Cyber Attacks Threaten: privacy reliability safety resiliency 2

  • View

  • Download

Embed Size (px)

Text of Cyber Attacks Threaten: privacy reliability safety resiliency 2

Title of Presentation

Cyber Attacks Threaten:privacyreliabilitysafetyresiliency22Critical Infrastructure SectorsChemicalsCommercial FacilitiesCommunicationsCritical ManufacturingDamsDefense Industrial BaseEmergency ServicesEnergyFinancial Services

Food and AgricultureGovernment FacilitiesHealthcare and Public Health Information TechnologyNuclear Reactors, Materials, and WasteTransportation Water and Wastewater

85% of critical infrastructure is privately held3Cybersecurity Global Tensions on the Rise-Mickley McCarter, Judi Hasson & Dan Verton, Homeland Security Today, April 2013Power Hacking - Electric utilities are a growing target for international cyberattacks-Daniel James Devine, World Magazine, June 29, 2013Cyberattacks Against U.S. Corporations are on the Rise-David E. Sanger & Nicole Perlroth, The New York Times, May 12, 2013NSA Chief Says U.S. Highly Vulnerable to Cyber Attack- Deborah Charles, Reuters, June 12, 2013Should Companies Be Required to Meet Certain Minimum Cybersecurity Protections?-Siobhan Gorman, Wall Street Journal, May 10, 2013

4Syrian Hackers Try to Attack Haifas Water Supply- Peak Water.orgApril 2012 - Internal computer attack on Iranian oil facilitiesMay 2012 - Cyberespionage malware discovered on Iranian Oil Ministry computersJuly 2012 - 800 critical infrastructure engineering firms, government agencies, financial houses and academia attacked by virusAug. 2012 - 30,000 Aramco computers attacked by virusSept. 2012 - Hackers attack banks (Bank of America, Chase, NYSE, etc.)Dec. 2012 - Two power plants in the U.S. attacked by malwareJan. 2013 U.S. banks attacked again, including Ally, Capital One and PNCFeb. 2013 - DHS reports that cyber criminals targeted 23 gas pipeline companies and stole information, potentially to be used for sabotageHomeland Security Today Magazine, April 20135Significant Cyber AttacksThe Numbers40% of reported cyber attack attempts in 2012 were on energy facilities6Cyber Attacks Can Be Devastating7We Must Be VigilantStatesFederal GovernmentRegulatorsUtilities/Industry

we all have a role8What Should We Be Doing?CommunicatingCollaboratingBuilding on lessons learnedSharingBest practicesConcerns9NARUCs EffortsEducational opportunitiesCybersecurity for state regulators primerCritical Infrastructure Committee

Themes =10Ask Questions& Be Proactive

It is our duty as regulators11Whats Indiana Doing?We have been proactiveCyber trainingContinued discussion with FBI, DHS, and cybersecurity expertsMeetings with utilities and RTOsWe have encouraged dialogueState law allows confidential executive sessions under IC 5141.56.1(b)(13)

12The Threat is RealIt is dynamic.We may never master it.But, we can manage it.13Questions?14