By Matt Boxler
NEWPORT, R.I. – An initiative designed to help the Rhode Island business community become more resilient and better prepared to mitigate and prevent cyber threats has been organized by Salve Regina’s Pell Center for International Relations and Public Policy.
Beginning next week, the Rhode Island Corporate Cybersecurity Initiative will include seminars, a six-hour table top exercise for senior leaders and executives, and a follow-up workshop planned over the next three months. To date, senior leaders and decision makers representing a dozen Rhode Island businesses have signed on to participate.
Objectives of the program are to promote cybersecurity awareness and training; analyze and discuss real world examples of threats; encourage information, intelligence and resource sharing in preparing for, responding to and mitigating cyber intrusions; and identifying and promoting best practices, business continuity and resiliency planning.
The initiative is part of an ongoing effort at the Pell Center to focus on the issues of cybersecurity and cyber leadership development. Other events will include briefings on emerging cyber threats and responses, lectures with leading cybersecurity experts, training classes, working group meetings, and other boardroom cybersecurity exercises.
In November, Melissa Hathaway, American private sector cybersecurity
experts who also helped develop cybersecurity policy in both the Bush and Obama administrations, will present a lecture at Salve Regina outlining why corporations should care about the issue.
“Experience has demonstrated that meeting the cyber challenge requires a panoply of solutions, including improved awareness, staff training, information sharing, and new frameworks for collaboration and education,” said Dr. James Ludes, Pell Center executive director. “The Pell Center’s cybersecurity initiative can play an important role in meeting the challenges we all face today.”
“Cyber threats are real and have the potential to undo all the economic, social, and military advances enabled by the information revolution,” said Francesca Spidalieri, Pell Center fellow. “This is not hyperbole. It’s why the President spoke of cybersecurity in his state of the union address, and it’s why the director of the National Security Agency warns of ‘the greatest transfer of wealth in history.’ Private sector leaders have a critical role to play in responding to this threat because so much critical infrastructure is made up of privately owned networks and systems—but also, quite frankly, because corporations are the primary targets of cyber-attacks and cyber-espionage.
This program is an exclusive, invitation only series that is not open to the general public. Call to arrange advance interviews with event organizers, Dr. James Ludes, Pell Center executive director; and Francesca Spidalieri, Pell Center fellow and author of the studies – “One Leader at a Time: The Failure to Educate Future Leaders for an Age of Persistent Cyber Threat” and “Joint Professional Military Education Institutions in an Age of Cyber Threat.”
Following are session topics for the upcoming Rhode Island Corporate Cybersecurity Initiative:
Cybersecurity Awaress: Don’t be a Target (Two sessions, Sept. 11 and 12)
In this two-hour seminar, participants are introduced to the fundamentals of cybersecurity. Class emphasis is on awareness and how individuals can protect themselves, their families and thereby be responsible stewards of cyber assets in their workplace. Attendees are presented examples of cyber-attacks that have had a significant impact on individuals, organizations, and communities. They will then be offered measures and techniques they can employ to lower their risk and exposure to cybersecurity threats. Attendees will be given handouts addressing cyber hygiene, wireless security, and online commerce.
Rhode Island Corporate Cybersecurity Table Top Exercise (Oct. 9)
In this event, senior leaders and executives in the private sector will participate together in a six-hour facilitated cybersecurity tabletop exercise. This is not an IT exercise – it is a cross-industry discussion-based exercise designed for senior leaders and decision makers who can affect change and make the Rhode Island community more resilient to cyber incidents. The goal of this exercise is to encourage group discussion about vulnerabilities, policies and procedures, mitigation strategies, and information sharing. Participants will work through a scenario containing a series of events designed to address key cybersecurity issues. The exercise will emphasize the importance of protecting cyber infrastructure, information sharing, and no and low-cost solutions.
After-Action Report Workshop (Nov. 13)
This workshop provides critical exercise follow-up. Prior to this workshop, facilitator and participant observations and feedback from the exercise are combined into a draft AAR, summarizing lessons and potential areas of improvement. This draft report is presented to workshop participants for immediate review and comment. Following this review, attendees will participate in the development of an Improvement Plan Framework. This framework will be the foundation in assisting participating organizations in the prioritizing of their applicable improvement plans and in the cultivation of information sharing and cooperation activities. This future cooperation will make Rhode Island’s corporate community more resilient to cyber incidents.