Secure Tomorrow Series Toolkit

Overview

The Secure Tomorrow Series Toolkit is a diverse array of interactive and thought-provoking products uniquely designed to assist stakeholders across the critical infrastructure community to self-facilitate and conduct strategic foresight activities that will enable them to derive actionable insights about the future, identify emerging risks, and develop risk management strategies that, if taken today, could enhance long-term critical infrastructure security and resilience to implement now.

Central to the Secure Tomorrow Series effort is the selection of topics that are likely to have highly disruptive impact across multiple National Critical Functions. To this end, the National Risk Management Center worked with subject matter experts from academia, think tanks, the private sector, and the National Labs to help build and refine the knowledge base that underlies the Toolkit activities. This iteration of the Toolkit focuses on three topic areas: (1) anonymity and privacy, (2) trust and social cohesion, and (3) data storage and transmission.

These free voluntary resources are available to stakeholders in every critical infrastructure sector. More specifically, the Toolkit will assist users in identifying and examining risk mitigation strategies, managing uncertainty and encouraging strategic foresight methods in their long-term planning.

Toolkit Activities

The Toolkit provide a powerful means of increasing risk awareness, identifying risk mitigation solutions, and encouraging systems-level thinking and long-term planning. Specifically, it contains game templates; facilitator, player, and controller guides; read-ahead materials, and other materials needed for users to self-facilitate four different activities:

• Scenarios workshop: Participants explore four different future scenarios (Life Under a Microscope, A Fragmented World, Deep Disinformation, and A New Wave of Cooperation), and identify a set of strategies that would most effectively mitigate risk across all the scenarios.

• Threat timelines activity: Players generate fictional news headlines that describe future security threats to a particular technology or system. Through these headlines, players think about plausible futures, reflect on potential threats to critical infrastructure security and resilience; and identify corresponding mitigating actions that can be put into motion today.

• Matrix games: Players tackle incidents and trends that could negatively affect the U.S. in the future and debate strategies to mitigate accompanying risks to critical infrastructure security and resilience.

• Cross-impacts sessions: Participants brainstorm ideas on how key risk drivers to the three topics might affect different NCFs.

By downloading the Toolkit, users will learn how to conduct foresight activities that will enable them to derive actionable insights about the future, identify emerging risks, and proactively develop corresponding risk management strategies they can implement now.

Getting Started with the Toolkit

The Toolkit includes guides to facilitate each activity. The number of participants and time requirements vary for the four activities. A matrix game takes 3 hours to play with 3–5 participants, whereas a scenarios workshop is a full-day activity involving between 30–40 participants.

As a starting point, please review the Scenarios Workshop Synopses about future risks, and then consider the Threat Timelines as a warm-up activity, and then move on to explore the Matrix Games and Cross Impacts depending on time and participant needs and interest.

Toolkit Next Steps

CISA’s National Risk Management Center is working on the next iteration of the Toolkit focused on the following topics: (1) synthetic biology; (2) brain computer interface (BCI); (3) quantum technologies (to include computing, communications, and sensors). The next Toolkit will be available in later this year.