Protecting Our Critical Infrastructure One State at a Time

The Wisconsin Cyber Response team: We are a volunteer group that helps with cyber incidents across the state of Wisconsin and help other states start this volunteer program. We help with State, local, tribe, and territories (SLTT's) in the case of a cyber attack. They reach out to the Wisconsin Emergency Management hotline and a team of volunteers across all different organizations assembles to help defend and remediate against threat actors. We have helped schools, hospitals, and other public entities. Attacks range from phishing, defacing of public websites, and even ransomware. As part of the organization I help train other individuals on how to be a better incident responder with the toolsets they are given by their organization. I try to share what we do at Northwestern Mutual (techniques and experience) to guide them through building up their own security teams at their respective jobs. This talk is: Collaborative Incident response on Critical Infrastructure summary: we will be diving into a state sponsored/backed Cyber Response Team who are all volunteers in a time of need. We will cover how to prepare, train, develop playbooks, and get your team and stakeholders ready for any incident that comes. We will hint at an open source framework we are developing to help build teams/analysts more effectively and timely (with metrics) and will talk about how we have saved schools, hospitals, banks, public services, ICS, and all manner of Critical infrastructure from threat actors: and how you can too! I will be diving into what is the group, why each state should have their own, why a group like this helps build the altruism across the industry, and how I helped train incident responders at NM/CRT and our new techniques to do so. We will also dive into how Wisconsin has partnered with Minnesota (along with many other states) to create their own group similarly and will be starting soon!