Lan Jenson
Jump to navigation
Jump to search
| |
| Name | Lan Jenson |
| Company | Cybertrust America |
| Company Position | Chief Executive Officer |
| City, State | San Francisco CA |
| Country | United States |
| Sectors | Cybersecurity and Privacy |
Activities
|
Cybersecurity Risk Assessment and Mitigation | |
| Empower municipalities with cybersecurity risk assessment methodology and resources to enable timely understanding of their risk levels and appropriate mitigation against cyberrisks.
The risk assessment methodology is adapted from NIST Cybersecurity Framework with a Technical Risk Rating component and an Expert Assessment. The daunting resource shortage is addressed by a unique volunteer matching mechanism based on public-private partnerships. | ||
|
GCTC CPAC COVID-19 eResourceKit | |
| This eResouceKit is your guide to Working, Learning, and Living from Home, with your security and privacy defended. It will be a long and challenging road for us all, but we can and will get there, together by taking informed actions to gain control and risk prioritization during and after the pandemic - Cities and Communities, Businesses, First Responders, and Self-Employed/Gig Workers | ||
|
GCTC Connectivity Covid-19 Resources | |
| The Covid-19 crisis has increased the need for students to distance learn and workers to telework; however, the digital divide remains as an unbridged connectivity and device gap for many. Devices such as mobile devices, notebook computers must be in place or issued that can connect wirelessly to Wi-Fi for distance learning and teleworking. Some local governments and companies have made progress through publishing online and through physical postings to map these sites. Other local governments may be further ahead in advanced connectivity having deployed wireless connectivity delivery systems that can easily scale to more locations such as parked vehicles with Wi-Fi equipment. | ||
|
Guidance and Resources for Connectivity | |
| This page is the list of available guidances and resources for connectivity during pandemic. | ||
|
Managing Cybersecurity and Privacy Risk for Smart Public Safety IoT Devices and Systems | |
| This use case provides a notional approach to address cybersecurity and privacy risks related to incorporating IoT in smart public safety applications. This use case posits some of the major activities, key stakeholders, and potential resources for each step of the cybersecurity and privacy risk management process. | ||
|
Risk Assessment and Prioritization in the Smart City Cyber Resilience Planning Process | |
| This use case summarizes an engagement between a GCTC Action Cluster member, Adaptable Security Corp (ADA), and a California municipality, focusing on how the risk management process, with a particular focus on risk assessment and prioritization, played a critical role in the overall cyber resilience planning process. The content covered in this use case primarily aligns with the Prepare, Select, Assess, and Monitor steps of the RMF. | ||
|
Risk Assessment in the County of San Mateo, California | |
| This use case describes how risk assessment has been implemented in the County of San Mateo, California, and identifies activities that align most closely with the Step 0: Prepare and Step 6: Monitor steps of the risk management process. However, the assessment process and the outputs from the assessment also involve elements from and inform all of the other risk management steps (i.e., Step 1: Categorize, Step 2: Select, Step 3: Implement, Step 4: Assess, Step 5: Authorize). Refer to Appendix B of this Guidebook for an example of the risk assessment questionnaire and its application. | ||
|
Risk Management in a Privacy-Specific Context | |
| This use case describes how the risk management concepts and processes presented in this Guidebook apply in privacy-specific applications. Given the overlapping relationship of cybersecurity and privacy, much of the information in this use case may sound similar to, or even identical to, aspects of cybersecurity risk management. This reinforces the notion that cybersecurity and privacy are closely related and should generally be considered in tandem. | ||
Blueprint Chapters
|
Benefits and Cybersecurity and Privacy Risks | |
| Cities and communities stand to harvest unprecedented benefits from advances in information and communications technologies (ICT), in general, and Internet of Things (IoT) and Artificial Intelligence (AI), in particular. Smart cities inevitably introduce new or heighten existing cyber risks, which demand proper consideration in design to ensure the optimal realization of intended Smart City outcomes. | ||
|
Internet of Things | |
| The scope of this Blueprint will be on the IoT networks themselves – the physical and logical layers, not necessarily the software applications and data generated therefrom. | ||
|
Key Smart City Risk Management Considerations | |
| Operationalizing and standardizing risk management across the organization is critical for minimizing cybersecurity and privacy risks during the development and operation of Smart City capabilities and solutions. It will be up to cities and their partners to determine the appropriate risk management policies and processes to adopt and implement based on their current risk management practices, risk posture, and their risk management strategy. While aspects of risk management may seem daunting and challenging, there are certainly opportunities that cities can leverage to their advantage. | ||
|
Trustworthy Smart Cities through Risk Management | |
| Organizations participating in the Smart City environment – whether as municipalities, critical infrastructure operators, product or service providers, or citizens – already consider at least some aspects of risk (e.g., business risk, reputational risk) in the development and deployment of Smart City capabilities and solutions. And one growing area of risk is cybersecurity and privacy risk. | ||