Dear InfraGardNCR Members,
We just wrapped up the 15th National Cyber Security Awareness Month and now we launch into Critical Infrastructure Security and Resilience Month. It's a busy time!
As I mentioned in my first letter to you, we recently welcomed several new board members and held our annual board retreat on October 1st. It was a productive day discussing our mission, setting goals, and planning activities for 2019. I'll share with you additional details in the coming months, but one of the highlights included the participation of our FBI Washington Field Office (WFO) partners. Not only were our coordinators present, but their supervisors from the Intelligence Division also attended and shared with us WFO's threat priorities for the coming year. They believe we are positioned to be valuable partners and contributors to the overall threat picture of the national capital region. We are poised to be a conduit to share intelligence and inform their agents, analysts and professional staff of private sector concerns and needs. By integrating the FBI's goals/threat information with our priorities and activities, we will better serve our FBI partners and, ultimately, you in your efforts to protect critical infrastructure.
We also discussed how we can maximize our impact, locally and nationally, and align our efforts with other successful chapters to drive common goals. One of the ways we want to do this is by asking you, our members, what you want out of InfraGard? We've developed a short survey (Survey Monkey says it should take 3 minutes to complete!) and intend to share the results of what you are looking for and how it would be most effective for you to receive it. We want you to know the WIIFM (what's in it for me?) when you think about your InfraGard membership and feel that you are getting something out of your participation - at whatever level that may be.
Please take 3 minutes to share your thoughts here:
Specifically for the members of our chapter that self-identify as being in the "IT sector" (which is almost 40% of our chapter!), we recently invited you to participate in a listserver to share best practices, indicators of compromise, and query peers for advice in resolving issues. We further recognize there's a difference between "IT" and "cyber." Given that DHS has designated "IT" as one of the critical infrastructure sectors, we have followed their lead and named it the "IT listserver." It has come to our attention, however, that "IT" might not adequately encompass what we are trying to accomplish. Perhaps a more accurate name would be the "Cyber Listserver" as we hope this will be a tool for cyber practitioners to collaborate on both technical matters and "human challenges" to help safeguard assets/intellectual property/personnel in ANY critical infrastructure sector. You may have heard, our chapter spear-headed the first national, real-time, peer-to-peer listserver for InfraGard - the Cyber Health Working Group. Designed for cyber practitioners in the healthcare sector, this 1000+ member group corresponds every day on things like the following:
Sharing initial identification of infection vectors for emerging malware
Querying peers about new patterns of spam hitting their company firewalls
Soliciting ideas for formulating thumb drive policies
Discussing when and how third-party vendors are permitted to access internal networks for patching purposes.
Since so many of our members are cyber practitioners, we hope you'll consider joining this listserver and sharing your expertise - and questions - with your peers. To review the initial email we shared about this, which includes how to sign up, click here.
Lastly, it's Critical Infrastructure Security and Resilience Month (#CISRmonth)! DHS has designated November to build awareness around and appreciation of the importance of critical infrastructure and reaffirms the nationwide commitment to keep our critical infrastructure and communities safe and secure. Securing the nation's infrastructure is a national priority that requires planning and coordination across the entire community. We know owners and operators of critical infrastructure don't need a special month, they live and breathe security and resilience every day! But we do need to ensure we are informed of emerging risks; that we are building and enhancing the right partnerships; and we are reinforcing InfraGard's role in infrastructure security and resilience.
So what can you do? JOIN US on November 7th for the leading-edge program focused on the benefits and risks of drones to critical infrastructure. Full agenda and registration can be found here: https://www.eventbrite.com/e/rise-of-the-drones-benefits-risks-of-uavuas-to-critical-infrastructure-tickets-47431645328
Please feel free to share your thoughts, questions or concerns with me, any of our Board members, or our FBI coordinators (email addresses below). As we slide into the end of 2018 and begin the holiday season, we hope you stay safe and healthy and remain vigilant!
With best regards,