The University of Southern Mississippi National Center for Spectator Sport Safety and Security Cyber Security Tabletop

1940 days ago, 3590 views
PowerPoint PPT Presentation
2. Content. Exercise RulesExercise ObjectivesExercise ScheduleScenario Briefings. 3. Activity Rules. Situation delineates a conceivable digital security eventNo trap inquiries or

Presentation Transcript

Slide 1

The University of Southern Mississippi National Center for Spectator Sport Safety and Security Cyber Security Tabletop Exercise Facilitator: James A. McGee – National Center for Spectator Sport Safety and Security Spring 2010

Slide 2

Content Exercise Rules Exercise Objectives Exercise Schedule Scenario Briefings

Slide 3

Exercise Rules Scenario portrays a conceivable digital security occasion No trap addresses or "concealed" motivation Players have no past learning of the situation, and will get data in the meantime Players will react utilizing existing arrangements, systems and other reaction assets Decisions are not point of reference setting and may not mirror your association's last position on a given issue

Slide 4

Exercise Objectives Examine the capacities of USM to plan for, shield from, and react to the impacts of digital assaults. Practice senior administration basic leadership and interagency coordination of occurrence reactions as per the USM Cyber Response Plan. Approve data sharing connections and correspondences ways for the gathering and scattering of digital occurrence situational mindfulness, reaction, and recuperation data. Practice intra-legislative (Federal-State) coordination and episode reaction. Recognize approaches/issues that prevent or support digital security necessities. DRAFT

Slide 5

Exercise Objectives (Continued) Identify open/private interface correspondences and edges of coordination to enhance digital episode reaction and recuperation, and also recognize basic data sharing ways and instruments. Recognize, enhance, and advance open and private segment association in procedures and systems for imparting suitable data to key partners and the general population. Recognize digital physical relationship of foundation of true monetary and political effect. Bring issues to light of the monetary and national security impacts related with a critical digital occurrence. Highlight accessible apparatuses and innovation with scientific digital episode reaction and recuperation ability.

Slide 6

Exercise Schedule 8:30 A.M. Member Sign-In/Coffee 9:00 A.M. Presentation Discuss general guidelines and standard procedures of the practice 9:15 A.M. Practice Overview Discuss practice goals, and timetable of practice 9:30 A.M. Perused Module 1 A free coalition of very much financed "hacktivists" with a political plan, who coordinated hostile to globalization and rebel activism, presented an enormous PC infection assault into the USM digital framework. 9:45 A.M Module 1 Discussion DRAFT

Slide 7

Exercise Schedule (Continued) 10:00 A.M. Perused Module 2 A framework of "hacktivists" kept on utilizing their aggregate abilities to mount a planned digital assault and by producing fake advanced testaments, the "hacktivists" guided accidental web clients to "mock" sites where assets were coerced and individual data was mined. 10:15 A.M. Module 2 Discussion

Slide 8

Exercise Schedule (Continued) 10:30 A.M. Read Module 3 While the country kept on encountering across the board effects of assaults on the IT and Communications divisions, the foe focused on individual colleges. The enemy's aim was to bring about falling disturbances coming from particular, centered assaults. 10:45 A.M. Module 3 Discussion 11:00 A.M. Debriefing about Lessons Learned 11:30 A.M. End of Exercise/Lunch

Slide 9

Cyber Security Scenario The practice mimics a complex digital assault battle through a progression of modules coordinated against basic frameworks. The aim of these modules is to highlight the interconnectedness of digital frameworks with the physical foundation and to practice coordination and correspondence between general society and private areas. DRAFT

Slide 10

Cyber Security Scenario (Continued) The practice is a recreated occasion with no genuine impacts on, messing with, or harm to any basic foundation. While the situation depends on theoretical yet conceivable circumstances, they are not expected as a figure of future psychological oppressor related occasions. The aggregate modules have three noteworthy ill-disposed goals: To upset particularly focused on basic foundations through digital assaults To frustrate the Universities capacity to react to the digital assaults To undermine open trust in the Universities capacity to give/ensure administrations DRAFT

Slide 11

Scenario Briefing – Module 1 March 01, 2010 The accompanying episodes including disturbances to digital security at USM have been accounted for: Hackers as of late broke into the USM PC database, which could possibly trade off understudy, personnel and staff records. After counseling with the MS-ISAC, it was uncovered that six different colleges were having comparative issues. Reports that specific USM on-line benefit emotionally supportive networks (everything from SOAR to monetary guide) are down or acting unpredictably because of what seems, by all accounts, to be a huge PC infection assault. DRAFT

Slide 12

Module 1 Key Discussion Questions What sort of data is accessible to personnel, staff, understudies, and guardians around an assault to the digital framework? Have workforce, staff, group and crisis reaction accomplices been included in giving info and criticism to emergency getting ready for schools? Will personnel and staff assume a part in the episode charge structure once the Incident Command System (ICS) is enacted amid a crisis? Assuming this is the case, what is the part? Is the USM current crisis reaction arrange suited for a digital assault? Is there a correspondence anticipate keeping workforce, staff and understudies educated of choices with respect to assaults to the digital framework? DRAFT

Slide 13

Module 1 Questions DRAFT

Slide 14

Scenario Briefing – Module 2 March 05, 2010 The "hacktivists" particularly focused on a few basic foundation areas, alongside state and government organizations, the media, and colleges. By producing fake computerized authentications, the "hacktivists" guided unconscious USM web clients to "mock" sites where assets were coerced and individual data was mined. DRAFT

Slide 15

Scenario Briefing – Module 2 March 05, 2010 Coordinated assaults on space name servers and broadcast communications switch framework brought about a conveyed disavowal of administration and questionable communication. Clients were discontinuously not able to get to sites, send email, and make telephone calls. Casualties of the assault were compelled to investigate elective techniques for correspondence amid the disturbances. The USM Chief Security Officer (CSO) has gotten email dangers and false Amber Alerts have been communicate. The arrangement of suspicious occasions constrained the USM CSO to demand actuation of the State's Emergency Operations Center. DRAFT

Slide 16

Module 2 Key Discussion Questions Does the college have firewalls and countermeasures set up to ensure the digital framework? Does the college plan to keep up instructive operations on account of an extensive scale digital assault? Assuming this is the case, what plan is set up for keeping up coherence of direction/business? Does the college have set up correspondence conventions with group and crisis reaction accomplices amid a monstrous digital assault? What is the colleges plan to speak with media for most recent data scattering? What is the colleges plan to speak with crisis reaction accomplices amid a digital assault of this nature? DRAFT

Slide 17

Module 2 Questions DRAFT

Slide 18

Scenario Briefing – Module 3 March 09, 2010 After assessing the affirmed episodes, the Governor verified that the dangers were facilitated and sufficiently genuine to stand up the State Emergency Operations Center and revealed the circumstance to the MS-ISAC. A few Federal law authorization, insight, country security, safeguard, and part particular divisions/organizations were advised. The State got one of the fake Malware CDs and effectively introduced countermeasures to effectively stop the assaults, the USM CSO got sign from the aggressors that this sort of circumstance would reoccur if their blackmail requests were not met. The State considered the risk important, planning endeavors with the Federal Bureau of Investigation (FBI) to secure the enemy and proceeded with their digital reaction techniques. DRAFT

Slide 19

Scenario Briefing – Module 3 March 09, 2010 While the country kept on encountering broad effects of assaults on the IT and Communications parts, the "hacktivists" directed individual colleges. The "hacktivists" purpose was to bring about falling disturbances originating from particular, centered assaults. As the occasions unfurled, law requirement and insight offices assembled data and reacted as fundamental. As a team with the affected private segment elements and other government organizations, law authorization and the Intelligence Community attempted to stop assaults and reestablish trust in the Internet. Every taking part association depended on trusted connections and fashioned new correspondences ways to share data and assemble and go along situational mindfulness.

Slide 20

Module 3 Key Discussion Questions What enter methodology are set up to bolster the congruity of basic college operations, amid a school conclusion? The accompanying things ought to be considered amid dialog Air quality/HVAC framework capacities Communication/Eagle Alert Systems Payroll Student Accounts How much time/school days does the college need to repair the digital framework?

Slide 21

Module 3 Key Discussion Questions (Continued) What is the colleges plan to keep up checking for conceivable resurgence of the PC infection/assault? Does the college have understandings set up with nearby or potentially State crisis reaction elements in regards to digital safety efforts? What are USM strategies to maint