How CESER’s SLTT Program Improves Cybersecurity
What Are the Cybersecurity Threats to Energy Infrastructure?
The federal Cybersecurity and Infrastructure Security Agency (CISA) is tasked with protecting the assets, systems and networks that underpin American society and its economy. In 2021, CISA launched the Joint Cyber Defense Collaborative (JCDC) to bring federal, corporate, state, local and tribal players together.
“Experts across all levels of government and the private sector work with JCDC to gather, analyze and share actionable cyber risk information to enable synchronized, holistic cybersecurity planning, cyber defense and response to reduce risk to critical infrastructure,” says CISA Associate Director Clayton Romans.
It’s a robust group that includes AT&T, Broadcom, Cisco, Microsoft, Verizon, the Office of the Director of National Intelligence, the FBI, the National Security Agency and the Department of Defense. “State and local partners can engage at the level of effort that reflects their operational requirements and resource availability,” says Romans.
JCDC welcomes new members and makes it easy to join; there isn’t even an application.
EXPLORE: How the Jefferson County, Colo. is leaning into digital transformation.
Over the past two years, CISA has worked closely with state, local and tribal organizations to track and defend against the Chinese ATP41 phishing campaign targeting energy, manufacturing and governments around the world. Special focus was put on sharing multiple zero-day vulnerabilities used as initial intrusion vectors.
“New threats are always evolving,” says Chris Stallings, director of the Georgia Emergency Management and Homeland Security Agency. “While we have focused on the physical integrity of our most critical needs, we also have to focus on our cyber hygiene. This is an extremely important but thin tightrope being walked by all those in homeland security and in federal, state and local law enforcement.” Education of employees is key.
Stalling’s agency also has begun working more closely with CISA and CESER. “This is a new relationship we’re excited about. Pushing cybersecurity forward is a key responsibility of not only homeland security but also emergency management,” he says.
Other states have been working with the feds on a long-standing basis.
“We worry about everything,” says New Jersey CISO Michael Geraghty. He’s also director of the state’s Cybersecurity and Communications Integration Cell, a group that includes regular input from regional FBI, DHS and CISA officials. “It’s been going on for years and years. We pervasively collaborate,” he says.
Gloss