A Critical cogitation on Critical Information Infrastructure
|
|
- Bonnie McLaughlin
- 5 years ago
- Views:
Transcription
1 보안공학연구논문지 (Journal of Security Engineering), 제 5권제 3 호, 2008년 6월 A Critical cogitation on Critical Information Infrastructure Byeong-Ho KANG 1) Abstract Communication services and networks provide the backbone of the Korean economy and are vital to government offices, businesses and citizens. They are often referred to as critical information infrastructure. Information infrastructures like telephone lines, fibre optic cables and computer networks rule our lives, and they have to be safe. While Critical Infrastructure (CI) is essentially national in character, CII (Particularly the Internet) is essentially international because it is more properly borderless in character. Control of Critical in Infrastructure is in the hands of providers and politicians who still have a confused picture about it. This paper discusses Critical Information Infrastructure in Korea and its organization. Keywords : Critical Infrastructure, Critical Information Infrastructure, Critical Infrastructure Protection 1. Introduction Critical information infrastructure (CII) is composed of key sectors of modern society, including those vital to the national security and the essential functioning of industrialized economies, are dependent on a spectrum of highly interdependent national and international software-based control systems for their continuous, smooth and reliable operation. This information infrastructure underpins many elements of the critical infrastructure (CI). The Critical information infrastructure is facing a continuous change towards new ways of interaction with societies: Most evident is the growing use of open systems to monitor and control operations of the CI as well as information technology, the convergence of the media and telecommunications technology towards integrated information and communication technologies. Large parts of the Korean economy are relying on this. Many services and processes have become increasingly dependent on the functioning of information and communication technology (ICT) networks. As these networks tend to be decentralized, highly interconnected and interdependent, failures of these infrastructures could cascade and spread beyond national borders. 2. Critical Infrastructure and Critical Information Infrastructure There is a lack of clarity between Critical Infrastructures and Critical Information Infrastructures in almost all Received(March 10, 2008), Review request(march 11, 2008), Review Result(1st:April 01, 2008, 2nd:April 21, 2008) Accepted(June 30, 2008) 1 Professor, University of Tasmania, Australia bhkang@utas.edu.au 201
2 A Critical cogitation on Critical Information Infrastructure documentation related to Critical Infrastructure. A common list of what are termed Critical Infrastructures has been arrived at: Finance, Energy, Food Supply, Health, Government Services, Law and order, Manufacturing, National Icons, Transport, Water, Waste Water, People, Education. Each of these has a reliance on Critical Information Infrastructure to a greater or lesser extent. Information Infrastructure is more prevalent in the OECD than elsewhere, and it can be said that in the areas of Finance, Food, Manufacturing, and Transport there is total reliance on Critical Information Infrastructure. That this is so should be reasonably obvious. However, for the sake of clarity it is worth pointing out that Finance depends on the electronic investment, commercial, and personal banking services to be maintained; food depends on the supermarket, and other outlets, reordering and just-in-time processes to function as a supply chain; manufacturing depends on a variety of Manufacturing Resource Programs to succeed and Transport depends heavily on electronic information, ticketing, and electronic control measures These infrastructures would simply not survive a collapse in the Critical Information Infrastructure. This is without necessarily introducing the Internet into the equation. All other Critical Infrastructures also have heavy dependence on electronic information systems. In many cases they are now dependent on Information Infrastructure; it is just that in these cases there is a possibility of returning to some form of manual alternative. Critical Information Infrastructure is proportionally more important than all other infrastructures because there is a dependence on Critical Information Infrastructure by all other infrastructures. It is important; therefore, to understand how well advanced the various parts of the Critical Information Infrastructure industry is in protecting itself and customers from this perspective. The operation of Critical Information Infrastructure demands in terms of an approach a series of approaches and standards to make operation of information technologies safe. As yet, most of such development is in private hands and not coordinated, except at an information level, by any national or international body. From a practical standpoint some have realized much of the difficulty in managing Critical Information Infrastructure. The critical information infrastructure is crucial in providing public safety and stable services that are essential for everyday life. The following sectors are counted among the critical infrastructures that are heavily dependent on information and telecommunication technologies in Korea. Gas and Energy Transportation Telecommunication E-Government and National Government 202 Administration National security Emergency / Disaster Recovery Services
3 보안공학연구논문지 (Journal of Security Engineering), 제 5권제 3 호, 2008년 6월 National Defense Media Service Financial Service 2.1 CI and CII Critical Infrastructure Protection is more than Critical Information Infrastructure Protection, but Critical Information Infrastructure Protection is an essential part of Critical Infrastructure Protection. There is at least one characteristic for the distinction of the two concepts. While Critical Infrastructure Protection comprises all critical sectors of a nations infrastructure, Critical Information Infrastructure Protection is only a subset of a comprehensive protection effort, as it focuses on the Critical Information Infrastructure. The definition of exactly what should be subsumed under CI, and what under CII, is another question. Generally, the CII is that part of the global or national Information Infrastructure that is essentially necessary for the continuity of a country s critical infrastructure services. The CII, to a large degree, consist of, but is not fully congruent with the information and telecommunications sector, and includes components such as telecommunications, computers/software, the Internet, satellites, fiber-optics etc. The term is also used for the totality of interconnected computers and networks and their critical information flows. Protection of the CII has become especially important due to two reasons: their invaluable and growing role in the economic sector and their interlinking role between various infrastructure sectors and the essential requirement that other infrastructures function at all times. There are, moreover, several features that demand a clear distinction between CI and CII: First of all, the system characteristics of the emerging Information Infrastructure differ radically from traditional structures, including earlier Information Infrastructures. They differ in terms of scale, connectivity, and dependencies. This means that understanding them will require new analytical techniques and methodologies that are not yet available. Secondly, it appears that cyber-threats are evolving rapidly both in terms of their nature and of their capability to cause harm, so that protective measures require continual technological improvements and new approaches. The International CIIP handbooks, Dunn and Wigert (2009) [8], developed by the Swiss Federal Institute of Technology in Zurich have a high reputation. They are one of few authoritative sources of any research on Critical Infrastructure and Critical Information Infrastructure. However, they have a problem, confirmed by research for this book, with defining these terms. They comment that Critical Infrastructure is both global and national, and so is Critical Information Infrastructure. Critical Infrastructure is reviewed, as is to a lesser extent, Critical Information Infrastructure, against country models. Yet Critical Infrastructure is essentially national in character, and Information Infrastructures (particularly the Internet and World Wide Web) are essentially international in character. 203
4 A Critical cogitation on Critical Information Infrastructure 3. Public Sector Control A number of national and international mechanisms for developing public private partnerships and the sharing of information have been established. In terms of Critical Information Infrastructure many of them are operationally weak. All are relatively strong in terms of initiating Public Private Partnerships and Information Sharing Organizations. Public Private Partnerships are important to Critical Information Protection. This is because much of the infrastructure is in private hands. Yet in a review of OECD countries the Government takes no active operational steps. It acts as a facilitator in almost every case. This is not really good enough given the importance of the infrastructure. The commonly understood information sharing bodies, in a public private context, for Critical Information Infrastructure are CERTs and WARPs. CERT (pronounced SUHRT), officially called the CERT Coordination Center, is the Internet's official emergency team. [Fig. 1] CIIP in Korea. WARP is an acronym for Warning, Advice and Reporting Point. A WARP is a community or internal company based service to share advice and information on computer-based threats and vulnerabilities. 4. Critical Information Infrastructure in South Korea In general, all governmental organizations and their subsidiary organizations are in charge of CIIP. The National Cyber Security Center (NCSC) coordinates the efforts of these departments and agencies. In the field of cyber-crime investigation and prevention, the Internet Crime Investigation Center (ICIC) under the authority of the Supreme Public Prosecutors Office plays a central role. The Electronics & Telecommunications Research Institute has the leadership in developing technology and providing support to protect critical information 204
5 보안공학연구논문지 (Journal of Security Engineering), 제 5권제 3 호, 2008년 6월 infrastructure. The Ministry of Public Administration and Security, the Korea Communications Commission (the former Ministry of Information and Communication), and the Korea Internet Security Center (KISC; KrCERT / CC) within the Korean Information Security Agency (KISA) are undertaking efforts to foster a culture of safe internet and telecommunication networks. In addition, the structure of government organization was changed in February According to new regime plan, the Ministry of Information and Communication was abolished, and its functions in the area of information security were transferred to several ministries: the Ministry of Public Administration and Security, the Ministry of Knowledge and Economy, and the Korea Communication Commission. Therefore, the Ministry of Public Administration and Security, the Korea Communications Commission, and the Ministry of Knowledge and Economy have begun sharing CIIP-related responsibilities in Korea. As a public-private partnership, the national Information Security Alliance (NISA) strives to improve information security by fostering information exchange between governmental agencies, enterprises, and research institutes. The following sectors are counted among the critical infrastructures that are heavily dependent on information and telecommunication technologies. E-Government National Government Administration National security Emergency / Disaster Recovery Services National Defense Media Service Financial Service Gas and Energy Transportation Telecommunication 5. Organization All governmental organizations and their subsidiary organizations are in charge of CIIP. The National Cyber Security Center coordinates the efforts of these departments and agencies. In the field of cyber-crime investigation and prevention, the Internet Crime Investigation Center under the authority of the Supreme Public Prosecutors Office plays a central role. The Electronics & Telecommunications 205
6 A Critical cogitation on Critical Information Infrastructure Research Institute has the leadership in developing technology and providing support to protect critical information infrastructure. The Ministry of Public Administration and Security, the Korea Communications Commission (the former Ministry of Information and Communication), and the Korea Internet Security Center (KISC; KrCERT / CC) within the Korean Information Security Agency (KISA) are undertaking efforts to foster a culture of safe internet and telecommunication networks. In addition, the structure of government organization was changed in February According to new regime plan, the Ministry of Information and Communication was abolished, and its functions in the area of information security were transferred to several ministries: the Ministry of Public Administration and Security, the Ministry of Knowledge and Economy, and the Korea Communication Commission. Therefore the following have begun sharing CIIP-related responsibilities in Korea: the Ministry of Public Administration and Security, the Korea Communications Commission, and the Ministry of Knowledge and Economy. 6. Critical Information Infrastructure Protection Act 2001 The National Information Security Alliance (NISA) was established in September 2002 to improve information security by facilitating information exchange, presenting policies, and concentrating pan-governmental efforts. The alliance consists of 22 major governmental organizations, such as the Ministry of National Defense, the Ministry of Public Administration and Security, and the Korea Communications Commission, as well as information security officials from 17 public enterprises, communication network providers, the Korea Information Security Industry Association, research institutes, and experts from industry and academia. One main aspect of NISA s work is the executive meeting of chairpersons of the National Information Security Alliance, the Public Enterprise Information Security Alliance, and the Industrial-Educational-Research Information Security Alliance as a way of improving cooperation, while guaranteeing the autonomy of each of these actors within the alliance. The Act on Private Information Protection of Public Organizations, the Act on Promotion of Electronic Administration for e-government, and the Resident Registration Act in the public sector, as well as the Act on Promotion of Utilization of Information and Communication Network and Information Protection in the private sector deal with private information security systems. 7. Information Systems and Telecommunication Networks Protection Since attacks on telecommunication networks and information systems increases, the need for a systematic national-level protection system has become urgent. The Framework Act on Information Promotion, the Critical Information Infrastructure Protection Act, the Act on the Promotion of Utilization of Information and 206
7 보안공학연구논문지 (Journal of Security Engineering), 제 5권제 3 호, 2008년 6월 Communication Network Utilization and Information Protection, the e-commerce Framework Act, the e-government Act, the Act on Trade Automation Promotion, the Act on Industrial Infrastructure, and the Freight Distribution Promotion Act have been passed to protect information systems and telecommunication networks. 8. Conclusion Critical Information Infrastructure Protection (CIIP) is concerned with protection for telecommunication networks and information systems which are working as critical infrastructures significantly affecting quality of life, safety, and economic activities. In a country like Korea, where the utilization of CIIs are very common, it is better to understand and prepare this CII from threats. In this paper, we presented CII in Korea and discuss how the government Manages it since it is a National Concern. References [1] Critical Information Infrastructures: Resilience and Protection by Maitland Hyslop (2007) [2] WARP (information security) [3] What is Tech Target [4] Forum of Incident Response and Security Teams FIRST [5] CERT/CC [6] Act on Private Information Protection of Public Organizations (in Korean). [7] Elgin M. Brunner and Manuel Suter (2008) INTERNATIONAL CIIP HANDBOOK 2008 / 2009 [8] Isabelle Wigert & Myriam Dunn. Critical Information Infrastructure Protection (CIIP) Policies in Selected Countries: Findings of the CIIP Handbook [9] Korean Ministry of Government Legislation 207
8 A Critical cogitation on Critical Information Infrastructure Authors Byeong-Ho KANG He is a senior lecturer at the School of Computing, University of Tasmania, Australia and a head of Research and Development of a joint venture company, kmagent Pty.Ltd.,Hobart Australia. He received his Ph.D from the University of New South Wales, Sydney in 1996 and has worked in the Advanced Research Lab. HITACHI, Japan and Hoseo Univerity, Korea, before he joined the University of Tasmania in He also has worked in research and development projects with industries and research organizations, the Smart Internet Collaborative Research Centre, in Australia, the Asian Office of Aerospace Research Department, US in Japan. 208
CENTER FOR SECURITY STUDIES
CENTER FOR SECURITY STUDIES Swiss Federal Institute of Technology (ETH Zurich) A Generic National Framework for Critical Information Infrastructure Protection 2nd WSIS Action Line C5 Meeting ITU Headquarters,
More informationSTRATEGY ATIONAL. National Strategy. for Critical Infrastructure. Government
ATIONAL STRATEGY National Strategy for Critical Infrastructure Government Her Majesty the Queen in Right of Canada, 2009 Cat. No.: PS4-65/2009E-PDF ISBN: 978-1-100-11248-0 Printed in Canada Table of contents
More informationSpecial Action Plan on Countermeasures to Cyber-terrorism of Critical Infrastructure (Provisional Translation)
Special Action Plan on Countermeasures to Cyber-terrorism of Critical Infrastructure (Provisional Translation) December 15, 2000 1. Goals of the Special Action Plan The goal of this action plan is to protect
More informationCritical Infrastructure Protection (CIP) as example of a multi-stakeholder approach.
Critical Infrastructure Protection (CIP) as example of a multi-stakeholder approach. By Christopher Ganizani Banda ICT Development Manager Malawi Communications Regulatory Authority 24-26th July,2016 Khartoum,
More informationNATIONAL CYBER SECURITY STRATEGY. - Version 2.0 -
NATIONAL CYBER SECURITY STRATEGY - Version 2.0 - CONTENTS SUMMARY... 3 1 INTRODUCTION... 4 2 GENERAL PRINCIPLES AND OBJECTIVES... 5 3 ACTION FRAMEWORK STRATEGIC OBJECTIVES... 6 3.1 Determining the stakeholders
More informationResolution adopted by the General Assembly on 21 December [on the report of the Second Committee (A/64/422/Add.3)]
United Nations A/RES/64/211 General Assembly Distr.: General 17 March 2010 Sixty-fourth session Agenda item 55 (c) Resolution adopted by the General Assembly on 21 December 2009 [on the report of the Second
More informationU.S. Japan Internet Economy Industry Forum Joint Statement October 2013 Keidanren The American Chamber of Commerce in Japan
U.S. Japan Internet Economy Industry Forum Joint Statement 2013 October 2013 Keidanren The American Chamber of Commerce in Japan In June 2013, the Abe Administration with the support of industry leaders
More informationThe Australian Government s Approach to Critical Infrastructure Resilience
The Australian Government s Approach to Critical Infrastructure Resilience GNSS Workshop University of New South Wales 4 December 2013 Mr Kris Garred, Director Critical Infrastructure Policy Attorney-General
More informationThe Republic of Korea. economic and social benefits. However, on account of its open, anonymous and borderless
The Republic of Korea Executive Summary Today, cyberspace is a new horizon with endless possibilities, offering unprecedented economic and social benefits. However, on account of its open, anonymous and
More informationCommonwealth Cyber Declaration
Commonwealth Cyber Declaration Recognising that the development of cyberspace has made a powerful contribution to the economic, social, cultural and political life of the Commonwealth; Underlining that
More informationEnhancing the security of CIIPs in Europe - ENISA s Approach Dimitra Liveri Network and Information Security Expert
Enhancing the security of CIIPs in Europe - ENISA s Approach Dimitra Liveri Network and Information Security Expert European Union Agency For Network And Information Security Securing Europe s Information
More informationTransport and ICT Global Practice Smart Connections for All Sandra Sargent, Senior Operations Officer, Transport & ICT GP, The World Bank
WORLD BANK DONOR PERSPECTIVE ON CYBER SECURITY Transport and ICT Global Practice Smart Connections for All Sandra Sargent, Senior Operations Officer, Transport & ICT GP, The World Bank MYTH NUMBER ONE:
More informationConcept Note: GIDC. Feasibility Study(F/S) on Government Integrated Data Center (GIDC) for the Republic of Nicaragua
Concept Note: GIDC 1. Title of Proposed Project Feasibility Study(F/S) on Government Integrated Data Center (GIDC) for the Republic of Nicaragua 2. Organization Nicaraguan Institute for Telecommunications
More informationNational Cyber Incident Response - Architectural Concepts
CSIRT Contributions to National Cyber Incident Response: An Architectural Perspective with U.S. Examples Bradford J. Willke Team Lead, Information Security Assessment & Evaluation Survivable Enterprise
More informationOutreach and Partnerships for Promoting and Facilitating Private Sector Emergency Preparedness
2011/EPWG/WKSP/020 Session 4 Outreach and Partnerships for Promoting and Facilitating Private Sector Emergency Preparedness Submitted by: Australia Workshop on Private Sector Emergency Preparedness Sendai,
More informationBradford J. Willke. 19 September 2007
A Critical Information Infrastructure Protection Approach to Multinational Cyber Security Events Bradford J. Willke 19 September 2007 Overview A framework for national Critical Information Infrastructure
More informationISRAEL NATIONAL CYBER SECURITY STRATEGY IN BRIEF
SEPTEMBER 2017 ISRAEL NATIONAL CYBER SECURITY STRATEGY IN BRIEF STATE OF ISRAEL PRIME MINISTER S OFFICE NATIONAL CYBER DIRECTORATE Vision and Objective 5 Development of Israel s national cyber security
More informationCOMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN
COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN 24-27 July 2016 1 CONTENT INTRODUCTION POLICY OBJECTIVES POLICY AND LEGISLATIVE PRINCIPLES CYBER SECURITY STRATEGY CHALLENGES AND OPPORTUNITIES CAPACITY BUILDING
More informationGovernment-Industry Collaboration: 7 Steps for Resiliency in Critical Infrastructure Protection
Government-Industry Collaboration: 7 Steps for Resiliency in Critical Infrastructure Protection L. Laile Di Silvestro Senior Strategist Worldwide Public Sector Microsoft Government Industry Collaboration
More informationCritical Information Infrastructure Protection Law
Critical Information Infrastructure Protection Law CCD COE Training 8 September 2009 Tallinn, Estonia Maeve Dion Center for Infrastructure Protection George Mason University School of Law Arlington, Virginia.
More informationCyber Security Strategy
Cyber Security Strategy Committee for Home Affairs Introduction Cyber security describes the technology, processes and safeguards that are used to protect our networks, computers, programs and data from
More informationValérie Andrianavaly European Commission DG INFSO-A3
Security and resilience in the Information Society: towards a CIIP policy in the EU Valérie Andrianavaly European Commission DG INFSO-A3 valerie.andrianavaly@ec.europa.eu Network and information security:
More information19-20 September 2018 The Trans Resort Kuta, Bali - Indonesia
19-20 September 2018 The Trans Resort Kuta, Bali - Indonesia Strengthening Multi-Stakeholder Coordination and Improving ICT Sector-Wide Resilience in Preparation for Cyber Disruptions CIIP-ID Summit 2018
More informationSAINT PETERSBURG DECLARATION Building Confidence and Security in the Use of ICT to Promote Economic Growth and Prosperity
SAINT PETERSBURG DECLARATION Building Confidence and Security in the Use of ICT to Promote Economic Growth and Prosperity 1. We, APEC Ministers responsible for the Telecommunications and Information Industry,
More informationGlobal Alliance Against Child Sexual Abuse Online 2014 Reporting Form
Global Alliance Against Child Sexual Abuse Online 2014 Reporting Form MONTENEGRO Policy Target No. 1 Enhancing efforts to identify victims and ensuring that they receive the necessary assistance, support
More informationCritical Information Infrastructure Protection. Role of CIRTs and Cooperation at National Level
Critical Information Infrastructure Protection Role of CIRTs and Cooperation at National Level 1 Global Cybersecurity Agenda (GCA) GCA is designed for cooperation and efficiency, encouraging collaboration
More informationSecuring Europe's Information Society
Securing Europe's Information Society Dr. Udo Helmbrecht Executive Director European Network and Information Security Agency 16 June 2010 FIRST AGM Miami 16/6/2010 1 Agenda ENISA overview Challenges EU
More informationCyber Security and Cyber Fraud
Cyber Security and Cyber Fraud Remarks by Andrew Ross Director, Payments and Cyber Security Canadian Bankers Association for Senate Standing Committee on Banking, Trade, and Commerce October 26, 2017 Ottawa
More informationUAE National Space Policy Agenda Item 11; LSC April By: Space Policy and Regulations Directory
UAE National Space Policy Agenda Item 11; LSC 2017 06 April 2017 By: Space Policy and Regulations Directory 1 Federal Decree Law No.1 of 2014 establishes the UAE Space Agency UAE Space Agency Objectives
More informationNational Policy and Guiding Principles
National Policy and Guiding Principles National Policy, Principles, and Organization This section describes the national policy that shapes the National Strategy to Secure Cyberspace and the basic framework
More informationDisaster Management and Security Solutions to Usher in the IoT Era
Disaster Management and Solutions for a Safe and Secure Way of Life Overview Disaster Management and Solutions to Usher in the IoT Era Takeshi Miyao Toshihiko Nakano, Ph.D. 1. The Bright and Dark Sides
More informationHomeland Security and Geographic Information Systems
Page 1 of 5 Homeland Security and Geographic Information Systems How GIS and mapping technology can save lives and protect property in post-september 11th America Introduction Timely, accurate information,
More informationThe Federal Council s Basic Strategy. for Critical Infrastructure Protection
The Federal Council The Federal Council s Basic Strategy for Critical Infrastructure Protection Basis for the national critical infrastructure protection strategy 18 May 2009 Table of Contents 1 Introduction...
More informationPrinciples for a National Space Industry Policy
Principles for a National Space Industry Policy Commonwealth of Australia 2011 DIISR 11/144 This work is copyright. Apart from any use as permitted under the Copyright Act 1968, no part may be reproduced
More informationSecuring Europe s IoT Devices and Services
Securing Europe s IoT Devices and Services Dr. Evangelos OUZOUNIS Head of Unit - Secure Infrastructure and Services Validation Workshop Berlin 16 October 2015 European Union Agency for Network and Information
More information21ST OSCE ECONOMIC AND ENVIRONMENTAL FORUM
21ST OSCE ECONOMIC AND ENVIRONMENTAL FORUM Increasing stability and security: Improving the environmental footprint of energy-related activities in the OSCE region CONCLUDING MEETING Prague, 11 13 September
More informationCritical Infrastructure Resilience
Critical Infrastructure Resilience Climate Resilience Webinar Series U.S. Department of Housing and Urban Development Disclaimer This presentation is intended to provide communities and states with the
More informationCOUNCIL OF THE EUROPEAN UNION. Brussels, 24 May /13. Interinstitutional File: 2013/0027 (COD)
COUNCIL OF THE EUROPEAN UNION Brussels, 24 May 2013 Interinstitutional File: 2013/0027 (COD) 9745/13 TELECOM 125 DATAPROTECT 64 CYBER 10 MI 419 CODEC 1130 NOTE from: Presidency to: Delegations No. Cion
More informationProvisional Translation
Provisional Translation Environmental Change Vision to aim as a Goal Merger and Integration of Cyberspace and Real-space [expansion/penetration, progress of the use/application, global] Increasing Serious
More information1.What are critical infrastructures in Switzerland? CIP concept in Switzerland
Session 4 Addressing new frontiers in CI resilience Cyber risks and beyond Swiss application and insights Joint OECD-JRC Workshop on Critical Infrastructure Resilience Paris, 25 September 2018 Dr. Stefan
More informationcybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services
Enhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services European Union Agency for Network and Information Security Securing Europe s Information society 2
More informationStrengthening Disaster Readiness. Moving from capacity to capability
Strengthening Disaster Readiness Moving from capacity to capability Peter Scott-Bowden Senior Emergency Advisor Operations Department of Emergencies World Food Programme 21 September 2011 Page 1 21 September
More informationCOMMISSION STAFF WORKING DOCUMENT EXECUTIVE SUMMARY OF THE IMPACT ASSESSMENT. Accompanying the document
EUROPEAN COMMISSION Strasbourg, 7.2.2013 SWD(2013) 31 final COMMISSION STAFF WORKING DOCUMENT EXECUTIVE SUMMARY OF THE IMPACT ASSESSMENT Accompanying the document Proposal for a Directive of the European
More informationPD 7: Homeland Security Presidential Directive 7: Critical Infrastructure Identification, Prioritization, and Protection
PD 7: Homeland Security Presidential Directive 7: Critical Infrastructure Identification, Prioritization, and Protection December 17, 2003 SUBJECT: Critical Infrastructure Identification, Prioritization,
More informationPromoting Global Cybersecurity
Promoting Global Cybersecurity Presented to ITU-T Study Group 17 Geneva, Switzerland 6 October 2005 Robert Shaw ITU Internet Strategy and Policy Advisor ITU Strategy and Policy Unit 1 Agenda Critical Infrastructures
More informationhow to manage risks in those rare cases where existing mitigation mechanisms are insufficient or impractical.
Contents Introduction... 2 Purpose of this paper... 2 Critical Infrastructure Security and Resilience... 3 The National Security Environment... 5 A Proactive and Collaborative Approach... 7 Critical Infrastructure
More informationThe Role of ENISA in the Implementation of the NIS Directive Anna Sarri Officer in NIS CIP Workshop Vienna 19 th September 2017
The Role of ENISA in the Implementation of the NIS Directive Anna Sarri Officer in NIS CIP Workshop Vienna 19 th September 2017 European Union Agency for Network and Information Security Positioning ENISA
More informationMs. Izumi Nakamitsu High Representative for Disarmament Affairs United Nations
Opening Remarks by Ms. Izumi Nakamitsu, High Representative for Disarmament Affairs, at the High-Level Event on Cyber Security, hosted by the Prime Minister of Bangladesh Ms. Izumi Nakamitsu High Representative
More informationCybersecurity & Digital Privacy in the Energy sector
ENERGY INFO DAYS Brussels, 25 October 2017 Cybersecurity & Digital Privacy in the Energy sector CNECT.H1 Cybersecurity & Digital Privacy, DG CNECT ENER.B3 - Retail markets; coal & oil, DG ENER European
More informationResolution adopted by the General Assembly. [without reference to a Main Committee (A/62/L.30 and Add.1)]
United Nations A/RES/62/91 General Assembly Distr.: General 8 February 2008 Sixty-second session Agenda item 71 (a) Resolution adopted by the General Assembly [without reference to a Main Committee (A/62/L.30
More informationDiscussion on MS contribution to the WP2018
Discussion on MS contribution to the WP2018, 30 January 2018 European Union Agency for Network and Information Security Possibilities for MS contribution to the WP2018 Expert Groups ENISA coordinates several
More informationCYBERCRIME AS A NEW FORM OF CONTEMPORARY CRIME
FACULTY OF LAW DEPARTEMENT: CIVIL LAW MASTER STUDY THEME: CYBERCRIME AS A NEW FORM OF CONTEMPORARY CRIME Mentor: Prof. Ass. Dr. Xhemajl Ademaj Candidate: Abdurrahim Gashi Pristinë, 2015 Key words List
More informationAbout Issues in Building the National Strategy for Cybersecurity in Vietnam
Vietnam Computer Emergency Response Team - VNCERT About Issues in Building the National Strategy for Cybersecurity in Vietnam Vu Quoc Khanh Director General Outline Internet abundance Security situation
More informationControl Systems Cyber Security Awareness
Control Systems Cyber Security Awareness US-CERT Informational Focus Paper July 7, 2005 Produced by: I. Purpose Focus Paper Control Systems Cyber Security Awareness The Department of Homeland Security
More informationDrinking Water Emergency Management Ministry of the Environment 2012 Drinking Water Leadership Summit October 25, 2012
Drinking Water Emergency Management Ministry of the Environment 2012 Drinking Water Leadership Summit October 25, 2012 Christine Campbell Team Leader, Drinking Water Emergency Planning Ministry of the
More informationThe NIS Directive and Cybersecurity in
The NIS Directive and Cybersecurity in ehealth Dr. Athanasios Drougkas Officer in NIS Belgian Hospitals Meeting on Security Brussels 13 th October European Union Agency For Network And Information Security
More informationBrussels, 19 May 2011 COUNCIL THE EUROPEAN UNION 10299/11 TELECOM 71 DATAPROTECT 55 JAI 332 PROCIV 66. NOTE From : COREPER
COUNCIL OF THE EUROPEAN UNION Brussels, 19 May 2011 10299/11 TELECOM 71 DATAPROTECT 55 JAI 332 PROCIV 66 NOTE From : COREPER To: COUNCIL No Cion. prop.: 8548/11 TELECOM 40 DATAPROTECT 27 JAI 213 PROCIV38
More informationDoug Couto Texas A&M Transportation Technology Conference 2017 College Station, Texas May 4, 2017
Cyber Concerns of Local Government and What Does It Mean to Transportation Doug Couto Texas A&M Transportation Technology Conference 2017 College Station, Texas May 4, 2017 Transportation and Infrastructure
More informationCybersecurity in Asia-Pacific State of play, key issues for trade and e-commerce
Cybersecurity in Asia-Pacific State of play, key issues for trade and e-commerce 5-8 September 2017 Yogyakarta, Indonesia Sameer Sharma Senior Advisor ITU Digital Infrastructure for Connectivity SDGs Evolution
More informationREGIONAL WORKSHOP ON E-COMMERCE LEGISLATION HARMONIZATION IN THE CARIBBEAN COMBATING CYBERCRIME: TOOLS AND CAPACITY BUILDING FOR EMERGING ECONOMIES
REGIONAL WORKSHOP ON E-COMMERCE LEGISLATION HARMONIZATION IN THE CARIBBEAN COMBATING CYBERCRIME: TOOLS AND CAPACITY BUILDING FOR EMERGING ECONOMIES Port of Spain 30 September 2015 David Satola Why combatting
More informationCommitted to connecting the world
ITU-T: Standardization Sector Produces standards covering all fields of telecommunications on a worldwide basis and defines tariff and accounting principles for international telecommunication services
More informationCritical Infrastructure Analysis and Protection - A Case for Secure Information Exchange. August 16, 2016
Critical Infrastructure Analysis and Protection - A Case for Secure Information Exchange Dennis Denham Ssempereza - CISA, CISM, CRISC August 16, 2016 About me! Involved in Risk Management and Security
More informationItu regional workshop
Itu regional workshop "Key Aspects of Cybersecurity in the Context of Internet of Things (IoT) Natalia SPINU 18 September, 2017 Tashkent, Uzbekistan AGENDA 1. INTRODUCTI ON 2. Moldovan public policy on
More informationCritical Infrastructure Protection & Resilience Europe / Asia. Conference Discussion Reviews
Critical Infrastructure Protection & Resilience Europe / Asia Conference Discussion Reviews Torch Marketing / KNM Media Delivering strategic routes to critical markets Why Critical Infrastructure Protection
More informationGarry Mukelabai Communications Authority Zambia
Garry Mukelabai Communications Authority Zambia ICT in Zambia. Current and Future Legislations. Way Forward? Pop 12 million. Zambia pioneers of internet in region. Over 10 Internet Service Providers Internet
More informationcybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services
Enhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services European Union Agency for Network and Information Security Securing Europe s Information society 2
More informationFuture Resilience of the UK Electricity System Are we resilient to meet the needs of this rapidly changing world?
Future Resilience of the UK Electricity System Are we resilient to meet the needs of this rapidly changing world? 15th January 2019 Aim of this Energy Research Partnership Project Is to identify and assess
More informationSecurity and resilience in the Information Society: the role of CERTs/CSIRTs in the context of the EU CIIP policy
Security and resilience in the Information Society: the role of CERTs/CSIRTs in the context of the EU CIIP policy Andrea Glorioso European Commission DG INFSO-A3 Andrea.Glorioso@ec.europa.eu Network and
More informationWSIS Forum 2012-Identifying Emerging Trends and a Vision beyond 2015!
FACILITATED BY: WSIS Forum 2012-Identifying Emerging Trends and a Vision beyond 2015! WSIS Forum 2012 was held from the 14-18th of May in Geneva. WSIS Forum 2012 resulted in an Outcome Document that aims
More informationInformation Sharing and Cooperation
Information Sharing and Cooperation Building Partnerships Between Private and Public Actors SANS 2008 European Community SCADA and Process Control Summit, 8-11 September, Amsterdam Dr. Åke J. Holmgren
More informationEU policy on Network and Information Security & Critical Information Infrastructures Protection
EU policy on Network and Information Security & Critical Information Infrastructures Protection Köln, 10 March 2011 Valérie ANDRIANAVALY European Commission Directorate General Information Society and
More informationCommonwealth Telecommunications Organisation Proposal for IGF Open Forum 2017
Commonwealth Telecommunications Organisation Proposal for IGF Open Forum 2017 Title: Facilitating Investment in Cybersecurity as a means of achieving the Sustainable Development Goals Description: Information
More informationDirective on Security of Network and Information Systems
European Commission - Fact Sheet Directive on Security of Network and Information Systems Brussels, 6 July 2016 Questions and Answers The European Parliament's plenary adopted today the Directive on Security
More informationEISAS Enhanced Roadmap 2012
[Deliverable November 2012] I About ENISA The European Network and Information Security Agency (ENISA) is a centre of network and information security expertise for the EU, its Member States, the private
More informationTO INSPIRE, CONNECT AND EMPOWER TO TURN BACK CRIME
INTERPOL FOUNDATION TO INSPIRE, CONNECT AND EMPOWER TO TURN BACK CRIME TOGETHER WE CAN MAKE THE WORLD SAFER Every age is defined by the innovations it brings, the way in which it responds to the major
More informationPart 1: Critical Infrastructures and Their Reliance on Critical Information Infrastructures
Title: Managing Risk to Critical Infrastructures at the National Level Transcript Part 1: Critical Infrastructures and Their Reliance on Critical Information Infrastructures Julia Allen: Welcome to CERT's
More informationCYBER INCIDENT REPORTING GUIDANCE. Industry Reporting Arrangements for Incident Response
CYBER INCIDENT REPORTING GUIDANCE Industry Reporting Arrangements for Incident Response DfT Cyber Security Team CYBER@DFT.GSI.GOV.UK Introduction The Department for Transport (DfT) has produced this cyber
More informationBackground Note on Possible arrangements for a Technology Facilitation Mechanism and other science, technology and innovation issues
Background Note on Possible arrangements for a Technology Facilitation Mechanism and other science, technology and innovation issues Introduction This background note outlines, in a non-exhaustive manner,
More informationVulnerability Analysis of information systems (Modeling of interaction between information systems and social infrastructures)
Vulnerability Analysis of information systems (Modeling of interaction between information systems and social infrastructures) Ichiro Murase Team Leader of Security Technology Team, Information Technology
More informationCybersecurity Strategy of the Republic of Cyprus
Cybersecurity Strategy of the Republic of Cyprus George Michaelides Commissioner of Electronic Communications and Postal Regulation http://www.ocecpr.org.cy 12 th February 2016 Cybersecurity Strategy of
More informationCyber Security is a Team Sport
Cyber Security is a Team Sport UISGCON13 Kauto Huopio Chief Specialist Finnish Communications Regulatory Authority (FICORA) / National Cyber Security Centre (NCSC-FI) What this talk is and isn't about..
More informationCyber Security in Europe
Cyber Security in Europe ENISA supporting the National Cyber Security Strategies An evaluation framework Liveri Dimitra Security and Resilience of Communication Networks Officer www.enisa.europa.eu Securing
More informationGENERIC CONTROL SYSTEM ARCHITECTURE FOR CRITICAL INFRASTRUCTURE PROTECTION
GENERIC CONTROL SYSTEM ARCHITECTURE FOR CRITICAL INFRASTRUCTURE PROTECTION Hrvoje Sagrak 1 Introduction In an interconnected world that we live in, protection of our societies and values relies highly
More informationUAE Space Policy Efforts Towards Long Term Sustainability of Space Activities Agenda Item 4; COPUOS June 2017 By: Space Policy and
UAE Space Policy Efforts Towards Long Term Sustainability of Space Activities Agenda Item 4; COPUOS 2017 07-16 June 2017 By: Space Policy and Regulations Directory 1 The UAE will build the first city on
More informationCybersecurity Presidential Policy Directive Frequently Asked Questions. kpmg.com
Cybersecurity Presidential Policy Directive Frequently Asked Questions kpmg.com Introduction On February 12, 2013, the White House released the official version of the Presidential Policy Directive regarding
More informationFundamentals of Cybersecurity/CIIP. Building Capacity: Using a National Strategy & Self-Assessment
Fundamentals of Cybersecurity/CIIP Building Capacity: Using a National Strategy & Self- Presented to: 2009 ITU Regional Cybersecurity Forum for Asia-Pacific Connecting the World Responsibly 23-25 25 September
More informationAssessment of the progress made in the implementation of and follow-up to the outcomes of the World Summit on the Information Society
ECOSOC Resolution 2008/3 Assessment of the progress made in the implementation of and follow-up to the outcomes of the World Summit on the Information Society The Economic and Social Council, Recalling
More informationBRIEFING COMBATING CYBERCRIME: TOOLS AND CAPACITY BUILDING FOR EMERGING ECONOMIES. Geneva 18 April David Satola
BRIEFING COMBATING CYBERCRIME: TOOLS AND CAPACITY BUILDING FOR EMERGING ECONOMIES Geneva 18 April 2016 David Satola Why combatting cybercrime matters to the World Bank Demand for a single source of access
More informationIJESRT. (I2OR), Publication Impact Factor: (ISRA), Impact Factor: 2.114
IJESRT INTERNATIONAL JOURNAL OF ENGINEERING SCIENCES & RESEARCH TECHNOLOGY EVALUATING ISO STANDARDS APPLICATION OF SECURITY REQUIREMENTS OF E- BANKING IN SUDAN Inshirah M. O. Elmaghrabi*, Hoida A. Abdelgadir,
More informationWORKSHOP CYBER SECURITY AND CYBERCRIME POLICIES FOR AFRICAN DIPLOMATS. Okechukwu Emmanuel Ibe
WORKSHOP CYBER SECURITY AND CYBERCRIME POLICIES FOR AFRICAN DIPLOMATS Okechukwu Emmanuel Ibe INTRODUCTION The Intelligence and Security Committee (ISC) is a Unit in the Office of the Chairperson of the
More informationCHAIR S SUMMARY: G7 ENERGY MINISTERS MEETING
CHAIR S SUMMARY: G7 ENERGY MINISTERS MEETING 1 CHAIR S SUMMARY: G7 ENERGY MINISTERS MEETING Under Canada s G7 presidency, Energy Ministers or their representatives from Canada, France, Germany, Italy,
More informationEnhancing the cyber security &
Enhancing the cyber security & resilience of transport infrastructure in Europe European Union Agency for Network and Information Security Securing Europe s Information society 2 Positioning ENISA activities
More informationA framework for community safety and resilience
11/21/08 1:01 PM Page 1 Red Cross Red Crescent support to the Millenium Development Goals Building community safety and resilience Millenium Development Goals Community safety and resilience Red Cross
More informationCaribbean Private Sector Network meeting 24 August 2017, Ministry of Trade, Port-of-Spain, Trinidad and Tobago
Caribbean Private Sector Network meeting 24 August 2017, Ministry of Trade, Port-of-Spain, Trinidad and Tobago Background The Sendai Framework for Disaster Risk Reduction 2015-2030 1 was adopted by United
More informationKOBE REPORT draft Report of Session 5.4, Thematic Cluster 5. Telecommunications Saves Lives: role of information and communication technologies
KOBE REPORT draft Report of Session 5.4, Thematic Cluster 5 Telecommunications Saves Lives: role of information and communication technologies 1. Summary Chair: Dr Cosmas L. Zavazava, Head, Unit for Least
More informationENISA Cooperation in the EU / NIS Directive
ENISA Cooperation in the EU / NIS Directive Paulo Empadinhas Head of Administration & Stakeholders Relations IT STAR Milan, Italy 28 th October 2016 European Union Agency for Network and Information Security
More informationConnecting the Connectivities Symposium 11 June Thailand
Connecting the Connectivities Symposium 11 June 2018 Thailand Fatouma Toure Ibrahima Operations Adviser Infrastructure and Urban Development Hub Singapore POPULATION NOT EVENLY DISTRIBUTED AROUND THE WORLD
More informationBack to the Future Cyber Security
Back to the Future Cyber Security A manifesto for Cyber Security and the Industrial Legacy Introduction Industrial facilities and infrastructure form the core of our economy and society. These advanced
More informationG7 Bar Associations and Councils
COUNTRY PAPER UNITED STATES G7 Bar Associations and Councils SEPTEMBER 14, 2017 ROME, ITALY The American Bar Association P R E F A C E As we have witnessed, cyber terrorism is an extremely serious threat
More informationMetro Ethernet for Government Enhanced Connectivity Drives the Business Transformation of Government
Metro Ethernet for Government Enhanced Connectivity Drives the Business Transformation of Government Why You Should Choose Cox Metro Ethernet To meet the critical demands of better supporting local emergency
More information