Cyber Attack Information System CAIS. DI Thomas Bleier, MSc, CISSP, CEH
|
|
- Oswin Taylor
- 5 years ago
- Views:
Transcription
1 Cyber Attack Information System CAIS Cyber Attack Information System DI Thomas Bleier, MSc, CISSP, CEH AIT Austrian Institute of Technology Bundeskanzleramt Österreich Bundesministerium für Landesverteidigung und Sport Bundesministerium für Inneres FH St. Pölten OIIP Österreichisches Institut für Internationale Politik T-Mobile Austria T-Systems Austria NIC.AT / CERT.AT
2 AIT Austrian Institute of Technology Austria s larges non-university research center Focused on infrastructures of the future ±1000 Safety & Security Department: Guaranteeing efficiency and reliability of critical infrastructures, development and provision of futureoriented technologies
3 ICT Security AIT Research Topics o Security Engineering of large and complex systems o Facilitating Security by Design o National Cyber Defense o Efficiently security large-scale service-oriented architectures o Cloud Computing for high-assurance applications o Security and Risk Management for Smart Grids and Critical Infrastructures o Next Generation Key Management for Encryption Tools, Methodologies + Application Domains = Secure Systems
4 The problem The complexity of ICT systems is increasing o Landing on the moon with Lines of Code o Today: F-35 fighter jet: 5,7 Mio; Boeing 787: 6,5 Mio; Mercedes S-Class: 20 Mio; Chevrolet Volt: 100 Mio. Systems are getting more and more interconnected o Internet-of-Things, Always-on, Pervasive Computing o M2M (Machine-to-Machine) Communication o Virtual Infrastrucutures (Cloud), etc. Industry trend towards open network architectures o Open protocols (e.g. IP) o Increased number of third parties The dependency on ICT systems is increasing o Smart Grid, Smart Home, Smart City, Smart Phone o egovernment, ecommerce, ehealth, emobility
5 The CAIS project Cyber Attack Information System Austrian national research project Partly funded within the national security research programme KIRAS o By the Federal Ministry for Transport, Innovation and Technology Duration: 2 years, Project goal: to study concepts, models and approaches for setting up a national cyber center in order to keep track of ongoing incidents on a national level and establish/maintain situational awareness
6 Project consortium Coordinator: AIT Austrian Institute of Technology GmbH Project Partners: Federal Chancellery Federal Ministry of Defence and Sports Federal Ministry for the Interior University of Applied Sciences St. Pölten oiip - Austrian Institute for International Affairs T-Mobile Austria T-Systems Austria NIC.AT / CERT.AT
7 Starting position Dependence on ICT o Coupling of critical infrastructures via ICT o Novel areas like Cloud, Mobile Cyber terrorism (and cyber war) is reality! o Estonia, Stuxnet, Flame, etc. Different initiatives raising awareness and working on parts of the problem o e.g., Computer Emergency Response Teams (CERTs) Novel challenges for infrastructure providers o Detection of coordinated attacks towards multiple organizations o Collaborative protection through knowledge sharing Need for a Cyber Attack Information System on a national level!
8 National Cyber Defense - Goals Linking and coordinating existing initiatives o CERTs o National initiatives, e.g., crisis management Establishing situational awareness on a national level o Infer risks for society due to interdependent infrastructures Facilitating public-private partnerships o Private organizations delivering public services Maintaining organizational responsibility o Definition of roles, responsibilities, obligations etc. Activating inter-organizational collaboration o Information exchange e.g. regarding exploited vulnerabilities o Mutual aid in securing systems against current threats
9 National Situational Awareness Understand o Structure of networks and interdependencies o Availability of services o Ongoing business and operations Detect and predict o Undesired activities and their current or future impact on services, operation, or infrastructure Observe and analyze o Responsive actions and mitigation strategies and their success o Effectiveness of service recovery procedures on an organizational as well as national level! gather, filter, process, assess, analyze, interpret, comprehend, visualize, predict, inform, share
10 The CAIS Approach Cyclic approach similar to incident response methods Hierarchical structure: organizational vs. national level Stepwise Process 1. Monitoring Collect data about status of infrastructure 2. Anomaly Detection Detection of incidents 3. Decision Making Establishing situational awareness, collaborative approach 4. Instruction/Advice Discovery of targeted counter measures 5. Response Mitigation of effects, e.g., through infrastructure adaptation, service patching, etc
11 The CAIS Approach III. Decision Making IV. Advice II. Anomaly Detection III. Decision Making II. Anomaly Detection IV. Instruction II. Anomaly Detection II. Anomaly Detection V. Response V. Response I. I. Monitoring I. Monitoring 11 I. Monitoring
12 Advanced Incident Response Cycle Strategic evolution of an ICT infrastructure (green) o o o (1) Simulation of future threats and attacks (2) Planning and deployment of protection mechanisms (6) Periodic updates and maintenance Detection of on-going attacks (red) o o o (3) Anomaly detection (4) Evaluation of potential impact (5) Immediate effect mitigation Application of advanced modeling and simulation techniques
13 Pro-Active Simulation Analyzing the efficiency of deployed defense o Improved monitoring mechanisms o Adaptation of infrastructure o Update of incident response plans Simulation - Input o Updated (=to be) model of infrastructure o Historical contextual data from a verified anomaly/attack or o Expected network data of a potential attack Simulation - Output: o Resilience measure of to-be-model compared to as-is-model Learn about the resilience against potential future attacks (i.e., o Open create vulnerabilities a library of resilience patterns reflecting best practices against specific classes of attacks)
14 Re-Active Simulation Evaluation of potential causes and effects of attacks o Probability that a detected anomaly is actually an attack? o Potential effects on the overall national infrastructure? Simulation - Input o Current infrastructure models (services, dependencies, ) o Current network data (abstract view; including usage, etc.) o Explicit information about detected attacks towards a service Simulation - Output o Potential effects on other services (e.g., cascading effects) Learn more about currently ongoing large-scale attacks to o Support for root cause analysis better predict their impact on other services
15 CAIS Architecture - Organizational II. Anomaly Detection III. Decision Making IV. Instruction I. Monitoring IV. Response Conventional incident response cycle on organizational level Local monitoring of services Local anomaly detection Fast (local) response based on decisions within org. boundaries Local asset management Periodic reporting to cyber defense center (assets, anomalies, attacks)
16 Anomaly detection - local Distributed Log File Discovery Log File Aggregation Date Compression and Event Classification Event Clustering and Fingerprint Creation Compression, Obfusecation, and Reporting Log File Management Features: * Aggregationof varying source formats * Timstamp correction * Data compression Data Analysis Features: * Flexible event classification * Event clustering = fingerprints * Rule-based anomaly detection Reporting Features: * Human-assistance * Report generation * Privacy-aware data handling Collaborative anomaly detection approach Pre-processing of log file data within an organization Used for local event classification and anomaly detection Reporting interface to the national level
17 CAIS Architecture - National II. Anomaly Detection III. Decision Making IV. Advice I. Monitoring IV. Response Collective asset management (abstract level) Holistic simulation and centralized evaluation national situational awareness Complex threat analysis (e.g., distributed attacks) to infer consequences of a single attack (e.g., towards a single point of failure) Simulation of potential future threats to prepare countermeasures Planning coordinated counter measures and facilitating information sharing
18 Anomaly detection - global Scalable Data Collection Data Correlation and Aggregation Threat Simulation and Impact Evaluation National Decision Making Support and Advice Data Aggregation Features: * Scalable massive data collection * History management * Data fusion Simulation and Evaluation Features: * Infrastructure models * Fingerprint evaluation * Agent-based simulation Support and Advice Features: * Decision making * Coordinated notifications * Establishing mutual aid Collaborative anomaly detection approach Aggregation of data from different sources Correlation and data fusion to derive situational awareness info Simulation and prediction of impacts on national CI Feedback to the organizations
19 CAIS Architecture - combined
20 CAIS Roles - Organization Involved roles for fast and effective incident response o Periodically run through O1to O7 Roles and responsibilities designed to fit into most existing organizational structures o Typically there is a 1:n mapping from roles to persons NoC = Network Operating Center
21 CAIS Roles - National Involved roles for longterm strategic evolution of the national ICT infrastructure o o o Periodically run through N1to N11 (N1): reporting from organization (N11): advisory to organization
22 CAIS Roles - Combined Connecting roles on organizational and national level Additionally introduce national asset management (red) o Requesting information about organizational assets on demand, which are relevant for national data analysis and simulation purposes
23 MNE7 Multi-National Experiment 7 Military Experiment in several dimensions o Maritime, Air, Space, Cyber, Inter-Domain Understand./Planning o Participants: AUT, CAN, CHE, DEU, DNK, ESP, FIN, FRA, GBR, HUN, ITA, KOR, NOR, POL, SGP, SWE, TUR, USA, and NATO Each Domain structured in numerous objectives. For the Cyber Domain the objectives are: o Threats, Vulnerabilities and Risk Analysis o Information Sharing o Legal Understanding o Enabling Technologies - Cyber Situational Awareness Standard Operating Procedure (SOP) o Situational Awareness
24 MNE7 Multi-National Experiment 7 Work in context of this SOP includes: Cyber Center Roles and Responsibilities o Cyber Center SA Element o Cyber Center Execution Element o System Operator o Decision Maker Cyber Center SA Process Model o Data Collection Phase o Analysis Phase o Informing Phase Supporting Technologies o Monitoring Techniques o Anomaly Detection o Simulation and Forecast
25 Conclusion Since cyber attacks become increasingly sophisticated and coordinated, there is a strong need to also coordinate defense mechanisms Situational awareness is key to even detect attacks Infrastructure modeling and simulation is a central mechanism for preparation against future threats Close collaboration of all parties in the digital society is mandatory o Private organizations provide status reports about ongoing activities; in turn, they receive information about others in the same domain or having similar infrastructure assets. o Government evaluates the health status of critical infrastructures on a national level, accounting for interdependencies, and predict possible consequences of detected anomalies. Future Work: Currently the implementation of various introduced concepts is on-going. First evaluation results beginning of
26 Cyber Attack Information System Thank you! Questions? Thomas Bleier Dipl.-Ing. MSc zpm CISSP CEH Program Manager ICT Security, Safety & Security Department AIT Austrian Institute of Technology GmbH AIT Austrian Institute of Technology Bundeskanzleramt Österreich Bundesministerium für Landesverteidigung und Sport Bundesministerium für Inneres FH St. Pölten OIIP Österreichisches Institut für Internationale Politik T-Mobile Austria T-Systems Austria NIC.AT / CERT.AT CAIS Konsortium 26
ICT Security AIT
ICT Security Research @ AIT Federal Ministry for Transport, Innovation and Technology Federation of Austrian Industries 50,46% 49,54% Anomaly Detection and Incident Info Sharing Thomas Bleier Dipl.-Ing.
More informationSecurity Considerations in M2M Communications
Security Considerations in M2M Communications Applied Research Issues & Projects in the Austrian Institute of Technology (AIT) Dr. Markus Tauber Project Manager, ICT Security, Future Networks and Services,
More informationSecurity Challenges in Smart Distribution
Security Challenges in Smart Distribution Thomas Bleier Dipl.-Ing. MSc zpm CISSP CEH CISM Thematic Coordinator ICT Security Safety & Security Department AIT Austrian Institute of Technology GmbH Smart
More informationLegislative Framework
Legislative Framework forcip in Austria Sylvia Mayer Federal Agency for State Protection and Counter Terrorism Damage of 21 transmission masts Development in Europe andaustria EU, 2005: EPCIP(European
More informationCyber Security Technologies
1 / Cyber Security Technologies International Seminar on Cyber Security: An Action to Establish the National Cyber Security Center Lisbon, 12 th September 2013 23 / Key highlights - Thales Group Thales
More informationcybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services
Enhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services European Union Agency for Network and Information Security Securing Europe s Information society 2
More informationToday s cyber threat landscape is evolving at a rate that is extremely aggressive,
Preparing for a Bad Day The importance of public-private partnerships in keeping our institutions safe and secure Thomas J. Harrington Today s cyber threat landscape is evolving at a rate that is extremely
More informationThe NIS Directive and Cybersecurity in
The NIS Directive and Cybersecurity in ehealth Dr. Athanasios Drougkas Officer in NIS Belgian Hospitals Meeting on Security Brussels 13 th October European Union Agency For Network And Information Security
More informationEnhancing the cyber security &
Enhancing the cyber security & resilience of transport infrastructure in Europe European Union Agency for Network and Information Security Securing Europe s Information society 2 Positioning ENISA activities
More informationKlaus-Michael KOCH TECHNIKON Forschungsgesellschaft mbh DRS-workshop Vienna
This project has received funding from the European Union s Seventh Framework Programme for research, technological development and demonstration under grant agreement no 607577. Presented by: Klaus-Michael
More informationlocuz.com SOC Services
locuz.com SOC Services 1 Locuz IT Security Lifecycle services combine people, processes and technologies to provide secure access to business applications, over any network and from any device. Our security
More informationBontempiorgel. Mar7n LATZENHOFER
Bontempiorgel Mar7n LATZENHOFER Bontempiorgel Behoerdennetzwerk Implementierungsvorschlag für eine Staatsgrundnetzlösung Public Authori@es Network Implementa@on Proposal for a Governmental Network Solu@on
More informationThe challenges of the NIS directive from the viewpoint of the Vienna Hospital Association
The challenges of the NIS directive from the viewpoint of the Vienna Hospital Association page 1 Cybersecurity Strategy Essential Points The norms, principles and values that the City of Vienna and the
More informationCritical Information Infrastructure Protection Law
Critical Information Infrastructure Protection Law CCD COE Training 8 September 2009 Tallinn, Estonia Maeve Dion Center for Infrastructure Protection George Mason University School of Law Arlington, Virginia.
More informationCritical Infrastructure Protection (CIP) as example of a multi-stakeholder approach.
Critical Infrastructure Protection (CIP) as example of a multi-stakeholder approach. By Christopher Ganizani Banda ICT Development Manager Malawi Communications Regulatory Authority 24-26th July,2016 Khartoum,
More informationLESSONS LEARNED IN SMART GRID CYBER SECURITY
LESSONS LEARNED IN SMART GRID CYBER SECURITY Lynda McGhie CISSP, CISM, CGEIT Quanta Technology Executive Advisor Smart Grid Cyber Security and Critical Infrastructure Protection lmcghie@quanta-technology.com
More informationUNCLASSIFIED. National and Cyber Security Branch. Presentation for Gridseccon. Quebec City, October 18-21
National and Cyber Security Branch Presentation for Gridseccon Quebec City, October 18-21 1 Public Safety Canada Departmental Structure 2 National and Cyber Security Branch National and Cyber Security
More informationNATIONAL DEFENSE INDUSTRIAL ASSOCIATION Homeland Security Symposium
NATIONAL DEFENSE INDUSTRIAL ASSOCIATION Homeland Security Symposium Securing Cyber Space & America s Cyber Assets: Threats, Strategies & Opportunities September 10, 2009, Crystal Gateway Marriott, Arlington,
More informationIndustry role moving forward
Industry role moving forward Discussion with National Research Council, Workshop on the Resiliency of the Electric Power Delivery System in Response to Terrorism and Natural Disasters February 27-28, 2013
More informationRSA Solution Brief. Managing Risk Within Advanced Security Operations. RSA Solution Brief
RSA Solution Brief Managing Risk Within Advanced Security Operations RSA Solution Brief How do you advance your security operations function? Increasingly sophisticated security threats and the growing
More informationPanelists. Moderator: Dr. John H. Saunders, MITRE Corporation
SCADA/IOT Panel This panel will focus on innovative & emerging solutions and remaining challenges in the cybersecurity of industrial control systems ICS/SCADA. Representatives from government and infrastructure
More informationCybersecurity Auditing in an Unsecure World
About This Course Cybersecurity Auditing in an Unsecure World Course Description $5.4 million that s the average cost of a data breach to a U.S.-based company. It s no surprise, then, that cybersecurity
More informationRFD. for ICERT ( ) RESULTS-FRAMEWORK DOCUMENT. Department of Information Technology. Results-Framework Document (RFD) for CERT-In ( )
Results-Framework Document (RFD) for CERT-In (-) RFD RESULTS-FRAMEWORK DOCUMENT for ICERT Department of Information Technology (-) Page 1 of 13 Results-Framework Document (RFD) for CERT-In (-) SECTION
More informationEvaluating and Improving Cybersecurity Capabilities of the Electricity Critical Infrastructure
Evaluating and Improving Cybersecurity Capabilities of the Electricity Critical Infrastructure March 2015 Pamela Curtis Dr. Nader Mehravari Katie Stewart Cyber Risk and Resilience Management Team CERT
More informationTransportation Security Risk Assessment
Transportation Security Risk Assessment Presented to: Nuclear Waste Technical Review Board Presented by: Nancy Slater Thompson Office of National Transportation October 13, 2004 Salt Lake City, Utah Introduction
More informationISAO SO Product Outline
Draft Document Request For Comment ISAO SO 2016 v0.2 ISAO Standards Organization Dr. Greg White, Executive Director Rick Lipsey, Deputy Director May 2, 2016 Copyright 2016, ISAO SO (Information Sharing
More informationAccelerate Your Enterprise Private Cloud Initiative
Cisco Cloud Comprehensive, enterprise cloud enablement services help you realize a secure, agile, and highly automated infrastructure-as-a-service (IaaS) environment for cost-effective, rapid IT service
More informationEnhancing the security of CIIPs in Europe - ENISA s Approach Dimitra Liveri Network and Information Security Expert
Enhancing the security of CIIPs in Europe - ENISA s Approach Dimitra Liveri Network and Information Security Expert European Union Agency For Network And Information Security Securing Europe s Information
More informationEuropean Union Agency for Network and Information Security
Critical Information Infrastructure Protection in the EU Evangelos Ouzounis Head of Secure Infrastructure and Services Regional Cybersecurity Forum Sofia, Bulgaria 29 th November 2016 European Union Agency
More informationCertified Information Security Manager (CISM) Course Overview
Certified Information Security Manager (CISM) Course Overview This course teaches students about information security governance, information risk management, information security program development,
More informationIncentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO
White Paper Incentives for IoT Security May 2018 Author: Dr. Cédric LEVY-BENCHETON, CEO Table of Content Defining the IoT 5 Insecurity by design... 5 But why are IoT systems so vulnerable?... 5 Integrating
More informationSupply Chain Integrity and Security Assurance for ICT. Mats Nilsson
Supply Chain Integrity and Security Assurance for ICT Mats Nilsson The starting point 2 B Internet users 85% Population coverage 5+ B Mobile subscriptions 10 years of Daily upload E-Books surpassing Print
More informationGovernment-Industry Collaboration: 7 Steps for Resiliency in Critical Infrastructure Protection
Government-Industry Collaboration: 7 Steps for Resiliency in Critical Infrastructure Protection L. Laile Di Silvestro Senior Strategist Worldwide Public Sector Microsoft Government Industry Collaboration
More informationMaintaining Resiliency Within the Defense Industrial Base Through Preparedness Response and Recovery
Maintaining Resiliency Within the Defense Industrial Base Through Preparedness Response and Recovery Dave Komendat Chief Security Officer The Boeing Company What We Do Today Design, assemble and support
More informationBradford J. Willke. 19 September 2007
A Critical Information Infrastructure Protection Approach to Multinational Cyber Security Events Bradford J. Willke 19 September 2007 Overview A framework for national Critical Information Infrastructure
More informationRun the business. Not the risks.
Run the business. Not the risks. RISK-RESILIENCE FOR THE DIGITAL BUSINESS Cyber-attacks are a known risk to business. Today, with enterprises becoming pervasively digital, these risks have grown multifold.
More informationCybersecurity Risk Mitigation: Protect Your Member Data. Introduction
Cybersecurity Risk Mitigation: Protect Your Member Data Presented by Matt Mitchell, CISSP Knowledge Consulting Group Introduction Matt Mitchell- Director Risk Assurance 17 years information security experience
More informationThe NIST Cybersecurity Framework
The NIST Cybersecurity Framework U.S. German Standards Panel 2018 April 10, 2018 Adam.Sedgewick@nist.gov National Institute of Standards and Technology About NIST Agency of U.S. Department of Commerce
More informationNATIONAL CYBER SECURITY STRATEGY. - Version 2.0 -
NATIONAL CYBER SECURITY STRATEGY - Version 2.0 - CONTENTS SUMMARY... 3 1 INTRODUCTION... 4 2 GENERAL PRINCIPLES AND OBJECTIVES... 5 3 ACTION FRAMEWORK STRATEGIC OBJECTIVES... 6 3.1 Determining the stakeholders
More informationThe Australian Government s Approach to Critical Infrastructure Resilience
The Australian Government s Approach to Critical Infrastructure Resilience GNSS Workshop University of New South Wales 4 December 2013 Mr Kris Garred, Director Critical Infrastructure Policy Attorney-General
More informationNational Policy and Guiding Principles
National Policy and Guiding Principles National Policy, Principles, and Organization This section describes the national policy that shapes the National Strategy to Secure Cyberspace and the basic framework
More informationImplementing Executive Order and Presidential Policy Directive 21
March 26, 2013 Implementing Executive Order 13636 and Presidential Policy Directive 21 Mike Smith, Senior Cyber Policy Advisor, Office of Electricity Delivery and Energy Reliability, Department of Energy
More informationCYBER SECURITY AIR TRANSPORT IT SUMMIT
CYBER SECURITY AIR TRANSPORT IT SUMMIT SHARING GOOD PRACTICES VIVIEN EBERHARDT, SITA CYBER SECURITY CYBER SECURITY AIR TRANSPORT IT SUMMIT SHARING GOOD PRACTICES VIVIEN EBERHARDT, SITA CYBER SECURITY CYBER
More informationCOUNTERING IMPROVISED EXPLOSIVE DEVICES
COUNTERING IMPROVISED EXPLOSIVE DEVICES FEBRUARY 26, 2013 COUNTERING IMPROVISED EXPLOSIVE DEVICES Strengthening U.S. Policy Improvised explosive devices (IEDs) remain one of the most accessible weapons
More informationThe University of Queensland
UQ Cyber Security Strategy 2017-2020 NAME: UQ Cyber Security Strategy DATE: 21/07/2017 RELEASE:0.2 Final AUTHOR: OWNER: CLIENT: Marc Blum Chief Information Officer Strategic Information Technology Council
More informationOverview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013
Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 PPD-21: CI Security and Resilience On February 12, 2013, President Obama signed Presidential Policy Directive
More informationGDPR Update and ENISA guidelines
GDPR Update and ENISA guidelines 2016 [Type text] There are two topics that should be uppermost in every CISO's mind, how to address the growing demand for Unified Communications (UC) and how to ensure
More informationCybersecurity Presidential Policy Directive Frequently Asked Questions. kpmg.com
Cybersecurity Presidential Policy Directive Frequently Asked Questions kpmg.com Introduction On February 12, 2013, the White House released the official version of the Presidential Policy Directive regarding
More informationCCISO Blueprint v1. EC-Council
CCISO Blueprint v1 EC-Council Categories Topics Covered Weightage 1. Governance (Policy, Legal, & Compliance) & Risk Management 1.1 Define, implement, manage and maintain an information security governance
More informationCompTIA CASP (Advanced Security Practitioner)
CompTIA CASP (Advanced Security Practitioner) Course Length: 5 days (virtual) Click here to view the current class schedule! Overview: The CompTIA Advanced Security Practitioner (CASP) Certification is
More informationcybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services
Enhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services European Union Agency for Network and Information Security Securing Europe s Information society 2
More informationThe Center for Internet Security
The Center for Internet Security The CIS Security Metrics Service July 1 2008 Organizations struggle to make cost-effective security investment decisions; information security professionals lack widely
More informationUNCLASSIFIED. FY 2016 Base FY 2016 OCO
Exhibit R-2, RDT&E Budget Item Justification: PB 2016 Office of the Secretary Of Defense Date: February 2015 0400: Research, Development, Test & Evaluation, Defense-Wide / BA 2: COST ($ in Millions) Prior
More informationSpecial Action Plan on Countermeasures to Cyber-terrorism of Critical Infrastructure (Provisional Translation)
Special Action Plan on Countermeasures to Cyber-terrorism of Critical Infrastructure (Provisional Translation) December 15, 2000 1. Goals of the Special Action Plan The goal of this action plan is to protect
More informationMember of the County or municipal emergency management organization
EMERGENCY OPERATIONS PLAN SUUPPORT ANNEX B PRIVATE-SECTOR COORDINATION Coordinating Agency: Cooperating Agencies: Chatham Emergency Management Agency All Introduction Purpose This annex describes the policies,
More informationNational Cyber Incident Response - Architectural Concepts
CSIRT Contributions to National Cyber Incident Response: An Architectural Perspective with U.S. Examples Bradford J. Willke Team Lead, Information Security Assessment & Evaluation Survivable Enterprise
More informationCritical Infrastructure Resilience
Critical Infrastructure Resilience Climate Resilience Webinar Series U.S. Department of Housing and Urban Development Disclaimer This presentation is intended to provide communities and states with the
More informationUnderstanding Holistic Effects of Cyber Events on Critical Infrastructure
Understanding Holistic Effects of Cyber Events on Critical Infrastructure Shane Cherry Infrastructure Analysis and Technology Development National and Homeland Security Directorate March 20, 2018 INL/CON-17-42513
More informationThe SPARKS Project Motivation, Objectives and Results
The SPARKS Project Motivation, Objectives and Results Paul Smith paul.smith@ait.ac.at AIT Austrian Institute of Technology SEGRID Project Workshop 14 th November, 2016, Barcelona, Spain The SPARKS Project
More informationAmerican Association of Port Authorities Port Security Seminar & Expo Cyber Security Preparedness and Resiliency in the Marine Environment
American Association of Port Authorities Port Security Seminar & Expo Cyber Security Preparedness and Resiliency in the Marine Environment July 20, 2017 DECIDEPLATFORM.COM The new Reality of Cyber Security
More informationDiscussion on MS contribution to the WP2018
Discussion on MS contribution to the WP2018, 30 January 2018 European Union Agency for Network and Information Security Possibilities for MS contribution to the WP2018 Expert Groups ENISA coordinates several
More informationNATIONAL GUIDELINES ON CLOUD COMPUTING FOR GOVERNMENT, MINISTRIES, DEPARTMENTS AND AGENCIES
NATIONAL GUIDELINES ON CLOUD COMPUTING FOR GOVERNMENT, MINISTRIES, DEPARTMENTS AND AGENCIES DOCUMENT DETAIL Security Classification Unclassified Authority National Information Technology Authority - Uganda
More informationEmergency Support Function #2 Communications Annex INTRODUCTION. Purpose. Scope. ESF Coordinator: Support Agencies: Primary Agencies:
ESF Coordinator: Homeland Security/National Protection and Programs/Cybersecurity and Communications Primary Agencies: Homeland Security/National Protection and Programs/Cybersecurity and Communications
More informationInnovation policy for Industry 4.0
Innovation policy for Industry 4.0 Remarks from Giorgio Mosca Chair of Cybersecurity Steering Committee Confindustria Digitale Director Strategy & Technologies - Security & IS Division, Leonardo Agenda
More informationFinal Project Report. Abstract. Document information
Final Project Report Document information Project Title ATM Security Coordination and Support Project Number 16.06.02 Project Manager EUROCONTROL Deliverable Name Final Project Report Deliverable ID D100
More informationCyber Espionage A proactive approach to cyber security
Cyber Espionage A proactive approach to cyber security #DeloitteRA To mitigate the risks of advanced cyber threats, organisations should enhance their capabilities to proactively gather intelligence and
More informationEmergency Management Response and Recovery. Mark Merritt, President September 2011
Emergency Management Response and Recovery Mark Merritt, President September 2011 Evolution of Response and Recovery Emergency Management Pendulum Hurricane Andrew August 24, 1992 9/11 Terrorist Attacks
More informationMapping Your Requirements to the NIST Cybersecurity Framework. Industry Perspective
Mapping Your Requirements to the NIST Cybersecurity Framework Industry Perspective 1 Quest has the solutions and services to help your organization identify, protect, detect, respond and recover, better
More informationSmart Grid Security: Current and Future Issues
Smart Grid Security: Current and Future Issues ISGT 2014 - Panel on Smart Grid Security February 21 st 2014, Washington DC, USA Florian Skopik Senior Project Manager, ICT Security Safety & Security Department
More informationSTRENGTHENING THE CYBERSECURITY OF FEDERAL NETWORKS AND CRITICAL INFRASTRUCTURE
STRENGTHENING THE CYBERSECURITY OF FEDERAL NETWORKS AND CRITICAL INFRASTRUCTURE By the authority vested in me as President by the Constitution and the laws of the United States of America, it is hereby
More informationENISA S WORK ON ICS AND SMART GRID SECURITY
AMSTERDAM, OCTOBER 15, 2012 ENISA S WORK ON ICS AND SMART GRID SECURITY Dr. Evangelos OUZOUNIS Head of CIIP & Resilience Unit ENISA 1 Why is it important? Industrial networks is the CI for the SCADA and
More informationProvisional Translation
Provisional Translation Environmental Change Vision to aim as a Goal Merger and Integration of Cyberspace and Real-space [expansion/penetration, progress of the use/application, global] Increasing Serious
More informationTSC Business Continuity & Disaster Recovery Session
TSC Business Continuity & Disaster Recovery Session Mohamed Ashmawy Infrastructure Consulting Pursuit Hewlett-Packard Enterprise Saudi Arabia Mohamed.ashmawy@hpe.com Session Objectives and Outcomes Objectives
More informationGujarat Forensic Sciences University
Gujarat Forensic Sciences University Knowledge Wisdom Fulfilment Cyber Security Consulting Services Secure Software Engineering Infrastructure Security Digital Forensics SDLC Assurance Review & Threat
More informationBrussels, 19 May 2011 COUNCIL THE EUROPEAN UNION 10299/11 TELECOM 71 DATAPROTECT 55 JAI 332 PROCIV 66. NOTE From : COREPER
COUNCIL OF THE EUROPEAN UNION Brussels, 19 May 2011 10299/11 TELECOM 71 DATAPROTECT 55 JAI 332 PROCIV 66 NOTE From : COREPER To: COUNCIL No Cion. prop.: 8548/11 TELECOM 40 DATAPROTECT 27 JAI 213 PROCIV38
More informationBachelor of Information Technology (Network Security)
Course information for Bachelor of Information Technology (Network Security) Course Number HE20524 Location Meadowbank Course Design The Bachelor of Information Technology (Network Security) is a three-year
More informationInformation Security and Cyber Security
Information Security and Cyber Security Policy NEC recognizes that it is our duty to protect the information assets entrusted to us by our customers and business partners as well as our own information
More informationProtecting Critical Energy Infrastructure International Multistakeholder Conference, Training & Exhibition
VIENNA CYBER SECURITY WEEK 2018 Protecting Critical Energy Infrastructure International Multistakeholder Conference, Training & Exhibition SECURITY & DIPLOMACY 29-30 January 15A Favoritenstraße, 1040 Taubstummengasse
More informationEU Security research in support to Critical Infrastructure Protection
EU Security research in support to Critical Infrastructure Protection Christoph Castex European Commission DG Migration and Home Affairs Directorate B: Migration and Mobility unit B4: Innovation and industry
More informationEPRI Research Overview IT/Security Focus. Power Delivery & Energy Utilization Sector From Generator Bus Bar to End Use
EPRI Research Overview IT/Security Focus November 29, 2012 Mark McGranaghan VP, Power Delivery and Utilization Power Delivery & Energy Utilization Sector From Generator Bus Bar to End Use Transmission
More informationIncident Response Services
Services Enhanced with Supervised Machine Learning and Human Intelligence Empowering clients to stay one step ahead of the adversary. Secureworks helps clients enable intelligent actions to outsmart and
More informationCYBERBIT P r o t e c t i n g a n e w D i m e n s i o n
CYBERBIT P r o t e c t i n g a n e w D i m e n s i o n CYBETBIT in a Nutshell A leader in the development and integration of Cyber Security Solutions A main provider of Cyber Security solutions for the
More informationCyber Security For Utilities Risks, Trends & Standards. IEEE Toronto March 22, Doug Westlund Senior VP, AESI Inc.
Cyber Security For Utilities Risks, Trends & Standards IEEE Toronto March 22, 2017 Doug Westlund Senior VP, AESI Inc. Agenda Cyber Security Risks for Utilities Trends & Recent Incidents in the Utility
More informationCYBER FRAUD & DATA BREACHES 16 CPE s May 16-17, 2018
CYBER FRAUD & DATA BREACHES 16 CPE s May 16-17, 2018 Cyber fraud attacks happen; they can t all be stopped. The higher order question must be how can we, as fraud examiners and assurance professionals,
More informationMedical Device Vulnerability Management
Medical Device Vulnerability Management MDISS / NH-ISAC Process Draft Dale Nordenberg, MD June 2015 Market-based public health: collaborative acceleration Objectives Define a trusted and repeatable process
More informationDefining Computer Security Incident Response Teams
Defining Computer Security Incident Response Teams Robin Ruefle January 2007 ABSTRACT: A computer security incident response team (CSIRT) is a concrete organizational entity (i.e., one or more staff) that
More informationCritical Infrastructure
Critical Infrastructure 1 Critical Infrastructure Can be defined as any facility, system, or function which provides the foundation for national security, governance, economic vitality, reputation, and
More informationThe Office of Infrastructure Protection
The Office of Infrastructure Protection National Protection and Programs Directorate Department of Homeland Security Organisation for the Prohibition of Chemical Weapons September 13, 2011 Overall Landscape
More informationCritical Information Infrastructure Protection. Role of CIRTs and Cooperation at National Level
Critical Information Infrastructure Protection Role of CIRTs and Cooperation at National Level 1 Global Cybersecurity Agenda (GCA) GCA is designed for cooperation and efficiency, encouraging collaboration
More informationNIS Standardisation ENISA view
NIS Standardisation ENISA view Dr. Steve Purser Brussels, 19 th September 2017 European Union Agency for Network and Information Security Instruments For Improving Cybersecurity Policy makers have a number
More informationCyber Security Strategy
Cyber Security Strategy Committee for Home Affairs Introduction Cyber security describes the technology, processes and safeguards that are used to protect our networks, computers, programs and data from
More informationCybersecurity governance in Europe. Sokratis K. Katsikas Systems Security Laboratory Dept. of Digital Systems University of Piraeus
Cybersecurity governance in Europe Sokratis K. Katsikas Systems Security Laboratory Dept. of Digital Systems University of Piraeus ska@unipi.gr Elements of a national cybersecurity strategy Set the vision,
More informationHeavy Vehicle Cyber Security Bulletin
Heavy Vehicle Cyber Security Update National Motor Freight Traffic Association, Inc. 1001 North Fairfax Street, Suite 600 Alexandria, VA 22314 (703) 838-1810 Heavy Vehicle Cyber Security Bulletin Bulletin
More informationDr. Emadeldin Helmy Cyber Risk & Resilience Bus. Continuity Exec. Director, NTRA. The African Internet Governance Forum - AfIGF Dec 2017, Egypt
Dr. Emadeldin Helmy Cyber Risk & Resilience Bus. Continuity Exec. Director, NTRA The African Internet Governance Forum - AfIGF2017 5 Dec 2017, Egypt Agenda Why? Threats Traditional security? What to secure?
More informationSystemic Analyser in Network Threats
Systemic Analyser in Network Threats www.project-saint.eu @saintprojecteu #saintprojecteu John M.A. Bothos jbothos@iit.demokritos.gr Integrated System Laboratory Institute of Informatics & Telecommunication
More informationCanada Highlights. Cybersecurity: Do you know which protective measures will make your company cyber resilient?
Canada Highlights Cybersecurity: Do you know which protective measures will make your company cyber resilient? 21 st Global Information Security Survey 2018 2019 1 Canada highlights According to the EY
More informationAIIC Associazione Italiana esperti Infrastrutture Critiche AIIC (1)
AIIC Associazione Italiana esperti Infrastrutture Critiche AIIC (1) AIIC Associazione Italiana esperti Infrastrutture Critiche Non-governmental and non-profit scientific association legally registered
More informationService. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution
Service SM Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution Product Protecting sensitive data is critical to being
More informationHow can the Future Internet
How can the Future Internet enable Smart Energy? Presented by Werner Mohr (Coordinator), Nokia Siemens Networks on behalf of the FINSENY project Smart Energy enabled by Future Internet Workshop FINSENY
More informationGeneral Framework for Secure IoT Systems
General Framework for Secure IoT Systems National center of Incident readiness and Strategy for Cybersecurity (NISC) Government of Japan August 26, 2016 1. General Framework Objective Internet of Things
More information