INFORMATION SECURITY IN ARMENIA: PRESENT STATUS AND TASKS

Slides:



Advertisements
Similar presentations
Critical Infrastructure Protection Policy Priorities Sara Pinheiro European Commission DG Home Affairs.
Advertisements

AFCEA DC Cyber Security Symposium Military Joint Cyber Command Panel Harry Raduege Lieutenant General, USAF (Ret) Chairman, Center for Network Innovation.
Patient Movement in the Midst of a Disaster
Homeland Security at the FCC July 10, FCCs Homeland Security Focus Interagency Partnerships Industry Partnerships Infrastructure Protection Communications.
Raising the Standard for Improved Flood Risk Management in the Midwest Raising the Standard for Improved Flood Risk Management in the Midwest Interagency.
Building from the Ground Up Disaster Management: The Experience of A Small Business Frances Kernodle Associates (FKA)
A Brief Overview of Emergency Management Office of Emergency Management April 2006 Prepared By: The Spartanburg County Office of Emergency Management.
1 Pipeline Security Presented to: Pipeline Safety Trust New Orleans, Louisiana November 5, 2010.
Centro Internacional para Estudios del Medio Ambiente y el Desarrollo Sostenible CIEMADeS Centro Internacional para Estudios del Medioambiente y el Desarrollo.
Facilitating a Dialog between the NSDI and Utility Companies J. Peter Gomez Manager, Information Requirements, Xcel Energy.
1 The University of Southern Mississippi National Center for Spectator Sport Safety and Security Cyber Security Tabletop Exercise Facilitator: Facilitator:
David A. Brown Chief Information Security Officer State of Ohio
National Infrastructure Protection Plan
Cyber Security R&D Challenges: A Homeland Security Perspective Simon Szykman, Ph.D. Director, Cyber Security R&D
Addressing Terrorist Use of the Internet, Cyber Crime and Other Threats: National Expert Workshop Forging a Comprehensive Approach to Cyber Security Richard.
DHS, National Cyber Security Division Overview
National Protection and Programs Directorate Department of Homeland Security The Office of Infrastructure Protection Cybersecurity Brief [Date of presentation]
National Space-Based Positioning, Navigation, and Timing (PNT) Federal Advisory Board DHS Challenges & Opportunities Captain Curtis Dubay, P.E. Department.
Greg Shaw How do we turn private sector preparedness into an investment rather than a cost of doing.
PPA 573 – Emergency Management and Homeland Security Lecture 4a – Disasters and Decisions.
Managerial Flexibility in the Department of Homeland Security R. Steven Daniels, CSUB & Carolyn L. Clark-Daniels, Bakersfield, CA.
Asia Pacific Economic Cooperation Transportation Working Group ITS Experts Group Chicago, Illinois September 2002 Walter Kulyk, P.E. Director, Office of.
Food Safety and Inspection Service U.S. Department of Agriculture Homeland Security: Protecting the U.S. Food Supply Office of Food Security & Emergency.
Maintaining Essential Business and Community Services During a Pandemic Paul R. Patrick, Director Bureau of Emergency Medical Services Utah Department.
Part of a Broader Strategy
Jeffery Graviet Emergency Services Coordinator, Salt Lake County Chairperson, Salt Lake Urban Area Working Group.
US-CERT National Cyber Security Division/ U.S. Computer Emergency Readiness Team (US-CERT) Overview Lawrence Hale Deputy Director, US-CERT.
MITIGATION I PREPAREDNESS I RESPONSE I RECOVERY I STRATEGIC ADVICE Shanti S. Smith Program Director Witt Associates GVF's Disaster Preparedness & Response.
Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 DRAFT.
October 27, 2005 Contra Costa Operational Area Homeland Security Strategic and Tactical Planning and Hazardous Materials Response Assessment Project Overview.
Created by Curt Harrell & Jesse Kuzy for THE DEPARTMENT OF HOMELAND SECURITY.
Japanese Government’s Efforts to Address Information Security Issues October, 2007 National Information Security Center (NISC)
Dam Hazard Consequences Assessment
Homeland Security. Learning Topics Purpose Introduction History Homeland Security Act Homeland Defense Terrorism Advisory System Keeping yourself safe.
ESF #2 Communications.
BOTSWANA NATIONAL CYBER SECURITY STRATEGY PROJECT
Critical Infrastructure Protection Overview Building a safer, more secure, more resilient America The National Infrastructure Protection Plan, released.
Information Sharing Challenges, Trends and Opportunities
Disaster Evacuation – Emergency Response I. Introduction The objective of this network is to ensure that operational transportation policies, protocols,
Virginia Local Government IT Executives (VALGITE) April 26, 2010 Bruce Sturk & Leslie Fuentes – City of Hampton.
Unclassified  1 Critical Infrastructure Protection Chuck Whitley EMS User’s Group June 9, 1999.
International Telecommunication Union Geneva, 9(pm)-10 February 2009 BEST PRACTICES FOR ORGANIZING NATIONAL CYBERSECURITY EFFORTS James Ennis US Department.
The Challenging Landscape of Critical Information Infrastructure: Are We Ready? Leonard Bailey Senior Counsel Computer Crime & Intellectual Property Section.
Governor’s Office of Homeland Security & Emergency Preparedness LOUISIANA BANKERS ASSOCIATION 2010 Louisiana Emergency Preparedness Coalition Meetings.
Proprietary Information of BearingPoint Inc. | Copyright 2005 BearingPoint Inc. All rights reserved. America’s First National Critical Infrastructure Exercise.
Created by: Ashley Spivey For Department of Homeland Security All information from:
What is “national security”?  No longer defined only by threat of arms  It really is the economy  Infrastructure not controlled by the government.
© 2010 AT&T Intellectual Property. All rights reserved. AT&T, AT&T logo and all other marks contained herein are trademarks of AT&T Intellectual Property.
Secure Communications—No Compromise Real Time Communications in Emergency Response Planning and Operations Tim Vittetoe VIACK Corporation.
Cyber Storm Overview Wednesday 2/1/ PT. Cyber Storm Cyber Storm National Cyberspace Security Exercise Mandated in National Strategy to Secure Cyberspace.
Foresight Planning & Strategy Dr. Sameh Aboul Enein.
Business Continuity Disaster Planning
Cyber Security Phillip Davies Head of Content, Cyber and Investigations.
Cyber Security and Georgia. New Challenges
Disaster and Emergency Management
Crisis management related research at
Ken Watson 9 Sep 2003 Critical Infrastructure Assurance: Business Case for Public-Private Partnership Ken Watson 9 Sep 2003
HSGP Funding for Security Efforts
Academic Challenges Concerning Standardization
2017 National Geospatial Preparedness Summit
California Cybersecurity Integration Center (Cal-CSIC)
Critical Infrastructure Protection Policy Priorities
Incident command use for pipeline emergencies
America’s First National Critical Infrastructure Exercise
John M. Felker Director, NCCIC.
The U.S. Department of Homeland Security
MIMOSA Open Meeting Standards-based Critical Infrastructure Risk Management Alan Johnston.
Introduction to: National Response Plan (NRP)
Telecommunications for Disaster Relief in Canada
THE USA’S NEW POLICY DIRECTIVE ON NATIONAL PREPAREDNESS
Presentation transcript:

INFORMATION SECURITY IN ARMENIA: PRESENT STATUS AND TASKS Yerevan, Armenia, Ani-Plaza Hotel, September 29, 2009

Newest methods of testing of national network security Eugene Prokhorenko, Head of Communications Technologies Laboratory, IIAP of NAN RA

Newest methods of testing of national network security Cyber Storm The U.S. Department of Homeland Security’s (DHS) National Cyber Security Division (NCSD) successfully executed Cyber Storm, the first national cyber exercise Feb. 6 thru Feb. 10, 2006. The exercise was the first government-led, full-scale cyber security exercise of its kind. NCSD, a division within the department’s Preparedness Directorate, provides the federal government with a centralized cyber security coordination and preparedness function called for in the National Strategy for Homeland Security, the National Strategy to Secure Cyberspace and Homeland Security Presidential Directive 7. NCSD is the focal point for the federal government’s interaction with state and local government, the private sector and the international community concerning cyberspace vulnerability reduction efforts.

Newest methods of testing of national network security Goals and Objectives Cyber Storm was designed to test communications, policies and procedures in response to various cyber attacks and to identify where further planning and process improvements are needed. Activities included: Exercising interagency coordination through the activation of the National Cyber Response Coordination Group (NCRCG) and the Interagency Incident Management Group (IIMG) Exercising inter-governmental and intra-governmental coordination and incident response Identifying policies and issues that either hinder or support cyber security requirements Identifying public and private information sharing mechanisms to address communications challenges Identifying the interdependence of cyber and physical infrastructures Raising awareness of the economic and national security impacts associated with a significant cyber incident Highlighting available tools and technologies for cyber incident response and recovery

Newest methods of testing of national network security Participants Participants included federal and state agencies and private sector partners from the IT, telecommunications, energy, and transportation industries, as well as foreign governments Participants provided support staff to help plan and control the exercise, and to ensure that their organizations’ objectives were met

Newest methods of testing of national network security The Scenario The exercise simulated a sophisticated cyber attack campaign through a series of scenarios directed at several critical infrastructure sectors. The intent of these scenarios was to highlight the interconnectedness of cyber systems with physical infrastructure and to exercise coordination and communication between the public and private sectors. Each scenario was developed with the assistance of industry experts and was executed in a closed and secure environment.

Newest methods of testing of national network security Cyber Storm scenarios had three major adversarial objectives: To disrupt specifically targeted critical infrastructure through cyber attacks To hinder the governments' ability to respond to the cyber attacks To undermine public confidence in the governments' ability to provide and protect services The exercise was a simulated event with no real-world effects on, tampering with, or damage to any critical infrastructure. While the scenarios were based on hypothetical situations, they were not intended as a forecast of future terrorist-related events.

Newest methods of testing of national network security Cyber Storm participants do the following: Examine organizations’ capability to prepare for, protect from, and respond to cyber attacks’ potential effects; Exercise strategic decision making and interagency coordination of incident response(s) in accordance with national level policy and procedures; Validate information sharing relationships and communications paths for collecting and disseminating cyber incident situational awareness, response and recovery information; and Examine means and processes through which to share sensitive information across boundaries and sectors without compromising proprietary or national security interests. Each Cyber Storm builds on lessons learned from previous real world disasters, ensuring that participants face more sophisticated and challenging exercises every two years.

Newest methods of testing of national network security Cyber Storm I: February 2006 First government-led full-scale cyber exercise; Included over 115 organizations, including federal, state and local governments; Featured 4 sectors: information technology, communications, energy and transportation (air); and Allowed participants to respond to a variety of cyber and communications degradations and simulated attacks against critical infrastructures and to collaborate at the operational, policy and public affairs levels.

Newest methods of testing of national network security Cyber Storm II: March 2008 * Involves 5 countries (Australia, Canada, New Zealand, United Kingdom, United States); 18 federal cabinet-level agencies (Department of Defense, State Department, Department of Justice, etc.); 9 states (Pennsylvania, Colorado, California, Delaware, Texas, Illinois, Michigan, North Carolina, and Virginia ); and over 40 private sector companies (Juniper Networks, Microsoft, McAfee, Cisco, NeuStar, The Dow Chemical Company, Inc., PPG Industries, ABB Group, Air Products & Chemical Inc., Nova Chemical, and Wachovia); * Affects 4 infrastructure sectors including chemical, information technology, communications and transportation (rail/pipe) and used 10 information sharing and analysis centers; * Exercises the processes, procedures, tools and organizational response to a multi-sector coordinated attack through, and on, the global cyber infrastructure; * Allows players to exercise and evaluate their cyber response capabilities to a multi-day coordinated attack and to gauge the cascading effects of cyber disasters on other critical infrastructures, shaping response priorities; and * Exercises government and private sector concepts and processes developed since Cyber Storm I, requiring great interaction and coordination at the strategic. operational, and tactical levels.