CISA Region I (RHODE ISLAND) TLP:WHITE Cybersecurity Advisor Program

CISA Region I (RHODE ISLAND) TLP:WHITE Cybersecurity Advisor Program MIKE (ROLAND) TETREAULT Cybersecurity Advisor, Region I (RI) Cybersecurity and Infrastructure Security Agency (CISA) Cell: 202-941-1288 EMAIL: [email protected]

Cybersecurity Advisor Program TLP:WHITE CISA mission: Lead the collaborative national effort to strengthen the security and resilience of America’s critical infrastructure In support of that mission: Cybersecurity Advisors (CSAs): Assess: Evaluate critical infrastructure cyber risk. Promote: Encourage best practices and risk mitigation strategies. Build: Initiate, develop capacity, and support cyber communities-ofinterest and working groups. Educate: Inform and raise awareness. Listen: Collect stakeholder requirements. Coordinate: Bring together incident support and lessons learned. 2

Misconceptions Vs. Reality TLP:WHITE Common Misconceptions Reality You need a big budget! Step-by-step process: Crawl-Walk-Run Silver Bullet! Get the “101” stuff in order Why would we be a target? A good asset inventory There’s too much to do! Research the solutions! We don’t own the risk! You do own the risk! 3

3 Items to Take Away 1. Ransomware, Information Stealers, and Banking Trojans are still the most likely threat to organizations typically originating as Phishing activity. Cyber Awareness Training is where this defense starts! 2. Continue to focus your efforts around building a Cyber Hygiene organizational culture first then build detection and response capacity to identify and contain known malicious activity quickly. 3. Public and Private partnerships absolutely make a difference. We have come a long way when it comes to threat information sharing across the cybersecurity community and it is absolutely making a difference in our ability to respond and deter the threat actor. CISA values partnerships and is counting on a community approach to better protect and safeguard the homeland. TLP:WHITE Visit CISA.gov/ransomware for more information. 4

TLP:WHITE CISA Cybersecurity Offerings Local CSA Provided CISA HQ Response Assistance Preparedness Activities Information/Threat Indicator Sharing Cybersecurity Training and Awareness Cyber Exercises and “Playbooks” National Cyber Awareness System Vulnerability Notes Database Information Products and Recommended Practices / MS-ISAC – EI-ISAC Cybersecurity Service Offerings Cyber Resilience Reviews (CRR) External Dependency Management (EDM) Cyber Infrastructure Surveys (C-IST) Cyber Security Evaluation Tool (CSET) Delivered by CISA Vulnerability Mgt Team Remote / On-Site Assistance Malware Analysis Hunt and Incident Response Teams Incident Coordination Cybersecurity Advisors (CSA) Assessments Working group collaboration Resiliency Workshops Best Practices private-public Incident assistance coordination Phishing Campaign Assessment (PCA) Cyber Hygiene Scanning (CyHy) Web Application Scanning (WAS) Remote Penetration Testing (RPT) Risk & Vulnerability Assessment (RVA) Protective Security Advisors Physical Security Assessments Incident liaisons between government and private sector for CI protection Support for National Special Security Events Red Team Assessment (RTA) Validated Architecture Design (VADR) Critical Product Evaluation (CPE) CISA Qualification Initiative (CQI) 5