SlideShare a Scribd company logo

Cybersecurity for Emergency Managers

Download as PPTX, PDF
Sarah K Miller
Sarah K Miller

2019 Alaska Spring Preparedness Conference

Government & Nonprofit
1 of 28
Cybersecurity for Emergency Managers Alaska Spring Preparedness Conference 2019
Cybersecurity is everyone’s problem • Cybersecurity is NOT just IT’s problem. IT Emergency Management Law Enforcement And everyone in your organization
The threat • Malicious vs unintentional • Active attacks • Data breaches • Human error • Cyber warfare
Recently
Lifecycle
Prevention • What have you done to prepare? • What policies are in place? • What training is in place? • How are the policies enforced? • THINGS YOU MUST HAVE • Emergency Operations Plan • Cybersecurity Policy • Acceptable Use Policy
Password Managers https://thewirecutter.com/reviews/best-password-managers/
Protection
Mitigation • What steps have you taken? • What steps can you take? • Insurance • Backups • Redundancy • Monitoring • https://haveibeenpwned.com • Early Reporting • Training
Response Do you have a response plan? Does everybody know how to recognize an incident? Does your staff know what to do if they suspect an incident? Who do you call for help?
Recovery What’s your recovery plan? Beyond just the technology Who do you call for help?
Sample Incident annex https://1drv.ms/w/s!At2Gwcs7z-oh3Ubt7QNXAZ-HHeM2
References • National Cyber Incident Response Plan, Department of Homeland Security, 2016 • Computer Security Incident Handling Guide (Revision 2) National Institute of Standards and Technology, 2012 • Washington State Significant Cyber Incident Annex, Washington Military Department – Emergency Management Division, 2015 • ISO/IEC 27032 – Information Technology – Security techniques – Guidelines for cybersecurity, International Standards Organization, 2012
Annex Parts Policies Sets expectations Situation/ Assumptions Requires all components to be in place Concept of Operations Will require local discussion Responsibilities EM/IT/LE Expect some pushback
Major Cyber Incident Checklist • Action items • Pre-Incident Phase • Response Phase • Recovery/Demob Phase
Common Issues Most entities lack a comprehensive cybersecurity policy that vests responsibility with every employee. Those that have policies don’t enforce them A greater number of incidents occur than are reported in any formal way Lack of response plans leads to slow recognition, response, recovery. Lack of individual security leaves entire organization at risk
Human Factor Phishing, social engineering • Enabled by agency and employee use of social media and other things Careless info access/dissemination • Public spaces • Public wifi • Unlocked computers • Lack of caution
Social Engineering
Social Media Names Personal details Personal details provided by third parties Account spoofing Operational details shared
Meet Desai
Meetkumar Hiteshbhai Desai • Investigators traced the calls and discovered they originated from a link posted to Twitter and YouTube. The link was to a site named "Meet Desai" and its domain was hosted out of San Francisco. When the link was clicked, it continually called 911 and would not let the caller hang up. • His page received 151,000 hits • Desai said his intent was to make a non-harmful, yet annoying, bug that was meant to be funny, officials said.
It was not funny • Surprise Police Department notified the Maricopa County Sheriff's Office of more than 100 hang-up 911 calls within a few minutes. • The volume put authorities "in immediate danger of losing service to their switches." • The emergency systems for the nearby Peoria Police Department and the Maricopa County Sheriff's Office also received a large number of repeated calls. • Agencies in California and Texas were also affected.
OCTOBER 10, 2017 Meetkumar Desai, age 19, was sentenced to 3 years supervised probation for carrying out a reckless cyberattack on 911 emergency call systems in Maricopa County. Authorities will also be able to monitor Desai’s computer while he is on probation.
Other Examples This Photo by Unknown Author is licensed under CC BY-NC-SA
QUESTIONS? Contact me: Sarah Miller, MPA, CEM President, IAEM Region 10 Past Chair, IAEM Emerging Tech Caucus sarah@skmillerconsulting.com twitter: @scba

Recommended

Using Technology and People to Improve your Threat Resistance and Cyber Security
Using Technology and People to Improve your Threat Resistance and Cyber SecurityUsing Technology and People to Improve your Threat Resistance and Cyber Security
Using Technology and People to Improve your Threat Resistance and Cyber SecurityStephen Cobb
 
Using Technology and Techno-People to Improve your Threat Resistance and Cybe...
Using Technology and Techno-People to Improve your Threat Resistance and Cybe...Using Technology and Techno-People to Improve your Threat Resistance and Cybe...
Using Technology and Techno-People to Improve your Threat Resistance and Cybe...Stephen Cobb
 
Phil Grimes - Penetrating the Perimeter: Tales from the Battlefield
Phil Grimes - Penetrating the Perimeter: Tales from the BattlefieldPhil Grimes - Penetrating the Perimeter: Tales from the Battlefield
Phil Grimes - Penetrating the Perimeter: Tales from the Battlefieldcentralohioissa
 
Incident Response: How To Prepare
Incident Response: How To PrepareIncident Response: How To Prepare
Incident Response: How To PrepareResilient Systems
 
Beyond The Dark Hacking Screen
Beyond The Dark Hacking ScreenBeyond The Dark Hacking Screen
Beyond The Dark Hacking ScreenSegun Ebenezer Olaniyan
 
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and AfraidAECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and AfraidPhil Agcaoili
 
Encase cybersecurity alat za proaktivnu kontrolu korporativne it sigurnosti 2
Encase cybersecurity alat za proaktivnu kontrolu korporativne it sigurnosti 2Encase cybersecurity alat za proaktivnu kontrolu korporativne it sigurnosti 2
Encase cybersecurity alat za proaktivnu kontrolu korporativne it sigurnosti 2Damir Delija
 
Hacking
Hacking Hacking
Hacking thajmohammed
 

Recommended

Using Technology and People to Improve your Threat Resistance and Cyber Security
Using Technology and People to Improve your Threat Resistance and Cyber SecurityUsing Technology and People to Improve your Threat Resistance and Cyber Security
Using Technology and People to Improve your Threat Resistance and Cyber SecurityStephen Cobb
 
Using Technology and Techno-People to Improve your Threat Resistance and Cybe...
Using Technology and Techno-People to Improve your Threat Resistance and Cybe...Using Technology and Techno-People to Improve your Threat Resistance and Cybe...
Using Technology and Techno-People to Improve your Threat Resistance and Cybe...Stephen Cobb
 
Phil Grimes - Penetrating the Perimeter: Tales from the Battlefield
Phil Grimes - Penetrating the Perimeter: Tales from the BattlefieldPhil Grimes - Penetrating the Perimeter: Tales from the Battlefield
Phil Grimes - Penetrating the Perimeter: Tales from the Battlefieldcentralohioissa
 
Incident Response: How To Prepare
Incident Response: How To PrepareIncident Response: How To Prepare
Incident Response: How To PrepareResilient Systems
 
Beyond The Dark Hacking Screen
Beyond The Dark Hacking ScreenBeyond The Dark Hacking Screen
Beyond The Dark Hacking ScreenSegun Ebenezer Olaniyan
 
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and AfraidAECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and AfraidPhil Agcaoili
 
Encase cybersecurity alat za proaktivnu kontrolu korporativne it sigurnosti 2
Encase cybersecurity alat za proaktivnu kontrolu korporativne it sigurnosti 2Encase cybersecurity alat za proaktivnu kontrolu korporativne it sigurnosti 2
Encase cybersecurity alat za proaktivnu kontrolu korporativne it sigurnosti 2Damir Delija
 
Hacking
Hacking Hacking
Hacking thajmohammed
 
Cyber terrorism by_Ali_Fahad
Cyber terrorism by_Ali_FahadCyber terrorism by_Ali_Fahad
Cyber terrorism by_Ali_Fahadaliuet
 
Expert FSO Insider Threat Awareness
Expert FSO Insider Threat AwarenessExpert FSO Insider Threat Awareness
Expert FSO Insider Threat AwarenessEric Schiowitz
 
Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)
Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)
Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)Paul C. Van Slyke
 
Cybersecurity for IAEM Region 4
Cybersecurity for IAEM Region 4Cybersecurity for IAEM Region 4
Cybersecurity for IAEM Region 4Sarah K Miller
 
Cyber Security Predictions 2016
Cyber Security Predictions 2016Cyber Security Predictions 2016
Cyber Security Predictions 2016Quick Heal Technologies Ltd.
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinarIntergen
 
Introduction to cybercrime
Introduction to cybercrimeIntroduction to cybercrime
Introduction to cybercrimepatelripal99
 
Data Breach Crisis Control – How to Communicate When You’re in the Hot Seat
Data Breach Crisis Control – How to Communicate When You’re in the Hot SeatData Breach Crisis Control – How to Communicate When You’re in the Hot Seat
Data Breach Crisis Control – How to Communicate When You’re in the Hot SeatResilient Systems
 
Cybersecurity 1. intro to cybersecurity
Cybersecurity 1. intro to cybersecurityCybersecurity 1. intro to cybersecurity
Cybersecurity 1. intro to cybersecuritysommerville-videos
 
The Hacking Team Hack: Lessons Learned for Enterprise Security
The Hacking Team Hack: Lessons Learned for Enterprise SecurityThe Hacking Team Hack: Lessons Learned for Enterprise Security
The Hacking Team Hack: Lessons Learned for Enterprise SecurityStephen Cobb
 
Internet of things, New Challenges in Cyber Crime
Internet of things, New Challenges in Cyber CrimeInternet of things, New Challenges in Cyber Crime
Internet of things, New Challenges in Cyber CrimeMurray Security Services
 
1358619756 cyber terrorism
1358619756 cyber terrorism1358619756 cyber terrorism
1358619756 cyber terrorismGayatri Aryasomayajula
 
24 Hours After a Breach
24 Hours After a Breach 24 Hours After a Breach
24 Hours After a Breach LIFARS
 
APT in the Financial Sector
APT in the Financial SectorAPT in the Financial Sector
APT in the Financial SectorLIFARS
 
Mark Villinski - Top 10 Tips for Educating Employees about Cybersecurity
Mark Villinski - Top 10 Tips for Educating Employees about CybersecurityMark Villinski - Top 10 Tips for Educating Employees about Cybersecurity
Mark Villinski - Top 10 Tips for Educating Employees about Cybersecuritycentralohioissa
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorismAbdul Rehman
 
Cybercrime in Nigeria - Technology and Society
Cybercrime in Nigeria - Technology and SocietyCybercrime in Nigeria - Technology and Society
Cybercrime in Nigeria - Technology and SocietyPELUMI APANTAKU
 
How to assess and manage cyber risk
How to assess and manage cyber riskHow to assess and manage cyber risk
How to assess and manage cyber riskStephen Cobb
 
Five things I learned about information security
Five things I learned about information securityFive things I learned about information security
Five things I learned about information securityMajor Hayden
 
Security and privacy
Security and privacySecurity and privacy
Security and privacyMohammed Adam
 
Cybersecurity for Emergency Managers
Cybersecurity for Emergency ManagersCybersecurity for Emergency Managers
Cybersecurity for Emergency ManagersSarah K Miller
 
Social engineering The Good and Bad
Social engineering The Good and BadSocial engineering The Good and Bad
Social engineering The Good and BadTzar Umang
 

More Related Content

What's hot

Cyber terrorism by_Ali_Fahad
Cyber terrorism by_Ali_FahadCyber terrorism by_Ali_Fahad
Cyber terrorism by_Ali_Fahadaliuet
 
Expert FSO Insider Threat Awareness
Expert FSO Insider Threat AwarenessExpert FSO Insider Threat Awareness
Expert FSO Insider Threat AwarenessEric Schiowitz
 
Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)
Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)
Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)Paul C. Van Slyke
 
Cybersecurity for IAEM Region 4
Cybersecurity for IAEM Region 4Cybersecurity for IAEM Region 4
Cybersecurity for IAEM Region 4Sarah K Miller
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinarIntergen
 
Introduction to cybercrime
Introduction to cybercrimeIntroduction to cybercrime
Introduction to cybercrimepatelripal99
 
Data Breach Crisis Control – How to Communicate When You’re in the Hot Seat
Data Breach Crisis Control – How to Communicate When You’re in the Hot SeatData Breach Crisis Control – How to Communicate When You’re in the Hot Seat
Data Breach Crisis Control – How to Communicate When You’re in the Hot SeatResilient Systems
 
Cybersecurity 1. intro to cybersecurity
Cybersecurity 1. intro to cybersecurityCybersecurity 1. intro to cybersecurity
Cybersecurity 1. intro to cybersecuritysommerville-videos
 
The Hacking Team Hack: Lessons Learned for Enterprise Security
The Hacking Team Hack: Lessons Learned for Enterprise SecurityThe Hacking Team Hack: Lessons Learned for Enterprise Security
The Hacking Team Hack: Lessons Learned for Enterprise SecurityStephen Cobb
 
Internet of things, New Challenges in Cyber Crime
Internet of things, New Challenges in Cyber CrimeInternet of things, New Challenges in Cyber Crime
Internet of things, New Challenges in Cyber CrimeMurray Security Services
 
24 Hours After a Breach
24 Hours After a Breach 24 Hours After a Breach
24 Hours After a Breach LIFARS
 
APT in the Financial Sector
APT in the Financial SectorAPT in the Financial Sector
APT in the Financial SectorLIFARS
 
Mark Villinski - Top 10 Tips for Educating Employees about Cybersecurity
Mark Villinski - Top 10 Tips for Educating Employees about CybersecurityMark Villinski - Top 10 Tips for Educating Employees about Cybersecurity
Mark Villinski - Top 10 Tips for Educating Employees about Cybersecuritycentralohioissa
 
Cybercrime in Nigeria - Technology and Society
Cybercrime in Nigeria - Technology and SocietyCybercrime in Nigeria - Technology and Society
Cybercrime in Nigeria - Technology and SocietyPELUMI APANTAKU
 
How to assess and manage cyber risk
How to assess and manage cyber riskHow to assess and manage cyber risk
How to assess and manage cyber riskStephen Cobb
 
Five things I learned about information security
Five things I learned about information securityFive things I learned about information security
Five things I learned about information securityMajor Hayden
 
Security and privacy
Security and privacySecurity and privacy
Security and privacyMohammed Adam
 

What's hot (20)

Cyber terrorism by_Ali_Fahad
Cyber terrorism by_Ali_FahadCyber terrorism by_Ali_Fahad
Cyber terrorism by_Ali_Fahad
 
Expert FSO Insider Threat Awareness
Expert FSO Insider Threat AwarenessExpert FSO Insider Threat Awareness
Expert FSO Insider Threat Awareness
 
Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)
Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)
Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)
 
Cybersecurity for IAEM Region 4
Cybersecurity for IAEM Region 4Cybersecurity for IAEM Region 4
Cybersecurity for IAEM Region 4
 
Cyber Security Predictions 2016
Cyber Security Predictions 2016Cyber Security Predictions 2016
Cyber Security Predictions 2016
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinar
 
Introduction to cybercrime
Introduction to cybercrimeIntroduction to cybercrime
Introduction to cybercrime
 
Data Breach Crisis Control – How to Communicate When You’re in the Hot Seat
Data Breach Crisis Control – How to Communicate When You’re in the Hot SeatData Breach Crisis Control – How to Communicate When You’re in the Hot Seat
Data Breach Crisis Control – How to Communicate When You’re in the Hot Seat
 
Cybersecurity 1. intro to cybersecurity
Cybersecurity 1. intro to cybersecurityCybersecurity 1. intro to cybersecurity
Cybersecurity 1. intro to cybersecurity
 
The Hacking Team Hack: Lessons Learned for Enterprise Security
The Hacking Team Hack: Lessons Learned for Enterprise SecurityThe Hacking Team Hack: Lessons Learned for Enterprise Security
The Hacking Team Hack: Lessons Learned for Enterprise Security
 
Internet of things, New Challenges in Cyber Crime
Internet of things, New Challenges in Cyber CrimeInternet of things, New Challenges in Cyber Crime
Internet of things, New Challenges in Cyber Crime
 
1358619756 cyber terrorism
1358619756 cyber terrorism1358619756 cyber terrorism
1358619756 cyber terrorism
 
24 Hours After a Breach
24 Hours After a Breach 24 Hours After a Breach
24 Hours After a Breach
 
APT in the Financial Sector
APT in the Financial SectorAPT in the Financial Sector
APT in the Financial Sector
 
Mark Villinski - Top 10 Tips for Educating Employees about Cybersecurity
Mark Villinski - Top 10 Tips for Educating Employees about CybersecurityMark Villinski - Top 10 Tips for Educating Employees about Cybersecurity
Mark Villinski - Top 10 Tips for Educating Employees about Cybersecurity
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
 
Cybercrime in Nigeria - Technology and Society
Cybercrime in Nigeria - Technology and SocietyCybercrime in Nigeria - Technology and Society
Cybercrime in Nigeria - Technology and Society
 
How to assess and manage cyber risk
How to assess and manage cyber riskHow to assess and manage cyber risk
How to assess and manage cyber risk
 
Five things I learned about information security
Five things I learned about information securityFive things I learned about information security
Five things I learned about information security
 
Security and privacy
Security and privacySecurity and privacy
Security and privacy
 

Similar to Cybersecurity for Emergency Managers

Cybersecurity for Emergency Managers
Cybersecurity for Emergency ManagersCybersecurity for Emergency Managers
Cybersecurity for Emergency ManagersSarah K Miller
 
Social engineering The Good and Bad
Social engineering The Good and BadSocial engineering The Good and Bad
Social engineering The Good and BadTzar Umang
 
Cyber Attacks aren't going away - including Cyber Security in your risk strategy
Cyber Attacks aren't going away - including Cyber Security in your risk strategyCyber Attacks aren't going away - including Cyber Security in your risk strategy
Cyber Attacks aren't going away - including Cyber Security in your risk strategyJames Mulhern
 
CCIAOR Cyber Security Forum
CCIAOR Cyber Security ForumCCIAOR Cyber Security Forum
CCIAOR Cyber Security ForumCCIAOR
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Stephen Cobb
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsKrishna Srikanth Manda
 
Social Engineering, or hacking people
Social Engineering, or hacking peopleSocial Engineering, or hacking people
Social Engineering, or hacking peopleTudor Damian
 
CHIME LEAD New York 2014 Opening Keynote "What is Cyber Security and Why is i...
CHIME LEAD New York 2014 Opening Keynote "What is Cyber Security and Why is i...CHIME LEAD New York 2014 Opening Keynote "What is Cyber Security and Why is i...
CHIME LEAD New York 2014 Opening Keynote "What is Cyber Security and Why is i...Health IT Conference – iHT2
 
CHIME LEAD DC 2014 - Opening Keynote "What is Cyber Security and Why is it Cr...
CHIME LEAD DC 2014 - Opening Keynote "What is Cyber Security and Why is it Cr...CHIME LEAD DC 2014 - Opening Keynote "What is Cyber Security and Why is it Cr...
CHIME LEAD DC 2014 - Opening Keynote "What is Cyber Security and Why is it Cr...Health IT Conference – iHT2
 
CHIME LEAD Forum Houston - Opening Keynote "What is Cyber Security and Why is...
CHIME LEAD Forum Houston - Opening Keynote "What is Cyber Security and Why is...CHIME LEAD Forum Houston - Opening Keynote "What is Cyber Security and Why is...
CHIME LEAD Forum Houston - Opening Keynote "What is Cyber Security and Why is...Health IT Conference – iHT2
 
Cybersecurity for King County Public Educators
Cybersecurity for King County Public EducatorsCybersecurity for King County Public Educators
Cybersecurity for King County Public EducatorsSarah K Miller
 
cybersecurity.pptx
cybersecurity.pptxcybersecurity.pptx
cybersecurity.pptxxanparker
 
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Joe Bartolo
 
2022 Rea & Associates' Cybersecurity Conference
2022 Rea & Associates' Cybersecurity Conference 2022 Rea & Associates' Cybersecurity Conference
2022 Rea & Associates' Cybersecurity Conference Rea & Associates
 
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...Citrin Cooperman
 
Counterintelligence & The Insider Threat January 2019 (1).pptx
Counterintelligence & The Insider Threat January 2019 (1).pptxCounterintelligence & The Insider Threat January 2019 (1).pptx
Counterintelligence & The Insider Threat January 2019 (1).pptxZakiAhmed70
 

Similar to Cybersecurity for Emergency Managers (20)

Cybersecurity for Emergency Managers
Cybersecurity for Emergency ManagersCybersecurity for Emergency Managers
Cybersecurity for Emergency Managers
 
Social engineering The Good and Bad
Social engineering The Good and BadSocial engineering The Good and Bad
Social engineering The Good and Bad
 
Cyber Attacks aren't going away - including Cyber Security in your risk strategy
Cyber Attacks aren't going away - including Cyber Security in your risk strategyCyber Attacks aren't going away - including Cyber Security in your risk strategy
Cyber Attacks aren't going away - including Cyber Security in your risk strategy
 
CCIAOR Cyber Security Forum
CCIAOR Cyber Security ForumCCIAOR Cyber Security Forum
CCIAOR Cyber Security Forum
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionals
 
Cybersecurity 101 final
Cybersecurity 101 finalCybersecurity 101 final
Cybersecurity 101 final
 
Social Engineering, or hacking people
Social Engineering, or hacking peopleSocial Engineering, or hacking people
Social Engineering, or hacking people
 
CHIME LEAD New York 2014 Opening Keynote "What is Cyber Security and Why is i...
CHIME LEAD New York 2014 Opening Keynote "What is Cyber Security and Why is i...CHIME LEAD New York 2014 Opening Keynote "What is Cyber Security and Why is i...
CHIME LEAD New York 2014 Opening Keynote "What is Cyber Security and Why is i...
 
CHIME LEAD DC 2014 - Opening Keynote "What is Cyber Security and Why is it Cr...
CHIME LEAD DC 2014 - Opening Keynote "What is Cyber Security and Why is it Cr...CHIME LEAD DC 2014 - Opening Keynote "What is Cyber Security and Why is it Cr...
CHIME LEAD DC 2014 - Opening Keynote "What is Cyber Security and Why is it Cr...
 
CHIME LEAD Forum Houston - Opening Keynote "What is Cyber Security and Why is...
CHIME LEAD Forum Houston - Opening Keynote "What is Cyber Security and Why is...CHIME LEAD Forum Houston - Opening Keynote "What is Cyber Security and Why is...
CHIME LEAD Forum Houston - Opening Keynote "What is Cyber Security and Why is...
 
Cybersecurity for King County Public Educators
Cybersecurity for King County Public EducatorsCybersecurity for King County Public Educators
Cybersecurity for King County Public Educators
 
cybersecurity.pptx
cybersecurity.pptxcybersecurity.pptx
cybersecurity.pptx
 
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
 
2022 Rea & Associates' Cybersecurity Conference
2022 Rea & Associates' Cybersecurity Conference 2022 Rea & Associates' Cybersecurity Conference
2022 Rea & Associates' Cybersecurity Conference
 
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
 
Cybersecurity.pptx
Cybersecurity.pptxCybersecurity.pptx
Cybersecurity.pptx
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber Security
 
Janitor vs cleaner
Janitor vs cleanerJanitor vs cleaner
Janitor vs cleaner
 
Counterintelligence & The Insider Threat January 2019 (1).pptx
Counterintelligence & The Insider Threat January 2019 (1).pptxCounterintelligence & The Insider Threat January 2019 (1).pptx
Counterintelligence & The Insider Threat January 2019 (1).pptx
 

More from Sarah K Miller

DEFCON - Ethics of technology in humanitarian and disaster response
DEFCON - Ethics of technology in humanitarian and disaster responseDEFCON - Ethics of technology in humanitarian and disaster response
DEFCON - Ethics of technology in humanitarian and disaster responseSarah K Miller
 
IAEM cybersecurity 101
IAEM cybersecurity 101IAEM cybersecurity 101
IAEM cybersecurity 101Sarah K Miller
 
Utilizing social media to sustain your club - Soroptimist edition
Utilizing social media to sustain your club - Soroptimist editionUtilizing social media to sustain your club - Soroptimist edition
Utilizing social media to sustain your club - Soroptimist editionSarah K Miller
 
Using Social Media for Club Recruiting and Engagement
Using Social Media for Club Recruiting and EngagementUsing Social Media for Club Recruiting and Engagement
Using Social Media for Club Recruiting and EngagementSarah K Miller
 
Using Social Media in an Emergency
Using Social Media in an EmergencyUsing Social Media in an Emergency
Using Social Media in an EmergencySarah K Miller
 
How to use social media in an emergency
How to use social media in an emergencyHow to use social media in an emergency
How to use social media in an emergencySarah K Miller
 
You can get there from here! Professional development through all career stag...
You can get there from here! Professional development through all career stag...You can get there from here! Professional development through all career stag...
You can get there from here! Professional development through all career stag...Sarah K Miller
 
Writing a winning resume
Writing a winning resumeWriting a winning resume
Writing a winning resumeSarah K Miller
 
Utilizing social media to build your program
Utilizing social media to build your programUtilizing social media to build your program
Utilizing social media to build your programSarah K Miller
 
Social media privacy and safety
Social media privacy and safetySocial media privacy and safety
Social media privacy and safetySarah K Miller
 
INWEM Gender and Diversity Survey - 2010
INWEM Gender and Diversity Survey - 2010INWEM Gender and Diversity Survey - 2010
INWEM Gender and Diversity Survey - 2010Sarah K Miller
 
Gaining situational awareness using social media
Gaining situational awareness using social mediaGaining situational awareness using social media
Gaining situational awareness using social mediaSarah K Miller
 
Generational differences in organizations.
Generational differences in organizations. Generational differences in organizations.
Generational differences in organizations. Sarah K Miller
 
Emergency Preparedness: This is no time to gamble.
Emergency Preparedness: This is no time to gamble.Emergency Preparedness: This is no time to gamble.
Emergency Preparedness: This is no time to gamble.Sarah K Miller
 
Recruiting and retaining radio volunteers
Recruiting and retaining radio volunteersRecruiting and retaining radio volunteers
Recruiting and retaining radio volunteersSarah K Miller
 
Overcoming barriers: The Role of Gender in Disaster
Overcoming barriers: The Role of Gender in DisasterOvercoming barriers: The Role of Gender in Disaster
Overcoming barriers: The Role of Gender in DisasterSarah K Miller
 
Interpersonal Communications in the EOC
Interpersonal Communications in the EOCInterpersonal Communications in the EOC
Interpersonal Communications in the EOCSarah K Miller
 

More from Sarah K Miller (19)

Secure your stuff
Secure your stuffSecure your stuff
Secure your stuff
 
DEFCON - Ethics of technology in humanitarian and disaster response
DEFCON - Ethics of technology in humanitarian and disaster responseDEFCON - Ethics of technology in humanitarian and disaster response
DEFCON - Ethics of technology in humanitarian and disaster response
 
IAEM cybersecurity 101
IAEM cybersecurity 101IAEM cybersecurity 101
IAEM cybersecurity 101
 
Utilizing social media to sustain your club - Soroptimist edition
Utilizing social media to sustain your club - Soroptimist editionUtilizing social media to sustain your club - Soroptimist edition
Utilizing social media to sustain your club - Soroptimist edition
 
Using Social Media for Club Recruiting and Engagement
Using Social Media for Club Recruiting and EngagementUsing Social Media for Club Recruiting and Engagement
Using Social Media for Club Recruiting and Engagement
 
Using Social Media in an Emergency
Using Social Media in an EmergencyUsing Social Media in an Emergency
Using Social Media in an Emergency
 
How to use social media in an emergency
How to use social media in an emergencyHow to use social media in an emergency
How to use social media in an emergency
 
You can get there from here! Professional development through all career stag...
You can get there from here! Professional development through all career stag...You can get there from here! Professional development through all career stag...
You can get there from here! Professional development through all career stag...
 
Writing a winning resume
Writing a winning resumeWriting a winning resume
Writing a winning resume
 
ICS and you
ICS and youICS and you
ICS and you
 
Utilizing social media to build your program
Utilizing social media to build your programUtilizing social media to build your program
Utilizing social media to build your program
 
Social media privacy and safety
Social media privacy and safetySocial media privacy and safety
Social media privacy and safety
 
INWEM Gender and Diversity Survey - 2010
INWEM Gender and Diversity Survey - 2010INWEM Gender and Diversity Survey - 2010
INWEM Gender and Diversity Survey - 2010
 
Gaining situational awareness using social media
Gaining situational awareness using social mediaGaining situational awareness using social media
Gaining situational awareness using social media
 
Generational differences in organizations.
Generational differences in organizations. Generational differences in organizations.
Generational differences in organizations.
 
Emergency Preparedness: This is no time to gamble.
Emergency Preparedness: This is no time to gamble.Emergency Preparedness: This is no time to gamble.
Emergency Preparedness: This is no time to gamble.
 
Recruiting and retaining radio volunteers
Recruiting and retaining radio volunteersRecruiting and retaining radio volunteers
Recruiting and retaining radio volunteers
 
Overcoming barriers: The Role of Gender in Disaster
Overcoming barriers: The Role of Gender in DisasterOvercoming barriers: The Role of Gender in Disaster
Overcoming barriers: The Role of Gender in Disaster
 
Interpersonal Communications in the EOC
Interpersonal Communications in the EOCInterpersonal Communications in the EOC
Interpersonal Communications in the EOC
 

Recently uploaded

Call Girls Bangalore Saanvi 7001305949 Independent Escort Service Bangalore
Call Girls Bangalore Saanvi 7001305949 Independent Escort Service BangaloreCall Girls Bangalore Saanvi 7001305949 Independent Escort Service Bangalore
Call Girls Bangalore Saanvi 7001305949 Independent Escort Service Bangalorenarwatsonia7
 
call girls in moti bagh DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
call girls in moti bagh DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️call girls in moti bagh DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
call girls in moti bagh DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️saminamagar
 
No.1 Call Girls in Basavanagudi ! 7001305949 ₹2999 Only and Free Hotel Delive...
No.1 Call Girls in Basavanagudi ! 7001305949 ₹2999 Only and Free Hotel Delive...No.1 Call Girls in Basavanagudi ! 7001305949 ₹2999 Only and Free Hotel Delive...
No.1 Call Girls in Basavanagudi ! 7001305949 ₹2999 Only and Free Hotel Delive...narwatsonia7
 
Disciplines-and-Ideas-in-the-Applied-Social-Sciences-DLP-.pdf
Disciplines-and-Ideas-in-the-Applied-Social-Sciences-DLP-.pdfDisciplines-and-Ideas-in-the-Applied-Social-Sciences-DLP-.pdf
Disciplines-and-Ideas-in-the-Applied-Social-Sciences-DLP-.pdfDeLeon9
 
Russian Call Girl Hebbagodi ! 7001305949 ₹2999 Only and Free Hotel Delivery 2...
Russian Call Girl Hebbagodi ! 7001305949 ₹2999 Only and Free Hotel Delivery 2...Russian Call Girl Hebbagodi ! 7001305949 ₹2999 Only and Free Hotel Delivery 2...
Russian Call Girl Hebbagodi ! 7001305949 ₹2999 Only and Free Hotel Delivery 2...narwatsonia7
 
Jewish Efforts to Influence American Immigration Policy in the Years Before t...
Jewish Efforts to Influence American Immigration Policy in the Years Before t...Jewish Efforts to Influence American Immigration Policy in the Years Before t...
Jewish Efforts to Influence American Immigration Policy in the Years Before t...yalehistoricalreview
 
call girls in Model Town DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
call girls in Model Town DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️call girls in Model Town DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
call girls in Model Town DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️saminamagar
 
Call Girls Near Surya International Hotel New Delhi 9873777170
Call Girls Near Surya International Hotel New Delhi 9873777170Call Girls Near Surya International Hotel New Delhi 9873777170
Call Girls Near Surya International Hotel New Delhi 9873777170Sonam Pathan
 
Powering Britain: Can we decarbonise electricity without disadvantaging poore...
Powering Britain: Can we decarbonise electricity without disadvantaging poore...Powering Britain: Can we decarbonise electricity without disadvantaging poore...
Powering Britain: Can we decarbonise electricity without disadvantaging poore...ResolutionFoundation
 
Call Girls Service AECS Layout Just Call 7001305949 Enjoy College Girls Service
Call Girls Service AECS Layout Just Call 7001305949 Enjoy College Girls ServiceCall Girls Service AECS Layout Just Call 7001305949 Enjoy College Girls Service
Call Girls Service AECS Layout Just Call 7001305949 Enjoy College Girls Servicenarwatsonia7
 
How to design healthy team dynamics to deliver successful digital projects.pptx
How to design healthy team dynamics to deliver successful digital projects.pptxHow to design healthy team dynamics to deliver successful digital projects.pptx
How to design healthy team dynamics to deliver successful digital projects.pptxTechSoupConnectLondo
 
2024: The FAR, Federal Acquisition Regulations - Part 27
2024: The FAR, Federal Acquisition Regulations - Part 272024: The FAR, Federal Acquisition Regulations - Part 27
2024: The FAR, Federal Acquisition Regulations - Part 27JSchaus & Associates
 
Panet vs.Plastics - Earth Day 2024 - 22 APRIL
Panet vs.Plastics - Earth Day 2024 - 22 APRILPanet vs.Plastics - Earth Day 2024 - 22 APRIL
Panet vs.Plastics - Earth Day 2024 - 22 APRILChristina Parmionova
 
call girls in Tilak Nagar DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
call girls in Tilak Nagar DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️call girls in Tilak Nagar DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
call girls in Tilak Nagar DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️saminamagar
 
“Exploring the world: One page turn at a time.” World Book and Copyright Day ...
“Exploring the world: One page turn at a time.” World Book and Copyright Day ...“Exploring the world: One page turn at a time.” World Book and Copyright Day ...
“Exploring the world: One page turn at a time.” World Book and Copyright Day ...Christina Parmionova
 
2023 Ecological Profile of Ilocos Norte.pdf
2023 Ecological Profile of Ilocos Norte.pdf2023 Ecological Profile of Ilocos Norte.pdf
2023 Ecological Profile of Ilocos Norte.pdfilocosnortegovph
 
call girls in Mehrauli DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
call girls in Mehrauli DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️call girls in Mehrauli DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
call girls in Mehrauli DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️saminamagar
 
call girls in Vasant Kunj DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vasant Kunj DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️call girls in Vasant Kunj DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vasant Kunj DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️saminamagar
 
call girls in Punjabi Bagh DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
call girls in Punjabi Bagh DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️call girls in Punjabi Bagh DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
call girls in Punjabi Bagh DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️saminamagar
 
call girls in Kirti Nagar DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
call girls in Kirti Nagar DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️call girls in Kirti Nagar DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
call girls in Kirti Nagar DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️saminamagar
 

Recently uploaded (20)

Call Girls Bangalore Saanvi 7001305949 Independent Escort Service Bangalore
Call Girls Bangalore Saanvi 7001305949 Independent Escort Service BangaloreCall Girls Bangalore Saanvi 7001305949 Independent Escort Service Bangalore
Call Girls Bangalore Saanvi 7001305949 Independent Escort Service Bangalore
 
call girls in moti bagh DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
call girls in moti bagh DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️call girls in moti bagh DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
call girls in moti bagh DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
 
No.1 Call Girls in Basavanagudi ! 7001305949 ₹2999 Only and Free Hotel Delive...
No.1 Call Girls in Basavanagudi ! 7001305949 ₹2999 Only and Free Hotel Delive...No.1 Call Girls in Basavanagudi ! 7001305949 ₹2999 Only and Free Hotel Delive...
No.1 Call Girls in Basavanagudi ! 7001305949 ₹2999 Only and Free Hotel Delive...
 
Disciplines-and-Ideas-in-the-Applied-Social-Sciences-DLP-.pdf
Disciplines-and-Ideas-in-the-Applied-Social-Sciences-DLP-.pdfDisciplines-and-Ideas-in-the-Applied-Social-Sciences-DLP-.pdf
Disciplines-and-Ideas-in-the-Applied-Social-Sciences-DLP-.pdf
 
Russian Call Girl Hebbagodi ! 7001305949 ₹2999 Only and Free Hotel Delivery 2...
Russian Call Girl Hebbagodi ! 7001305949 ₹2999 Only and Free Hotel Delivery 2...Russian Call Girl Hebbagodi ! 7001305949 ₹2999 Only and Free Hotel Delivery 2...
Russian Call Girl Hebbagodi ! 7001305949 ₹2999 Only and Free Hotel Delivery 2...
 
Jewish Efforts to Influence American Immigration Policy in the Years Before t...
Jewish Efforts to Influence American Immigration Policy in the Years Before t...Jewish Efforts to Influence American Immigration Policy in the Years Before t...
Jewish Efforts to Influence American Immigration Policy in the Years Before t...
 
call girls in Model Town DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
call girls in Model Town DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️call girls in Model Town DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
call girls in Model Town DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
 
Call Girls Near Surya International Hotel New Delhi 9873777170
Call Girls Near Surya International Hotel New Delhi 9873777170Call Girls Near Surya International Hotel New Delhi 9873777170
Call Girls Near Surya International Hotel New Delhi 9873777170
 
Powering Britain: Can we decarbonise electricity without disadvantaging poore...
Powering Britain: Can we decarbonise electricity without disadvantaging poore...Powering Britain: Can we decarbonise electricity without disadvantaging poore...
Powering Britain: Can we decarbonise electricity without disadvantaging poore...
 
Call Girls Service AECS Layout Just Call 7001305949 Enjoy College Girls Service
Call Girls Service AECS Layout Just Call 7001305949 Enjoy College Girls ServiceCall Girls Service AECS Layout Just Call 7001305949 Enjoy College Girls Service
Call Girls Service AECS Layout Just Call 7001305949 Enjoy College Girls Service
 
How to design healthy team dynamics to deliver successful digital projects.pptx
How to design healthy team dynamics to deliver successful digital projects.pptxHow to design healthy team dynamics to deliver successful digital projects.pptx
How to design healthy team dynamics to deliver successful digital projects.pptx
 
2024: The FAR, Federal Acquisition Regulations - Part 27
2024: The FAR, Federal Acquisition Regulations - Part 272024: The FAR, Federal Acquisition Regulations - Part 27
2024: The FAR, Federal Acquisition Regulations - Part 27
 
Panet vs.Plastics - Earth Day 2024 - 22 APRIL
Panet vs.Plastics - Earth Day 2024 - 22 APRILPanet vs.Plastics - Earth Day 2024 - 22 APRIL
Panet vs.Plastics - Earth Day 2024 - 22 APRIL
 
call girls in Tilak Nagar DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
call girls in Tilak Nagar DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️call girls in Tilak Nagar DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
call girls in Tilak Nagar DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
 
“Exploring the world: One page turn at a time.” World Book and Copyright Day ...
“Exploring the world: One page turn at a time.” World Book and Copyright Day ...“Exploring the world: One page turn at a time.” World Book and Copyright Day ...
“Exploring the world: One page turn at a time.” World Book and Copyright Day ...
 
2023 Ecological Profile of Ilocos Norte.pdf
2023 Ecological Profile of Ilocos Norte.pdf2023 Ecological Profile of Ilocos Norte.pdf
2023 Ecological Profile of Ilocos Norte.pdf
 
call girls in Mehrauli DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
call girls in Mehrauli DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️call girls in Mehrauli DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
call girls in Mehrauli DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
 
call girls in Vasant Kunj DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vasant Kunj DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️call girls in Vasant Kunj DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vasant Kunj DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
 
call girls in Punjabi Bagh DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
call girls in Punjabi Bagh DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️call girls in Punjabi Bagh DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
call girls in Punjabi Bagh DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
 
call girls in Kirti Nagar DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
call girls in Kirti Nagar DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️call girls in Kirti Nagar DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
call girls in Kirti Nagar DELHI 🔝 >༒9540349809 🔝 genuine Escort Service 🔝✔️✔️
 

Cybersecurity for Emergency Managers

  • 1. Cybersecurity for Emergency Managers Alaska Spring Preparedness Conference 2019
  • 2. Cybersecurity is everyone’s problem • Cybersecurity is NOT just IT’s problem. IT Emergency Management Law Enforcement And everyone in your organization
  • 3. The threat • Malicious vs unintentional • Active attacks • Data breaches • Human error • Cyber warfare
  • 5.
  • 6.
  • 7.
  • 9. Prevention • What have you done to prepare? • What policies are in place? • What training is in place? • How are the policies enforced? • THINGS YOU MUST HAVE • Emergency Operations Plan • Cybersecurity Policy • Acceptable Use Policy
  • 12. Mitigation • What steps have you taken? • What steps can you take? • Insurance • Backups • Redundancy • Monitoring • https://haveibeenpwned.com • Early Reporting • Training
  • 13. Response Do you have a response plan? Does everybody know how to recognize an incident? Does your staff know what to do if they suspect an incident? Who do you call for help?
  • 14. Recovery What’s your recovery plan? Beyond just the technology Who do you call for help?
  • 16. References • National Cyber Incident Response Plan, Department of Homeland Security, 2016 • Computer Security Incident Handling Guide (Revision 2) National Institute of Standards and Technology, 2012 • Washington State Significant Cyber Incident Annex, Washington Military Department – Emergency Management Division, 2015 • ISO/IEC 27032 – Information Technology – Security techniques – Guidelines for cybersecurity, International Standards Organization, 2012
  • 17. Annex Parts Policies Sets expectations Situation/ Assumptions Requires all components to be in place Concept of Operations Will require local discussion Responsibilities EM/IT/LE Expect some pushback
  • 18. Major Cyber Incident Checklist • Action items • Pre-Incident Phase • Response Phase • Recovery/Demob Phase
  • 19. Common Issues Most entities lack a comprehensive cybersecurity policy that vests responsibility with every employee. Those that have policies don’t enforce them A greater number of incidents occur than are reported in any formal way Lack of response plans leads to slow recognition, response, recovery. Lack of individual security leaves entire organization at risk
  • 20. Human Factor Phishing, social engineering • Enabled by agency and employee use of social media and other things Careless info access/dissemination • Public spaces • Public wifi • Unlocked computers • Lack of caution
  • 22. Social Media Names Personal details Personal details provided by third parties Account spoofing Operational details shared
  • 24. Meetkumar Hiteshbhai Desai • Investigators traced the calls and discovered they originated from a link posted to Twitter and YouTube. The link was to a site named "Meet Desai" and its domain was hosted out of San Francisco. When the link was clicked, it continually called 911 and would not let the caller hang up. • His page received 151,000 hits • Desai said his intent was to make a non-harmful, yet annoying, bug that was meant to be funny, officials said.
  • 25. It was not funny • Surprise Police Department notified the Maricopa County Sheriff's Office of more than 100 hang-up 911 calls within a few minutes. • The volume put authorities "in immediate danger of losing service to their switches." • The emergency systems for the nearby Peoria Police Department and the Maricopa County Sheriff's Office also received a large number of repeated calls. • Agencies in California and Texas were also affected.
  • 26. OCTOBER 10, 2017 Meetkumar Desai, age 19, was sentenced to 3 years supervised probation for carrying out a reckless cyberattack on 911 emergency call systems in Maricopa County. Authorities will also be able to monitor Desai’s computer while he is on probation.
  • 27. Other Examples This Photo by Unknown Author is licensed under CC BY-NC-SA
  • 28. QUESTIONS? Contact me: Sarah Miller, MPA, CEM President, IAEM Region 10 Past Chair, IAEM Emerging Tech Caucus sarah@skmillerconsulting.com twitter: @scba

Editor's Notes

  1. Primarily and IT and Security function.