|
|
||||||||||||||||||
...
Describe performance against each Laboratory Management Performance Measure, as detailed in each function’s Assurance Plan.
Cyber Security Incident Analysis
Berkeley Lab experienced a "normal" incident profile in Q2. Instances of malicious code were within current trends and there were no instances of mal code escalation or compromise of other hosts at the Laboratory. Newer detection measures implemented over the past 18 months continue to pay dividends in terms of speedy detection of these issues. Two classic stolen credential incidents occurred during the quarter, both of which were well contained. In one the attackers paid particularly good attention to covering their tracks, though the forensics were still completed normally. That same incident also showed that the SSH credential attackers continue to expand their portfolio of tricks in ways that attempt to subvert our newer controls.
Also in the realm of incident analysis, the Laboratory has begun to report the same data shared with BSO on incident trends on an annual basis in our Self Assessment and Risk Assessment, with Laboratory management as part of the Ops Dashboard.
System Availability and Function Data
Cyber security systems experienced normal uptime profiles during this quarter. Additional resiliency is expected from the Bro Cluster when it reaches full production status.
Training Completion
Percent of LBNL staff that have completed required cyber security training
Reported in real-time on demand as part of overall training reports to divsion representatives, and quarterly to cyber security management. Reported as a percentage of individuals completing training per requirements. Currently at XXXX% up to date (within target of 90%).
Training Feedback
Cyber Security Training received a feedback score of 3.84 on a scale of 1-5. Selected comment:
"This is refreshingly candid and useful in comparison to the drab equivalents found at other national labs and government installations. Kudos! "
Other
No other measures to report.
...
