Cybersecurity Disasters – When Our Worlds Collide
Have you heard? TAGITM is hosting a one day Joint IT/EM Cybersecurity Summit on March 4 at the Norris Conference Center Dallas . This is an excellent opportunity to have both the Office of Emergency Management professionals and Information Technology professionals in the same room talking about how best to coordinate in the event of a cybersecurity incident. We will discuss what it means to have a declared cybersecurity disaster, and what resources are available regardless of whether a disaster is declared. First, we will hear from the DIR State Cybersecurity Team talk about the new cybersecurity legislation and the programing that DIR has developed to aid agencies. We will then have a presentation from Texas Division of Emergency Management (TDEM) to better understand what resources are available from the state and what prerequisites must be met in order to receive them. In addition to this we will have representation from DHS to clarify what role they would potentially play in a cyber event. One of our very own agency members, IT Director Andy Horn with Carrolton, will discuss with the group first hand knowledge of things to be aware of when bad actors have compromised resources. This event is not only designed to inform, but to initiate conversations and strengthen relationships between EM and IT departments, so do not hesitate to invite your Emergency Management departments. Please come join us for this unique opportunity.
Wednesday, March 4, 2020
||Registration, Networking and Refreshments
Presentation by DIR State Cybersecurity Team - Download Presentation
HB3834 and What it means to you, DIR’s Managed Security Services, Statewide Incident Response, Best Practices in Cybersecurity to Prevent Ransomware
Andy Bennett - Deputy CISO, Texas DIR
Andy is a boot-wearin’ native Texan with a history of delivering results and exceeding expectations. He is a Seasoned executive and technology leader with a passion for security and an earned reputation for delivering high quality, usable results. He is a front-line leader with more than 2 decades of progressive responsibility spanning every aspect of the enterprise from Service and Support to, IT Ops, App Dev, Enterprise Architecture, and Information Security.
A business partner and advocate with a strong background in large scale systems, applied research, business administration, enterprise systems management, SDLC, business continuity, procurement, fiscal and strategic planning, information security management and incident response. Prolific and compelling public speaker who enjoys discussing technology and security issues ranging from privacy and IoT to education and cyberwarfare. Collaboration master and transformational servant leader who knows that for tech to succeed we build systems to fit and serve people.
Broad experience, education, and exposure provide a breadth of perspective and depth of capabilities that few others can offer. Delivered results in an array of industries from oil and gas, to banking, retail, government, higher education, research, law enforcement and more. Able to see the big picture and understand how all the pieces of the enterprise information puzzle work together to drive business.
This will be an engaging conversation covering a number of current issues facing state and local governments, including the following:
- House Bill 3834 and what it means to locals
- DIR’s Managed Security Services
- Statewide Incident Response
- Key technologies and best practices to preventing ransomware
Presentation by TDEM - Download Presentation
Cyber Security and the EM's Role
Josh Roberts is an Assistant Chief for Texas Division of Emergency Management (TDEM), serving Region 1 and its 42 counties throughout the greater Dallas-Fort Worth metroplex, Texoma and northeast Texas areas.
Josh has served 12+ years in several positions in emergency management agencies at state- and local-levels in Texas and Florida. Prior to his current post within TDEM Josh was the Emergency Manager and Neighborhood Services Director for the city of Lewisville, Texas. In varying capacities Josh has worked numerous large-scale incidents and events, including 15 state and federal disaster declarations, and administered several programs within local emergency management agencies across all phases of disaster. Within TDEM, Josh has previously served in the District Coordinator and regional State Coordinator roles.
Josh has a Bachelor’s of Science in Emergency Administration and Planning and a Master of Public Administration degree, both from the University of North Texas. Josh holds his Certified Emergency Manager (CEM®) certification with the International Association of Emergency Managers.
Sarah Haak is a District Coordinator with the Texas Department of Emergency Management (TDEM). Her area of responsibility (AOR) covers district 4B in North Central Texas which covers 144 jurisdictions including the east side of the DFW Metroplex. In her position she is responsible for coordinating and delivering emergency management and homeland security programs at the state level with local governments, emergency response organizations, regional organizations, other state agencies, volunteer groups and private industry partners in her AOR. During her time with TDEM she has responded to 9 federally declared disasters and a multitude of state and local disasters including the 2014 Ebola incident, the 2016 Dallas Police Shootings, and Hurricane Harvey, and the October 2019 tornados in Dallas and Richardson to list a few.
Prior to joining TDEM, Sarah spent 10 years working with the Federal Government in Washington, DC. She spent 3 years with the Department of Homeland Security doing policy analytics and helping to craft the Quadrennial Homeland Security Review. She spent 7 years at the National Institutes of Health focusing on reproductive endocrinology and biological contaminate research. Sarah began her career in the insurance industry providing, among other things, terrorism coverage for airlines.
Sarah holds a Master of Business Administration and a Master of Science in Homeland Security Management with a specialization in Emergency Management from The University of Maryland and is currently pursuing her doctorate degree in Emergency Management.
In the world of emergency management we are charged with planning for and responding to all hazards incidents. The traditional hazard profile has evolved past just natural disasters to also include man made hazards, such as cyber security attacks. As this is a newer threat, the preparedness and response strategies to the hazard are being developed by evaluating and sharing lessons learned from jurisdictions that have been recently impacted. This presentation is a summation of those lessons learned and is aimed at sharing information to help a jurisdiction assess how big is big and how bad is bad on their “Worst Cyber Day”. Specifically it will examine recent cyber-attacks that have impacted Texas.
This presentation will discuss the necessary preparedness, response, and recovery efforts for a cyber-security incident from an emergency manager’s perspective. It covers a synopsis of the types of cyber-attacks, as well as applicable state and federal legislation that drive and support our incident organizational design and emergency operation centers (EOC). In addition, it covers the relevant data inputs to know about your own jurisdictions a head of the incident to be able to quickly develop a common operating picture, share situational awareness with your stakeholders, and request assistance if needed.
This presentation posits that from an emergency manager’s perspective, holistically, the primary organizational difference between the response and recovery actions to a cyber-security incident or any other (such as a tornado or biological attack) is only the lead subject matter expert in the EOC. The presentations goal is to help develop a cooperative effort strategy with previously non-traditional EOC partners, which will enable us a whole community to respond to and recover from a cyber-security incident in the most efficient and effective way possible.
Sponsored by: Datrium
Datrium's Mission to Mitigate the Risk of Ransomware
Cameron Joyce from Capital One to Heartland Payment Systems, Cameron has spent his career hardening and streamlining enterprise applications. Over two years ago, having been a Datrium customer at Altair Global, Cameron took over the role as Lead Architect for Datrium, South Central US.
Until now, DR has been more disaster than recovery. With Datrium, VMware users finally have a true DR option and instant ransomware recovery by converging primary storage, backup, disaster recovery, mobility, and encryption into a single platform. Datrium DVX is the leading disaggregated HCI (DHCI) solution in the market today with a consistent data plane that works seamlessly across private and public clouds. Including the only converged platform that has achieved FIPS 140-2 Cryptographic Certification, utilizing the AES-XTS-256 military grade crypto algorithm. By integrating a catalog and policy engine over per-VM snapshots, Datrium enables customers to instantly restart any workload from local or AWS Gov Cloud S3 backups during a disaster, delivering protection from threats like natural disasters and ransomware.
Sponsored by: Datrium
Agency Presentation - Download Presentation
Critical Considerations Before a Disaster Declaration
Andy Horn is the Director of Information Systems for the City of Carrollton. He took the role in August of 2019 after 13 years of service with the City in the Police Department where he managed human resources, internal affairs, threat assessments, critical incidents, training, and public relations during his tenure, all of which would come in more handy than one might have expected. Andy was brought over to IS in a role which was traditionally a handler of a managed services contract, but has rapidly changed a great deal.
The City of Carrollton experienced a cyber-attack in late 2019 that had significant impact on internal services. Discussions about what must be done to remediate began immediately – but were difficult to identify with an unknown number of challenges ahead. The key stakeholders of the City began discussions which would ultimately result in a decision to declare, or not to declare a disaster in the wake of this emergency. A high level assessment of the thought processes, seats at the table, risks, and political impacts of a cyber disaster declaration will be reviewed, along with an opportunity for discussion about impact of the event.
||Afternoon Break & Exhibits
Presentation by DHS - Download Presentation
Utilizing DHS Cybersecurity and Infrastructure Security Agency Free Tools and Resources
Jeffrey T. “Jeff” Murray currently serves as the Protective Security Advisor (PSA) assigned
to the Field Operations Branch, North Texas District in Dallas, Texas. He previously held
PSA positions in New Mexico and Washington D.C. Mr. Murray supports liaison activities
among Department of Homeland Security (DHS) and other Federal agencies, State and local
governments and the private sector on security matters relative to the protection of the
Nation’s critical infrastructure and assets. As a PSA, he is the Federal focal point of contact
for infrastructure owners and operators and meets regularly with site security personnel and
officials to share information, review protection plans and identify requirements for
protection support by DHS and other Federal Agencies.
Prior to becoming a PSA, Mr. Murray served as an Incident Management Officer with the
DHS Office of Operations Coordination (OPS) fulfilling the duties of Chief of Staff for the
Principal Federal Official Program. Mr. Murray was responsible for all administrative and
logistic aspects of the program and served as a liaison among the divisions within OPS. Mr.
Murray also served as a Senior Intelligence Analyst assigned to the Office of Intelligence and
Analysis detailed to the DHS National Operations Center. Mr. Murray supported the Senior
Watch Officer by providing indications and warning of emerging threats to the homeland and
maintained close collaborative relationships with the agencies that comprise the U.S.
Prior to his service with DHS Mr. Murray served as a police officer for the city of
Hollywood, Florida Police Department. He served as a Neighborhood Team Leader
coordinating with citizens, business owners, elected officials and department command staff
to address trends and incidents in his assigned neighborhood. As a police officer, he was a
certified firearms instructor, hostage negotiator and special weapons and tactics officer.
Mr. Murray began his public service career in the U.S. Marine Corps. The majority of his
career was spent as a counterintelligence (CI) specialist providing antiterrorism and force
protection support to Marines deployed globally. As a CI specialist, he collected, analyzed,
produced, and disseminated intelligence based on human sources. He also produced threat
vulnerability assessments of facilities used to support Marine Corps deployments. He is also
a formally trained small arms repairman and infantryman.
Mr. Murray received a Master of Science in Homeland Security from the Naval Postgraduate
School and Bachelor of Science degree in Criminal Justice from Liberty University. He is a
certified firefighter and emergency medical technician and served with the Sterling (Virginia)
Volunteer Fire Company. He is married to the former Alison Stewart from Fort Lauderdale,
CISA is the Nation’s risk advisor, working with partners to defend against today’s threats and collaborating to build more secure and resilient infrastructure for the future. This presentation will discuss free tools and resources available to cybersecurity professionals from the Cybersecurity and Infrastructure Security Agency (CISA) and how to obtain them.
Texas Military Department (TMD) Cyber Capabilities - Download Presentation
LTC Chis Winner, Joint Cyber Operations Chief
The Texas Military Department's mission is to provide the Governor and the President with mission-ready cyber forces in support of state and federal authorities. This presentation will go over the scope and capabilities of TMD, and TMD's engagement at the state and national level.
NCTCOG Public Safety Cyber Working Group - Download Presentation
Mike Joy is an Assistant Emergency Management Coordinator with the City of Grand Prairie. In his current role, he is responsible for the continued coordination and programmatic needs of the city’s emergency management program with special emphasis on grants, trainings, and exercises. During his time with Grand Prairie, he has responded to 2 federally declared disasters and numerous local incidents including the 2015 North Texas Flooding, Icing events, straight line wind events, and Hurricane Harvey to list a few.
Prior to joining Grand Prairie, Mike has worked in numerous roles to include: carrying over $700,000 cash in a combat zone while in the Marines, operating heavy equipment, and even refining his customer service skills while employed at a local library. He ties in the unique qualifications of each position to his current role utilizing lessons learned to enhance job performance. Using simplicity as a virtue, Mike looks for ways to simplify processes for more effective and efficient coordination.
Mike holds a Bachelor’s of Science in Emergency Administration and Planning from one of the greatest higher education institutions, the University of North Texas.
Todd Landrum currently serves as the Information Security Officer for Denton County, and has close to twenty years of experience in IT engineering, management, and Information Security. Prior to joining Denton County Mr. Landrum was a Sr. Security Analyst and Engineer with Optum (United Healthcare.) In his early career he spent time as a server and network engineer, and eventually moved to IT management. Through mergers and acquisitions, and the vertical integration of Healthcare, the opportunity to manage IT integrations across large hospital organizations like Texas Health Resources, Dignity Health, and The Catholic Health Initiatives. The extensive Healthcare IT experience allowed him the opportunity to transition to Optum’s security and audit team to help address increasing regulatory requirements.. With multiple years deploying security tools and hands on experience with various security frameworks and audits, Mr. Landrum hopes to share his knowledge and experience with State and Local partners.
This presentation imagines a forum to which information technology professionals and emergency managers openly communicate about hazards in cyber-security and the organizational need for personnel and resources. We will discuss our mission, vision, and current objectives for the workgroup with possibilities for future priorities in this changing landscape and the need for a supportive community through collaboration, not disunion for the jurisdiction(s) affected. Our goal is to highlight awareness of this group’s creation through cooperative effort of law enforcement, information technology, and emergency management professionals while defining new opportunities to create more resilient communities.
Thank you to our Lunch Sponsor!
Thank you to our Table Sponsors!