MELANI: Information exchange a story of success

Similar documents
CENTER FOR SECURITY STUDIES

Critical Infrastructure Analysis and Protection - A Case for Secure Information Exchange. August 16, 2016

Bradford J. Willke. 19 September 2007

Security and resilience in the Information Society: the role of CERTs/CSIRTs in the context of the EU CIIP policy

Cyber Security in Europe

Centre for cybersecurity Belgium : Role, Missions et future capacities

Co-operation against cybercrime CSIRTs LE private sector

Cyber Security Experts Association of Nigeria (CSEAN) CYBER SECURE NIGERIA 2016 Conference

Cyber Security is a Team Sport

Current procedures, challenges and opportunities for collection and analysis of Criminal Justice statistics CERT-GH

ENISA Cooperation in the EU / NIS Directive

ENISA & Cybersecurity. Dr. Udo Helmbrecht Executive Director, European Network & Information Security Agency (ENISA) 25 October 2010

CRITICAL INFRASTRUCTURE AND CYBER THREAT CRITICAL INFRASTRUCTURE AND CYBER THREAT

Enhancing the security of CIIPs in Europe - ENISA s Approach Dimitra Liveri Network and Information Security Expert

CSIRT in general CSIRT Service Categories Reactive Services Proactive services Security Quality Management Services CSIRT. Brmlab, hackerspace Prague

National Cyber Incident Response - Architectural Concepts

Stakeholders Analysis

Valérie Andrianavaly European Commission DG INFSO-A3

Presentation to the ITU on the Q-CERT Incident Management Team. Ian M Dowdeswell Incident Manager, Q-CERT

National Cyber Security Strategy - Qatar. Michael Lewis, Deputy Director

Cybersecurity Strategy of the Republic of Cyprus

EU policy on Network and Information Security & Critical Information Infrastructures Protection

Securing Europe s IoT Devices and Services

CERT.LV activities, role in Latvia and globally. Baiba Kaskina, CERT.LV , Sofia, Bulgaria

RFC 2350 YOROI-CSDC. Expectations for Computer Security Incident Response. Date 2018/03/26. Version 1.0

Itu regional workshop

Global Alliance Against Child Sexual Abuse Online 2014 Reporting Form

REGIONAL WORKSHOP ON E-COMMERCE LEGISLATION HARMONIZATION IN THE CARIBBEAN COMBATING CYBERCRIME: TOOLS AND CAPACITY BUILDING FOR EMERGING ECONOMIES

Outreach and Partnerships for Promoting and Facilitating Private Sector Emergency Preparedness

Panel 1 National CSIRT Experience

UNCLASSIFIED. National and Cyber Security Branch. Presentation for Gridseccon. Quebec City, October 18-21

Critical Infrastructure Protection (CIP) as example of a multi-stakeholder approach.

Criminal Justice Statistics on Cybercrime & Electronic Evidence

Defence, Safety and Security

RESOLUTION 130 (Rev. Antalya, 2006)

Electronic payments in the Netherlands

Louisiana - State Analytical & Fusion Exchange (LA-SAFE)

The UK s National Cyber Security Strategy

Cyber Security Strategy

RFC2350 TLP1: WHITE. Έκδοση National CSIRT-CY RFC2350

INTERNATIONAL TELECOMMUNICATION UNION

Brussels, 19 May 2011 COUNCIL THE EUROPEAN UNION 10299/11 TELECOM 71 DATAPROTECT 55 JAI 332 PROCIV 66. NOTE From : COREPER

Cyber Security Strategic Level Landscape in Poland. Krzysztof Silicki NASK Institute, Poland ENISA MB, EB

Government-Industry Collaboration: 7 Steps for Resiliency in Critical Infrastructure Protection

Cyber Security Development. Ghana in Perspective

New Zealand National Cyber Security Centre Incident Summary

COUNCIL OF THE EUROPEAN UNION. Brussels, 24 May /13. Interinstitutional File: 2013/0027 (COD)

BRIEFING COMBATING CYBERCRIME: TOOLS AND CAPACITY BUILDING FOR EMERGING ECONOMIES. Geneva 18 April David Satola

FSOR. Cyber security in the financial sector VISION 2020 FINANCIAL SECTOR FORUM FOR OPERATIONAL RESILIENCE

Department of Homeland Security Updates

79th OREGON LEGISLATIVE ASSEMBLY Regular Session. Senate Bill 90

Security and resilience in Information Society: the European approach

EUROPEAN COMMISSION JOINT RESEARCH CENTRE. Information Note. JRC activities in the field of. Cybersecurity

CYBER INCIDENT REPORTING GUIDANCE. Industry Reporting Arrangements for Incident Response

The Cyber Savvy CEO Getting to grips with today s growing cyber-threats

National Cyber Security Strategy 2016

About Issues in Building the National Strategy for Cybersecurity in Vietnam

Introduction. ISNR Abu Dhabi 2020 Program. Participation & Partnership Opportunities

ThaiCERT Incident Response & Phishing cases in Thailand. By Kitisak Jirawannakool Thai Computer Emergency Response team (ThaiCERT)

ITU Regional Cybersecurity Forum for Asia-Pacific

UN General Assembly Resolution 68/243 GEORGIA. General appreciation of the issues of information security

Greg Garcia President, Garcia Cyber Partners Former Assistant Secretary for Cyber Security and Communications, U.S. Department of Homeland Security

SECURING YOUR ASSETS / company_presentation_en_v1.00 / RG-C0

Garry Mukelabai Communications Authority Zambia

Legal Foundation and Enforcement: Promoting Cybersecurity

Best Practices in Public Information Management in Sri Lanka. Presented by Nimal Athukorala D.C. Dissanayake

Cyber Partnership Blueprint: An Outline

ENISA s Position on the NIS Directive

ESRIF & Working Group Innovation WG 9. Alois J. Sieber Chairman ESRIF WG # 9

A Strategy for a secure Information Society Dialogue, Partnership and empowerment

SECURITY, SAFETY AND SOVEREIGNTY FOR THE INDO-ASIA-PACIFIC

The Republic of Korea. economic and social benefits. However, on account of its open, anonymous and borderless

International Cooperation in Cybercrime Investigations

Netherlands Cyber Security Strategy. Michel van Leeuwen Head of Cyber Security Policy Ministry of Security and Justice

Cyber Crime Update. Mark Brett Programme Director February 2016

An overview of the CERT/CC and CSIRT Community

The Federal Council s Basic Strategy. for Critical Infrastructure Protection

PERSON SPECIFICATION. Cyber PROTECT Officer. Job Title: Status: Established

TO INSPIRE, CONNECT AND EMPOWER TO TURN BACK CRIME

COUNTERING IMPROVISED EXPLOSIVE DEVICES

Dr. Emadeldin Helmy Cyber Risk & Resilience Bus. Continuity Exec. Director, NTRA. The African Internet Governance Forum - AfIGF Dec 2017, Egypt

How Can NRA Contribute to the Improvement of IT Security? Rytis Rainys, Communications Regulatory Authority of the Republic of Lithuania

The UNODC Global Programme on Cybercrime Alexandru Caciuloiu CYBERCRIME COORDINATOR SOUTHEAST ASIA AND THE PACIFIC

Critical Infrastructure Partnership

Promoting Global Cybersecurity

Center for Infrastructure Assurance and Security (CIAS) Joe Sanchez AIA Liaison to CIAS

Call for Interest for the INTERPOL Digital Crime Centre 2 nd round (area of advanced technology required for the Malware/BotNet analysis)

FEMA Region III Cyber Security Program

Texas Department of Banking United States Secret Service January 25, 2012

NIS-Directive and Smart Grids

Regional Workshop on Frameworks for Cybersecurity and CIIP Feb 2008 Doha, Qatar

Exploring the European Commission s Network and Information Security Directive (NIS) What every CISO should know

National Policy and Guiding Principles

ACHIEVING FIFTH GENERATION CYBER SECURITY

locuz.com SOC Services

Societal Challenge

Cyber Intel within European Cybercrime Center Ops

The Digitalisation of Finance

National CIRT - Montenegro. Ministry for Information Society and Telecommunications

ENISA EU Threat Landscape

Transcription:

Federal Strategy Unit for Information Technology FSUIT Federal Intelligence Service Reporting and Analysis Centre for Information Assurance MELANI MELANI: Information exchange a story of success Max Klaus, Deputy Head Reporting and Analysis Centre for Information Assurance MELANI

Information Exchange Switzerland Bank CIIP CIIP Bank Bank CIIP CIIP CIIP MELANI LE CIIP CYCO 2

Critical Infrastructures Definition: Systems critical to the functioning of our society, such as energy supply telecommunications banking & financial services transportation emergency & rescue services health care government & public administration In the information age these systems depend more and more on IT infrastructures. Hence, they need to be protected CIIP 4

Public Private Partnership (PPP) Constitutional responsibility: Article 2, 2 of the Swiss Constitituion [ ] aiming to ensure the public welfare [ ] Government and the private sector must work together in a partnership public private partnership (PPP) The bigger part of Critical Infrastructures lies in the hands of private enterprises Closed Constituency 5

MELANI at a glance Threats Terrorism Espionage Organisation Intelligence Police Justice Situation Reporting and Analysis Centre 4 Persons FC Lead 2 Persons Information warfare GovCert.ch 2 Persons Other CERT s White-collar crime Services Products Exercises Workshops (SCADA, ISP, phishing, malware) Incident handling (phishing, espionage) Analysis (situational report, factsheets, alerts) Clients Closed constituency Finance, telecommunication, energy administration, industry, business 7

MELANI: Functionalities Co-operation Partners Intelligence Service for Analysis and Prevention (SAP) with the Federal Office of Police (fedpol) Cybercrime (Cybercrime Co-ordination Unit, CYCO) Federal Criminal Police Well established co-operation with the private sector GovCERT.ch Technical Experience Access to the world-wide network of CERTs Supervision Federal Strategy Unit for IT (FSUIT) Active in CIIP since 1997 Relations to relevant CIIP organizations abroad 8

Constituencies Constituency Members Number GovCert.ch Closed Situation Centre Selected Operators of Critical Infrastructures March 2010: 9 sectors / 83 companies / 213 people Open Situation Centre SMEs Citizen Open Relationship Strong Trust Relationship to MELANI - Interaction Regular Meetings, MELANI-Net (Extranet) Media, WWW, Exhibitions Notification of Incidents 9

Closed Constituency (March 2010) Critical Infrastructure # Companies # People Chemical industry 2 4 Energy Suppliers 9 23 Finance 37 102 Health Care 4 4 Industry 2 7 Telecommunication 8 20 Transport 5 10 Insurances 2 2 Government (Cantonal/Federal) 14 41 Total 83 213 10

Services for the Closed Constituency Information Sharing Network MELANI-Net 11

Services for the Closed Constituency Detection and Analysis 12

Example: E-Banking-Attack Information Exchange / Sensors Money Mule Recipient E-Bank ABC Money Mule Costumer Money Mule 13

Example: E-Banking-Attack / Information Exchange - Sensors Analysis of the Malware Filtering email MELANI Members Telcos Recipient Detection MELANI or Citizen Reporting Form MELANI tries to block Download Servers Informing the Citizen Prevention E-Bank ABC Money Mule Informing the Citizen Prevention MELANI tries to shut down money mule recruiting site Costumer Collaboration and Information sharing with involved and non involved banks Money Mule Detection MELANI members, NHTCU, Citizen Reporting Form Money Mule 14

Services for the Open Constituency Announcement of warnings, and information ( tips ) in appropriate form (language D, F, I, technical details) Publication of material for incident prevention (e.g. best practices e.g. for e-banking, operating systems, ) 16

Services for the Open Constituency Possibility to report incidents and attacks 17

Summary Law enforcement, intelligence services, CERTs & the private sector working together in a partnership is key. MELANI s Public Private Partnership is a story of success. A trust relationship between MELANI (e.g. Federal and Local Authorities) and the private sector boosts the efficiency in sharing information and responding to incidents. Trust is built-up by collaboration (even on less relevant cases) and adhering to rules of conduct (which are partially made explicit in a non-disclosure agreement). 18

Last but not least Don t think about it http://www.perthlaw.biz/bird%20week%202006/nike.jpg 19

Questions? Swiss Reporting and Analysis Centre for Information Assurance MELANI http://www.melani.admin.ch Max Klaus, Deputy Head max.klaus@isb.admin.ch +41 31 323 45 07 20

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback