DIGITAL CZECH REPUBLIC Impact of Digital Revolution on the Czech Republic 16. 1. 2017 Prague 1
The Integrated Cybersecurity System – the Adequate Answer for Cyber Threats? Dr Andrzej Kozłowski University of Lodz Defence24.com The Casimir Pulaski Foundation The new Polish government has started very robust and dynamic reforms or Polish cybersecurity sector. They adopted the first real Polish cybersecurity strategy and are considering the adoption of Polish cybersecurity bill. 2
Poland’s cybersecurity system Lack of comprehensive approach Lack of real strategic document No clear competencies (Who is responsbile for cybersecurity) 2015 Report of Supreme Audit Office The Polish Cybersecurity system is a disaster Introduction of cyberspace definitione in legal system (Martial Law) 3
Reforms of new government: First Poland Cyberstrategy (February) Cybersecurity Bill (March-April) CERT Poland National Cybersecurity Center People, Technology and procedurs – three main pillars 4
The integrated cybersecurity system Cyberspace is borderless Internet is not- General Włodzimierz Nowak (the former main cybersecurity advisor); Three layers: The early emergence system Security clusters Systems of direct data protection One of the innovative ideas is an introduction of integrated cybersecurity system where the role of public and private sector is clearly defined as well as the citizens This comprehensive approach does not omit any single element of the system in reacting on the threats in cyberspace. The Early Emergence System: Internet Exchange Point, Collecting data from IXP and assesing risk; Security Clusters: (government administration and the local administration). Extra security measures and to country and fight with different threats. The special protection for governmental systems, which will be introduced so called Governmental Security Cluster Systems of direct Data Protection: the direct security protection depends on security policy and the tools used to data protection; The Security Architecture, which increase the security 5
The integrated cybersecurity system Strategic level : Ministry of Digital Affairs; Other ministeries involved in proces NC Cyber ( operational level) IXP Computer Security Incident Response Team (CSIRT) sectors: public administration, Energy, Transportation; Financial, Heath Care, Water Distribution, financial markets infrastructure and digital infrastructure; The administration offices and institutions covered by strategy Ministry of Digital Affairs: The preparation of legal bills, The coordination of the all activities of administration bodies regards public administration; Supervision over the National Cybersecurity Center NC Cyber – operational tasks, and representation of CSIRT Network, monitoring of incidents on the country level and sending warnings Internet Exchange Point, Collecting data from IXP and assesing risk In the administration offices : the systemy of security information management in cyberspace bases on te existing norma and pracitces 6
Conclusion First comprehensive conception of cybersecurity of Poland; Still in development phase, Delays, Political conflicts,