1 / 18

Overview: The Sensitive Information Sharing Environment (SISE)

SISE is a joint mechanism for industry and states to share sensitive operational information during disasters in a trusted framework that addresses legal, policy, process, and technology requirements.

bergerm
Télécharger la présentation

Overview: The Sensitive Information Sharing Environment (SISE)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Overview:The Sensitive Information Sharing Environment (SISE) Industry Government SENSITIVE INFORMATION SHARING ENVIRONMENT SISE SISE A jointly mechanism for industry and states to share sensitive operational information during disasters in a trusted framework that addresses legal, policy, process and technology requirements Sensitive Information Sharing Environment (SISE)

  2. What’s The Problem To Be Solved? • There is still major need to expedite decision making for public/private disaster response& business continuity • Operational coordination impossible w/out information sharing and situational awareness • Sharing operational information is critical & feared • Fear of leaks to media, regulators, competitors, bad actors and other non-operational uses is real in both public and private sectors. Sensitive Information Sharing Environment (SISE)

  3. What’s The Problem To Be Solved? • During disasters, operations professionals and their leadership rely on credible sources of information to make decisions quickly • Private sector needs control of their information and needs to know “who” is looking at their data and for “what purpose” before they share it • Currently few “proven” information sharing platforms w/state that are trusted, sustainable, affordable, simple and private sector controlled • Current legal environment forces multiple separate agreements, siloed information, contract based identity management • A need exists for a proven, trusted information sharing environment that used a single “federated” (or jointly developed) process with standardized terms & conditions, identity vetting and management process, and trusted credentials Sensitive Information Sharing Environment (SISE)

  4. What Is SISE?(the Sensitive Information Sharing Environment) • A trusted mechanism to share sensitive and non-sensitive operational information during disasters • Jointly developed by private sector and state/local government members and advisors of the All Hazards Consortium, a ten year old 501c3 • A “trusted” cloud based system to vette people, segment data, and share information between qualified, screened people • A comprehensive framework that addresses legal, policy, process and technology requirements of private sector to share information w/states • Provides a single process and agreement to share information between public and private sectors • Designed with same trusted principles being used by the US Department of Defense and the Defense Industrial Base companies Sensitive Information Sharing Environment (SISE)

  5. Who Are The Participants? • The All Hazards Consortium (AHC), the Transglobal Secure Collaboration Program (TSCP), DHS Science & Technology’s Cyber Security Directorate, the PIV-I / FRAC Technology Transfer Working Group, the Multi-State Fleet Response Working Group (FRWG), and state/local government advisers on the East Coast Corridor Coalition (EC3) Working Group. • Private Sector Companies • PEPCO, CON-EDISON, NJ Power & Light, PECO Energy, Central Hudson Power, EEI, First Energy, PSE&G, Bank of America, Verizon, Wakefern Foods, Georgia Power, AEP, • Public Sector Agencies • Emergency Management Agencies: DC,VA,PA, WV, MD, NYC, Baltimore, Philadelphia, NC, Chester County, Dominion Power, PHI, • Fusion Center/Police: DC, PA, WV, NJ • Homeland Security: DC, PA, WV, NJ • Public Utility Commission: PA, NJ Sensitive Information Sharing Environment (SISE)

  6. How Does SISE Work? • Will use multi-layered approach to share non-sensitive and sensitive operational information • Layer #1 – General SISE Access • Requires everyone to go through an online registration process • Review process will screen applicants and validate their emails, cell #’s, and other information to approve user identity • Once identity is approved, applicant can create an account and get access to non-sensitive SISE information • Data Providers grant access to their data • Layer #2 & Above – Higher Security Access (Under Development) • Will require separate agreements, higher credentials, and service fee to access information in this area of SISE Sensitive Information Sharing Environment (SISE)

  7. How Does SISE Work? • Creates a pool of vetted “Data Users” (e.g people) • “Data Providers” can then determine “who” they want to see their information • A “Use Case” is created that links data with vetted people under the Data Providers approval • Easy, simple approach… Data Provider centric • Meets requirements of private sector • Identity of users are validated and monitored Sensitive Information Sharing Environment (SISE)

  8. How Does SISE Work? • Uses “honeycomb” approach to separate data and people into “cells” called Use Cases • Cells contain data and approved Data Users relative to Use Case SISE Framework General pool of vetted, approved people Data Providers Sensitive Information Sharing Environment (SISE)

  9. Example: Use Case #2 • Use Case #2 - Access to Fleet Open/Closed Data App • Access to real-time data for open businesses who provide essential services during disasters (e.g. food, fuel, hotels, pharmacies) • Access Rights: Vetted SISE members public or private sector • Credential Required: LOA #1 - SISE Username/Password General pool of vetted, approved operational people from government or private sector Telecom Sector LOA – Level of Assurance Sensitive Information Sharing Environment (SISE)

  10. Example: Future Use Case • Use Case #XX - Access to HAZMAT Data • Access to real-time locations of HAZMAT materials nationwide • Access Rights: Vetted SISE members public or private sector • Credential Required: LOA #4 credential and agreement (TBD) Telecom Sector General pool of vetted, approved operational people from government or private sector LOA – Level of Assurance Sensitive Information Sharing Environment (SISE)

  11. SISE In Action: Geo-Collaboration of Public/Private Information w/Vetter Users Live NOAA Weather Map Info (Public Information) State Emergency Declarations & Waiver Info (Public Information) Live Updates from FLEET-HELP DESK and FRWG Members (Private Information) Live Open/Closed Status of Private Sector Businesses Who Supply Essential Services for Fuel, Food, Hotels and Pharmacies (Private Information) Electric Sector Fleet Movement Info (Private Information) Live situational awareness…multiple organizations… decision support

  12. SISE Enables NEW Decision Making and Situational Awareness Capabilities • The SISE allows for multiple layers of data to be shared at the regional, local or national level to support decision makers. • This slide show both public information and private sector information being merged together in support of the electric sector’s need to expedite fleet movement across state lines and the state’s (and other sector’s) desire to have situational awareness with private sector needs during a disaster • This capability can: • Centralize state disaster declarations, waivers and other sensitive guidance to private sector in a single place • Provide contact information for companies and states • Give live updates on public and private sector operational activities • Access to real-time status and directions to private sector business who can provide essential services to citizen and out if region response crews who need fuel, food, hotel rooms, medications, water, building supplies, etc.. …. in the impacted areas • Access to live NOAA weather data • Access to estimated fleet movement data provide by the private sector so states can understand and support as needed • Future Use Cases will create other operational decision making tools Sensitive Information Sharing Environment (SISE)

  13. Questions/Contacts Services Websites: 1) Live Essential Services During Disasters: http://www.fleetopenclosed.org 2) Disaster Response Tools: http://www.fleetresponse.org/resources/hurricane-season/ Working Group Websites: 1) All Hazards Consortium www.ahcusa.org 2) Multi-State Fleet Response www.fleetresponse.org 3) Mid-Atlantic Consortium for Advanced Interoperable Communications (MACINAC) www.macinac.org 4) CYBER/Sensitive Information Sharing: www.fleetcyberid.org Contacts: Tom Moran - tom.moran@ahcusa.org Cell – 410-707-3698 John Molnar- john.molnar@ahcusa.org Cell – 301-524-9053

  14. Why Use the AHC? • The Regional Trust Framework establishes a legal, policy, procedural and technological baseline agreement that promote “regional” compartmentalized information sharing based on “use cases” and governed by the private/public sector stakeholders involved. • The Non-Profit Environment provides facilitation, education, legal protection from FOIA/Media, and administration. • The AHC is a 10 year old, state sanctioned 501c3 organization and trusted by public and private sectors • AHC Partners (e.g. TSCP, EEI, DHS S&T, etc..) provide legal, policy and technical support to meet stakeholder requirements Sensitive Information Sharing Environment (SISE)

  15. Sensitive Information Sharing Environment (SISE)

  16. Sensitive Information Sharing Environment (SISE)

  17. Sensitive Information Sharing Environment (SISE)

  18. Sensitive Information Sharing Environment (SISE)

More Related