Establishing national (governmental) CERTs in CIS Countries

Slides:

Advertisements

Similar presentations

Clara CSIRTs in Latin America and the Caribbean CCIRN 2004 Cairns, Australia July 2004 Michael Stanton CLARA Technical Committee RNP- Brazil (material.

Advertisements

1 ASEAN Regional Forum Meeting 28 – 30 April 2010 Bandar Seri Begawan, Brunei CERT-Ins Initiative on International Information Security Dr A S Kamble Director.

Philippine Cybercrime Efforts

NH - NCP- 23 Oct Thematic Priority 3 NanoMatProd (NMP) Working Methods DG Research - DIR G NCP Meeting - Brussels 23 October 2002.

ICAO TEM/NOSS Symposium November 2005

Computer Emergency Response Teams

The framework of the Convention on Long-range Transboundary Air Pollution Henning Wuester Secretariat of the United Nations Economic Commission for Europe.

Tanzania Communications Regulatory Authority - TCRA Response to Cyber incidences in Tanzania: Where are we? Presented at Cyber Security Mini Conference.

This Programme is funded by the European Union Programme implemented by Eptisa, Parsons Brinckerhoff, ICET, ITC, GIRHIMPROM and REC Caucasus Programme.

Presented by: Besnik LIMAJ Team Leader

Government Information Assurance (GIA) Policy. 2 Current Scenario  It is a connected world!  More and More services are being provided online  Continuous.

ENISA Cyber Security Strategies Workshop November 27, 2014 Brussels

th CEENet Workshop on Network Policy, Istanbul Planning the Establishment of Armenia NREN CSIRT I. Mkrtumyan

Speaker: Tamar Shapatava

MINISTRY OF NATIONAL DEFENCE REPUBLIC OF POLAND CLASSIFIED INFORMATION PROTECTION DEPARTMENT COL. PIOTR GRZYBOWSKI, Director, Classified Information Protection.

Swedish National Board of Trade - Christer Arvíus MARS Group meeting Bratislava, Slovak Republic 10 – 13 October 2007 Christer Arvíus Chairman UNECE WP.6.

Partners and cross-border cooperation. Why a partnership? Address common challenges jointly (e.g. cross-border pollution) Jointly develop opportunities.

(Geneva, Switzerland, September 2014)

CEENet Projects and Activities CEE Virtual University and other re-training projects Chisinau, 9 October, 2004 Jacek Gajewski.

1 ENISA: Fostering the European Cooperation on Network & Information Security Dr. Panagiotis Trimintzios, CISSP European Network &

NATO ANW: The Third CEENet Workshop on Network Management Zagreb 2002 CEENET CEE Network for Education and Training Jacek Gajewski University of Warsaw.

Giandonato CAGGIANO ENISA MANAGEMENT BOARD REPRESENTATIVE LEGAL ADVISER ON EUROPEAN AFFAIRS OF THE MINISTRY OF COMMUNICATIONS U. OF ROMA TRE LAW FACULTY.

1 ENISA’s contribution to the development of Network and Information Security within the Community By Andrea PIROTTI Executive Director ENISA Cyprus, 28.

Peter Burnett Head of Information Sharing National Infrastructure Security Co-ordination Centre.

CULTURe EXchange Platform (CULTUR-EXP) Project Overview Prof. Ramaz Kvatadze Georgian Research and Educational Networking Association – GRENA

EISAS Pilot Collaborative Awareness Information Dissemination to EU Citizens & SMEs 1.

Porta Optica Feasibility Study of OPTICAL GATEWAY to Eastern Europe POS Consortium Coordinator: Artur Binczewski (PSNC) presented by: Jacek Gajewski (CEENet)

Experience to create and manage Computer Security Incident Response Team in Latvia Egils Stūrmanis DDIRV (VITA CSIRT) manager State Joint Stock Company.

Black Sea Initiative Ramaz Kvatadze (GRENA, CEENet) Jacek Gajewski (CEENet) Kiev, 11 October, 2006.

Users of the network of the project "SilkHighway" V.Navotny.

Vienna, February, 2005 SALTO-YOUTHSALTO-YOUTH EASTERN EUROPE & CAUCASUS RESOURCE CENTRE Warsaw, POLAND.

CERT AM: Securing NREN in Armenia. Armenian NREN ASNET AM – Connecting more than 40 academic institutes of NAS RA and more than 10 other research, educational.

Creating A CERT at WARP Speed.

Central and Eastern European Networking Association Kiev, April 3-4, 2003 CEENet educational activities Jacek Gajewski, PhD

UN Joint Project “UN Initiative in Support of Greater Gender Equality in Georgia” Participating UN Agencies: UNFPA, UNDP, UNICEF, UNIFEM, UN RC Office.

AUB Department of Electrical and Computer Engineering Imad H. Elhajj American University of Beirut Electrical and Computer Engineering

How we work as a national CERT in China ZHOU Yonglin CNCERT/CC, China 2 Addressing security challenges on a global scaleGeneva, 6-7 December 2010.

The Eastern European Alliance for Reproductive Choice (EEARC) was established in June 2008 thanks to support of ICMA and representatives from 11 countries,

International Cyber Warfare & Security and B2B Conference Participation of Brazilian Cyber Defense Centre ( )

Central and Eastern European Networking Association Z a g r e b, S e p t e m b e r, CEENet and its activities Jacek Gajewski, PhD

Information and Cyber Security

CERT cooperation with ISP’s on Cybersecurity C ă t ă lin P ă trașcu CERT-RO 29 October 2015 RONOG 2 Meeting1.

Who is protecting Internet in Latvia ? - CERT initiative Baiba Kaškina, IMCS UL Baltic IT&T April 2007, Rīga.

Sofia, 09 June Sofia, 09 June 2010 MINISTRY OF TRANSPORT, INFORMATION TECHNOLOGY AND COMMUNICATIONS Executive Agency “Electronic Communication Networks.

TLP:Green FIRST/TF-CSIRT Technical Colloquium January 25 th – 27 th, 2016 Prague, CZ TLP:Green.

Role and Objectives of the Cybersecurity Bureau კიბერუსაფრთხოების ბიურო Cyber Security Bureau Speaker: Mari Malvenishvili GITI 2015.

Update on APCERT Asia Pacific Computer Emergency Response Team Thomas Ng, SingCERT (On behalf of APCERT)

ISACA Ireland Cyber Security Policy 9 February 2016.

Progress under the Convention on Long-range Transboundary Air Pollution Twenty-ninth meeting of the Task Force on Integrated Assessment Modelling

Information and Network security: Lithuania Tomas Lamanauskas Deputy Director Communications Regulatory Authority (RRT) Republic of Lithuania; ENISA Liaison.

1  Carnegie Mellon University Overview of the CERT/CC and the Survivable Systems Initiative Andrew P. Moore CERT Coordination Center.

5 December 2008PES Training, Asgabat EC PES project results in database and website design Dr Jacek Gajewski EC expert CEENet, Internet Society.

EU PROMETHEUS 2014 Communication Strategy KICK OFF MEETING Brussels April 9 th, 2013.

Incident Response Strategy and Implementation Anthony J. Scaturro University IT Security Officer September 22, 2004.

The Case for National CSIRTs ENOG 12 | Yerevan | 3-4 Oct 2016

Assessment of Transboundary Groundwaters in South Eastern Europe

WISE 2017 Collaborating Communities

WHAT IS BEHIND GEORGIA’S RAPID CYBERSECURITY DEVELOPMENT

EU - Black Sea Cooperation in Science, Technology & Innovation

ARRL Field Organization for Emergency Communications

About the NIS directive

Cybersecurity in Belarus a general overview of support areas

Cyber Security coordination in Europe CERT-EU’s perspective

APCERT Activities Asia Pacific Computer Emergency Response Team

Romanian National Cyberspace - Quick facts -

گروه پاسخگویی به فوریتهای رایانه ای Computer Emergency Response Team (CERT) سیدمحمدرضا رشتی اسفندماه

The European Union response to cyber threats

Computer Emergency Response Team

The Convention on Long-range Transboundary Air Pollution

Thames Valley Chamber / Claire Logic

Presentation transcript:

Establishing national (governmental) CERTs in CIS Countries Dr Jacek Gajewski Silk (NATO), BSI (EC), ENISA PSG BSI Opening Baku, Oct 2009

What is CERT? Computer Emergency Response Team is an organization that is responsible for receiving, reviewing, and responding to computer or network security breach. Additionally: alerts, advisory, trainings, awareness raising… BSI Opening Baku, Oct 2009

Where CSIRTs exist? BSI Opening Baku, Oct 2009

NATO CERT creation project In 2007 NATO started project to create CERTs in CIS & CEE AF, AM, AZ, BY, GE, KG, KZ, MD, TJ, TM, UA, UZ AL-BG-MK (just started) NATO created CERTs as sub-structure of Academic Networks (e.g. AzEduNet/AZRENA) BSI Opening Baku, Oct 2009

CERT creation project Each newly created CSIRT got free „starting kit”: Equipment bundle Training of 1-3 CERT officers (based on ENISA’s Step-by-Step guide) Small stipend for CERT officers in initial period of operation BSI Opening Baku, Oct 2009

ENISA’s Step by Step Guide ENISA has created a „A Step-by-Step Guide on how to set up a CSIRT”, which on 85 pages contains detailed instructions how to set up and run CERT. For the usage in CIS countries CEENet has translated this guide to Russian BSI Opening Baku, Oct 2009

Guide in Russian Пошаговое руководство по созданию CSIRT Включая примеры и контрольные таблицы в форме проектного плана. Приложение A. Список дополнительной литературы B. Список CSIRT-сервисов C. Примеры D. Образцы материалов CSIRT-курсов BSI Opening Baku, Oct 2009

Creation of gov. CERTs Within ENISA brokerage programme (eg. HU helped RO, FI helped SA, etc.) In case of CIS countries a ‘middleman’ is needed, e.g. Poland will help to create CERT-Moldova Governmental initiative to create joint gov CERT for CIS countries – meeting in Astana, 30.11.2009 BSI Opening Baku, Oct 2009

Creation of gov. CERT in Azerbaijan Informal contacts with representatives of Azerbaijan MoC&IT about creation of national CERT (Min. Ali Abbasov, Vice-min Elmir Velizadeh) Dr Bayramova bayramova.u@gmail.com took part in CERT Creation training in Moldova and knows ENISA people responsible for CERT brokerage activity BSI Opening Baku, Oct 2009

DDoS Laboratory & Security Audits Central DDoS Laboratory to be set, open to all partners, with possibility of remote operation via NETLAB CERTs will be trained and equipped to be able to perform Security Audits of other networks and organizations Training of many new CERT officers Project sent to NATO; high level meeting on 5.11.2009 BSI Opening Baku, Oct 2009

CERT Cooperation Model In case of emergency of massive attack, no single CERT can cope Help of other CERTs is usually offered, but often in un-coordinated way, too late, not in areas where it is really wanted MICC Project to create a model of coordinated mutual support of CERTs in case of massive DDoS attack against one of partners sent to EC BSI Opening Baku, Oct 2009

CERT’s international cooperation in extreme situation CERT-GE is part of GRENA. As there were no other CERT teams in Georgia, during recent events CERT-GE undertook obligation to operate as national CERT, worked two weeks in 24h mode and coordinated attacks mitigation. CERT-GE contacted Georgian ISPs and other organizations, created a mailing list in order to facilitate communication and exchange of all needed information. As this information was huge and geographical distribution of attacks was quite wide, it was impossible to make quick analysis and proper reaction. CERT-GE contacted CERT-Polska (Poland) which offered its help in preventing and filtering attacks; they distributed information on attacks to more than 180 CERT teams and other security related bodies all over the world. Two members of CERT-EE arrived to to Tbilisi to help on place. This example demonstrates that the most important actions for handling incidents are quick information exchange and international cooperation between CERTs and other organizations involved in cyber security. Baku, Oct 2009 BSI Opening

Gajewski (at) CEENet (dot) org THANK YOU ! Jacek Gajewski Gajewski (at) CEENet (dot) org BSI Opening Baku, Oct 2009