Cybersecurity HSAC Subcommittee

Overview

A cybersecurity subcommittee works under the Homeland Security and All-Hazards Senior Advisory Committee. 

Scope 

The scope of the Cyber Subcommittee of the Homeland Security and All-hazards Senior Advisory Committee (HSAC), represents jurisdictions and other entities having cybersecurity responsibilities within the State of Colorado.

Purpose

To assist in the identification and development and implementation of best practices related to Cybersecurity to prevent the loss of critical information, disruption of critical services, or the loss of lives due to attacks against technological systems in the State of Colorado. 

Through collaborative and innovative efforts, the Cybersecurity Subcommittee is charged with providing findings and recommendations to the HSAC in order to implement the best cybersecurity practices across the State of Colorado. 

Efforts should include, however, are not limited to the following:

  • Carrying out and managing tasks related to the cybersecurity goal in the 2019-2023 Colorado Homeland Security Strategy (CHSS)

  • Reporting progress of CHSS tasks and objectives to the HSAC on a quarterly basis

  • Researching best cybersecurity practices from local, state, federal jurisdictions, private sector entities, and other institutions

  • Researching and making recommendations based on emerging threats or latest trends in cybersecurity

  • Recommending policy and procedures that improve cybersecurity across the State of Colorado

  • Making policy recommendations to the Governor’s Cyber Security Council

  • Developing recommendations for training and education in the area of cybersecurity

Meeting Information

Meeting Information
Whole of State Cyber Security Program

Whole of State Cybersecurity Program

A successful cybersecurity program requires a holistic approach. The HSAC Cyber Subcommittee is currently developing recommendations for a whole-of-state cybersecurity program that organizations across Colorado will play an active role in shaping and sustaining for the advancement of our overall state’s cyber resiliency. The subcommittee is currently receiving input and guidance from several working groups to develop six lines of effort

  • Establishing Cyber Security Partnerships
    • Objective: Deliver improved services and accountability, drive innovation and efficiency, and achieve better value for money spent. Individuals were drawn from state agencies, local governments, universities, high schools and businesses should be brought together to develop a plan for and enhance existing public-private partnerships in Colorado that facilitate a maturing cyber posture for the state.
  • Establishing a Cyber Reserve
    • Objective: Provide support to Colorado State, Local, Tribal and Territorial government agencies (SLTT) s to meet a baseline of cybersecurity hygiene, provide proactive support and guidance and assistance during the response to cyber incidents. The Cyber Reserves (Reserves) are a trained and vetted force. The Reserves will be trained and equipped to perform proactive activities such as risk and vulnerability assessments and treatment services.
  • Establishing a Cyber Security Range
    • Objective: Provide access to a safe and reliable cyber training and testing environment. Fund and support the development of a Cyber Range (CR). A CR is a secure environment that functions as a shooting range, facilitating training in cyber weapons, cyber operations and cyber tactics; the CR should be capable of serving students throughout Colorado by providing them access to an environment in which they can develop their cybersecurity knowledge and skills. The CR should be accessible for cybersecurity competitions, training and as a testing environment for the CRs, schools, governments and businesses in Colorado. Cyber Range(s) should be accessible from any location in the state.
  • Establishing a Cyber Support Center
    • Objective: Provide a single point contact to connect Coloradans with cyber information (similar to 311) and cyber incident response support (similar to 911). Where appropriate, the center will redirect callers to organizations like the Multi-State Information Sharing and Analysis Center (MS-ISAC), Colorado National Guard, Colorado Information Analysis Center (CIAC), Department of Homeland Security (DHS), Cybersecurity and Infrastructure Security Agency (CISA) or the Reserves to received services and support.
  • Establishing a Funding Program
    • Objective: Develop, implement and continuously improve a financially sound and sustainable plan to fund the activities and personnel required to maintain the lines of effort identified for a successful Whole of State Cyber Security Program.
  • Establishing a Threat Intelligence Sharing and Community Collaboration Program
    • Objective: Provide structure, support and guidance to effectively manage and disseminate cyber threat information, best practices and guidance. Sharing and collaboration serve the purpose of improving cybersecurity by leveraging the expertise and information of partners and peers – none of us should be reinventing the wheel or surprised by attacks our peers have already seen.

If you or your organization is interested in actively supporting these efforts, please complete this webform.  

Resources