Implementing a National Strategy : the case of the Tunisian CERT

Similar documents
Overview. Objectives. Components. Information and Communication Technologies Sector Development Project. Project

Global cybersecurity and international standards

CIRT: Requirements and implementation

CERT.LV activities, role in Latvia and globally. Baiba Kaskina, CERT.LV , Sofia, Bulgaria

Centre for cybersecurity Belgium : Role, Missions et future capacities

NATIONAL CYBER SECURITY STRATEGY. - Version 2.0 -

Bringing cyber to the Board of Directors & C-level and keeping it there. Dirk Lybaert, Proximus September 9 th 2016

Best Practices in Public Information Management in Sri Lanka. Presented by Nimal Athukorala D.C. Dissanayake

ThaiCERT Incident Response & Phishing cases in Thailand. By Kitisak Jirawannakool Thai Computer Emergency Response team (ThaiCERT)

NATIONAL STRATEGY:- MALAYSIAN EXPERIENCE

RISING CYBER SECURITY CAPABILITY WITH A UNIQUE NETWORK OF TRUSTED PARTNERS. Jan De Blauwe Chairman Cyber Security Coalition Belgium

National Cybersecurity preparation to deal with Cyber Attacks

Caribbean Cyber Security: Not Only Government s Responsibility

Cyber Security Technologies

UN General Assembly Resolution 68/243 GEORGIA. General appreciation of the issues of information security

Concept Note: GIDC. Feasibility Study(F/S) on Government Integrated Data Center (GIDC) for the Republic of Nicaragua

Itu regional workshop

About Issues in Building the National Strategy for Cybersecurity in Vietnam

METHODOLOGY AND CRITERIA FOR THE CYBERSECURITY REPORTS

OAS Cybersecurity Capacity Building Efforts

Cyber Security Strategic Level Landscape in Poland. Krzysztof Silicki NASK Institute, Poland ENISA MB, EB

The NIS Directive and Cybersecurity in

ENISA EU Threat Landscape

Bradford J. Willke. 19 September 2007

Cybersecurity Strategy of the Republic of Cyprus

Global Alliance Against Child Sexual Abuse Online 2014 Reporting Form

Critical Infrastructure Partnership

Presented by: Njei Check Head, Audit Security Division, ANTIC

Greg Garcia President, Garcia Cyber Partners Former Assistant Secretary for Cyber Security and Communications, U.S. Department of Homeland Security

Fiscal 2015 Activities Review and Plan for Fiscal 2016

cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services

ENISA Cooperation in the EU / NIS Directive

Chapter X Security Performance Metrics

The Case for National CSIRTs

CERT.be Brussels 2011

CESG:10 Steps to Cyber Security WORKING WITH GOVERNMENT, INDUSTRY AND ACADEMIA TO MANAGE INFORMATION RISK

National Cyber Security Strategy - Qatar. Michael Lewis, Deputy Director

ITU CBS. Digital Security Capacity Building: Role of the University GLOBAL ICT CAPACITY BUILDING SYMPOSIUM SANTO DOMINGO 2018

State Planning Organization Information Society Department

Establishing National Incident Response Capability for Viet Nam - VNCERT activities and challenges

RFC2350 TLP1: WHITE. Έκδοση National CSIRT-CY RFC2350

How to communicate with your government - Lessons from Japan -

Fundamentals of Cybersecurity/CIIP. Building Capacity: Using a National Strategy & Self-Assessment

ISRAEL NATIONAL CYBER SECURITY STRATEGY IN BRIEF

Regional Workshop on Frameworks for Cybersecurity and CIIP Feb 2008 Doha, Qatar

The GenCyber Program. By Chris Ralph

UNCLASSIFIED. National and Cyber Security Branch. Presentation for Gridseccon. Quebec City, October 18-21

CSIRT in general CSIRT Service Categories Reactive Services Proactive services Security Quality Management Services CSIRT. Brmlab, hackerspace Prague

CYBERCRIME AS A NEW FORM OF CONTEMPORARY CRIME

Cybersecurity in Asia-Pacific State of play, key issues for trade and e-commerce

NIS Standardisation ENISA view

Italian government CERT: INITIAL RESULTS

Control Systems Cyber Security Awareness

Forum. Ningbo, China 25 February

Chapter X Security Performance Metrics

European Union Agency for Network and Information Security

2 nd Cybersecurity Workshop Test and Evaluation to Meet the Advanced Persistent Threat

THE CYBER SECURITY ENVIRONMENT IN LITHUANIA

Hacker Academy Ltd COURSES CATALOGUE. Hacker Academy Ltd. LONDON UK

National Policy and Guiding Principles

Co-operation with Law Enforcement Agencies in South Africa. 19 September 2008

The Network and Information Security Directive - ENISA's contribution

Cyber Security. It s not just about technology. May 2017

Defining Computer Security Incident Response Teams

ENISA s Position on the NIS Directive

Legal framework of ensuring of cyber security in the Republic of Azerbaijan

Romania - Cyber Security Strategy. 6th IT STAR Workshop on Digital Security

TEL2813/IS2820 Security Management

Blending Information Systems Security and Forensics Curricula

Emergency response plan in the event of an attack against information systems or. a technical flaw in the information systems

The challenges of the NIS directive from the viewpoint of the Vienna Hospital Association

Call for Expressions of Interest

Enhancing the security of CIIPs in Europe - ENISA s Approach Dimitra Liveri Network and Information Security Expert

Current procedures, challenges and opportunities for collection and analysis of Criminal Justice statistics CERT-GH

locuz.com SOC Services

National CIRT - Montenegro. Ministry for Information Society and Telecommunications

Security and resilience in Information Society: the European approach

Cybersecurity Overview

COUNCIL OF THE EUROPEAN UNION. Brussels, 24 May /13. Interinstitutional File: 2013/0027 (COD)

Resolution: Advancing the National Preparedness for Cyber Security

CYBER SECURITY AND DATA PROTECTION Theme: Securing Businesses and Public Transactions. Regional Headquarters, The University of the West Indies, Mona

Valérie Andrianavaly European Commission DG INFSO-A3

Legal Foundation and Enforcement: Promoting Cybersecurity

1 History of CyberSecurity in the Philippines 2 3

Building Global CSIRT Capabilities

Industrial Control System Cyber Security

Securing Europe's Information Society

Jim Brenton Regional Security Coordinator ERCOT Electric Reliability Council of Texas

Network and Information Security Directive

Resolution adopted by the General Assembly on 21 December [on the report of the Second Committee (A/64/422/Add.3)]

NERC Staff Organization Chart

Position Description. Engagement Manager UNCLASSIFIED. Outreach & Engagement Information Assurance and Cyber Security Directorate.

Directive on Security of Network and Information Systems

Stakeholders Analysis

TUNISIA CSIRT CASE STUDY

A company built on security

CYBERSECURITY HOW IT IS TRANSFORMING THE IT ASSURANCE FIELD

Legal, Ethical, and Professional Issues in Information Security

Executive Summary CYBER SECURITY COMPETITION SECONDARY SCHOOLS CZECH REPUBLIC The school year 2016 / 2017

Discussion on MS contribution to the WP2018

Transcription:

Implementing a National Strategy : the case of the Tunisian CERT Belhassen ZOUARI, CEO, National Agency for Computer Security, Head of Cert-Tcc, E-mail : B.Zouari@ansi.tn

a fast Historical Overview end 1999 : Launch of a UNIT ( a Micro-CERT ), specialized in IT Security Objective : - to raise awareness decision-makers and Technical staff about security issues. & to creates a first Task-force of Tunisian Experts in IT Security (+ Monitoring the security of highly critical national applications and infrastructures.. ) From End 2002 ( certification of the role of IT security as a pillar of the «Information Society») : The unit starts the establishment of a strategy and of a National Plan in IT Security (national survey, for fixing: priorities, volume of actions, needed logistic, supporting tools,.). January 2003 : - Decision of the Council of Ministers, headed by the President, and dedicated to informatics and IT Security, of : The creation of a National Agency, specialized in IT Security (The Tool for the execution of the national strategy and plan) The Introduction of Mandatory and Periodic Security audits (Pillar of our strategy) The creation of a body of certified Auditors in IT Security + some accompanying measures (launch of masters in IT security, )

In addition to previous Laws : Law on Electronic Signature and e-commerce (Law N 2000-83 ) Law Against Cyber-Crimes (Law N 1999-89, Art 199) Law on consumer protection and respect of Intellectual property (Law N 1994-36) Law on protection of Privacy and Personal data (Law n 2004-63) February 2004 : Promulgation of an original LAW, related to ICT security (Law N 5-2004 and its 3 relatives decrees ) : Obligation for national companies (ALL public + big and sensitive private ones) to do Periodic (Now annually) Security audits of their IS. Organization of the field of Security audits Audits are Made by CERTIFIED auditors (from the private sector), definition of the process of certification of auditors definition of the auditing missions and process of follow-up (ISO 1 77 99) Creation and definition of the Missions of the National Agency for Computer Security (created under the Ministry of Communication Technologies) Obligation to declare security Incidents (Viral, mass hacking attacks,..) that could affect others IS, with guarantee of confidentiality, by law. September 2005 eptember 2005 : launch of Cert-Tcc (Computer Emergency Response Team / Tunisian Coordination Center)

Watch ISAC Incident Analysis CSIRT Incident Handling Coordination Cert-Tcc Training Warning/ Alert Response Awareness

Watch Publication of vulnerabilities, exploits, 0days Collaboration network Antivirus suppliers Collaboration program Collect information Professional community Watch professionals Trend indicators Equipments constructors

Warning & Information Professional community Antivirus - suppliers Internet Services Providers Vulnerabilities, Managers, Decision makers exploits, 0days Web masters, Security Admin., Programmers Collaboration network SCP Mailing List, Web Site, Call Center, Media (TV, Radio, Press) Internet Community

Awareness Oriented campaigns + Decision makers + Professionals + Teachers + Students + Users + Journalists + Lawyers Diversified contents Prospectus Posters Emails Radio Emission Cartoon Video Spot Attack Simulation Guide

Information Share, Analysis & Collect (ISAC) Development of mechanisms for early detection of attacks SAHER DNS, POP SMTP SAHER IDS SAHER Web Call Center Collect Information Analyze Incident Declaration E-mail Service Share Viral Propagation Attack Trends

Incident Handling (CSIRT) CSIRT team Collaboration network Trained Team Technical means (Investigation) Procedural means Platform of incident management Information exchange Attack Tracking Assistance Reporting incident System 24/7 Watch CSIRT ISAC Email : cert-tcc@ansi.tn Call center: 71 843200 N Vert : 80 100 267 Email : incident@ansi.tn Web : on line forms Tel: : 71 846020 Massive attack Detection Critical failure Detection Web site attack Detection Incident Analysis and handling

Coordination National Reaction Plan against massive attacks regional CERTs other CERTs Cert-Tcc FIRST Incident Coordination procedures ISPs & operators Vendors Integrators National Authority

Know-How In IT security Reaching a relative technological autonomy : - Encouraging the development of national Solutions and Tools,. based on Open-source components - Improving R&D capabilities and making it more responsive to urgent needs. - Encouraging Academic Research in the Important topics of Security (cryptography, methodologies, )

Cert -TCC (Computer Emergency Response Team / Tunisian Coordination Center)

Thank you for your attention

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback