/
TFOPA WG1 Cybersecurity SUPPLEMENTAL REPORT TFOPA WG1 Cybersecurity SUPPLEMENTAL REPORT

TFOPA WG1 Cybersecurity SUPPLEMENTAL REPORT - PowerPoint Presentation

yoshiko-marsland
yoshiko-marsland . @yoshiko-marsland
Follow
347 views
Uploaded On 2018-11-02

TFOPA WG1 Cybersecurity SUPPLEMENTAL REPORT - PPT Presentation

FCC Task Force on Optimal PSAP Architecture Working Group 1 Second and Final Report Phase II Work FCC Task Force on Optimal PSAP Architecture InDepth Review of Emergency Communications Cybersecurity Center EC ID: 710350

recommendation information ec3 wg1 information recommendation wg1 ec3 level sharing additional communications state psap public safety cybersecurity force task

Share:

Link:

Embed:

Download Presentation from below link

Download Presentation The PPT/PDF document "TFOPA WG1 Cybersecurity SUPPLEMENTAL REP..." is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.


Presentation Transcript

Slide1

TFOPA WG1 CybersecuritySUPPLEMENTAL REPORT

FCC Task Force on Optimal PSAP ArchitectureWorking Group 1Second and Final ReportSlide2

Phase II WorkFCC Task Force on Optimal PSAP ArchitectureIn-Depth Review of Emergency Communications Cybersecurity Center (EC3) ConceptThe Task Force adopted WG1’s recommendation calling for creation of an additional PSAP security layer known as the Emergency Communications Cybersecurity Center (EC3).  WG1 conducted further study of the which included:

What operations and costs might look like if established on local, state or regional level; Possible existing solutions for integration into the conceptAlternative solutions Slide3

FCC Task Force on Optimal PSAP ArchitectureEmergency Communications Cybersecurity CenterSlide4

Approach and ProcessWG1 believes there are viable opportunities to capitalize on existing, real-world implementations and knowledge.WG1 invited several prospective vendors in this space to make a single, targeted presentation to the WG and describe their possible approach and high level (ROM) costs.Two (2) vendors accepted the invitation.Slide5

The ReportCost modelsWG1 utilized information from these presentations, as well as additional presentations from DHS OEC, to generate an expanded conceptual model for deployment options.WG1 was also able to use some of the cost estimates to derive a very high level, rough order of magnitude, cost model. This model is not intended to be a definitive list of options or costs. Only to provide some additional information and points of consideration to agencies and organizationsThe cost models also illustrate the highly variable nature of implementation in this spaceSlide6

The ReportCost modelsThe rough order of magnitude estimate for operational expenses of a small to medium EC3, supporting multiple small or medium sized PSAPs would be $1,299,346 per year. This is based on the additional information provided to WG1 during this second phase.Using the same logic, a larger center, capable of supporting multiple medium to large PSAPs, with a great deal more traffic and real time scanning and analysis requirements, would be approximately $2,575,393 per year. This assumes a center with twice as many personnel as the small/medium EC3.These costs can, and will, vary widely and are only provided as estimates for high level planning.Slide7

WG1 members had several discussions as to the need to ensure that information that could impact public safety communications operations.Sources and partners included Federal and State resources at all levels of classification.Identified a need for information to be appropriately disseminated as soon as possible to the public safety communications community.With the assistance of DOJ (Joe Heaps) and ODNI (Michael Kennedy) representatives to WG1, information on existing potential avenues for doing so has been shared in this report.WG1 included links to this data, a summary of the opportunities for information sharing, and has included recommendations to the FCC Public Safety & Homeland Security Bureau for consideration by the Commission.

The ReportInformation SharingSlide8

The Information Sharing Environment (ISE) broadly refers to the people, projects, systems, and agencies that enable responsible information sharing for national security. This includes many different communities: law enforcement, public safety, homeland security, intelligence, defense, and foreign affairs. While they work in different disciplines and have varying roles and responsibilities, members of these communities all rely on timely and accurate information to achieve their national security mission responsibilities. Although the nature is unclassified, Sensitive but Unclassified (SBU) information is a cornerstone for decision making across ISE communities. The goal is to enable Federal, State, Local, and Tribal ISE communities to share SBU information regardless of who owns the underlying systems or information.

The ReportInformation Sharing EnvironmentSlide9

Recommedation #1: Provide a funded pilot for the development and deployment of an EC3 including Network and Wireless / Wireline sensors and IDPS functionality. Sources and partners included Federal and State level resources at all levels of classification.Recommendation #2: Encourage public safety communications community to learn about and participate in Information Sharing Environments. With the assistance of DOJ (Joe Heaps) and ODNI (Michael Kennedy) representatives to WG1, information on existing potential avenues for doing so has been shared in this report.Recommedation #3: Support research into additional capabilities for integration with the EC3 model. The ReportRecommendations – Near TermSlide10

Recommendation #4: Investigate additional network and wireless carrier sensor implementations for alternate technologies, best practices and lessons learned. Recommendation #5: Encourage 9-1-1 Authorities to inventory their systems and participate in Critical Infrastructure Cyber Community Voluntary Program. Recommendation #6: Encourage 9-1-1 Authorities to investigate and discover programs mentioned in this and the original TFOPA reports within their regions. The ReportRecommendationsSlide11

Recommendation #7: Develop a comprehensive plan or a roadmap, for build out of EC3 and/or cybersecurity core to protect NG9-1-1 core services. Recommendation #8: Provide a gap analysis on the currently available capabilities and the ideal state of deployment at a national level (supportive of local control and enabled through state-level coordination). Recommendation #9: Require carriers, vendors and application developers to participate in cybersecurity best practices when interfacing with NG911and other PSAP/PSCC systems. The ReportRecommendations – Mid TermSlide12

Recommendation #10: Complete build out and deployment of EC3s on national level and interconnect all PSAPs, PSCCs, EOCs, and potentially FirstNet. While executing on the comprehensive plan defined in Recommendation #5, this recommendation could be supported by development of NG911-specific policy related to cybersecurity; creation of best practices, standards, and defined requirements for EC3 implementation and operational models; and continued outreach to the public safety community regarding EC3 benefits. The ReportRecommendations – Long TermSlide13

FCC Task Force on Optimal PSAP ArchitectureThank You