​During this webinar, speakers explored how organizations can address cyber threats and weaknesses through readily-available and existing low-cost resources, toolkits, and training programs. They discussed the challenges and solutions for small to medium-sized organizations to prepare for and respond to the challenges of working from home. 

Panelists include:

• Jon Hanian, Public-Private Partnerships Program Manager, Idaho Office of Emergency Management
• Barrett Adams-Simmons, Regional Sector Outreach Coordinator, Cybersecurity & Infrastructure Security Agency (CISA)
• Brennan Bouchard, Security Architect, CISCO
• Yvonne Vega, Security Account Manager, CISCO

For information related to Idaho's COVID-19 response, please see https://coronavirus.idaho.gov/

​Small and medium-sized organizations - including businesses, state agencies, county and city governments, local districts, educational and healthcare institutions - all need guidance and suggestions for cybersecurity planning during the time of COVID-19 and the shift to working from home. During this webinar, speakers suggested templates, tools, and best practices for cyber continuity and cyber pandemic planning as employees continue working at home.

​Panelists include:

• Jeff Weak, Administrator, Idaho Information Technology Services
• Keith Tresh, CISO, Idaho Information Technology Services
• Diego Curt, Financial Institution IT Examiner, Idaho Department of Finance

For information related to Idaho's COVID-19 response, please see https://coronavirus.idaho.gov/

​The shift to working from home has created numerous cyber vulnerabilities and Human Resources challenges. With employees when sharing networks and devices with family and/or roommates for work, education, and entertainment, this creates unique security challenges for companies to work through. The human element of our changing work realities was another major topic, especially roller coaster productivity, mental health, and stress of learning everything at once, combined with the psychology of working remotely and not physically with peers. This webinar also explored the successes and challenges of serving public expectations of performance in a different reality.

​Speakers include:

• Sarah Griffin, VP, Human Resources, Idaho Power
• Susan Buxton, Administrator, Idaho Division of Human Resources
• Greg Zickau, Deputy Administrator/Chief Information Officer, Idaho Office of Information Technology
• Erika Cobb, Chief Information Officer, City of Boise 

​For information related to Idaho's COVID-19 response, please see https://coronavirus.idaho.gov/

Click on the links below to view the materials used during the Court Case Enactment during the 5th Annual Idaho Interdependencies Summit.

Educational Slides
Dam Shame PowerPoint
FNL Dam Agency Jury Instructions

Following the successful Disaster Resilience Symposium in Portland, Oregon, in 2017, the CRDR decided to organize another gathering of leaders and decision-makers from across the region to address common issues, examine solutions, and promote information-sharing. The Symposium was held as part of PNWER's 2018 Annual Summit in Spokane, Washington. Co-hosting the Disaster Resilience Symposium with the larger PNWER Summit provided attendees with the opportunity to interact face-to-face with elected officials and legislators and increased awareness for important disaster resilience issues. The 2018 Disaster Resilience Symposium consisted of two sessions: Election Infrastructure & Cybersecurity and Drones.

Election Infrastructure & Cybersecurity
Elections were designated as part of our nation's  critical infrastructure in late 2016 by the Department of Homeland Security. The topic is both timely and relevant to our elected officials who will be in attendance at the PNWER Summit. The session will examine federal guidance for state and local election officials; current threats to election infrastructure; policies to protect election infrastructure; and methods to reassure the public.
​
Speakers:

• Eric Holdeman, Director, Center for Regional Disaster Resilience (CRDR)
• Patrick Massey, Regional Director, Office of Infrastructure, U.S. Department of Homeland Security
• Chad Houck, Deputy Secretary of State, Office of the Secretary of State, State of Idaho
• Julie Wise, Director,  King County Department of Elections, Washington State
• Dave Matthews, Cyber Expert, Consultant

Presentations:

• Eric Holdeman, Center for Regional Disaster Resilience Presentation
• Chad Houck, State of Idaho Presentation
• Julie Wise, King County Department of Elections Presentation

Drones
The Pacific Northwest Economic Region (PNWER) and its Center for Regional Disaster Resilience (CRDR) in partnership with Northeastern University’s Global Resilience Institute (GRI) have been awarded a 2017 National Infrastructure Protection Plan (NIPP) Security and Resilience Challenge grant for critical infrastructure. The project seeks to develop technologies for UAS (drone) employment to technically inspect critical infrastructure in post disaster scenarios.

There is a need for rapid damage assessment of critical infrastructure immediately following a disaster. Emerging UAS technology is allowing for an expedited and detailed damage assessment of  infrastructure such as bridges and other steel and concrete structures within the built environment.

• Current and Emerging Federal and State Policy
• Drones and UAS Impacts on Response and Recovery
• Private Sector Use of Drones for Critical Inspections
• Drones in Wildfire Response
• Privacy Considerations

​
​Speakers:

• Robert Hodgeman, Senior Aviation Planner, Washington State Department of Transportation, Aviation Division
• James Yates, Emergency Manager Coordinator, Thurston County Emergency
  Management
• Taskin Padir, Associate Professor, Electrical and Computer Engineering, Northeastern University
• Greg Thies, News Operations Manager, King 5 News
• Tom Hagen, President, AUVSI Cascade Chapter
• Charlton Evans, Principal Consultant End State Solutions
• Jaethan Reichel, CEO, Lightship
• Evan Reis, Director, PE, SE, Executive Director, Co-Founder, U.S. Building Resiliency Council 

Presentations:

• Robert Hodgman, Washington State Department of Transportation Presentation
• ​Charlton Evans, End State Solutions Presentation
• Taskin Padir, Northeastern University Presentation
• Jaethan Reichel, Lightship Presentation
• Evan Reis, U.S. Resiliency Council Presentation
• Tom Hagen, Enterprise Initiatives, Inc. Presentation 

The 2016 Idaho Cybersecurity Interdependencies Workshop explored the growing challenges of cybersecurity and its impact on overall economic and physical security. Hosted by the Idaho Office for Emergency Management and the Center for Regional Disaster Resilience, this meeting also featured a special track for small business leaders.

​Idaho Cyber Interdependencies Agenda
Small Business Information

In the face of emerging risks to economic and national security, action is needed to address crucial regional infrastructure interdependencies in energy, telecommunications, transportation, water systems and other infrastructures. Third in a three year series meant to develop an Idaho Partnership for Infrastructure Security, the workshop advances several cross-sector initiatives. 

One of the outcomes of these meetings was the creation of a stakeholder-prioritized action plan for the state of Idaho that is a culmination of recommendations from workshops, projects, and activities over the past three years. Stakeholders identified these recommendations as high priorities for the state. Recommendations include

• Develop training materials and a cyber resource website for the State of Idaho
• Continue to host annual statewide Cyber Interdependencies Workshops
• Develop a public-private information sharing platform to send alerts, warnings, and share updates with vetted, trusted stakeholders across the state. 

The Idaho Cyber Security Interdependencies Workshop was held October 8, 2015 in Boise Idaho at the St. Alphonsus Regional Medical Center. More than 130 participants from both public and private sectors, and from across the Pacific Northwest, took part in the exercise that focused on current cyber threats, common challenges for securing data and continuing operations despite cyber disruptions.

Idaho Lieutenant Governor Brad Little and Brigadier General Brad Richy, Chief of the Idaho Bureau of Homeland Security, spoke at the event along with other experts on cyber security preparedness, response, supervisory control and data acquisition systems.
​
Through this event, participants sought to improve their own cyber plans by challenging their planning assumptions, gained a greater understanding of their interdependencies and built relationships with others across the state and region.

View the Event Summary and Report
View the Agenda

​This workshop was the second event in a three year initiative to develop a public/private sector partnership for resilience in the state of Idaho. In 2016, Idaho Bureau of Homeland Security (IBHS) and the Pacific NorthWest Economic Region (PNWER) Center for Regional Disaster Resilience (CRDR) will develop an Action Plan for the development of an Idaho Public/Private Sector Resilience Partnership.

One of the most prevalent topics of the workshop was around the need for holistic cyber security—calling on organizations to move cyber security planning beyond the Information Technology departments and involve executive leadership, legal, and human resources. There is a strong need to train all staff members. According to IBM’s 2014 Cyber Security Intelligence Index, 95 percent of all security incidents involve human error. This can take many forms, from clicking on links, giving away passwords, or failing to follow security protocols.

Every company has cyber security risk and should have a cyber security plan. From small businesses to sectors that are not typically seen as cyber focused, like agriculture, there are cyber security risks. There are also many great tools in the State of Idaho for getting assistance in building cyber security plans and responding to cyber security incidents that need to be shared and made more easily accessible to all organizations.

For all organizations, it is essential to have governance and policies around cyber security in place before having to respond to an incident. These would include policies around protecting data and procedure for response, including structure (the incident command system was recommended) and involvement of law enforcement. With these policies in place, organizations can test their systems through exercises and help build a security culture in an organization.

A common theme was the acceptance of breach. Not all information within an organization is equally sensitive and critical. By accepting that some cyber attacks will be successful, and focusing extra levels of security on the most important data, organizations can use their limited resources more effectively.
​
Identifying key information is a vital part of assessing the risk in each organization. The risk assessment also includes security protocols, equipment, software, public presence, business type, and all other aspects of a business that might make it an easy or desirable target for cyber attackers. Risk will never be fully eliminated—as long as computers, automation and the internet are needed to complete business tasks, an organization will have cyber risk.  All parts of a cyber plan should attempt to mitigate that risk, while helping identify procedures for protection of critical data and detecting access to or loss of that data. Too often companies don’t know they have been breached until they are informed by an outside agency. 

Based on participant feedback, planning team input, discussion outcomes, and common themes from the day’s speakers, the following recommendations were developed:

• Develop training materials and regular webinars and other training opportunities to help organizations grow cyber security plans and facilitate information sharing.
• Provide training for executive leadership, legal departments, human resources, and other key departments to encourage organization-wide cyber security.
• Grow state-wide knowledge of the Idaho cyber security annex through training and outreach.
• Provide resources specific to small businesses and sectors where cyber security may not be prioritized (example: agriculture).
• Develop a single repository for cyber security preparedness information
• Develop formal partnership for information sharing around cyber security and other critical infrastructure concerns

Over 115 participants gathered at the Hewlett Packard Campus in Garden City, Idaho on November 13, 2014 for the Idaho Cyber Security Interdependencies Workshop hosted by the Idaho Bureau of Homeland Security (IBHS) with assistance from the Pacific NorthWest Economic Region (PNWER) Center for Regional Disaster Resilience (CRDR). The one day workshop provided information on current Cyber threats, and best practices utilized to develop organizational Cyber Security plans. Guest speakers, panel discussions, and round table facilitated conversations contributed to a very successful workshop.

The event was developed over the course of four months through a series of conference calls and meetings. The planning team included local public and private sector organizations, including: Idaho National Laboratory (INL), MK Hamilton & Associates, Office of the Idaho State Controller, Office of the Idaho Chief Information Officer, Idaho Bureau of Homeland Security, Petso Financial Consultants LLC, University of Idaho, Hewlett Packard, Idaho State Police, Zions Bank, Idaho Transportation Department, and St. Luke’s Health System.

This workshop was the first in a three year initiative to develop a public/private sector partnership for resilience in the state of Idaho. In 2015 IBHS and PNWER CRDR will host a table top exercise to help identify interdependencies and gaps in existing partnerships. Following that, the team will develop a Action Plan for the development of an Idaho Public/Private Sector Resilience Partnership.

View the Event Summary and Report
View the Agenda