Lan Jenson

From OpenCommons
Jump to navigation Jump to search



Resume
[[File:|190px]]
Lan Jenson
Name Lan Jenson
Company Cybertrust America
Company Position Chief Executive Officer
City, State San Francisco CA
Country United States
Sectors Cybersecurity and Privacy
Consulting: {{{skill}}}

Activities

ActionClusterImage.png Cybersecurity Risk Assessment and Mitigation
Empower municipalities with cybersecurity risk assessment methodology and resources to enable timely understanding of their risk levels and appropriate mitigation against cyberrisks.

The risk assessment methodology is adapted from NIST Cybersecurity Framework with a Technical Risk Rating component and an Expert Assessment. The daunting resource shortage is addressed by a unique volunteer matching mechanism based on public-private partnerships.

COVID Image.jpg GCTC CPAC COVID-19 eResourceKit
This eResouceKit is your guide to Working, Learning, and Living from Home, with your security and privacy defended. It will be a long and challenging road for us all, but we can and will get there, together by taking informed actions to gain control and risk prioritization during and after the pandemic - Cities and Communities, Businesses, First Responders, and Self-Employed/Gig Workers
CcnLogoLg.png GCTC Connectivity Covid-19 Resources
The Covid-19 crisis has increased the need for students to distance learn and workers to telework; however, the digital divide remains as an unbridged connectivity and device gap for many. Devices such as mobile devices, notebook computers must be in place or issued that can connect wirelessly to Wi-Fi for distance learning and teleworking. Some local governments and companies have made progress through publishing online and through physical postings to map these sites. Other local governments may be further ahead in advanced connectivity having deployed wireless connectivity delivery systems that can easily scale to more locations such as parked vehicles with Wi-Fi equipment.
Online-learning.jpg Guidance and Resources for Connectivity
This page is the list of available guidances and resources for connectivity during pandemic.
Considerations for managing IoT.png Managing Cybersecurity and Privacy Risk for Smart Public Safety IoT Devices and Systems
This use case provides a notional approach to address cybersecurity and privacy risks related to incorporating IoT in smart public safety applications. This use case posits some of the major activities, key stakeholders, and potential resources for each step of the cybersecurity and privacy risk management process.
Service Guide.jpg Risk Assessment and Prioritization in the Smart City Cyber Resilience Planning Process
This use case summarizes an engagement between a GCTC Action Cluster member, Adaptable Security Corp (ADA), and a California municipality, focusing on how the risk management process, with a particular focus on risk assessment and prioritization, played a critical role in the overall cyber resilience planning process. The content covered in this use case primarily aligns with the Prepare, Select, Assess, and Monitor steps of the RMF.
San Mateo Vuln map.jpg Risk Assessment in the County of San Mateo, California
This use case describes how risk assessment has been implemented in the County of San Mateo, California, and identifies activities that align most closely with the Step 0: Prepare and Step 6: Monitor steps of the risk management process. However, the assessment process and the outputs from the assessment also involve elements from and inform all of the other risk management steps (i.e., Step 1: Categorize, Step 2: Select, Step 3: Implement, Step 4: Assess, Step 5: Authorize). Refer to Appendix B of this Guidebook for an example of the risk assessment questionnaire and its application.
Phases-of-risk-image.png Risk Management in a Privacy-Specific Context
This use case describes how the risk management concepts and processes presented in this Guidebook apply in privacy-specific applications. Given the overlapping relationship of cybersecurity and privacy, much of the information in this use case may sound similar to, or even identical to, aspects of cybersecurity risk management. This reinforces the notion that cybersecurity and privacy are closely related and should generally be considered in tandem.

Blueprint Chapters

PrivacyChapter.jpg Benefits and Cybersecurity and Privacy Risks
Cities and communities stand to harvest unprecedented benefits from advances in information and communications technologies (ICT), in general, and Internet of Things (IoT) and Artificial Intelligence (AI), in particular. Smart cities inevitably introduce new or heighten existing cyber risks, which demand proper consideration in design to ensure the optimal realization of intended Smart City outcomes.
IoTChapter.jpg Internet of Things
The scope of this Blueprint will be on the IoT networks themselves – the physical and logical layers, not necessarily the software applications and data generated therefrom.
ConsiderationsChapter.jpg Key Smart City Risk Management Considerations
Operationalizing and standardizing risk management across the organization is critical for minimizing cybersecurity and privacy risks during the development and operation of Smart City capabilities and solutions. It will be up to cities and their partners to determine the appropriate risk management policies and processes to adopt and implement based on their current risk management practices, risk posture, and their risk management strategy. While aspects of risk management may seem daunting and challenging, there are certainly opportunities that cities can leverage to their advantage.
Risk-management.jpg Trustworthy Smart Cities through Risk Management
Organizations participating in the Smart City environment – whether as municipalities, critical infrastructure operators, product or service providers, or citizens – already consider at least some aspects of risk (e.g., business risk, reputational risk) in the development and deployment of Smart City capabilities and solutions. And one growing area of risk is cybersecurity and privacy risk.