter, offered through the collaborative efforts of a number of community-based cybersecurity organizations in ten states, is to inform the Federal Government of the strong capability emerging from regional and local cybersecurity public-private partnerships, and to seek support that these organizations be included as part of the national cybersecurity plan. Across the country, a number of innovative community initiatives, extending across regions, have been established to address cyberspace threats to critical infrastructure. The initiatives integrate government and private efforts through public-private partnerships, promote research, and support the education and training of both cyber professionals and the user population at large. These organizations are developing the ability to share information by establishing a ‘trusted entity’ to improve intelligence and preparedness. They are bringing resources that are essential to deal with the threats brought about by the Cyber Age. They are building new aspects of the economy built on the IT industry, which is a critical market in the United States. If properly supported and integrated with other national efforts, regional and local cyber initiatives will form the foundation for a new cyber resilience and preparedness framework for the nation. Facing risk of cyberattack, the resilience of critical infrastructure is a national imperative, as announced by the White House in February this year. The community-based cyber initiatives align perfectly with the emerging national strategy to build cyber resilience. Preparedness, response, and recovery capability is needed at the point of impact of a cyberattack. The community cyber initiatives should therefore be central to the capacity building that is needed to improve preparedness and emergency response within the locality of the critical infrastructure that is being targeted. Failure to integrate these regional and local cyber initiatives in the emerging cyber framework would leave the nation vulnerable. There are several existing regional and local public-private partnership cyber initiatives in this country, while others are emerging. The following groups have joined in this Open Letter to call for greater national engagement, collaboration, and promotion of this now-established movement toward cyber resilience building at community and regional levels:  Western Cyber Exchange – WCX (Colorado, New Mexico, and Wyoming)  Cyber City USA in San Antonio, Texas  Cyber Huntsville in Huntsville, Alabama and supporting organizations  Public Regional Security Information Management (PRISEM) project in the Puget Sound region of Washington State  Cyber Incident Response Coalition and Analysis Sharing (CIRCAS) of the Pacific Northwest  State of Oklahoma Cyber Security Operations Center (SOC2) and supporting organizations  Stephenson Disaster Management Institute at LSU and supporting organizations  Alabama Cyber Research Consortium and supporting organizations  Advanced Cyber Security Center – ACSC (Boston and Greater New England)  Pacific NorthWest Economic Region (PNWER) If properly utilized, such initiatives can serve an invaluable function in our national effort to bolster U.S. cyber defenses. These organizations facilitate local and regional information-sharing, break down barriers between the public and private sector, and ensure the establishment of strong regional partnerships. These partnerships allow businesses, law enforcement, state and local government, and other entities to
more efficiently exchange threat-information and thwart digital intrusions and attacks before they compromise entire networks and cause significant economic damage. They are moving beyond simple “information sharing” towards collective, real-time situational awareness and collective response to shared threats. These regional and local efforts are an important first line of defense for U.S. critical infrastructure in the escalating cyber battles of the 21st century; and, as more of these entities stand up, they can help take pressure off DHS, NSA, FBI, DOD and other federal authorities who currently are perceived as the country's primary defenders of cyberspace. However, for this to work, the Administration has to proactively reach out to these organizations now, and engage with them as key stakeholders as DHS, NIST, and other departments and agencies move forward on implementation of President Obama's cybersecurity executive directives on cybersecurity and critical infrastructure protection. Moreover, these initiatives represent fledgling cyber market ecosystems that, if properly supported, will generate economic growth, jobs, research, education, and improve the overall cyber hygiene across communities. National cybersecurity programs can, and should, be channeled through them to reach targeted audiences. Academia, already involved in the initiatives, can conduct research into a nascent market segment. Collaboration, information sharing, and public-private partnerships will foster centers of excellence within participating communities. Put simply, the economic development advantages of these models complement the security dimensions of the overall value proposition. US Government departments and agencies were specifically tasked by the President’s cybersecurity and critical infrastructure directives with establishing new mechanisms and frameworks for cybersecurity. Accordingly, the undersigned hereby call in this Open Letter for government collaboration with the regional and local initiatives and for their express incorporation in the National Infrastructure Protection Plan. The participating organizations backing this Open Letter welcome the support of Congress in furthering the strategic objectives contained herein. Contact with any of the named organizations may be made through the respective Congressional delegation or information contained on each initiative’s website. The participating organizations additionally welcome coordination across this regionally diverse collective that may be facilitated by The Regional Consortium Coordinating Council (RC3), a DHS-affiliated coordinating council, and particularly seek the submission of this Open Letter by RC3 for consideration by the Critical Infrastructure Protection Advisory Council. Collective coordination among the initiatives may also be accomplished through the RC3, with contact information available at http://rtriplec.wordpress.com. Regional and Community Initiatives Supporting this Open Letter Contact: Doug DePeppe doug.depeppe@cyberjurist.net Contact: Mark Hogan MHOGAN@cityoftulsa.org Contact: Chris Cook chris@bexarmetro.com Contact: Joseph Booth Jbooth7@lsu.edu Contact: Ronald Burgess rlb0029@auburn.edu Contact: Rodney Robertson RLR0012@auburn.edu Contact: David Matthews dmatthews@expedia.com Contact: Charles Benway cbenway@ACSCenter.org Contact: Michael Hamilton Michael.Hamilton@seattle.gov Contact: Brandon Hardenbrook Brandon@pnwer.org

Recommended

Marriage of Cyber Security with Emergency Management
Marriage of Cyber Security with Emergency ManagementMarriage of Cyber Security with Emergency Management
Marriage of Cyber Security with Emergency ManagementDavid Sweigert
 
NCRIC Analysis of Cyber Security Emergency Management
NCRIC Analysis of Cyber Security Emergency ManagementNCRIC Analysis of Cyber Security Emergency Management
NCRIC Analysis of Cyber Security Emergency ManagementDavid Sweigert
 
Marriage of Cyber Security with Emergency Management -- NEMA
Marriage of Cyber Security with Emergency Management -- NEMAMarriage of Cyber Security with Emergency Management -- NEMA
Marriage of Cyber Security with Emergency Management -- NEMADavid Sweigert
 
Marriage of Cyber Security with Emergency Management - Congress
Marriage of Cyber Security with Emergency Management - CongressMarriage of Cyber Security with Emergency Management - Congress
Marriage of Cyber Security with Emergency Management - CongressDavid Sweigert
 
Framework for cybersecurity info sharing
Framework for cybersecurity info sharingFramework for cybersecurity info sharing
Framework for cybersecurity info sharingRoy Ramkrishna
 
COMMON GOOD DIGITAL FRAMEWORK
COMMON GOOD DIGITAL FRAMEWORKCOMMON GOOD DIGITAL FRAMEWORK
COMMON GOOD DIGITAL FRAMEWORKBoston Global Forum
 
I4ADA 2019 - presentation Catherine Garcia-van Hoogstraten
I4ADA 2019 - presentation Catherine Garcia-van HoogstratenI4ADA 2019 - presentation Catherine Garcia-van Hoogstraten
I4ADA 2019 - presentation Catherine Garcia-van HoogstratenPaul van Heel
 
Press Release
Press ReleasePress Release
Press Releasemadisonmill
 

Recommended

Marriage of Cyber Security with Emergency Management
Marriage of Cyber Security with Emergency ManagementMarriage of Cyber Security with Emergency Management
Marriage of Cyber Security with Emergency ManagementDavid Sweigert
 
NCRIC Analysis of Cyber Security Emergency Management
NCRIC Analysis of Cyber Security Emergency ManagementNCRIC Analysis of Cyber Security Emergency Management
NCRIC Analysis of Cyber Security Emergency ManagementDavid Sweigert
 
Marriage of Cyber Security with Emergency Management -- NEMA
Marriage of Cyber Security with Emergency Management -- NEMAMarriage of Cyber Security with Emergency Management -- NEMA
Marriage of Cyber Security with Emergency Management -- NEMADavid Sweigert
 
Marriage of Cyber Security with Emergency Management - Congress
Marriage of Cyber Security with Emergency Management - CongressMarriage of Cyber Security with Emergency Management - Congress
Marriage of Cyber Security with Emergency Management - CongressDavid Sweigert
 
Framework for cybersecurity info sharing
Framework for cybersecurity info sharingFramework for cybersecurity info sharing
Framework for cybersecurity info sharingRoy Ramkrishna
 
COMMON GOOD DIGITAL FRAMEWORK
COMMON GOOD DIGITAL FRAMEWORKCOMMON GOOD DIGITAL FRAMEWORK
COMMON GOOD DIGITAL FRAMEWORKBoston Global Forum
 
I4ADA 2019 - presentation Catherine Garcia-van Hoogstraten
I4ADA 2019 - presentation Catherine Garcia-van HoogstratenI4ADA 2019 - presentation Catherine Garcia-van Hoogstraten
I4ADA 2019 - presentation Catherine Garcia-van HoogstratenPaul van Heel
 
Press Release
Press ReleasePress Release
Press Releasemadisonmill
 
Cyber Security Agenda for 45th President
Cyber Security Agenda for 45th PresidentCyber Security Agenda for 45th President
Cyber Security Agenda for 45th PresidentInternet Law Center
 
R41674
R41674R41674
R41674Dr Lendy Spires
 
US Cyber Security Policy
US Cyber Security PolicyUS Cyber Security Policy
US Cyber Security Policybarbeejl
 
Information Sharing and Protection
Information Sharing and ProtectionInformation Sharing and Protection
Information Sharing and ProtectionOxford Martin Centre, OII, and Computer Science at the University of Oxford
 
HIMSS Response to DHS National Cyber Incident Response Plan
HIMSS Response to DHS National Cyber Incident Response PlanHIMSS Response to DHS National Cyber Incident Response Plan
HIMSS Response to DHS National Cyber Incident Response PlanDavid Sweigert
 
Confrance presntstation
Confrance presntstationConfrance presntstation
Confrance presntstationTechnical Advisor at Iraqi Government
 
Mich_Cyber_Initiative_2015
Mich_Cyber_Initiative_2015Mich_Cyber_Initiative_2015
Mich_Cyber_Initiative_2015Rob Blackwell
 
An Executive Summary: Social Media and Information and Communications Technol...
An Executive Summary: Social Media and Information and Communications Technol...An Executive Summary: Social Media and Information and Communications Technol...
An Executive Summary: Social Media and Information and Communications Technol...The University of Texas (UTRGV)
 
New Information Communication Technologies for Conflict Prevention and Manage...
New Information Communication Technologies for Conflict Prevention and Manage...New Information Communication Technologies for Conflict Prevention and Manage...
New Information Communication Technologies for Conflict Prevention and Manage...Angela-Jo Touza - Medina
 
I4ADA 2019 - Presentation Jacques Kruse Brandao
I4ADA 2019 - Presentation Jacques Kruse BrandaoI4ADA 2019 - Presentation Jacques Kruse Brandao
I4ADA 2019 - Presentation Jacques Kruse BrandaoPaul van Heel
 
Rutkowski OASIS CTI F2F Cybersecurity Act Preso 20160115
Rutkowski OASIS CTI F2F Cybersecurity Act Preso 20160115Rutkowski OASIS CTI F2F Cybersecurity Act Preso 20160115
Rutkowski OASIS CTI F2F Cybersecurity Act Preso 20160115James Bryce Clark
 
REPORT Risk Nexus - Global Cyber Governance: Preparing for New Business Risks
REPORT Risk Nexus - Global Cyber Governance: Preparing for New Business Risks REPORT Risk Nexus - Global Cyber Governance: Preparing for New Business Risks
REPORT Risk Nexus - Global Cyber Governance: Preparing for New Business Risks ESADE
 
Revisiting the state: why governments are interested in cybersecurity
Revisiting the state: why governments are interested in cybersecurityRevisiting the state: why governments are interested in cybersecurity
Revisiting the state: why governments are interested in cybersecurityMaarten Van Horenbeeck
 
Towards building trusted multinational civil
Towards building trusted multinational civilTowards building trusted multinational civil
Towards building trusted multinational civilBruce Forrester
 
6026 Cybersecurity China
6026 Cybersecurity China6026 Cybersecurity China
6026 Cybersecurity ChinaAnastasia Stitch
 
EDTEC 685 9-11 Commission findings
EDTEC 685 9-11 Commission findingsEDTEC 685 9-11 Commission findings
EDTEC 685 9-11 Commission findingsKathleen Wooley
 
BrooksGovernment Security News
BrooksGovernment Security NewsBrooksGovernment Security News
BrooksGovernment Security NewsChuck Brooks
 
Cyber security issue part b
Cyber security issue part b Cyber security issue part b
Cyber security issue part b www.StudentsAssignmentHelp.com
 
CT3- STEVENS
CT3- STEVENSCT3- STEVENS
CT3- STEVENSElizabeth Stevens
 
NASCIO Cyber Disruption Response and Recovery
NASCIO Cyber Disruption Response and RecoveryNASCIO Cyber Disruption Response and Recovery
NASCIO Cyber Disruption Response and RecoveryDavid Sweigert
 
Cyber-enabled Information Operations -- Inglis 04 27-17 -- SASC
Cyber-enabled Information Operations -- Inglis 04 27-17 -- SASCCyber-enabled Information Operations -- Inglis 04 27-17 -- SASC
Cyber-enabled Information Operations -- Inglis 04 27-17 -- SASCDavid Sweigert
 
Cyber security-in-india-present-status
Cyber security-in-india-present-statusCyber security-in-india-present-status
Cyber security-in-india-present-statusRama Reddy
 

More Related Content

What's hot

Cyber Security Agenda for 45th President
Cyber Security Agenda for 45th PresidentCyber Security Agenda for 45th President
Cyber Security Agenda for 45th PresidentInternet Law Center
 
US Cyber Security Policy
US Cyber Security PolicyUS Cyber Security Policy
US Cyber Security Policybarbeejl
 
HIMSS Response to DHS National Cyber Incident Response Plan
HIMSS Response to DHS National Cyber Incident Response PlanHIMSS Response to DHS National Cyber Incident Response Plan
HIMSS Response to DHS National Cyber Incident Response PlanDavid Sweigert
 
Mich_Cyber_Initiative_2015
Mich_Cyber_Initiative_2015Mich_Cyber_Initiative_2015
Mich_Cyber_Initiative_2015Rob Blackwell
 
An Executive Summary: Social Media and Information and Communications Technol...
An Executive Summary: Social Media and Information and Communications Technol...An Executive Summary: Social Media and Information and Communications Technol...
An Executive Summary: Social Media and Information and Communications Technol...The University of Texas (UTRGV)
 
New Information Communication Technologies for Conflict Prevention and Manage...
New Information Communication Technologies for Conflict Prevention and Manage...New Information Communication Technologies for Conflict Prevention and Manage...
New Information Communication Technologies for Conflict Prevention and Manage...Angela-Jo Touza - Medina
 
I4ADA 2019 - Presentation Jacques Kruse Brandao
I4ADA 2019 - Presentation Jacques Kruse BrandaoI4ADA 2019 - Presentation Jacques Kruse Brandao
I4ADA 2019 - Presentation Jacques Kruse BrandaoPaul van Heel
 
Rutkowski OASIS CTI F2F Cybersecurity Act Preso 20160115
Rutkowski OASIS CTI F2F Cybersecurity Act Preso 20160115Rutkowski OASIS CTI F2F Cybersecurity Act Preso 20160115
Rutkowski OASIS CTI F2F Cybersecurity Act Preso 20160115James Bryce Clark
 
REPORT Risk Nexus - Global Cyber Governance: Preparing for New Business Risks
REPORT Risk Nexus - Global Cyber Governance: Preparing for New Business Risks REPORT Risk Nexus - Global Cyber Governance: Preparing for New Business Risks
REPORT Risk Nexus - Global Cyber Governance: Preparing for New Business Risks ESADE
 
Revisiting the state: why governments are interested in cybersecurity
Revisiting the state: why governments are interested in cybersecurityRevisiting the state: why governments are interested in cybersecurity
Revisiting the state: why governments are interested in cybersecurityMaarten Van Horenbeeck
 
Towards building trusted multinational civil
Towards building trusted multinational civilTowards building trusted multinational civil
Towards building trusted multinational civilBruce Forrester
 
EDTEC 685 9-11 Commission findings
EDTEC 685 9-11 Commission findingsEDTEC 685 9-11 Commission findings
EDTEC 685 9-11 Commission findingsKathleen Wooley
 
BrooksGovernment Security News
BrooksGovernment Security NewsBrooksGovernment Security News
BrooksGovernment Security NewsChuck Brooks
 

What's hot (19)

Cyber Security Agenda for 45th President
Cyber Security Agenda for 45th PresidentCyber Security Agenda for 45th President
Cyber Security Agenda for 45th President
 
R41674
R41674R41674
R41674
 
US Cyber Security Policy
US Cyber Security PolicyUS Cyber Security Policy
US Cyber Security Policy
 
Information Sharing and Protection
Information Sharing and ProtectionInformation Sharing and Protection
Information Sharing and Protection
 
HIMSS Response to DHS National Cyber Incident Response Plan
HIMSS Response to DHS National Cyber Incident Response PlanHIMSS Response to DHS National Cyber Incident Response Plan
HIMSS Response to DHS National Cyber Incident Response Plan
 
Confrance presntstation
Confrance presntstationConfrance presntstation
Confrance presntstation
 
Mich_Cyber_Initiative_2015
Mich_Cyber_Initiative_2015Mich_Cyber_Initiative_2015
Mich_Cyber_Initiative_2015
 
An Executive Summary: Social Media and Information and Communications Technol...
An Executive Summary: Social Media and Information and Communications Technol...An Executive Summary: Social Media and Information and Communications Technol...
An Executive Summary: Social Media and Information and Communications Technol...
 
New Information Communication Technologies for Conflict Prevention and Manage...
New Information Communication Technologies for Conflict Prevention and Manage...New Information Communication Technologies for Conflict Prevention and Manage...
New Information Communication Technologies for Conflict Prevention and Manage...
 
I4ADA 2019 - Presentation Jacques Kruse Brandao
I4ADA 2019 - Presentation Jacques Kruse BrandaoI4ADA 2019 - Presentation Jacques Kruse Brandao
I4ADA 2019 - Presentation Jacques Kruse Brandao
 
Rutkowski OASIS CTI F2F Cybersecurity Act Preso 20160115
Rutkowski OASIS CTI F2F Cybersecurity Act Preso 20160115Rutkowski OASIS CTI F2F Cybersecurity Act Preso 20160115
Rutkowski OASIS CTI F2F Cybersecurity Act Preso 20160115
 
REPORT Risk Nexus - Global Cyber Governance: Preparing for New Business Risks
REPORT Risk Nexus - Global Cyber Governance: Preparing for New Business Risks REPORT Risk Nexus - Global Cyber Governance: Preparing for New Business Risks
REPORT Risk Nexus - Global Cyber Governance: Preparing for New Business Risks
 
Revisiting the state: why governments are interested in cybersecurity
Revisiting the state: why governments are interested in cybersecurityRevisiting the state: why governments are interested in cybersecurity
Revisiting the state: why governments are interested in cybersecurity
 
Towards building trusted multinational civil
Towards building trusted multinational civilTowards building trusted multinational civil
Towards building trusted multinational civil
 
6026 Cybersecurity China
6026 Cybersecurity China6026 Cybersecurity China
6026 Cybersecurity China
 
EDTEC 685 9-11 Commission findings
EDTEC 685 9-11 Commission findingsEDTEC 685 9-11 Commission findings
EDTEC 685 9-11 Commission findings
 
BrooksGovernment Security News
BrooksGovernment Security NewsBrooksGovernment Security News
BrooksGovernment Security News
 
Cyber security issue part b
Cyber security issue part b Cyber security issue part b
Cyber security issue part b
 
CT3- STEVENS
CT3- STEVENSCT3- STEVENS
CT3- STEVENS
 

Similar to 20130917-CyberInitiativeJointLetter

NASCIO Cyber Disruption Response and Recovery
NASCIO Cyber Disruption Response and RecoveryNASCIO Cyber Disruption Response and Recovery
NASCIO Cyber Disruption Response and RecoveryDavid Sweigert
 
Cyber-enabled Information Operations -- Inglis 04 27-17 -- SASC
Cyber-enabled Information Operations -- Inglis 04 27-17 -- SASCCyber-enabled Information Operations -- Inglis 04 27-17 -- SASC
Cyber-enabled Information Operations -- Inglis 04 27-17 -- SASCDavid Sweigert
 
Cyber security-in-india-present-status
Cyber security-in-india-present-statusCyber security-in-india-present-status
Cyber security-in-india-present-statusRama Reddy
 
Improved-Cybersecurity-cooperation
Improved-Cybersecurity-cooperationImproved-Cybersecurity-cooperation
Improved-Cybersecurity-cooperationrrepko
 
Please don’t give me a two to three sentence replies. It has to lo.docx
Please don’t give me a two to three sentence replies. It has to lo.docxPlease don’t give me a two to three sentence replies. It has to lo.docx
Please don’t give me a two to three sentence replies. It has to lo.docxmattjtoni51554
 
Global Partnership Key to Cyber Security
Global Partnership Key to Cyber SecurityGlobal Partnership Key to Cyber Security
Global Partnership Key to Cyber SecurityDominic Karunesudas
 
SEWERLOCK AND TELECOMLOCK INFRASTRUCTURE ASSETS
SEWERLOCK AND TELECOMLOCK INFRASTRUCTURE ASSETSSEWERLOCK AND TELECOMLOCK INFRASTRUCTURE ASSETS
SEWERLOCK AND TELECOMLOCK INFRASTRUCTURE ASSETSS. F. (Sid) Nash
 
Is 2014 the year for Cyber Militias ?
Is 2014 the year for Cyber Militias ?Is 2014 the year for Cyber Militias ?
Is 2014 the year for Cyber Militias ?David Sweigert
 
Comprehensive U.S. Cyber Framework Final Report
Comprehensive U.S. Cyber Framework Final ReportComprehensive U.S. Cyber Framework Final Report
Comprehensive U.S. Cyber Framework Final ReportLandon Harrell
 
F e B r U A r y 2 0 1 0 v O l . 5 3 n O . 2 .docx
F e B r U A r y 2 0 1 0 v O l . 5 3 n O . 2 .docxF e B r U A r y 2 0 1 0 v O l . 5 3 n O . 2 .docx
F e B r U A r y 2 0 1 0 v O l . 5 3 n O . 2 .docxssuser454af01
 
F e B r U A r y 2 0 1 0 v O l . 5 3 n O . 2 .docx
F e B r U A r y 2 0 1 0 v O l . 5 3 n O . 2 .docxF e B r U A r y 2 0 1 0 v O l . 5 3 n O . 2 .docx
F e B r U A r y 2 0 1 0 v O l . 5 3 n O . 2 .docxmecklenburgstrelitzh
 
Ac breaking cyber-sharinglogjam_web
Ac breaking cyber-sharinglogjam_webAc breaking cyber-sharinglogjam_web
Ac breaking cyber-sharinglogjam_webatlanticcouncil
 
Cyberdefense strategy - Boston Global Forum - 2017
Cyberdefense strategy - Boston Global Forum - 2017Cyberdefense strategy - Boston Global Forum - 2017
Cyberdefense strategy - Boston Global Forum - 2017NgocHaBui1
 
Hacking Municipal Government Best Practices for Protection of Sensitive Loc...
Hacking Municipal Government Best Practices for Protection of Sensitive Loc...Hacking Municipal Government Best Practices for Protection of Sensitive Loc...
Hacking Municipal Government Best Practices for Protection of Sensitive Loc...Ben Griffith
 
Cyber Security Conference - Msps cybersecurity whitepaper
Cyber Security Conference - Msps cybersecurity whitepaperCyber Security Conference - Msps cybersecurity whitepaper
Cyber Security Conference - Msps cybersecurity whitepaperMicrosoft
 
Guideline Thailand Cybersecure Strate Digital Economy
Guideline Thailand Cybersecure Strate Digital EconomyGuideline Thailand Cybersecure Strate Digital Economy
Guideline Thailand Cybersecure Strate Digital EconomySettapong_CyberSecurity
 
Brian Wrote There is a wide range of cybersecurity initiatives .docx
Brian Wrote There is a wide range of cybersecurity initiatives .docxBrian Wrote There is a wide range of cybersecurity initiatives .docx
Brian Wrote There is a wide range of cybersecurity initiatives .docxhartrobert670
 
International Standards to Regulate Aggressive Cyber-behavior from a Foreign ...
International Standards to Regulate Aggressive Cyber-behavior from a Foreign ...International Standards to Regulate Aggressive Cyber-behavior from a Foreign ...
International Standards to Regulate Aggressive Cyber-behavior from a Foreign ...Mansoor Faridi, CISA
 

Similar to 20130917-CyberInitiativeJointLetter (20)

NASCIO Cyber Disruption Response and Recovery
NASCIO Cyber Disruption Response and RecoveryNASCIO Cyber Disruption Response and Recovery
NASCIO Cyber Disruption Response and Recovery
 
Cyber-enabled Information Operations -- Inglis 04 27-17 -- SASC
Cyber-enabled Information Operations -- Inglis 04 27-17 -- SASCCyber-enabled Information Operations -- Inglis 04 27-17 -- SASC
Cyber-enabled Information Operations -- Inglis 04 27-17 -- SASC
 
Cyber security-in-india-present-status
Cyber security-in-india-present-statusCyber security-in-india-present-status
Cyber security-in-india-present-status
 
Prof E Hewitt
Prof E HewittProf E Hewitt
Prof E Hewitt
 
Improved-Cybersecurity-cooperation
Improved-Cybersecurity-cooperationImproved-Cybersecurity-cooperation
Improved-Cybersecurity-cooperation
 
Please don’t give me a two to three sentence replies. It has to lo.docx
Please don’t give me a two to three sentence replies. It has to lo.docxPlease don’t give me a two to three sentence replies. It has to lo.docx
Please don’t give me a two to three sentence replies. It has to lo.docx
 
Global Partnership Key to Cyber Security
Global Partnership Key to Cyber SecurityGlobal Partnership Key to Cyber Security
Global Partnership Key to Cyber Security
 
SEWERLOCK AND TELECOMLOCK INFRASTRUCTURE ASSETS
SEWERLOCK AND TELECOMLOCK INFRASTRUCTURE ASSETSSEWERLOCK AND TELECOMLOCK INFRASTRUCTURE ASSETS
SEWERLOCK AND TELECOMLOCK INFRASTRUCTURE ASSETS
 
Is 2014 the year for Cyber Militias ?
Is 2014 the year for Cyber Militias ?Is 2014 the year for Cyber Militias ?
Is 2014 the year for Cyber Militias ?
 
Comprehensive U.S. Cyber Framework Final Report
Comprehensive U.S. Cyber Framework Final ReportComprehensive U.S. Cyber Framework Final Report
Comprehensive U.S. Cyber Framework Final Report
 
Prichard_WritingSample2
Prichard_WritingSample2Prichard_WritingSample2
Prichard_WritingSample2
 
F e B r U A r y 2 0 1 0 v O l . 5 3 n O . 2 .docx
F e B r U A r y 2 0 1 0 v O l . 5 3 n O . 2 .docxF e B r U A r y 2 0 1 0 v O l . 5 3 n O . 2 .docx
F e B r U A r y 2 0 1 0 v O l . 5 3 n O . 2 .docx
 
F e B r U A r y 2 0 1 0 v O l . 5 3 n O . 2 .docx
F e B r U A r y 2 0 1 0 v O l . 5 3 n O . 2 .docxF e B r U A r y 2 0 1 0 v O l . 5 3 n O . 2 .docx
F e B r U A r y 2 0 1 0 v O l . 5 3 n O . 2 .docx
 
Ac breaking cyber-sharinglogjam_web
Ac breaking cyber-sharinglogjam_webAc breaking cyber-sharinglogjam_web
Ac breaking cyber-sharinglogjam_web
 
Cyberdefense strategy - Boston Global Forum - 2017
Cyberdefense strategy - Boston Global Forum - 2017Cyberdefense strategy - Boston Global Forum - 2017
Cyberdefense strategy - Boston Global Forum - 2017
 
Hacking Municipal Government Best Practices for Protection of Sensitive Loc...
Hacking Municipal Government Best Practices for Protection of Sensitive Loc...Hacking Municipal Government Best Practices for Protection of Sensitive Loc...
Hacking Municipal Government Best Practices for Protection of Sensitive Loc...
 
Cyber Security Conference - Msps cybersecurity whitepaper
Cyber Security Conference - Msps cybersecurity whitepaperCyber Security Conference - Msps cybersecurity whitepaper
Cyber Security Conference - Msps cybersecurity whitepaper
 
Guideline Thailand Cybersecure Strate Digital Economy
Guideline Thailand Cybersecure Strate Digital EconomyGuideline Thailand Cybersecure Strate Digital Economy
Guideline Thailand Cybersecure Strate Digital Economy
 
Brian Wrote There is a wide range of cybersecurity initiatives .docx
Brian Wrote There is a wide range of cybersecurity initiatives .docxBrian Wrote There is a wide range of cybersecurity initiatives .docx
Brian Wrote There is a wide range of cybersecurity initiatives .docx
 
International Standards to Regulate Aggressive Cyber-behavior from a Foreign ...
International Standards to Regulate Aggressive Cyber-behavior from a Foreign ...International Standards to Regulate Aggressive Cyber-behavior from a Foreign ...
International Standards to Regulate Aggressive Cyber-behavior from a Foreign ...
 

20130917-CyberInitiativeJointLetter

  • 1. AN OPEN LETTER CALLING FOR CYBER RESILIENCE AND NATIONAL FOCUS ON LOCALITY-BASED CYBER CAPACITY The purpose of this letter, offered through the collaborative efforts of a number of community-based cybersecurity organizations in ten states, is to inform the Federal Government of the strong capability emerging from regional and local cybersecurity public-private partnerships, and to seek support that these organizations be included as part of the national cybersecurity plan. Across the country, a number of innovative community initiatives, extending across regions, have been established to address cyberspace threats to critical infrastructure. The initiatives integrate government and private efforts through public-private partnerships, promote research, and support the education and training of both cyber professionals and the user population at large. These organizations are developing the ability to share information by establishing a ‘trusted entity’ to improve intelligence and preparedness. They are bringing resources that are essential to deal with the threats brought about by the Cyber Age. They are building new aspects of the economy built on the IT industry, which is a critical market in the United States. If properly supported and integrated with other national efforts, regional and local cyber initiatives will form the foundation for a new cyber resilience and preparedness framework for the nation. Facing risk of cyberattack, the resilience of critical infrastructure is a national imperative, as announced by the White House in February this year. The community-based cyber initiatives align perfectly with the emerging national strategy to build cyber resilience. Preparedness, response, and recovery capability is needed at the point of impact of a cyberattack. The community cyber initiatives should therefore be central to the capacity building that is needed to improve preparedness and emergency response within the locality of the critical infrastructure that is being targeted. Failure to integrate these regional and local cyber initiatives in the emerging cyber framework would leave the nation vulnerable. There are several existing regional and local public-private partnership cyber initiatives in this country, while others are emerging. The following groups have joined in this Open Letter to call for greater national engagement, collaboration, and promotion of this now-established movement toward cyber resilience building at community and regional levels:  Western Cyber Exchange – WCX (Colorado, New Mexico, and Wyoming)  Cyber City USA in San Antonio, Texas  Cyber Huntsville in Huntsville, Alabama and supporting organizations  Public Regional Security Information Management (PRISEM) project in the Puget Sound region of Washington State  Cyber Incident Response Coalition and Analysis Sharing (CIRCAS) of the Pacific Northwest  State of Oklahoma Cyber Security Operations Center (SOC2) and supporting organizations  Stephenson Disaster Management Institute at LSU and supporting organizations  Alabama Cyber Research Consortium and supporting organizations  Advanced Cyber Security Center – ACSC (Boston and Greater New England)  Pacific NorthWest Economic Region (PNWER) If properly utilized, such initiatives can serve an invaluable function in our national effort to bolster U.S. cyber defenses. These organizations facilitate local and regional information-sharing, break down barriers between the public and private sector, and ensure the establishment of strong regional partnerships. These partnerships allow businesses, law enforcement, state and local government, and other entities to
  • 2. more efficiently exchange threat-information and thwart digital intrusions and attacks before they compromise entire networks and cause significant economic damage. They are moving beyond simple “information sharing” towards collective, real-time situational awareness and collective response to shared threats. These regional and local efforts are an important first line of defense for U.S. critical infrastructure in the escalating cyber battles of the 21st century; and, as more of these entities stand up, they can help take pressure off DHS, NSA, FBI, DOD and other federal authorities who currently are perceived as the country's primary defenders of cyberspace. However, for this to work, the Administration has to proactively reach out to these organizations now, and engage with them as key stakeholders as DHS, NIST, and other departments and agencies move forward on implementation of President Obama's cybersecurity executive directives on cybersecurity and critical infrastructure protection. Moreover, these initiatives represent fledgling cyber market ecosystems that, if properly supported, will generate economic growth, jobs, research, education, and improve the overall cyber hygiene across communities. National cybersecurity programs can, and should, be channeled through them to reach targeted audiences. Academia, already involved in the initiatives, can conduct research into a nascent market segment. Collaboration, information sharing, and public-private partnerships will foster centers of excellence within participating communities. Put simply, the economic development advantages of these models complement the security dimensions of the overall value proposition. US Government departments and agencies were specifically tasked by the President’s cybersecurity and critical infrastructure directives with establishing new mechanisms and frameworks for cybersecurity. Accordingly, the undersigned hereby call in this Open Letter for government collaboration with the regional and local initiatives and for their express incorporation in the National Infrastructure Protection Plan. The participating organizations backing this Open Letter welcome the support of Congress in furthering the strategic objectives contained herein. Contact with any of the named organizations may be made through the respective Congressional delegation or information contained on each initiative’s website. The participating organizations additionally welcome coordination across this regionally diverse collective that may be facilitated by The Regional Consortium Coordinating Council (RC3), a DHS-affiliated coordinating council, and particularly seek the submission of this Open Letter by RC3 for consideration by the Critical Infrastructure Protection Advisory Council. Collective coordination among the initiatives may also be accomplished through the RC3, with contact information available at http://rtriplec.wordpress.com. Regional and Community Initiatives Supporting this Open Letter Contact: Doug DePeppe doug.depeppe@cyberjurist.net Contact: Mark Hogan MHOGAN@cityoftulsa.org Contact: Chris Cook chris@bexarmetro.com Contact: Joseph Booth Jbooth7@lsu.edu Contact: Ronald Burgess rlb0029@auburn.edu Contact: Rodney Robertson RLR0012@auburn.edu Contact: David Matthews dmatthews@expedia.com Contact: Charles Benway cbenway@ACSCenter.org Contact: Michael Hamilton Michael.Hamilton@seattle.gov Contact: Brandon Hardenbrook Brandon@pnwer.org