National Cybersecurity Awareness Month
October was National Cybersecurity Awareness Month! CIRI celebrated with the Information Trust Institute (ITI) to share the latest research in cybersecurity, and information about how CIRI is developing the tools, processes, and workforce to help keep the nation secure.
Highlights of October included celebrating National Manufacturing Day as well as CIRI’s partnerships with USTRANSCOM, Mt. Hood Community College and Scriyb. The last two partnerships involve using CIRI’s Dashboard Tool to help train the next generation of cybersecurity professionals and help small businesses meet national standards.
CIRI attends Mobile World Congress
CIRI Executive Director Randy Sandone discussed our five mobile communications projects with attendees at Mobile World Congress last month in Los Angeles. CIRI attended the event – which highlighted intelligent connectivity and next-generation communications - in support of DHS Science and Technology Directorate and DHS’s Cybersecurity and Infrastructure Security Agency (CISA).
FEMA Region V RISC
In October, CIRI attended the FEMA Region V RISC meeting in Chicago, where CIRI's Noah Dormady of The Ohio State University presented on the Business Resilience Calculator. The calculator provides information to help business owners and managers to identify the most cost-effective strategies for enhancing the resilience of their businesses in the event of disruptions caused by natural disasters.
FEMA Region V supports the citizens and first responders in six Midwestern states, including Illinois.
National Defense Transportation Association Fall Meeting
We attended the National Defense Transportation Association (NDTA) U.S. Transportation Command Fall Meeting 2019, to talk with attendees on the tradeshow floor. We also demo'd our technology that helps companies keep their supply chain secure.
The NDTA is a group of government, military, and private sector professionals whose goal is to solve pressing challenges in the fields of logistics, transportation, and passenger travel services.
November is National Critical Infrastructure Month! This month, CIRI's social media will focus on the importance of CIRI’s work to improve mobile networks; information, communication and technology of the supply chain, humanitarian assistance and disaster recovery; and the interdependencies of the nation's critical infrastructure.
CIRI will be attending the following events in the coming months, we hope to see you there!
- Maritime Risk Symposium, November 13-15, Throggs Neck, NY
- NIST NICE Conference, November 18-20, Phoenix, AZ
- Consumer Electronics Show, January 7-10, Las Vegas, NV
- RSA Conference, February 24-28, San Francisco, CA
Empirical Security Analysis of the Wireless Emergency Alerts System
PI: Sangtae Ha, Boulder Colorado
This project proposes a study that includes an empirical evaluation of the commercial mobile alert service (CMAS)/ Wireless Emergency Alerts (WEA) LTE physical layer attacks and possible defenses through the collaboration with commercial mobile carriers and government stakeholders. Specifically this work will replicate the vulnerabilities of CMAS/WEA, work to understand CMAS/WEA threats, evaluate a real-world attack response, and address discovered vulnerabilities. After those tasks have been completed the group will also explore mitigation solutions for found CMAS/WEA vulnerabilities.
Characterizing End-to-End Risk of the Telecommunications Supply Chain
PI: Iris Tien, Georgia Tech
Telecommunications infrastructure in the U.S. is rapidly changing, resulting in the introduction of new physical assets and operational procedures to the provision of telecommunications services. Varying elements of the supply chain pose risks in the ability to provide telecommunications services. It is critical to be able to identify vulnerabilities in the system to be able to assess and manage risks in addition to forming recommendations to mitigate and reduce risk. This project will comprehensively characterize end-to-end risk of the telecommunications supply chain.
Protecting the Nation’s 911 System from Cyber Threats Present and Future
PI: Karthik Balasubramanian, Karthik Consulting, LLC
Cyberattacks against the nation’s legacy 9-1-1 system have begun, Telephone Denial-Of-Service attacks have already occurred. The Department of Homeland Security recognizes the Emergency Services Sector, and specifically the 9-1-1 Public Safety Answering Points as part of the nation’s critical functions of its Critical Infrastructure, and one that is to be protected. This work seeks to develop guidance, approaches, and best practices that can assist large and small Emergency Communication Centers operations in strategizing and architecting their networks and organizations to address the highest risk areas.
Safety and Security in Remote Bridge Operations
PI: Randy Sandone, University of Illinois at Urbana Champaign
There is a growing request to convert drawbridge operations from onsite to remote operations over a cyber-physical control network. This must be done in a way that prioritizes safety and security. This research project will provide standards and guidelines that the United States Coast Guard can use to develop policy and regulations for remote bridge operations and will deliver an accessible, intuitive tool that can be used by remote bridge owners and operators to implement and maintain conformance to those policies and regulations.
| || |