National Cyber Security Strategy 2016

Similar documents
2nd ENISA Workshop German CERT-Activities. 5 th October, 2006 Brussels

Working with the EU Directive High common level of network and information security. Martin Apel, SANS ICS Summit, Munich und

Two Aspects of Exercising Cyber Incidents

COUNCIL OF THE EUROPEAN UNION. Brussels, 24 May /13. Interinstitutional File: 2013/0027 (COD)

Global Alliance Against Child Sexual Abuse Online 2014 Reporting Form

Between 1981 and 1983, I worked as a research assistant and for the following two years, I ran a Software Development Department.

TO INSPIRE, CONNECT AND EMPOWER TO TURN BACK CRIME

The German IT Security Certification Scheme. Joachim Weber

UN General Assembly Resolution 68/243 GEORGIA. General appreciation of the issues of information security

Itu regional workshop

Germany: Report on Developments in the Field of Information and Telecommunications in the Context of International Security (RES 68/243),

Cyber Security Strategy

ENISA & Cybersecurity. Dr. Udo Helmbrecht Executive Director, European Network & Information Security Agency (ENISA) 25 October 2010

Resolution adopted by the General Assembly on 21 December [on the report of the Second Committee (A/64/422/Add.3)]

Brussels, 19 May 2011 COUNCIL THE EUROPEAN UNION 10299/11 TELECOM 71 DATAPROTECT 55 JAI 332 PROCIV 66. NOTE From : COREPER

Cyber Security Technologies

Society, the economy and the state depend on information and communications technology (ICT).

Emergency response plan in the event of an attack against information systems or. a technical flaw in the information systems

Defence, Safety and Security

ENISA EU Threat Landscape

Cyber Security in Europe

Cyber Security. CyberSecurity. For more information: Airbus CyberSecurity

Commonwealth Cyber Declaration

10025/16 MP/mj 1 DG D 2B

13967/16 MK/mj 1 DG D 2B

Cyber Security Summit 2014 USCENTCOM Cybersecurity Cooperation

THE CYBER SECURITY ENVIRONMENT IN LITHUANIA

Security Challenges with ITS : A law enforcement view

Securing Europe's Information Society

RESOLUTION 45 (Rev. Hyderabad, 2010)

The cybersecurity platform for industrial small and medium-sized enterprises (SME) Andreas Harner, Head of

The Republic of Korea. economic and social benefits. However, on account of its open, anonymous and borderless

Bradford J. Willke. 19 September 2007

National Policy and Guiding Principles

National CIRT - Montenegro. Ministry for Information Society and Telecommunications

Special Action Plan on Countermeasures to Cyber-terrorism of Critical Infrastructure (Provisional Translation)

15412/16 RR/dk 1 DGD 1C

Legal Regulations and Vulnerability Analysis

NIGERIAN CYBERCRIME LAW: WHAT NEXT? BY CHINWE NDUBEZE AT THE CYBER SECURE NIGERIA 2016 CONFERENCE ON 7 TH APRIL 2014

Rohana Palliyaguru Director -Operations Sri Lanka CERT CC APCERT AGM and Conference, 24 th October 2018 Shanghai, China MINISTRY OF TELECOMMUNICATION

Legislative Framework

CERT.LV activities, role in Latvia and globally. Baiba Kaskina, CERT.LV , Sofia, Bulgaria

H2020 & THE FRENCH SECURITY RESEARCH

MELANI: Information exchange a story of success

German Research Strategy in the Area of Civil Security Research

Vademecum of Speakers

RESOLUTION 130 (REV. BUSAN, 2014)

Cyber Security Experts Association of Nigeria (CSEAN) CYBER SECURE NIGERIA 2016 Conference

COMMISSION RECOMMENDATION. of on Coordinated Response to Large Scale Cybersecurity Incidents and Crises

Plenipotentiary Conference (PP- 14) Busan, 20 October 7 November 2014

ΚΕΝΤΡΟ ΜΕΛΕΤΩΝ ΑΣΦΑΛΕΙΑΣ CENTER FOR SECURITY STUDIES

Netherlands Cyber Security Strategy. Michel van Leeuwen Head of Cyber Security Policy Ministry of Security and Justice

The commission communication "towards a general policy on the fight against cyber crime"

The ESA Cyber Range in Redu: Why it is important for ESA, EDA and all of us

COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN

Cybersecurity & Digital Privacy in the Energy sector

Draft Resolution for Committee Consideration and Recommendation

CENTER FOR SECURITY STUDIES

Provisional Translation

Cyber Security Beyond 2020

QBPC s Mission and Objectives

ENISA s Position on the NIS Directive

International cyber strategy for Norway

The UNODC Global Programme on Cybercrime Alexandru Caciuloiu CYBERCRIME COORDINATOR SOUTHEAST ASIA AND THE PACIFIC

Introductory Speech to the Ramboll Event on the future of ENISA. Speech by ENISA s Executive Director, Prof. Dr. Udo Helmbrecht

NEW INNOVATIONS NEED FOR NEW LAW ENFORCEMENT CAPABILITIES

Cyber Security Strategic Level Landscape in Poland. Krzysztof Silicki NASK Institute, Poland ENISA MB, EB

Strategy for information security in Sweden

Valérie Andrianavaly European Commission DG INFSO-A3

Klaus-Michael KOCH TECHNIKON Forschungsgesellschaft mbh DRS-workshop Vienna

NATIONAL CYBER SECURITY STRATEGY. - Version 2.0 -

Cybersecurity Strategy of the Republic of Cyprus

FSOR. Cyber security in the financial sector VISION 2020 FINANCIAL SECTOR FORUM FOR OPERATIONAL RESILIENCE

Joint ICTP-IAEA School of Nuclear Energy Management November 2012

Croatian National CERT ACDC project Darko Perhoc, Head of National CERT CISSP, CEH, CCNP Security R&S,CCDP

Inter-American Port Security Cooperation Plan

NIS-Directive and Smart Grids

VdTÜV Statement on the Communication from the EU Commission A Digital Single Market Strategy for Europe

The EU Cybersecurity Package: Implications for ENISA Dr. Steve Purser Head of ENISA Core Operations Athens, 30 th January 2018

Implementing a National Strategy : the case of the Tunisian CERT

INDONESIA S PERSPECTIVE ON CYBER TERRORISM

Promoting Global Cybersecurity

Fundamentals of Cybersecurity/CIIP. Building Capacity: Using a National Strategy & Self-Assessment

Directive on security of network and information systems (NIS): State of Play

GLobal Action on CYbercrime (GLACY) Assessing the Threat of Cybercrime in Mauritius

Centre for cybersecurity Belgium : Role, Missions et future capacities

Cyber Security Development. Ghana in Perspective

Critical Infrastructure Analysis and Protection - A Case for Secure Information Exchange. August 16, 2016

Global cybersecurity and international standards

Cyber Security Strategy

The Case for National CSIRTs

EU policy on Network and Information Security & Critical Information Infrastructures Protection

Leading the Digital Transformation from the Centre of Government

Guiding principles on the Global Alliance against child sexual abuse online

Issue I. Airport Communication Project

Action Plan to enhance preparedness against CBRN security risks

Resolution: Advancing the National Preparedness for Cyber Security

Security and resilience in the Information Society: the role of CERTs/CSIRTs in the context of the EU CIIP policy

Department of Homeland Security Updates

Security and resilience in Information Society: the European approach

Transcription:

National Cyber Security Strategy 2016 26th of April 2017, Athens Samuel Rothenpieler, International Relations Advisor, Federal Office for Information Security (BSI)

Mission Statement of the German Federal Office for Information Security (BSI) The The BSI BSI as as the the national cyber security authority shapes information security in in digitisation through prevention, detection and and reaction for for government, business and and society!! Samuel Rothenpieler April.2017 Silde 2

Policy Framework 2011 Cyber Security Strategy for Germany 2016 Information Security Federal Ministry for Economic Affairs & Energy BSI Federal Ministry of the Interior National e-government Strategy (2010) Federal Ministry of Transport & Digital Infrastructure Samuel Rothenpieler April.2017 Slide 3

German CSS 2016 Guiding principles (1/2) The ability to act and sovereignty of Germany needs to be maintained in the age of digitisation. Future-oriented cyber security policy enables Cyber-Sicherheitsstrategie für Deutschland 2016 to use the potentials and chances of digitisation being in the public interest, to control the interrelated risks. Samuel Rothenpieler April.2017 Slide 4

German CSS 2016 Guiding principles (2/2) Strategic framework for all activities of the Federal Government w.r.t. cyber secruity Collaboration between state, economy, science and society Collaboration between Bund-Länder Close European and international coordination of policies/measures due to cross-border effects and interdependencies Samuel Rothenpieler April.2017 Slide 5

German CSS 2016 - Fields of Actions 4. Active positioning of GE in European and international Cyber Security policy discussion 3. Powerful and sustainable Cyber Security architecture at national level 30 measures to improve CS 1. Safe and self-determined action in a digitized environment 2. Joint effort of government and industry Cyber-Sicherheitsstrategie 1. Sicheres für Deutschland und selbstbestimmtes Handeln 2016 in einer digitalisierten Umgebung 2. Gemeinsamer Auftrag von Staat und Wirtschaft 3. Leistungsfähige und nachhaltige gesamtgesellschaftliche Cyber- Sicherheitsarchitektur 4. Aktive Positionierung Deutschlands in der europäischen und internationalen Cyber-Sicherheitspolitik Samuel Rothenpieler April.2017 Silde 6

Action field 1: Safe and self-determined action in a digitized environment a) Promoting digital literacy among all users, awareness raising b) Creating conditions for secure electronic communication and web services c) Secure e-idendities d) Strengthening certification and approval introduction of an IT security quality label e) Make the digitization process secure f) Promoting IT security research Cyber-Sicherheitsstrategie für Deutschland 2016 Samuel Rothenpieler April.2017 Silde 7

Action field 2: Joint effort of government and economy a) Securing Critical Infrastructures (IT security law, est. 2015) b) Protecting businesses in Germany c) Strengthening the domestic IT security industry d) Cooperating with providers e) Involving IT security service providers f) Creating a platform for trustful information exchange Cyber-Sicherheitsstrategie für Deutschland 2016 Samuel Rothenpieler April.2017 Silde 8

Action field 3: Powerful and sustainable CS architecture at national level a) Further development of the National Cyber Response Centre b) Strengthening of on-site analysis and response capacities c) Increasing law enforcement in cyber space d) Effectively fighting cyber espionage and cyber sabotage e) Early warning system against cyber attacks from abroad f) Foundation of the central office for IT (ZITiS) g) Strengthening the defence dimension of cyber security h) Strengthening the CERT structures in Germany i) Protecting the Federal Administration j) Close cooperation between federal and state level (Bund-Länder) k) Making use of resources, HR: recruitment & development Cyber-Sicherheitsstrategie für Deutschland 2016 Samuel Rothenpieler April.2017 Silde 9

In progress (1/2): Foundation of a central office for IT (ZITiS) Encryption is a central issue of our time ( The Crypto Debate ) relevant in terrorist cases, criminal offences and prosecution New government organisation During 2017 it will be est. around Munich up to 400 staff Central service provider to security agencies, without operational mandate Tasks Digital forensics Telecommunication surveillance Crypto analysis Big data analysis and fight against crimes, counter espionage R&D of methods, products, tools and strategies for security agencies Samuel Rothenpieler April.2017 Silde 10

In progress (2/2): Creation of MIRTs at BSI Inspired by hack on the German Bundestag to create capacities to quickly respond to ongoing threats with clear provisions/responsibilities on demand/mandatory MIRT Mobile incident response teams Capacities for reaction and analysis on request (federal institutions but also critical infrastructures, if pub. interest) Up to 67 staff Coordinated by National Cyber Response Center Cyber-Feuerwehr involve industry actors as pendants QRF + MCT at Federal Criminal Police and domestic intelligence service Samuel Rothenpieler April.2017 Silde 11

Action field 4: Active positioning of Germany in European and international CS policy discussion a) Actively shaping an effective European CS policy b) Enhancing the NATO Cyber Defence Policy c) Playing an active part in shaping CS internationally d) Bilateral and regional support & cooperation for cyber capacity building e) Strenghtening international law enforcement Cyber-Sicherheitsstrategie für Deutschland 2016 Samuel Rothenpieler April.2017 Silde 12

Highlights & impacts on BSI National Cyber Response Center will be further developed to play a role in cyber crises situations More active role for the national Cyber Security Council Implementation of MIRTs Mobile Incident Response Teams (MIRTs) To be more supportive to government, but also operators of essential services More powers and competences to BSI Creation of an IT Security Label make IT security more transparent to the user Use of cryptotechniques should be supported Detection: sensor systems for detecting anomalies in provider networks Defense: Cooperation platform for state and economy Samuel Rothenpieler April.2017 Silde 13

Thank you! Questions? Contact Mr. Samuel ROTHENPIELER International Relations samuel.rothenpieler@bsi.bund.de Bundesamt für Sicherheit in der Informationstechnik (BSI) Godesberger Allee 185-189 53175 Bonn www.bsi.bund.de Samuel Rothenpieler April.2017 Slide 14

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback