CENTER FOR SECURITY STUDIES

Similar documents
MELANI: Information exchange a story of success

Valérie Andrianavaly European Commission DG INFSO-A3

Cybersecurity Strategy of the Republic of Cyprus

Global cybersecurity and international standards

Information Sharing and Cooperation

A Critical cogitation on Critical Information Infrastructure

Brussels, 19 May 2011 COUNCIL THE EUROPEAN UNION 10299/11 TELECOM 71 DATAPROTECT 55 JAI 332 PROCIV 66. NOTE From : COREPER

Cybersecurity for ALL

Critical Information Infrastructure Protection. Role of CIRTs and Cooperation at National Level

Security and resilience in the Information Society: the role of CERTs/CSIRTs in the context of the EU CIIP policy

Critical Infrastructure Protection (CIP) as example of a multi-stakeholder approach.

EU policy on Network and Information Security & Critical Information Infrastructures Protection

Securing Europe's Information Society

The challenges of the NIS directive from the viewpoint of the Vienna Hospital Association

Cybersecurity in Asia-Pacific State of play, key issues for trade and e-commerce

NATIONAL CYBER SECURITY STRATEGY. - Version 2.0 -

Bradford J. Willke. 19 September 2007

Strategic and operational threat analysis at Europol's EC3

Resolution adopted by the General Assembly on 21 December [on the report of the Second Committee (A/64/422/Add.3)]

The rise of major Adversaries is the most relevant trend in 2014, targeting Government and Critical Services

GLOBAL AGENDA FOR CYBER CAPACITY BUILDING

Global Alliance Against Child Sexual Abuse Online 2014 Reporting Form

The CERT Top 10 List for Winning the Battle Against Insider Threats

National Cyber Security Strategy - Qatar. Michael Lewis, Deputy Director

Information sharing in the EU policy on NIS & CIIP. Andrea Servida European Commission DG INFSO-A3

UN General Assembly Resolution 68/243 GEORGIA. General appreciation of the issues of information security

Enhancing the security of CIIPs in Europe - ENISA s Approach Dimitra Liveri Network and Information Security Expert

Discussion on MS contribution to the WP2018

Cyber Security in Europe

INTERNATIONAL TELECOMMUNICATION UNION

TO INSPIRE, CONNECT AND EMPOWER TO TURN BACK CRIME

Government-Industry Collaboration: 7 Steps for Resiliency in Critical Infrastructure Protection

Industry role moving forward

Dr. Emadeldin Helmy Cyber Risk & Resilience Bus. Continuity Exec. Director, NTRA. The African Internet Governance Forum - AfIGF Dec 2017, Egypt

Fundamentals of Cybersecurity/CIIP. Building Capacity: Using a National Strategy & Self-Assessment

Cyber Security and Protecting Critical Information Infrastructures

ENISA & Cybersecurity. Dr. Udo Helmbrecht Executive Director, European Network & Information Security Agency (ENISA) 25 October 2010

ENISA EU Threat Landscape

The UK s National Cyber Security Strategy

Promoting Global Cybersecurity

Member of the County or municipal emergency management organization

Intelligence-Led Policing, Community Policing and the Prevention of Violent Extremism and Radicalization that lead to Terrorism

Regional Resilience: Prerequisite for Defense Industry Base Resilience

The Role of ENISA in the Implementation of the NIS Directive Anna Sarri Officer in NIS CIP Workshop Vienna 19 th September 2017

G8 Lyon-Roma Group High Tech Crime Subgroup

Itu regional workshop

2nd ENISA Workshop German CERT-Activities. 5 th October, 2006 Brussels

Part 1: Critical Infrastructures and Their Reliance on Critical Information Infrastructures

OAS Cybersecurity Capacity Building Efforts

STRATEGY ATIONAL. National Strategy. for Critical Infrastructure. Government

The Republic of Korea. economic and social benefits. However, on account of its open, anonymous and borderless

The Case for National CSIRTs

Provisional Translation

IMPACT Global Response Centre. Technical Note GLOBAL RESPONSE CENTRE

Greg Garcia President, Garcia Cyber Partners Former Assistant Secretary for Cyber Security and Communications, U.S. Department of Homeland Security

Resolution: Advancing the National Preparedness for Cyber Security

Cyber Security in Europe and CEER s new PEER initiative

Global Cybersecurity Agenda

PIPELINE SECURITY An Overview of TSA Programs

GLOBAL CYBERSECURITY INDEX 2016

DHS Cybersecurity: Services for State and Local Officials. February 2017

Securing Europe s IoT Devices and Services

ISRAEL NATIONAL CYBER SECURITY STRATEGY IN BRIEF

SAINT PETERSBURG DECLARATION Building Confidence and Security in the Use of ICT to Promote Economic Growth and Prosperity

Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013

Call for Expressions of Interest

EISAS Enhanced Roadmap 2012

Department of Homeland Security Updates

ENISA & Cybersecurity. Steve Purser Head of Technical Competence Department December 2012

INDEPENDENT COMMUNICATIONS AUTHORITY OF SOUTH AFRICA(ICASA) CYBERSECURITY PRESENTATION AT SAIGF. 28 th November 2018

Emergency Support Function #2 Communications Annex INTRODUCTION. Purpose. Scope. ESF Coordinator: Support Agencies: Primary Agencies:

ISAO SO Product Outline

NEW INNOVATIONS NEED FOR NEW LAW ENFORCEMENT CAPABILITIES

Minutes of the Individual Meeting between GCSEC and IMTM; GCSEC, IMTM and UDG

UNCLASSIFIED. National and Cyber Security Branch. Presentation for Gridseccon. Quebec City, October 18-21

Security and resilience in Information Society: the European approach

Cyber Security & Homeland Security:

Strategic Security Analyst

The commission communication "towards a general policy on the fight against cyber crime"

Mozilla position paper on the legislative proposal for an EU Cybersecurity Act

Israel and ICS Cyber Security

National CIRT - Montenegro. Ministry for Information Society and Telecommunications

Panelists. Moderator: Dr. John H. Saunders, MITRE Corporation

Cyber Security Strategy

EUROPEAN COMMISSION JOINT RESEARCH CENTRE. Information Note. JRC activities in the field of. Cybersecurity

Panel 1 National CSIRT Experience

KENYA YOUR RELIABLE PARTNER AT THE ITU. Candidate for the ITU Council in Region D

COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN

19-20 September 2018 The Trans Resort Kuta, Bali - Indonesia

CIRT: Requirements and implementation

Current procedures, challenges and opportunities for collection and analysis of Criminal Justice statistics CERT-GH

CYBERCRIME AS A NEW FORM OF CONTEMPORARY CRIME

COUNCIL OF THE EUROPEAN UNION. Brussels, 24 May /13. Interinstitutional File: 2013/0027 (COD)

Cybersecurity governance in Europe. Sokratis K. Katsikas Systems Security Laboratory Dept. of Digital Systems University of Piraeus

Federal Information Sharing Resources for Small and Midsize Businesses

Position Description. Computer Network Defence (CND) Analyst. GCSB mission and values. Our mission. Our values UNCLASSIFIED

RESOLUTION 130 (Rev. Antalya, 2006)

Regional Cyber security Forum for Africa and Arab States, Tunis, Tunisia 4 th -5 th June 2009

Cyber Security Strategy

Today s cyber threat landscape is evolving at a rate that is extremely aggressive,

Transcription:

CENTER FOR SECURITY STUDIES Swiss Federal Institute of Technology (ETH Zurich) A Generic National Framework for Critical Information Infrastructure Protection 2nd WSIS Action Line C5 Meeting ITU Headquarters, 14-15 May 2007 Manuel Suter

Introduction: Why a Generic National Framework Critical Information Infrastructure Protection (CIIP) is a complex and multi-faceted task: The threat spectrum is very wide and rapidly evolving. CIIP involves various actors: governmental agencies from different ministries as well as private companies. Different perspectives: technical, business, law-enforcement, national-security. For states that are only starting to develop their own CIIP policy, it is quite hard to identify best practices. National models for CIIP organizations are not necessarily applicable to other countries, because of their complexity and their country-specific configuration. Many of the existing solutions are fairly resource-intensive.

Introduction: The aim of the Generic National Framework The generic national framework aims to offer a few building blocks for an efficient and effective CIIP organizational unit. By concentrating on the most essential task, cooperation between various stakeholders, flexibility, and adaptability, one may develop a relatively inexpensive solution that can be further tailored to country-specific needs. The generic framework is an amalgamation of different existing CIIP models, but most closely resembles the Swiss CIIP model.

Essential Tasks: The Four Pillars of CIIP

Essential Partners: The Cooperation Model Hub/clearing house (governmental agency) Analysis capacity (intelligence community) Technical center of expertise (CERT)

Organization of the CIIP Unit Special Task Force for Information Assurance Government Agency Intelligence Service Head of CIIP unit CIIP unit CERT Team Leader of the Situation Center Leader of the CERT- Team Analysts Scientific Staff

The Network of the CIIP Unit In order for the CIIP unit to be successful, each sub unit needs to be embedded in a broad network of national and international partners. National Units World-Wide Cooperation Operators of Critical Infrastructure CIIP Unit CIIP Network / Policy-Makers Intelligence Service High-tech crime unit CERT Other national CIIP units Intelligence community Other national high-tech crime units, Interpol Other national and international CERTs, Forum of Incident Response and Security Teams (FIRST)

The Two Customer Bases of the CIIP Unit Most importantly, the CIIP unit must address the owners and operators of CII. However, in the fight against cyber-crime, it is also vital not to neglect private users, SMEs, and other large businesses that are not operating CII. In consequence, the CIIP unit serves two customer groups: the Closed Customer Base, which should include the operators of nationally critical infrastructures; and the Open Customer Base, which includes all other companies (in particular SMEs), as well as home computer users.

The Two Customer Bases of the CIIP Unit Customer base Closed Open Members Selected operators of critical infrastructures (limited membership) SMEs Citizens Number 2-4 representatives of each member Open Trust Strong Trust Weak Trust Build-up of Trust Within the whole costumer base (regular meetings, interactive network), and in particular within each sector. Media, internet, exhibitions - with the help of partners.

The Closed Costumer Base Membership of the CCB is restricted to operators of CII.

Products and Services for the Closed Customer Base Assistance in case of incident: 24/7 on-call service One-stop-shop Distribution of exclusive information: Early warnings, situation reports, background information, perpetrator profiles. Online platform, newsletters. Workshops, meeting, exercises: Sector-specific workshops: reinforcing knowledge of specific issues. Cross-sectoral workshops: increasing awareness of interdependencies.

Information-sharing and classification levels Considerable know-how can be gained through exchanges of experiences. Companies are competing with each other. Information-sharing in the area of information security can be an extremely sensitive matter for companies. Strong mutual trust is an absolute condition for any information-sharing effort. Each company should be able to decide with whom it wants to share information.

The Open Customer Base The Open Customer Base: private users, SMEs, large businesses that are not operating CII. Services and products for the Open Costumer Base: Awareness-raising: increasing basic knowledge on information security. Warnings and advices: filtering the bulk of warnings Assistance in case of incident: providing hints on problem resolution, answering technical questions. Partnership with other actors (Media, private associations, other governmental agencies).

The CIIP Unit in Practice: A (Fictitious) Case Study

Conclusions It is possible to form effective and efficient CIIP units without allocating a great deal of resources. The following features were considered to be the key elements for such a unit: Concentration on the essential tasks Cooperation with all relevant stakeholders Information-sharing with the private sector National and international contacts The presented framework should not be understood as static solution. The CIIP unit must constantly take into account the various interests of its partners, as well as the fact that different events may demand different alliances.

Contact Information Thank you! Manuel Suter Center for Security Studies ETH Zürich WEC Weinbergstrasse 11 8092 Zurich Switzerland +41 (0)44 632 63 49 suter@sipo.gess.ethz.ch

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback