New Jersey Cybersecurity and Communications Integration Cell

Last updated
New Jersey Cybersecurity and Communications Integration Cell
Location
Area served
New Jersey
Products Cyber Threat Intelligence
Website www.cyber.nj.gov

The New Jersey Cybersecurity and Communications Integration Cell (NJCCIC), also known as the New Jersey Office of Homeland Security and Preparedness' (NJOHSP) [2] Division of Cybersecurity, is the first American state-level information sharing and analysis organization in the United States that exchanges cyber threat intelligence and conducts incident response for governments, businesses, and citizens in New Jersey. Located at NJ’s Regional Operations and Intelligence Center (ROIC), and acting in a cyber fusion center capacity the NJCCIC is composed of staff from NJOHSP, the NJ Office of Information Technology, and the NJ State Police. The NJCCIC's nomenclature is derived from its federal counterpart, the National Cybersecurity and Communications Integration Center, which encompasses the U.S. Department of Homeland Security's Computer Emergency Readiness Team (US-CERT).

Contents

History

On May 20, 2015, Governor Chris Christie signed an Executive order to establish the New Jersey Cybersecurity and Communications Integration Cell, proclaiming that "protecting the citizens and public and private institutions within the State of New Jersey from the threat of cybersecurity attacks is the priority of [his] Administration." [2] Governor Christie's directive followed a Presidential Executive Order from February 2015 signed at Stanford University "encourag[ing] the development and formation of Information Sharing and Analysis Organizations (ISAOs)...organized based on sector, sub-sector, region, or any other affinity..." [3] The formation of the NJCCIC also coincided with the aftermath of crippling and costly cyber-attacks against Rutgers University, New Jersey's largest public academic institution. [4] The NJCCIC played a role in protecting Pope Francis during his 2015 visit to New York City and Philadelphia. [5]

Leadership

Jared Maples was named Director of the New Jersey Office of Homeland Security and Preparedness (NJOHSP) by Governor Philip Murphy on April 17, 2018. In his role, he serves as the federally designated Homeland Security Advisor (HSA) to the Governor and is the Cabinet-level executive responsible for coordinating and leading New Jersey’s Counterterrorism, Cybersecurity, and Emergency Preparedness efforts.

Michael Geraghty is New Jersey's Chief Information Security Officer and the first Director of the NJCCIC. Director Geraghty manages the day-to-day functions of the NJCCIC.

Mission

The NJCCIC acts in a clearinghouse capacity providing New Jersey with a resource to coordinate cyber security information sharing and incident reporting, perform cybersecurity threat analysis, and promote shared and real-time situational awareness between and among public and private sectors. Beyond just sharing cyber threat intelligence, the NJCCIC also provides strategies and tactics that businesses, as well as state, county and local governments, academic institutions, and other organizations, can implement to mitigate current and emerging threats. Additionally, the NJCCIC manages a membership-based information-sharing platform where members receive cyber alerts, advisories, training announcements and bulletins directly via email, maintains an active social media presence and manages the cyber.nj.gov website to provide free cybersecurity resources.

The "Garden State Model" for cybersecurity

The NJCCIC received praise from Stanford University's Center for Internet and Society for "innovating" on cybersecurity information sharing at a pace and scale that few states have achieved. [6] Incident response is currently limited to Executive Branch agencies in New Jersey, but according to a November 2015 study, "State of the States on Cybersecurity" by the Pell Center for International Relations and Public Policy, there are "plans to create an NJ CERT", or New Jersey Computer Emergency Readiness Team, to be deployed statewide. [7]

Partnerships

On July 8, 2015, the New Jersey Cybersecurity and Communications Integration Cell partnered with the Financial Services Information Sharing and Analysis Center (FS-ISAC) to "share and analyze cyber threat information on behalf of New Jersey's banking institutions". [8]

In January 2016, the NJCCIC and the National Health Information Sharing and Analysis Center announced a partnership to improve cybersecurity information sharing with New Jersey’s healthcare providers. [9]

Since April 2021, the NJCCIC has been the title sponsor and partner of JerseyCTF, a worldwide cybersecurity competition organized by New Jersey Institute of Technology (NJIT) students. Director Geraghty spoke with John Elliott from WCBS-TV during the 2023 iteration and highlighted the importance of hands-on cybersecurity training in developing the skills needed for cyber defense. [10]

Related Research Articles

<span class="mw-page-title-main">National Communications System</span>

The National Communications System (NCS) was an office within the United States Department of Homeland Security charged with enabling national security and emergency preparedness communications using the national telecommunications system. The NCS was disbanded by Executive Order 13618 on July 6, 2012.

<span class="mw-page-title-main">North American Electric Reliability Corporation</span> Non profit Electric Reliability Organization

The North American Electric Reliability Corporation (NERC) is a nonprofit corporation based in Atlanta, Georgia, and formed on March 28, 2006, as the successor to the North American Electric Reliability Council. The original NERC was formed on June 1, 1968, by the electric utility industry to promote the reliability and adequacy of bulk power transmission in the electric utility systems of North America. NERC's mission states that it "is to assure the effective and efficient reduction of risks to the reliability and security of the grid".

<span class="mw-page-title-main">United States Department of Homeland Security</span> United States federal department

The United States Department of Homeland Security (DHS) is the U.S. federal executive department responsible for public security, roughly comparable to the interior or home ministries of other countries. Its stated missions involve anti-terrorism, border security, immigration and customs, cyber security, and disaster prevention and management.

The United States Computer Emergency Readiness Team (US-CERT) is an organization within the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Specifically, US-CERT is a branch of the Office of Cybersecurity and Communications' (CS&C) National Cybersecurity and Communications Integration Center (NCCIC).

<span class="mw-page-title-main">National Cyber Security Division</span>

The National Cyber Security Division (NCSD) is a division of the Office of Cyber Security & Communications, within the United States Department of Homeland Security's Cybersecurity and Infrastructure Security Agency. Formed from the Critical Infrastructure Assurance Office, the National Infrastructure Protection Center, the Federal Computer Incident Response Center, and the National Communications System, NCSD opened on June 6, 2003. The NCSD mission is to collaborate with the private sector, government, military, and intelligence stakeholders to conduct risk assessments and mitigate vulnerabilities and threats to information technology assets and activities affecting the operation of the civilian government and private sector critical cyber infrastructures. NCSD also provides cyber threat and vulnerability analysis, early warning, and incident response assistance for public and private sector constituents. NCSD carries out the majority of DHS’ responsibilities under the Comprehensive National Cybersecurity Initiative. The FY 2011 budget request for NCSD is $378.744 million and includes 342 federal positions. The current director of the NCSD is John Streufert, former chief information security officer (CISO) for the United States Department of State, who assumed the position in January 2012.

<span class="mw-page-title-main">Homeland Security Act of 2002</span> Post-9/11 United States law establishing the Department of Homeland Security

The Homeland Security Act (HSA) of 2002, was introduced in the aftermath of the September 11 attacks and subsequent mailings of anthrax spores. The HSA was cosponsored by 118 members of Congress. The act passed the U.S. Senate by a vote of 90–9, with one Senator not voting. It was signed into law by President George W. Bush in November 2002.

The National Cybersecurity Center (NCC) was founded in 2016 as a 501(c)(3) nonprofit organization in Colorado Springs, Colorado. It was started from a vision of then Governor John Hickenlooper, in coordination with several people from the University of Colorado Colorado Springs (UCCS) and the community. The NCC serves both public and private organizations and individuals through training, education, and research.

<span class="mw-page-title-main">Department of Defense Cyber Crime Center</span> United States defense organization

The Department of Defense Cyber Crime Center (DC3) is designated as a Federal Cyber Center by National Security Presidential Directive 54/Homeland Security Presidential Directive 23, as a Department of Defense (DoD) Center Of Excellence for Digital and Multimedia (D/MM) forensics by DoD Directive 5505.13E, and serves as the operational focal point for the Defense Industrial Base (DIB) Cybersecurity program. DC3 operates as a Field Operating Agency (FOA) under the Inspector General of the Department of the Air Force.

<span class="mw-page-title-main">Command, Control and Interoperability Division</span> Bureau of the US Department of Homeland Security

The Command, Control and Interoperability Division is a bureau of the United States Department of Homeland Security's Science and Technology Directorate. This division is responsible for creating informative resources that strengthen communications interoperability, improve Internet security, and integrity and accelerate the development of automated capabilities to help identify potential threats to the U.S.

<span class="mw-page-title-main">National Cybersecurity and Critical Infrastructure Protection Act of 2013</span>

The National Cybersecurity and Critical Infrastructure Protection Act of 2013 is a bill that would amend the Homeland Security Act of 2002 to require the Secretary of the Department of Homeland Security (DHS) to conduct cybersecurity activities on behalf of the federal government and would codify the role of DHS in preventing and responding to cybersecurity incidents involving the Information Technology (IT) systems of federal civilian agencies and critical infrastructure in the United States.

Phil Agcaoili is a technologist, entrepreneur, and cyber security, information security, and privacy expert.

<span class="mw-page-title-main">Cyber Threat Intelligence Integration Center</span>

The Cyber Threat Intelligence Integration Center (CTIIC) is a new United States federal government agency that will be a fusion center between existing agencies and the private sector for real-time use against cyber attacks. CTIIC was created due to blocked efforts in Congress that were stymied over liability and privacy concerns of citizens.

An Information Sharing and Analysis Center(ISAC) is a organization that provides a central resource for gathering information on cyber and related threats to critical infrastructure and providing two-way sharing of information between the private and public sectors.

<span class="mw-page-title-main">Dave Weinstein</span> American cybersecurity executive and government CTO

David J. Weinstein is an American cybersecurity executive and the former Chief Technology Officer of New Jersey. He previously served at U.S. Cyber Command.

The Center for Internet Security (CIS) is a US 501(c)(3) nonprofit organization, formed in October 2000. Its mission statement professes that the function of CIS is to " help people, businesses, and governments protect themselves against pervasive cyber threats."

The National Cybersecurity and Communications Integration Center (NCCIC) is part of the Cybersecurity Division of the Cybersecurity and Infrastructure Security Agency, an agency of the U.S. Department of Homeland Security. It acts to coordinate various aspects of the U.S. federal government's cybersecurity and cyberattack mitigation efforts through cooperation with civilian agencies, infrastructure operators, state and local governments, and international partners.

<span class="mw-page-title-main">New Jersey Office of Homeland Security and Preparedness</span> Government agency in New Jersey, United States

The New Jersey Office of Homeland Security and Preparedness leads and coordinates New Jersey's counterterrorism, cybersecurity and preparedness efforts throughout the State.

Phyllis Schneck is an American executive and cybersecurity professional. As of May 2017, she became the managing director at Promontory Financial Group. Schneck served in the Obama administration as Deputy Under Secretary for Cybersecurity and Communications for the National Protection and Programs Directorate (NPPD), at the Department of Homeland Security.

<span class="mw-page-title-main">Cybersecurity and Infrastructure Security Agency</span> Agency of the United States Department of Homeland Security

The Cybersecurity and Infrastructure Security Agency (CISA) is a component of the United States Department of Homeland Security (DHS) responsible for cybersecurity and infrastructure protection across all levels of government, coordinating cybersecurity programs with U.S. states, and improving the government's cybersecurity protections against private and nation-state hackers.

Operational collaboration is a cyber resilience framework that leverages public-private partnerships to reduce the risk of cyber threats and the impact of cyberattacks on United States cyberspace. This operational collaboration framework for cyber is similar to the Federal Emergency Management Agency (FEMA)'s National Preparedness System which is used to coordinate responses to natural disasters, terrorism, chemical and biological events in the physical world.

References

  1. Sullivan, S.P. (September 17, 2015). "Fighting hidden threats: Inside N.J.'s new cyber security command center". NJ.com. Retrieved January 23, 2016.
  2. 1 2 Christie, Chris. "EXECUTIVE ORDER NO. 178" (PDF).
  3. "Executive Order -- Promoting Private Sector Cybersecurity Information Sharing". whitehouse.gov . February 13, 2015. Retrieved January 23, 2016 via National Archives.
  4. Hayboer, Kelly (August 23, 2015). "Who hacked Rutgers? University spending up to $3M to stop next cyber attack". NJ.com. Retrieved January 23, 2016.
  5. Mathau, David (September 22, 2015). "Protecting Pope Francis from cyber threats". WKXW . Retrieved January 23, 2016.
  6. Nussbaum, Brian. "State-Level Cyber Security Efforts: The Garden State Model". The Center for Internet and Society. Stanford Law School. Retrieved January 23, 2016.
  7. Spidalieri, Francesca. "State of the States on Cybersecurity" (PDF). Pell Center for International Relations and Public Policy. Salve Regina University. Retrieved January 23, 2016.
  8. "NEW JERSEY CYBERSECURITY AND COMMUNICATIONS INTEGRATION CELL (NJCCIC) AND FS-ISAC PARTNER TO DELIVER CYBER THREAT INTELLIGENCE AND USE OF SOLTRA EDGE AT THE STATE LEVE" (PDF). July 8, 2015. Retrieved January 23, 2016.
  9. "NHISAC – NJCCIC and NH-ISAC Partner to Enhance Cybersecurity Information Sharing at the State Level". www.nhisac.org. Retrieved 2016-02-13.
  10. "NJCCIC Director Geraghty on CBS News New York during JerseyCTF". www.twitter.com. Retrieved 2023-06-22.