Regional Workshop on Frameworks for Cybersecurity and CIIP Feb 2008 Doha, Qatar

Similar documents
Presentation to the ITU on the Q-CERT Incident Management Team. Ian M Dowdeswell Incident Manager, Q-CERT

National Cyber Security Strategy - Qatar. Michael Lewis, Deputy Director

Bradford J. Willke. 19 September 2007

CSIRT in general CSIRT Service Categories Reactive Services Proactive services Security Quality Management Services CSIRT. Brmlab, hackerspace Prague

ENISA EU Threat Landscape

Brussels, 19 May 2011 COUNCIL THE EUROPEAN UNION 10299/11 TELECOM 71 DATAPROTECT 55 JAI 332 PROCIV 66. NOTE From : COREPER

Panelists. Moderator: Dr. John H. Saunders, MITRE Corporation

COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN

ITU-IMPACT Capacity Building for Least Developed & Developed Countries

Cybersecurity and Vulnerability Assessment

EU policy on Network and Information Security & Critical Information Infrastructures Protection

The European Policy on Critical Information Infrastructure Protection (CIIP) Andrea SERVIDA European Commission DG INFSO.A3

Directive on security of network and information systems (NIS): State of Play

Cybersecurity in Asia-Pacific State of play, key issues for trade and e-commerce

Call for Expressions of Interest

Security and resilience in Information Society: the European approach

The Arab ICT Organization

RFD. for ICERT ( ) RESULTS-FRAMEWORK DOCUMENT. Department of Information Technology. Results-Framework Document (RFD) for CERT-In ( )

Cybersecurity for ALL

Government-Industry Collaboration: 7 Steps for Resiliency in Critical Infrastructure Protection

Cyber Security Technologies

UPU UNIVERSAL POSTAL UNION. CA C 4 SDPG AHG DRM Doc 3. Original: English COUNCIL OF ADMINISTRATION. Committee 4 Development Cooperation

OAS Cybersecurity Capacity Building Efforts

ENISA s Position on the NIS Directive

EISAS Enhanced Roadmap 2012

The challenges of the NIS directive from the viewpoint of the Vienna Hospital Association

Cyber Security in Europe

SAINT PETERSBURG DECLARATION Building Confidence and Security in the Use of ICT to Promote Economic Growth and Prosperity

The NIST Cybersecurity Framework

Forum. Ningbo, China 25 February

Why you should adopt the NIST Cybersecurity Framework

About Issues in Building the National Strategy for Cybersecurity in Vietnam

Updates to the NIST Cybersecurity Framework

Global Alliance Against Child Sexual Abuse Online 2014 Reporting Form

Centre for cybersecurity Belgium : Role, Missions et future capacities

Defining Computer Security Incident Response Teams

MNsure Privacy Program Strategic Plan FY

Transport and ICT Global Practice Smart Connections for All Sandra Sargent, Senior Operations Officer, Transport & ICT GP, The World Bank

ICS-CERT Year in Review. Industrial Control Systems Cyber Emergency Response Team

Promoting Global Cybersecurity

Fundamentals of Cybersecurity/CIIP. Building Capacity: Using a National Strategy & Self-Assessment

Critical Infrastructure Protection (CIP) as example of a multi-stakeholder approach.

Mission: Continuity BUILDING RESILIENCE AGAINST UNPLANNED SERVICE INTERRUPTIONS

ITU Academia. Smart Partnership for ICT4SDG. Jaroslaw K. PONDER Coordinator for Europe Region

GLOBAL AGENDA FOR CYBER CAPACITY BUILDING

The Office of Infrastructure Protection

The Office of Infrastructure Protection

DHS Election Task Force Updates. Geoff Hale, Elections Task Force

National Policy and Guiding Principles

ENISA & Cybersecurity. Dr. Udo Helmbrecht Executive Director, European Network & Information Security Agency (ENISA) 25 October 2010

Cybersecurity governance in Europe. Sokratis K. Katsikas Systems Security Laboratory Dept. of Digital Systems University of Piraeus

DHS Cybersecurity: Services for State and Local Officials. February 2017

NATIONAL CYBER SECURITY STRATEGY. - Version 2.0 -

UNCLASSIFIED. National and Cyber Security Branch. Presentation for Gridseccon. Quebec City, October 18-21

Securing Europe's Information Society

RBI GUIDELINES ON CYBER SECURITY AND RAKSHA APPROACH

RFC2350 TLP1: WHITE. Έκδοση National CSIRT-CY RFC2350

CONNECT ARAB STATES SUMMIT

Medical Device Cybersecurity: FDA Perspective

Global Response Centre (GRC) & CIRT Lite. Regional Cyber security Forum 2009, Hyderabad, India 23 rd to 25 th September 2009

NIS-Directive and Smart Grids

EU General Data Protection Regulation (GDPR) Achieving compliance

2 nd Cybersecurity Workshop Test and Evaluation to Meet the Advanced Persistent Threat

June 5, 2018 Independence, Ohio

STRATEGIC PLAN. USF Emergency Management

Package of initiatives on Cybersecurity

KENYA YOUR RELIABLE PARTNER AT THE ITU. Candidate for the ITU Council in Region D

Cyber Security Program

Current procedures, challenges and opportunities for collection and analysis of Criminal Justice statistics CERT-GH

Australian Government Cyber-security Activities in the Pacific

Awareness as a Cyber Security Vulnerability. Jack Whitsitt Team Lead, Cyber Security Awareness and Outreach TSA Office of Information Technology

Discussion on MS contribution to the WP2018

Dr. Emadeldin Helmy Cyber Risk & Resilience Bus. Continuity Exec. Director, NTRA. The African Internet Governance Forum - AfIGF Dec 2017, Egypt

ENISA & Cybersecurity. Steve Purser Head of Technical Competence Department December 2012

National Preparedness System. Update for EMForum June 11, 2014

Texas Reliability Entity, Inc. Strategic Plan for 2017 TEXAS RE STRATEGIC PLAN FOR 2017 PAGE 1 OF 13

Valérie Andrianavaly European Commission DG INFSO-A3

The Case for National CSIRTs

Network and Information Security Directive

UAE National Space Policy Agenda Item 11; LSC April By: Space Policy and Regulations Directory

Cybersecurity & Spam after WSIS: How MAAWG can help

METHODOLOGY AND CRITERIA FOR THE CYBERSECURITY REPORTS

Information Security and Cyber Security

Outreach and Partnerships for Promoting and Facilitating Private Sector Emergency Preparedness

Information sharing in the EU policy on NIS & CIIP. Andrea Servida European Commission DG INFSO-A3

Cyber Security Beyond 2020

Cybersecurity Auditing in an Unsecure World

Panel 1 National CSIRT Experience

Cyber Security Strategy

NATIONAL DEFENSE INDUSTRIAL ASSOCIATION Homeland Security Symposium

HPH SCC CYBERSECURITY WORKING GROUP

European Union Agency for Network and Information Security

ASREN Arab States Research and Education Network

Implementation Strategy for Cybersecurity Workshop ITU 2016

Greg Garcia President, Garcia Cyber Partners Former Assistant Secretary for Cyber Security and Communications, U.S. Department of Homeland Security

PIPELINE SECURITY An Overview of TSA Programs

Directive on Security of Network and Information Systems

DHS Cybersecurity. Election Infrastructure as Critical Infrastructure. June 2017

CRCC Information for Distinguished Regional Guests. Updated 4/13/15

Stakeholders Analysis

Transcription:

Regional Workshop on Frameworks for Cybersecurity and CIIP 18 21 Feb 2008 Doha, Qatar A National Cybersecurity Strategy aecert Roadmap Eng. Fatma Bazargan aecert Project Manager Technical Affairs Department UAE Telecom Regulatory Authority

agenda» introduction» the vision and mission» goals and objectives» the roadmap» constituents tiered model» services» national security awareness campaign» so far and the way forward» summary aecert Copyright 2008 2

introduction aecert is the United Arab Emirates Computer Emergency Response Team National CERT in the UAE initiative by the UAE Telecommunications Regulatory Authority (TRA) is an advisory body and may recommend the adoption of good practice policies, procedures and technologies to detect, prevent and respond to the current and future cyber security incidents in the UAE to promote, build and ensure a safer cyber environment and culture in the UAE will serve the government, law enforcement and business sectors in the UAE aecert Copyright 2008 3

vision and mission vision to be the leading trusted cyber security co-ordination center in the region. mission to help build a safe and secure cyber culture in the UAE; and to sustain a resilient and vigilant ICT Infrastructure against the broader set of cyber security threats. aecert Copyright 2008 4

goals to promote information security awareness across the UAE; to deliver analysis of global and specific cyber security threats; to provide coordination and advisory services on mitigating cyber security risks; to gather, analyze, correlate and disseminate security relevant information; to act as a central point of contact for reporting cyber security incidents; to build national expertise in information security, incident management and computer forensics; and to foster the establishment of and provide assistance to constituent Computer Security Incident Response Teams (CSIRTs). aecert Copyright 2008 5

constituents tiered model constituents divided into tiers each defined by its level of cyber security risk assessment services delivered to the organization relates to the tier it belongs the tiers are as follows: Tier 1: organizations damage to which would cause critical harm to the critical information infrastructure Tier 2: organizations damage to which would cause serious harm to the critical information infrastructure Tier 3: organizations damage to which would cause some harm to the critical information infrastructure Public: all other sectors and the wider public within the UAE will liaise with the regional and international CERTs/CSIRTs aecert Copyright 2008 12

services planning to offer 23 services as per the aecert Service Catalogue mapped to their dates of launch services include: advice and education; threat alerting and communications; incident handling and response; research and analysis; and best practice guidelines. aecert Copyright 2008 13

national security awareness campaign the first UAE and GCC national information security awareness campaign to be made available to the public key factor to aecert s national strategy to help build and promote a safer cyber culture within the UAE provides comprehensive elearning content via the web It was launched in nov. 2007 around the theme of protecting your online identity including topics: Information Security Essentials, Password Security and Social Engineering. available both in english and arabic and caters business users, home users and students The content is supported with related collateral such as downloadable reminder cards and screen savers aecert Copyright 2008 14

national security awareness campaign (contd) this month releases will include: Frequently Asked Questions (FAQs) and Posters for the resoundingly successful first installment; Q2 launch themed around Understanding Internet Threats which covers the issues and safeguards for E- mail, Web and Instant Messaging Security; National Outreach Program targeting schools and universities; and aecert public seminars. aecert Copyright 2008 15

What s coming next.. national threat monitor structured early warnings and alerts UAE Honeynet project national incident response framework digital forensics laboratory research and development projects cyber security technical center of excellence 24x7 operation scheduled aecert Copyright 2008 16

in summary aecert is the UAE National CERT; an initiative by the Telecommunications Regulatory Authority (UAE-TRA); aim to: build and promote a safer and secure cyber culture in the UAE; our deliverables: awareness, expertise, collaboration and mitigation; our services: advice and education; threat alerting and communications; incident handling and response; research and analysis; and best practice guidelines. aecert Copyright 2008 17

Contact: Eng. Fatma Bazargan aecert Project Manager UAE TRA Technical Affairs Dept. e-mail: fatma.bazargan@aecert.ae visit aecert @ www.aecert.ae

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback