Mastering the Art of Collaboration for WISEr Global Security

Slides:



Advertisements
Similar presentations
EGI-Engage Recent Experiences in Operational Security: Incident prevention and incident handling in the EGI and WLCG infrastructure.
Advertisements

Security Incident Response Trust Framework for Federated Identity (Sir-T-Fi) David Kelsey (STFC-RAL) REFEDS, Indianapolis 26 Oct 2014 and now abbreviated.
UNDP-GEF Adaptation 0 0 Impact of National Communications on Process of Integrating Climate Change into National Development Policies UNFCCC Workshop on.
EGI-Engage Recent Experiences in Operational Security: Incident prevention and incident handling in the EGI and WLCG infrastructure.
WLCG Security: A Trust Framework for Security Collaboration among Infrastructures David Kelsey (STFC-RAL, UK) CHEP2013, Amsterdam 17 Oct 2013.
Networks ∙ Services ∙ People Alessandra Scicchitano TF-CSIRT meeting – Tallinn, Estonia SIG-ISM Update 24 th September 2015 SIG-ISM Secretary.
ENISA efforts for securing European Internet Infrastructure
EGI-Engage Recent Experiences in Operational Security: Incident prevention and incident handling in the EGI and WLCG infrastructure.
A Trust Framework for Security Collaboration among Infrastructures David Kelsey (STFC-RAL, UK) 1 st WISE, Barcelona 20 Oct 2015.
A Trust Framework for Security Collaboration among Infrastructures David Kelsey (STFC-RAL, UK) WLCG GDB, CERN 10 Jul 2013.
Rafael Rodríguez Clemente. Coordinator* *Estación Biológica de Doñana, CSIC. Sevilla (Spain) MoCo Meeting, Casablanca (Morocco)
1 Item 2.1.b of the agenda IT Governance in the ESS and related issues Renewal of mandates STNE Adam WROŃSKI Eurostat, Unit B5.
Networks ∙ Services ∙ People Laura Durnford TF-CPR, Cambridge What are other working groups up to? 29 October 2015 GÉANT.
3rd Helix Nebula Workshop on Interoperability among e-Infrastructures and Commercial Clouds Carmela ASERO, EGI.eu 17 September 2013, Madrid
Networks ∙ Services ∙ People GÉANT Community Innovation Programme DISCUSSION 14th October 2015 GÉANT General Assembly.
Who doesn’t need to be WISE? Bringing into reality global information security collaboration Alessandra Scicchitano GÉANT - Project Development Officer.
PRACE security Jules Wolfrat, SURFsara, The Netherlands April 25, 2013, EGI CSIRT meeting, Linköping, Sweden 10 May Montpellier.
Making the future happen Some remarks from the perspective of the Reykjavik-Group Chair full report:
Project: EaP countries cooperation for promoting quality assurance in higher education Maria Stratan European Institute for Political Studies of Moldova.
Cloud Security Session: Introduction 25 Sep 2014Cloud Security, Kelsey1 David Kelsey (STFC-RAL) EGI-Geant Symposium Amsterdam 25 Sep 2014.
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI D4.4 and the EGI review Dr Linda Cornwall 19 th Sept 2011 D4.41.
Security and resilience for Smart Hospitals Key findings
Bow Basin Watershed Management Plan Revised Terms of Reference
WISE Information Security for Collaborating E-Infrastructures
Security Management Geant SIG-SIM – Alf Moens
Monitoring Forest Resources for SFM in the UNECE Region
WISE 2016 WISE: a global trust community where security experts share information and work together, creating collaboration among different e- infrastructures.
David Kelsey STFC-RAL 4th WISE workshop, Nikhef 27 March 2017
An Overview on Risk Management
WISE WG STAA Awareness and Training
WISE people take action on security – Discussion
Cybersecurity - What’s Next? June 2017
WISE 2017 Collaborating Communities
Dublin, february th SIG ISM Workshop.
So what’s OGC’s role? Understanding where to find useful information
The Integrated Food Security Phase Classification in Sudan –Next Steps
Directory/Inventory – info sharing for security people
Auditing Sustainable Development Goals
Risk Management Workshop
Certification of Trusted Repositories
David Kelsey STFC-RAL 2nd WISE workshop, XSEDE16, Miami 18 July 2016
Minimal Level of Assurance (LoA)
Hannah Short CERN, Computer Security
“CareerGuide for Schools”
By: Tekeste Berhan Habtu Chief Executive Officer Venue: African Union
Project Plan Template (Help text appears in cursive on slides and in the notes field)
Dan Tofan | Expert in NIS 21st Art. 13a WG| LISBON |
Be WISE! Bringing into reality global information security collaboration Alessandra Scicchitano GÉANT - Project Development Officer.
PEMPAL – Facilitating Practical Solutions in PFM across ECA
Update - Security Policies
BioMedBridges – Work Packages 2 & 12
Opportunity Nottingham in partnership with NCVS
Preliminary methodology for the assessment of Member States’ reporting on Programme of Measures (Article 16) WG DIKE Sarine Barsoumian (12/10/2015, Brussels)
Shared Tools Expert Group
WORKING GROUP ON FOREST FIRES IN THE MEDITERRANEAN REGION
Presentation of the Nordplus Higher education project
Neopay Practical Guides #2 PSD2 (Should I be worried?)
MSDI training courses feedback MSDIWG10 March 2019 Busan
Transformation of the National Statistical System: Experience
Prevention, Intelligence
STRUCTURE AND METHODS OF CO-OPERATION
Report of User WG Meeting
WISE Information Security for collaborating e-Infrastructures David Kelsey (STFC-RAL, UK Research and Innovation) ISGC2019, Taipei, 2 April 2019 In collaboration.
Fiscal policy program Presented by Cindy Draper, Fiscal Policy Officer – Training Days 2018 Introduce myself This session is to provide an overview of.
Awareness and Auditor training kit
Federated Incident Response
WISE, SCI & policy templates David Kelsey (STFC-RAL, UK Research and Innovation) FIM4R & TIIME, Vienna, 11 February 2019.
WORK STREAM TEAM DELIVERABLES
Future GridPP Security
Presentation transcript:

Mastering the Art of Collaboration for WISEr Global Security TNC17, Linz, 1/6/17 Hannah Short (CERN) WISE SC Chair

Why Collaborate? We can see that online attackers are moving in coordinated ways, Complex, global, distributed cybercrime economy 80% online crime connected to international organised gangs operating across borders (Source: Interpol) Malware as a service, outsourcing, etc. On our side Communication and collaboration blocks can be fatal to security incident response We operate E-Infrastructures spanning fields and nations, each with different mandates, practices and priorities We have heard a lot about collaboration at TNC, we’re all here to collaborate in some form or other. But why should we collaborate in a security setting? Surely it’s better to focus on yourself and your own resources?

The R&E Community must respond to collaboration, with collaboration!

Wise Information Security for Collaborating E- infrastructure What is WISE? Wise Information Security for Collaborating E- infrastructure A trusted forum where security experts can share information on different topics like risk management, tools for operational security and threat intelligence in the context of e-Infrastructures Although this is the raison d’etre of WISE, it’s key value is that it provides the opportunity for security representatives at e-Infrastructures to meet. This is crucial.

How everything started Joint effort of GEANT SIG-ISM (Special Interest Group on Information Security Management) and SCI (Security for Collaboration among Infrastructures) Workshop in Barcelona Spain, October 2015 A profound need for a real collaboration became evident -an open forum where experts from its community exchange information, knowledge, ideas and best practices about specific technical or other areas of business relevant to the research and education networking community - SCI (Security for Collaboration among Infrastructures) is a collaborative activity of information security officers from several large-scale infrastructures, including EGI, PRACE, EUDAT, WLCG, XSEDE and HBP

How everything started Original idea: 4 big e-infrastructures EGI, EUDAT, GEANT and PRACE getting together to facilitate the exchange of experience and knowledge on security But also NRENs, XSEDE, NCSA, CTSC and communities like HEP/CERN, HBP and many others participated 4 workshops since Barcelona, the latest at Nikhef in March 2017

WISE – The community WISE Workshop – Nikhef – March 2017 WISE Workshop – Barcelona Supercomputing Center – October 2015 WISE Workshop – Nikhef – March 2017

Activities Working Groups Community of volunteers Led by a Steering Committee Two face-to-face meetings a year, focus on producing practical output Working Groups Updating the SCI framework (SCIV2-WG) Security Training and Awareness (STAA-WG) Risk Assessment WISE (RAW-WG) Security in Big and Open Data (SBOD-WG)

STAA-WG Security Training and Awareness: Training is wanted and needed for security professionals, systems and network managers and engineers, users of the infrastructures and for decision makers Recent progress includes: Target groups identified within umbrellas of users, technical people and management Subjects identified, e.g. Forensics, Software Hardening, Security Awareness Inventory and plan in progress Several organisations already have some or several trainings in place, but not on all topics. Some others have to get started with a training programme. There is a lot of training in the commercial market and there is a lot of open source material available.

https://wise-community.org/training-and-awareness/

RAW-WG WISE Risk Assessment Working Group shares information and best practices on how risk assessments can be effectively implemented RAW will now release an easy-to-use risk assessment template and related instructions for e-infrastructures for research and higher education Check our web page and our wiki: https://wise-community.org/risk-assessment/ https://wiki.geant.org/display/WISE/RAW-WG Join by contacting the chairs and by subscribing to our email list https://lists.wise-community.org/sympa/subscribe/raw-wg More information from the WG chairs, Urpo Kaila urpo.kaila@csc.fi, Bart Bosma bart.bosma@surfnet.nl Bart Bosma has been appointed vice chair of RAW WG

Sharing Best Practices: Survey, Risks Related to Vulnerabilities A survey* sent to IT security specialist and system and network administrators in research infrastructures , 55 persons from 19 countries replied: 9. The best way to mitigate risks caused by software vulnerabilities are (choose three) Interesting answers, more information in linked the article. * https://cug.org/proceedings/cug2017_proceedings/includes/files/pap168s2-file1.pdf

Where to start – Alt. 2/NRENs (by courtesy of Bart Bosma) Normally you start risk assessment and other security measures by identifying assets to be protected. In some environments, for example in NRENs the assets are well known, an you can instead start with identifying threats.

Release of RAW Risk Assessment template 1.0 An easy to use spreadsheet template with example implementations and with instructions on how to implement a risk assessment The tool is now available from RAW wiki Authors: Linda Cornwall, STFC; Stéphan Coutin,CINES; Sedat Çapkın, SURFsara; Urpo Kaila, CSC/EUDAT; Dankmar Lauter, DFN-CERT; Christian S. Fötinger, hs-augsburg.de; Bart Bosma, Surfnet; Mischa Sallé, NIKHEF, and Ingimar Örn Jónsson, RHNET. The WISE RAW Risk Assessment template is hereby released. Many thanks to all who contributed by sharing best practices. Asset or service Business value Risk targets Threat Existing controls Still existing vulnerabilities Description of Impact Impact Probability Risk Risk owner Approved residual risk Actions items Reviewed

SBOD-WG Security in Big and Open Data: The WG focuses on security issues that arise when dealing with Big and Open data especially within the e-infrastructures Main activities of the WG: list and discuss already existing studies and state of the art as starting point for the rest of the work work on a list of issues particularly important for e-infrastructures and on a set of recommendations on how to minimize the impact of these issues https://wise-community.org/security-in-big-and-open-data/ Big data refers to large datasets that are not always public. Open data refers to datasets that are not necessarily large but are available to everyone and can be used and republished without restrictions. Large datasets from scientific research sources. Security issues in this context concentrate on confidentiality, integrity and availability. Confidentiality regulates access to the information, integrity assures that the information is trustworthy, i.e. has not been changed without authorisation, and availability guarantees access to the information by authorised people at any time.

Progress of the SBOD WG: Case Statement (published on the Wiki) https://wiki.geant.org/display/WISE/SBOD-WG Progress of the SBOD WG: Case Statement (published on the Wiki) Definition of Big and Open Data (published on the Wiki) Status report whitepaper „Security in Big and Open Research Data“ (in preparation)

SCIV2-WG Updating the SCI framework: Existing framework created by the SCI (Security for Collaborating Infrastructures) group at ISGC 2013 A version 2 completed at Nikhef to ensure applicability to a broader range of infrastructures, including NRENs SCIv2 will become the 1st WISE framework defining best practices, trust and policy standards for collaboration https://wise-community.org/updating-the-sci-framework/ The aim of this work was to establish a common understanding of the security measures each infrastructure has implemented and to start work on guidelines for interoperation such as the exchange of information during security incident handling

SCIV2-WG, principles Governing principles of the SCI framework are incident containment, ascertaining the causes of incidents, identifying affected parties, addressing data protection and risk management understanding measures required to prevent an incident from reoccurring.

SCIV2-WG, requirements Operational Security Incident Response Traceability Participant Responsibilities Protection and processing of Personal Data WG has produced a first draft of a version 2 of the document,

SCIV2-WG, maturity assessment Assessment Level Description Not implemented for critical services; 1 Implemented for all critical services, but not documented; 2 Implemented and documented for all critical services; 3 Implemented, documented, and reviewed by a collaborating Infrastructure or by an independent external body; Justifiable exclusion In the unlikely case that the function or feature is not relevant for the infrastructure. In the interest of promoting trust, Infrastructures should make their maturity assessments available to collaborating Infrastructures.

There is still time for last minute endorsements! https://wise-community.org/sci/ There is still time for last minute endorsements! Join us after this session for the SCI version 2 endorsement ceremony!

Participate in WISE www.wise-community.org Join the WISE Mailing List Interested in any of the the working group subjects? Subscribe to the workgroup mailing list on the WISE website Contact the workgroup chair and let’s work together www.wise-community.org

Our next event WISE Workshop collocated with the NSF Cyber Security Summit (pending confirmation!) https://trustedci.org/2017-nsf-cybersecurity-summit/ August 15 2017 Workshop to cover Software Assurance Assessment Risk Assessment SCI Walkthrough

Find out more www.wise-community.org

New Look! Many thanks to GEANT for the Logo and website re- vamp, and to EGI for templates and communication!

Questions? hannah.short@cern.ch Thank you Questions? hannah.short@cern.ch