[CDP-development] Recap- Quarterly Cyber Disruption Meeting 4/12 9AM

ALBIN Cinnamon S * DAS cinnamon.s.albin at das.oregon.gov
Thu Apr 13 16:22:09 PDT 2023 

Good afternoon,
It was great seeing everyone yesterday. Below is a high level recap of our meeting. Please reach out if you have any questions or if something isn't captured correctly.



  1.  Welcome - Jessica Chastain, Klamath County Chair opened the meeting and welcomed new members
  2.  CISA Update - Theresa Masse, CISA, , reminded members to sign-up for CISA vulnerability scanning, Known Exploited Vulnerabilities Catalog, Cyber TTX, and all the great (no cost) resources on the CISA.gov website.
  3.  CSS SOC - Les Defoor, CSS, discussed a security situation at a small organization. Reinforced to ask for help and to keep non business devices off of protected systems. There is a lot of risk to protected systems.
  4.  Vendor Readiness - Group discussed the various way each assess vendor readiness. Samples from the group are attached. We appreciate the willingness to share. Please note these are shared as examples and everyone needs to evaluate what works best for their own organization.
  5.  Cyber Grant Update: Services- Cinnamon Albin, CSS, shared the cybersecurity plan is being drafted and that the focus lately has been on developing the service catalog that will go will it. The group was asked for services they would like the grant to address. Please send service catalog input to Cinnamon.
  6.  Plan/Charter Update Discussion - Group discussed potential updates to the plan and if anyone was interested in serving as the chair. If no one is interested Jessica will continue as the chair. Cinnamon shared there will be a Cyber Disruption Plan exercise and lessons learned will be incorporated into the plan. Jessica discussed the need for having Memorandum of Understanding in place and asked if the group to share samples. Samples are attached. Please note the samples are from outside our group and everyone should work with their legal advisor and evaluate what works best for their organization.
  7.  Member Information Sharing -Group shared cyber situations and challenges. Will gave an update that LAPS has been update, "new and improved", and is now called Windows LAPS, https://aka.ms/AnnouncingWindowsLAPS Richard discussed challenges for Education Service Districts and schools and his grassroots approach. Momentum is growing and he has great support from his Superintendent. Theresa and Cinnamon will be presenting on cyber security at the ESD Conference in May.



Discussion around tools and who has experience they can share if interested include:


Darktrace - Jessica Chastain
IS Decisions (MFA) - Bill Hopkins
Silverfort Unified Identity Protection Platform (MFA) - Will WIlson

Take care,

[cid:image001.png at 01D96956.54440C70]

Cinnamon Albin
Interim Deputy Chief Information Security Officer
Enterprise Information Services
Cyber Security Services (CSS)
Cell: (971)707-1966
"Ensuring accessible, reliable and secure state technology systems that serve Oregonians."


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20230413/d1ec7c69/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 21907 bytes
Desc: image001.png
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20230413/d1ec7c69/attachment-0001.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: IT Requirements - Combined.xlsx
Type: application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
Size: 93063 bytes
Desc: IT Requirements - Combined.xlsx
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20230413/d1ec7c69/attachment-0001.xlsx>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Procedure 7-75 Appendix A Software Usage Restrictions Workflow Diagram (CM-1011).pdf
Type: application/pdf
Size: 322660 bytes
Desc: Procedure 7-75 Appendix A Software Usage Restrictions Workflow Diagram (CM-1011).pdf
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20230413/d1ec7c69/attachment-0004.pdf>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Policy 7-74 Software Usage and Restrictions (CM-10-11).pdf
Type: application/pdf
Size: 33072 bytes
Desc: Policy 7-74 Software Usage and Restrictions (CM-10-11).pdf
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20230413/d1ec7c69/attachment-0005.pdf>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Procedure 7-75 Software Usage and Restrictions (CM-10-11).pdf
Type: application/pdf
Size: 73341 bytes
Desc: Procedure 7-75 Software Usage and Restrictions (CM-10-11).pdf
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20230413/d1ec7c69/attachment-0006.pdf>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Quilt-Community-Mutual-Assistance-Pact-MoU-March-2020.docx
Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document
Size: 1024692 bytes
Desc: Quilt-Community-Mutual-Assistance-Pact-MoU-March-2020.docx
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20230413/d1ec7c69/attachment-0001.docx>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Texas Framework for Mutual Aid Agreements for Security Incidents_0 (1).pdf
Type: application/pdf
Size: 332444 bytes
Desc: Texas Framework for Mutual Aid Agreements for Security Incidents_0 (1).pdf
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20230413/d1ec7c69/attachment-0007.pdf>

More information about the CDP-development mailing list