& protecting the UK s Critical National Infrastructure (CNI)
|
|
- Clifton Fisher
- 5 years ago
- Views:
Transcription
1 New Threats: Cyber-terrorism Crown Copyright & protecting the UK s Critical National Infrastructure (CNI) 2nd ARF Seminar on Cyber Terrorism, Cebu City, Philippines 3 October, 2005 John Crow Head e-investigations e & Threat Assessment
2 Overview: 1 Sep 2005 MI5 chief reveals terror threat Al Qaida represents the first truly global terrorist threat: Sophisticated, geographically widespread, covert & particularly resilient Little prospect of significant reduction in the Islamist terrorist threat to the UK over next 5 years Current phase characterised by indiscriminate attacks inflicting mass civilian casualties Range of attacks from CBR to violent incidents From: Info on current threats at Crown Copyright Director-General Dame Eliza Manningham-Buller Defeating the threat will be a long haul; root causes fed by complex series of intractable issues Radical ideology appeals to broad coalition of Islamist groups Members blend into society by living normal, routine lives until called upon for specific tasks
3 Electronic attack (ea) : What is it? Our current definition The use of computers to gain unauthorised access to the data or control software of computer-based systems in order to acquire or corrupt data or disrupt the functioning of systems. January Crown Copyright
4 Electronic attack (ea) : What is it? There are two types Untargeted attacks: Indiscriminate attacks affecting availability & many targets Examples: Worms, viruses Profile: High Impact: Short term high Targeted attacks: These focus on a particular target address Examples: Hacking attacks, Trojan attacks Profile: Generally low Impact: Can be high & long term Crown Copyright
5 Outlook 2010: ea Crown Copyright capabilities of terrorists 2005 Greater awareness of use of IT & Net Some IT literate individuals; increased general e-skills Physical attack favoured option; no certainty when or if ea may become weapon Targeting of CNI for possible attacks Some individuals with possible exploitable access 2010 Increased use of IT & Net for comms, propaganda Greater general e-skills Battle-hardened fighters post Iraq now in own countries? Networks still active in EU; UK remains prime target? Targeting of CNI ongoing? Physical attacks still favoured & telegenic option to cause fear & destruction? ea option remains could be deployed opportunistically or against difficult targets?
6 So what can we do to protect the UK s Critical National Infrastructures (CNI)? Crown Copyright
7 UK Critical Infrastructures CNI: Those parts of the UK s Infrastructure for which continuity is so important to national life that loss, significant interruption, or degradation of service would have life-threatening, serious economic or other grave social consequences for the community, or any substantial portion of the community, or would otherwise be of immediate concern to the Government Crown Copyright
8 UK Critical Infrastructures Ten CNI sectors 1. Communications 2. Emergency Services CNI: Those parts of the UK s 3. Energy Infrastructure for which continuity is so important to national life that 4. Finance loss, significant interruption, or 5. Food degradation of service would have life-threatening, serious economic 6. Government or other grave social consequences for the community, or any 7. Hazards substantial & portion Public of the Safety community, or would otherwise be 8. Health of immediate concern to the 9. Transport 10. Water Government Crown Copyright
9 What is NISCC? NISCC s aim is to minimise the risk to the Critical National Infrastructure (CNI) from electronic attack (ea). NISCC is an inter-departmental centre which co-ordinates activity on support of this aim across a range of organisations. Each of these contributes resources and expertise to NISCC s programme of work according to its own remit, its own priorities, in relation to the challenge in hand, and depending on what value it can add Crown Copyright
10 National Infrastructure Security Co-ordination ordination Centre (NISCC) In order to take this forward, I have established an inter-departmental centre, the National Infrastructure Security Coordination Centre, to act as a point of contact for those involved in this work in both government and the private sector. The Home Secretary, 20 December, Crown Copyright
11 National Infrastructure Security Co-ordination ordination Centre (NISCC) NISCC OUTREACH & ASSURANCE CNI Assurance Programme Information Sharing Initiatives Communication & Conferences INVESTIGATIONS ea Threat Assessment ea Investigations RESPONSE Incident Alerts & Briefings ea Response Group UNIRAS (gov/cni) CERT R&D Protocol vulnerabilities research Home Office, Security Service, CESG, Cabinet Office/CCS, DTI, MoD, CSIA, DSTL, NHTCU, NHTCUS Crown Copyright
12 Information Sharing Bodies CERTs (a.k.a. CSIRTs) Computer Emergency Response Teams ISACs Information Sharing & Analysis Centres IEs Information Exchanges Now 8 trusted groups in CNI sectors WARPs Warning, Advice & Reporting Points Crown Copyright
13 Response: UNIRAS ea incident reporting CERT dialogue Alerts, Briefings Technical Notes Vulnerability Notices Crown Copyright UNIRAS HMG s CERT Advice Helpdesk (020) uniras@niscc.gov.uk Response
14 Information Sharing: Internationally Started as G8 directory Getting bigger extended to many other countries Further scope for other countries Some countries here are represented Crown Copyright
15 ITsafe: : Reaching the wider CNI Crown Copyright ITsafe (ITsecurity awareness for everyone) launched 23 Feb 2005 Customers are public & micro-businesses to help them improve IT security Provides plain English advice on how to protect computers, mobile phones etc against malicious attack All ITsafe services are available through the ITsafe website Users can also sign up for ITsafe publications, either via or SMS messaging Publications include: Alerts, Bulletins, ITsafe News
16 UK e-legislatione Computer Misuse Act 1990 Makes unauthorized access or modification of a computer an offence RIP Act 2000 regulates investigatory powers: 1. Interception of Communications 2. Intrusive Investigative Techniques 3. Access to Encrypted Data Terrorism Act 2000 Makes seriously to interfere with or seriously to disrupt an electronic system a terrorism offence Crown Copyright
17 17 October 2003 Teenager cleared of hacking Aaron Caffrey, 19, has been cleared by a jury of trying to crash IT systems at the port of Houston in Texas in September 2001 He had faced one charge under the UK s Computer Misuse Act He insisted he was a victim of a criminal act rather than a criminal himself He claimed an unidentified third party had planted the instructions for the attack script on his website without his knowledge The attack froze the port's web service, which contained vital data for shipping, mooring companies and support firms responsible for helping ships navigate in and out of the harbour Crown Copyright The Trojan Defence!
18 Information sources NISCC Monthly Bulletin of significant e-attacks NISCC Quarterly Review has broader articles on CIP issues NISCC Briefings address topics of current concern NISCC Technical Notes & NISCC Vulnerability Advisory Notices provide detailed advice UNIRAS Alerts highlight vulnerabilities to be fixed now! UNIRAS Briefings inform on emerging technical issues Details at or or Crown Copyright
19 That s all Any questions Crown Copyright John Crow Head e-investigations e & Threat Assessment +44 (870) johnc@niscc.gov.uk
UNCLASSIFIED. National and Cyber Security Branch. Presentation for Gridseccon. Quebec City, October 18-21
National and Cyber Security Branch Presentation for Gridseccon Quebec City, October 18-21 1 Public Safety Canada Departmental Structure 2 National and Cyber Security Branch National and Cyber Security
More informationCritical Infrastructure
Critical Infrastructure 1 Critical Infrastructure Can be defined as any facility, system, or function which provides the foundation for national security, governance, economic vitality, reputation, and
More informationThe UK s National Cyber Security Strategy
The UK s National Cyber Security Strategy 2016 2021 Vision for 2021: The UK is secure and resilient to cyber threats, prosperous and confident in the digital world 1 National Cyber Security Strategy 2016
More information2 nd ARF Seminar on Cyber Terrorism PAKISTAN S PERSPECTIVE AND EXPERIENCE WITH REFERENCE TO CERT IN COMBATING CYBER TERRORISM
2 nd ARF Seminar on Cyber Terrorism PAKISTAN S PERSPECTIVE AND EXPERIENCE WITH REFERENCE TO CERT IN COMBATING CYBER TERRORISM Recap of 1 st ARF Jeju (South Korea) Cyber Terrorism recently been brought
More informationControl Systems Cyber Security Awareness
Control Systems Cyber Security Awareness US-CERT Informational Focus Paper July 7, 2005 Produced by: I. Purpose Focus Paper Control Systems Cyber Security Awareness The Department of Homeland Security
More informationBradford J. Willke. 19 September 2007
A Critical Information Infrastructure Protection Approach to Multinational Cyber Security Events Bradford J. Willke 19 September 2007 Overview A framework for national Critical Information Infrastructure
More informationSpecial Action Plan on Countermeasures to Cyber-terrorism of Critical Infrastructure (Provisional Translation)
Special Action Plan on Countermeasures to Cyber-terrorism of Critical Infrastructure (Provisional Translation) December 15, 2000 1. Goals of the Special Action Plan The goal of this action plan is to protect
More informationPanel 1 National CSIRT Experience
Panel 1 National CSIRT Experience 2 nd Meeting of Government Cybersecurity Practitioners Sao Paulo, Brazil September 14-16, 2005 Andrew McAllister Senior Advisor, Cyber Security Public Safety and Emergency
More informationCritical Information Infrastructure Protection Law
Critical Information Infrastructure Protection Law CCD COE Training 8 September 2009 Tallinn, Estonia Maeve Dion Center for Infrastructure Protection George Mason University School of Law Arlington, Virginia.
More informationOutreach and Partnerships for Promoting and Facilitating Private Sector Emergency Preparedness
2011/EPWG/WKSP/020 Session 4 Outreach and Partnerships for Promoting and Facilitating Private Sector Emergency Preparedness Submitted by: Australia Workshop on Private Sector Emergency Preparedness Sendai,
More informationCSIRT in general CSIRT Service Categories Reactive Services Proactive services Security Quality Management Services CSIRT. Brmlab, hackerspace Prague
Brmlab, hackerspace Prague Lightning talks, November 2016 in general in general WTF is an? in general WTF is an? Computer Security in general WTF is an? Computer Security Incident Response in general WTF
More informationSecuring strategic advantage
Securing strategic advantage Protecting industrial control systems Cyber Supplier to UK Government Plan Design Enable In delivering our vision to be the best infrastructure company in the world, we pride
More informationChapter X Security Performance Metrics
Chapter X Security Performance Metrics Page 1 of 9 Chapter X Security Performance Metrics Background For the past two years, the State of Reliability report has included a chapter for security performance
More informationThailand Initiatives and Challenges in Cyber Terrorism
Thailand Initiatives and Challenges in Cyber Terrorism Agenda Cyber-Terrorism weapons & tactics MICT Cyber Inspector Group IT Laws Development Challenges Cyber-Terrorism weapons & tactics What is Cyber-Terrorism?
More informationChapter X Security Performance Metrics
Chapter X Security Performance Metrics Page 1 of 10 Chapter X Security Performance Metrics Background For many years now, NERC and the electricity industry have taken actions to address cyber and physical
More informationDHS Cybersecurity: Services for State and Local Officials. February 2017
DHS Cybersecurity: Services for State and Local Officials February 2017 Department of Established in March of 2003 and combined 22 different Federal departments and agencies into a unified, integrated
More informationRegional Workshop on Frameworks for Cybersecurity and CIIP Feb 2008 Doha, Qatar
Regional Workshop on Frameworks for Cybersecurity and CIIP 18 21 Feb 2008 Doha, Qatar A National Cybersecurity Strategy aecert Roadmap Eng. Fatma Bazargan aecert Project Manager Technical Affairs Department
More informationBackground. Threats. Present Status. Challenges and Strategies 9/30/2009 TRAI 2
9/30/2009 TRAI 1 Background Threats Present Status Challenges and Strategies 9/30/2009 TRAI 2 Critical infrastructure means the computers, computer systems, and/or networks, whether physical or virtual,
More informationCYBER RESILIENCE & INCIDENT RESPONSE
CYBER RESILIENCE & INCIDENT RESPONSE www.nccgroup.trust Introduction The threat landscape has changed dramatically over the last decade. Once the biggest threats came from opportunist attacks and preventable
More informationCritical Infrastructure Protection & Resilience Europe / Asia. Conference Discussion Reviews
Critical Infrastructure Protection & Resilience Europe / Asia Conference Discussion Reviews Torch Marketing / KNM Media Delivering strategic routes to critical markets Why Critical Infrastructure Protection
More informationDHS Cybersecurity. Election Infrastructure as Critical Infrastructure. June 2017
DHS Cybersecurity Election Infrastructure as Critical Infrastructure June 2017 Department of Homeland Security Safeguard the American People, Our Homeland, and Our Values Homeland Security Missions 1.
More informationDigital Health Cyber Security Centre
Digital Health Cyber Security Centre Current challenges Ransomware According to the ACSC Threat Report 2017, cybercrime is a prevalent threat for Australia. Distributed Denial of Service (DDoS) Targeting
More informationCritical Information Infrastructure Protection. Role of CIRTs and Cooperation at National Level
Critical Information Infrastructure Protection Role of CIRTs and Cooperation at National Level 1 Global Cybersecurity Agenda (GCA) GCA is designed for cooperation and efficiency, encouraging collaboration
More informationCyber Security Strategy
Cyber Security Strategy Committee for Home Affairs Introduction Cyber security describes the technology, processes and safeguards that are used to protect our networks, computers, programs and data from
More informationNew Zealand National Cyber Security Centre Incident Summary
New Zealand National Cyber Security Centre 2013 Incident Summary National Cyber Security Centre 2013 Incident Summary Foreword The incidents summarised in this report reinforce that cyber security is truly
More informationCyber Security Experts Association of Nigeria (CSEAN) CYBER SECURE NIGERIA 2016 Conference
Cyber Security Experts Association of Nigeria (CSEAN) CYBER SECURE NIGERIA 2016 Conference Threat of Cyber- Terrorism to Critical Infrastructures Presented by Iyke Ezeugo Cyber-warfare Strategist Definitions
More informationNational Policy and Guiding Principles
National Policy and Guiding Principles National Policy, Principles, and Organization This section describes the national policy that shapes the National Strategy to Secure Cyberspace and the basic framework
More informationFSOR. Cyber security in the financial sector VISION 2020 FINANCIAL SECTOR FORUM FOR OPERATIONAL RESILIENCE
FSOR FINANCIAL SECTOR FORUM FOR OPERATIONAL RESILIENCE DECEMBER 2016 Cyber security in the financial sector VISION 2020 The Danish financial sector should be best in class in Europe when it comes to countering
More informationGovernment-Industry Collaboration: 7 Steps for Resiliency in Critical Infrastructure Protection
Government-Industry Collaboration: 7 Steps for Resiliency in Critical Infrastructure Protection L. Laile Di Silvestro Senior Strategist Worldwide Public Sector Microsoft Government Industry Collaboration
More informationThe Republic of Korea. economic and social benefits. However, on account of its open, anonymous and borderless
The Republic of Korea Executive Summary Today, cyberspace is a new horizon with endless possibilities, offering unprecedented economic and social benefits. However, on account of its open, anonymous and
More informationCYBER INCIDENT REPORTING GUIDANCE. Industry Reporting Arrangements for Incident Response
CYBER INCIDENT REPORTING GUIDANCE Industry Reporting Arrangements for Incident Response DfT Cyber Security Team CYBER@DFT.GSI.GOV.UK Introduction The Department for Transport (DfT) has produced this cyber
More informationCyber Security Technologies
1 / Cyber Security Technologies International Seminar on Cyber Security: An Action to Establish the National Cyber Security Center Lisbon, 12 th September 2013 23 / Key highlights - Thales Group Thales
More informationThe Australian Government s Approach to Critical Infrastructure Resilience
The Australian Government s Approach to Critical Infrastructure Resilience GNSS Workshop University of New South Wales 4 December 2013 Mr Kris Garred, Director Critical Infrastructure Policy Attorney-General
More informationRobert Hayes Senior Director Microsoft Global Cyber Security & Data Protection Group
Robert Hayes Senior Director Microsoft Global Cyber Security & Data Protection Group Presentation Objectives Introductions Cyber security context Cyber security in the maritime sector Developing cybersecurity
More informationBrussels, 19 May 2011 COUNCIL THE EUROPEAN UNION 10299/11 TELECOM 71 DATAPROTECT 55 JAI 332 PROCIV 66. NOTE From : COREPER
COUNCIL OF THE EUROPEAN UNION Brussels, 19 May 2011 10299/11 TELECOM 71 DATAPROTECT 55 JAI 332 PROCIV 66 NOTE From : COREPER To: COUNCIL No Cion. prop.: 8548/11 TELECOM 40 DATAPROTECT 27 JAI 213 PROCIV38
More informationLegislative Framework
Legislative Framework forcip in Austria Sylvia Mayer Federal Agency for State Protection and Counter Terrorism Damage of 21 transmission masts Development in Europe andaustria EU, 2005: EPCIP(European
More informationPD 7: Homeland Security Presidential Directive 7: Critical Infrastructure Identification, Prioritization, and Protection
PD 7: Homeland Security Presidential Directive 7: Critical Infrastructure Identification, Prioritization, and Protection December 17, 2003 SUBJECT: Critical Infrastructure Identification, Prioritization,
More informationCybersecurity and Commercial Aviation
Cybersecurity and Commercial Aviation Pascal ANDREI Chief Security Officer Airbus Group Jim Vasatka Director, Aviation Security Boeing Commercial Airplanes Agenda Aviation Cybersecurity External Drivers
More informationBUSINESS LECTURE TWO. Dr Henry Pearson. Cyber Security and Privacy - Threats and Opportunities.
BUSINESS LECTURE TWO Dr Henry Pearson Cyber Security and Privacy - Threats and Opportunities. Introduction Henry started his talk by confessing that he was definitely not a marketer, as he had been occupied
More informationCOUNTERING IMPROVISED EXPLOSIVE DEVICES
COUNTERING IMPROVISED EXPLOSIVE DEVICES FEBRUARY 26, 2013 COUNTERING IMPROVISED EXPLOSIVE DEVICES Strengthening U.S. Policy Improvised explosive devices (IEDs) remain one of the most accessible weapons
More informationIndustrial Control System Cyber Security
Industrial Control System Cyber Security Disaster Recovery Information Exchange Bruce Tyson June 28, 2017 Lunch and Learn Introduction Bruce Tyson is a certified engineering technologist (CET Telecommunications
More informationCyber Security Issues and Responses. Andrew Rogoyski Head of Cyber Security Services CGI UK
Cyber Security Issues and Responses Andrew Rogoyski Head of Cyber Security Services CGI UK andrew.rogoyski@cgi.com CGI in cyber security Credentials Clients We have over 35 years of experience working
More informationFINNISH APPROACH TO CRITICAL INFRASTRUCTURE PROTECTION
FINNISH APPROACH TO CRITICAL INFRASTRUCTURE PROTECTION Katri Liekkilä, M.M.Sc., M.Sc. (Econ) Special Adviser IMPROVER Operators workshop, Lisbon 2018 NATIONAL DOCUMENTS RELATED TO CIP SECURITY STRATEGY
More informationCybersecurity governance in Europe. Sokratis K. Katsikas Systems Security Laboratory Dept. of Digital Systems University of Piraeus
Cybersecurity governance in Europe Sokratis K. Katsikas Systems Security Laboratory Dept. of Digital Systems University of Piraeus ska@unipi.gr Elements of a national cybersecurity strategy Set the vision,
More informationStatement for the Record
Statement for the Record of Seán P. McGurk Director, Control Systems Security Program National Cyber Security Division National Protection and Programs Directorate Department of Homeland Security Before
More informationCritical Infrastructure Protection (CIP) as example of a multi-stakeholder approach.
Critical Infrastructure Protection (CIP) as example of a multi-stakeholder approach. By Christopher Ganizani Banda ICT Development Manager Malawi Communications Regulatory Authority 24-26th July,2016 Khartoum,
More informationCOUNTER-TERRORISM. Future-oriented policing projects
COUNTER-TERRORISM Future-oriented policing projects In keeping with its consistent support of international organisations to strengthen the global community, the United Arab Emirates through the Interpol
More informationProtecting information across government
Report by the Comptroller and Auditor General Cabinet Office Protecting information across government HC 625 SESSION 2016-17 14 SEPTEMBER 2016 4 Key facts Protecting information across government Key facts
More informationEU policy on Network and Information Security & Critical Information Infrastructures Protection
EU policy on Network and Information Security & Critical Information Infrastructures Protection Köln, 10 March 2011 Valérie ANDRIANAVALY European Commission Directorate General Information Society and
More informationRegulating Cyber: the UK s plans for the NIS Directive
Regulating Cyber: the UK s plans for the NIS Directive September 2017 If you are a digital service provider or operate an essential service then new security and breach notification obligations may soon
More informationENISA s Position on the NIS Directive
ENISA s Position on the NIS Directive 1 Introduction This note briefly summarises ENISA s position on the NIS Directive. It provides the background to the Directive, explains its significance, provides
More informationUnit 3 Cyber security
2016 Suite Cambridge TECHNICALS LEVEL 3 IT Unit 3 Cyber security Y/507/5001 Guided learning hours: 60 Version 3 - revised September 2016 ocr.org.uk/it LEVEL 3 UNIT 3: Cyber security Y/507/5001 Guided learning
More informationMedical Device Vulnerability Management
Medical Device Vulnerability Management MDISS / NH-ISAC Process Draft Dale Nordenberg, MD June 2015 Market-based public health: collaborative acceleration Objectives Define a trusted and repeatable process
More informationA practical guide to IT security
Data protection A practical guide to IT security Ideal for the small business The Data Protection Act states that appropriate technical and organisational measures shall be taken against unauthorised or
More informationAbout Issues in Building the National Strategy for Cybersecurity in Vietnam
Vietnam Computer Emergency Response Team - VNCERT About Issues in Building the National Strategy for Cybersecurity in Vietnam Vu Quoc Khanh Director General Outline Internet abundance Security situation
More informationcybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services
Enhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services European Union Agency for Network and Information Security Securing Europe s Information society 2
More informationBad Idea: Creating a U.S. Department of Cybersecurity
December 2018 Bad Idea: Creating a U.S. Department of Cybersecurity Suzanne Spaulding and Mieke Eoyang A lack of cybersecurity can have serious consequences the theft of money or data, an interruption
More informationDr. Emadeldin Helmy Cyber Risk & Resilience Bus. Continuity Exec. Director, NTRA. The African Internet Governance Forum - AfIGF Dec 2017, Egypt
Dr. Emadeldin Helmy Cyber Risk & Resilience Bus. Continuity Exec. Director, NTRA The African Internet Governance Forum - AfIGF2017 5 Dec 2017, Egypt Agenda Why? Threats Traditional security? What to secure?
More informationNATIONAL CYBER SECURITY STRATEGY. - Version 2.0 -
NATIONAL CYBER SECURITY STRATEGY - Version 2.0 - CONTENTS SUMMARY... 3 1 INTRODUCTION... 4 2 GENERAL PRINCIPLES AND OBJECTIVES... 5 3 ACTION FRAMEWORK STRATEGIC OBJECTIVES... 6 3.1 Determining the stakeholders
More informationAgenda. About TRL. What is the issue? Security Analysis. Consequences of a Cyber attack. Concluding remarks. Page 2
Security Insert the Vulnerabilities title of your of the presentation Connected here Car Presented Presented by by Peter Name Vermaat Here Principal Job Title ITS - Date Consultant 24/06/2015 Agenda 1
More informationPosition Description. Computer Network Defence (CND) Analyst. GCSB mission and values. Our mission. Our values UNCLASSIFIED
Position Description Computer Network Defence (CND) Analyst Position purpose: Directorate overview: The CND Analyst seeks to discover, analyse and report on sophisticated computer network exploitation
More informationFinal Draft/Pre-Decisional/Do Not Cite. Forging a Common Understanding for Critical Infrastructure. Shared Narrative
Final Draft/Pre-Decisional/Do Not Cite Forging a Common Understanding for Critical Infrastructure Shared Narrative March 2014 1 Forging a Common Understanding for Critical Infrastructure The following
More informationTHE CYBER SECURITY ENVIRONMENT IN LITHUANIA
Executive summary of the public audit report THE CYBER SECURITY ENVIRONMENT IN LITHUANIA 9 December 2015, No. VA-P-90-4-16 Full audit report in Lithuanian is available on the website of the National Audit
More informationMANAGEMENT OF INFORMATION SECURITY INCIDENTS
MANAGEMENT OF INFORMATION SECURITY INCIDENTS PhD. Eng Daniel COSTIN Polytechnic University of Bucharest ABSTRACT Reporting information security events. Reporting information security weaknesses. Responsible
More informationRepublic of Indonesia. ARF Defense Officials Dialogue Seoul, April 2009
Republic of Indonesia ARF Defense Officials Dialogue Seoul, 19-20 April 2009 THE GROWTH OF INFORMATION TECHNOLOGY AS WELL AS INTERNET HAS BROUGHT US BOTH POSITIVE AND NEGATIVE IMPACT. ONE OF THE NEGATIVE
More informationEnergy Assurance Energy Assurance and Interdependency Workshop Fairmont Hotel, Washington D.C. December 2 3, 2013
+ Energy Assurance Energy Assurance and Interdependency Workshop Fairmont Hotel, Washington D.C. December 2 3, 2013 Jeffrey R. Pillon, Director, Energy Assurance Programs National Association of State
More informationStrengthening the Cybersecurity of Federal Networks and Critical Infrastructure
Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure Executive Order 13800 Update July 2017 In Brief On May 11, 2017, President Trump issued Executive Order 13800, Strengthening
More informationDepartment of Homeland Security Updates
American Association of State Highway and Transportation Officials Special Committee on Transportation Security and Emergency Management 2016 Critical Infrastructure Committee Joint Annual Meeting Department
More informationCritical Infrastructure Analysis and Protection - A Case for Secure Information Exchange. August 16, 2016
Critical Infrastructure Analysis and Protection - A Case for Secure Information Exchange Dennis Denham Ssempereza - CISA, CISM, CRISC August 16, 2016 About me! Involved in Risk Management and Security
More informationIntroduction to Business continuity Planning
Week - 06 Introduction to Business continuity Planning 1 Introduction The purpose of this lecture is to give an overview of what is Business Continuity Planning and provide some guidance and resources
More informationSecurity Awareness Training Courses
Security Awareness Training Courses Trusted Advisor for All Your Information Security Needs ZERODAYLAB Security Awareness Training Courses 75% of large organisations were subject to a staff-related security
More informationPIPELINE SECURITY An Overview of TSA Programs
PIPELINE SECURITY An Overview of TSA Programs Jack Fox Pipeline Industry Engagement Manager Surface Division Office of Security Policy & Industry Engagement May 5, 2014 TSA and Pipeline Security As the
More informationDiscussion on MS contribution to the WP2018
Discussion on MS contribution to the WP2018, 30 January 2018 European Union Agency for Network and Information Security Possibilities for MS contribution to the WP2018 Expert Groups ENISA coordinates several
More informationResolution adopted by the General Assembly on 21 December [on the report of the Second Committee (A/64/422/Add.3)]
United Nations A/RES/64/211 General Assembly Distr.: General 17 March 2010 Sixty-fourth session Agenda item 55 (c) Resolution adopted by the General Assembly on 21 December 2009 [on the report of the Second
More informationAmerican Association of Port Authorities. Navigating the Cyber Domain. Homeland Security UNCLASSIFIED
American Association of Port Authorities Navigating the Cyber Domain Captain James Cash Deputy Director U.S. Coast Guard Cyber Command Vision & Mission VISION A safe, secure and resilient cyber operating
More informationThe J100 RAMCAP Method
The J100 RAMCAP Method 2012 ORWARN Conference Kevin M. Morley, PhD Security & Preparedness Program Manager AWWA--Washington, DC Water is Key to Daily Life Potable drinking water Sanitation Public Health
More informationCybersecurity Presidential Policy Directive Frequently Asked Questions. kpmg.com
Cybersecurity Presidential Policy Directive Frequently Asked Questions kpmg.com Introduction On February 12, 2013, the White House released the official version of the Presidential Policy Directive regarding
More informationNATIONAL INFRASTRUCTURE COMMISSION CORPORATE PLAN TO
NATIONAL INFRASTRUCTURE COMMISSION CORPORATE PLAN 2017-18 TO 2019-20 CONTENTS Introduction 3 Review of period from October 2015 to end 2016 3 Corporate Governance 4 Objectives and Business Activity Plan
More informationGlobal Response Centre (GRC) & CIRT Lite. Regional Cyber security Forum 2009, Hyderabad, India 23 rd to 25 th September 2009
Global Response Centre (GRC) & CIRT Lite Regional Cyber security Forum 2009, Hyderabad, India 23 rd to 25 th September 2009 IMPACT Service offerings Global Response Centre CIRT Lite Need for GRC Access
More informationCybersecurity and Hospitals: A Board Perspective
Cybersecurity and Hospitals: A Board Perspective Cybersecurity is an important issue for both the public and private sector. At a time when so many of our activities depend on information systems and technology,
More informationInformation Security Controls Policy
Information Security Controls Policy Classification: Policy Version Number: 1-00 Status: Published Approved by (Board): University Leadership Team Approval Date: 30 January 2018 Effective from: 30 January
More information13th Florence Rail Forum: Cyber Security in Railways Systems. Immacolata Lamberti Andrea Pepato
13th Florence Rail Forum: Cyber Security in Railways Systems Immacolata Lamberti Andrea Pepato November 25, 2016 Cyber Security context and Cyber Attacks trend Critical Infrastructures (CIs) are both physical
More informationImproving the Resilience of Critical Infrastructure from Natural Hazards
Improving the Resilience of Critical Infrastructure from Natural Hazards David Murphy Assistant Director Natural Hazards Team Civil Contingencies Secretariat Outline Civil Contingencies Secretariat Vulnerability
More informationNIS-Directive and Smart Grids
NIS-Directive and Smart Grids Workshop on European Smart Grid Cybersecurity: Emerging Threats and Countermeasures Marie Holzleitner Table of Content Aims & Objectives Affected Parties Selected Requirements
More informationCyber Security. Building and assuring defence in depth
Cyber Security Building and assuring defence in depth The Cyber Challenge Understanding the challenge We live in an inter-connected world that brings a wealth of information to our finger tips at the speed
More informationShared Responsibility: Roles and Responsibilities in Emergency Management Geoff Hay
Shared Responsibility: Roles and Responsibilities in Emergency Management Geoff Hay Assistant Director General Office of State Security and Emergency Coordination Department of the Premier and Cabinet
More informationSAINT PETERSBURG DECLARATION Building Confidence and Security in the Use of ICT to Promote Economic Growth and Prosperity
SAINT PETERSBURG DECLARATION Building Confidence and Security in the Use of ICT to Promote Economic Growth and Prosperity 1. We, APEC Ministers responsible for the Telecommunications and Information Industry,
More informationGrid Security & NERC. Council of State Governments. Janet Sena, Senior Vice President, Policy and External Affairs September 22, 2016
Grid Security & NERC Council of State Governments The Future of American Electricity Policy Academy Janet Sena, Senior Vice President, Policy and External Affairs September 22, 2016 1965 Northeast blackout
More informationINFORMATION SECURITY NO MORE THE CINDERELLA?
INFORMATION SECURITY NO MORE THE CINDERELLA? Lord Toby Harris THE VIEW FROM THE KITCHEN Information security the Cinderella of technology Information security the Cinderella of security Who are the Ugly
More informationQualification Specification. Level 2 Award in Cyber Security Awareness For Business
Qualification Specification Level 2 Award in Cyber Security Awareness For Business ProQual 2016 Contents Page Introduction 3 Qualification profile 3 Centre requirements 4 Support for candidates 4 Assessment
More informationThe Key Principles of Cyber Security for Connected and Automated Vehicles. Government
The Key Principles of Cyber Security for Connected and Automated Vehicles Government Contents Intelligent Transport System (ITS) & Connected and Automated Vehicle (CAV) System Security Principles: 1. Organisational
More informationStatement by Mr. Vladimir Voronkov, Under-Secretary-General of the United Nations Office of Counter-Terrorism
Statement by Mr. Vladimir Voronkov, Under-Secretary-General of the United Nations Office of Counter-Terrorism Meeting of the United Nations Security Council Counter-Terrorism Committee Mr. Chairman, Excellencies,
More informationPackage of initiatives on Cybersecurity
Package of initiatives on Cybersecurity Presentation to Members of the IMCO Committee Claire Bury Deputy Director-General, DG CONNECT Brussels, 12 October 2017 Building EU Resilience to cyber attacks Creating
More informationDevelopments in the field of information and
United Nations General Assembly Distr.: General 3 July 2001 English Original: English/Spanish A/56/164 Fifty-sixth session Item 81 of the preliminary list* Developments in the field of information and
More informationUnderstanding the Changing Cybersecurity Problem
Understanding the Changing Cybersecurity Problem Keith Price BBus, MSc, CGEIT, CISM, CISSP Founder & Principal Consultant 1 About About me - Specialise in information security strategy, architecture, and
More informationAn overview of the CERT/CC and CSIRT Community
An overview of the CERT/CC and CSIRT Community Jason A. Rafail October 2007 2007 Carnegie Mellon University Overview CERT/CC CSIRTs with National Responsibility Partnerships and Trust Training Conclusion
More informationTo be an active partner, always ready to improve by working with others
Title of Report: Prepared By: Sponsor: Action Required: Statement of Assurance/Readiness Preparedness to Major Incidents Ben Cockerill, Emergency Planning Officer Kevin O Leary, Deputy Director of Operations
More informationChallenges in Developing National Cyber Security Policy Frameworks
Challenges in Developing National Cyber Security Policy Frameworks Regional Workshop on Frameworks for Cybersecurity and Critical Information Infrastructure Protection William McCrum Deputy Director General
More informationDefence, Safety and Security
Defence, Safety and Security 2 The mission of TNO TNO connects people and knowledge to create innovations that boost the sustainable competitive strength of industry and well-being of society. 3 TNO facts
More informationSwedish IT Incident Centre
Swedish IT Incident Centre Establishing a Government CERT from scratch the Swedish experience Establishment phase 2003 2004 CERTs in Europe Lessons Learned and Good Practices, Brussels 2005-12-13 Presentation
More information