WMO IT Security Incident Process

Slides:



Advertisements
Similar presentations
INSAG DEVELOPMENT OF A DOCUMENT ON HIGH LEVEL SAFETY RECOMMENDATIONS FOR NUCLEAR POWER Milestone Issues: Group C. Nuclear Safety. A. Alonso (INSAG Member)
Advertisements

Module N° 8 – SSP implementation plan. SSP – A structured approach Module 2 Basic safety management concepts Module 2 Basic safety management concepts.
Public health, innovation and intellectual property 1 |1 | The Global Strategy on Public Health, Innovation and Intellectual Property Technical Briefing.
Capacity Building in: GEO Strategic Plan 2016 – 2025 and Work Programme 2016 Andiswa Mlisa GEO Secretariat Workshop on Capacity Building and Developing.
World summit on the information society 1 WSIS: Building the Information Society: a global challenge in the new Millennium Tim Kelly, Claudia Sarrocco.
ICG-WIGOS-6 Report from the Commission for Basic Systems
Secretariat 12 to 16 February 2017 Abu Dhabi, UAE
WIGOS regulatory and guidance material
Monitoring Forest Resources for SFM in the UNECE Region
Russell Stringer (Australia)
A proposed Security Incident Management Process for WMO Member States
16th Session of RA II (Asia)
Proposed Organisation of Evaluation of the Romanian NSRF and Operational Programmes, Niall McCann, Technical Assistance Project for Programming,
5th Session of the Task Team on WIGOS Metadata
Secretariat 12 to 16 February 2017 Abu Dhabi, UAE
WORKING PRINCIPLES ECONOMIC COOPERATION ORGANIZATION REGIONAL COORDINATION CENTRE FOR IMPLEMENTATION OF THE ECO/FAO REGIONAL PROGRAMME FOR FOOD SECURITY.
Agenda 5.11 General Regulations
Work Plan Management GEO Work Plan Symposium 30 April – 2 May 2012
WIGOS Pre-operational Phase
Roadmap to Enhanced Technical Regulations of WMO
Status report on the activities of TF-CS/OTA
Documentation Overview
5. STATUS OF THE PRIORITY AREAS IMPLEMENTATION OF THE PLAN FOR THE WIGOS PRE-OPERATIONAL PHASE (PWPP) 5.2 WIGOS Regulatory Material complemented with necessary.
4.2(2) WIGOS Editorial Board (WEdB)
Standards” and by the Council key Priorities
ET-CTS - Cache in and through the cloud Background information
Secretariat 12 to 16 February 2017 Abu Dhabi, UAE
WIS Strategy – Life Cycle Data Management
Final Report of TF-CS/OTA September The Amba Hotel, London
Dr Sue Barrell, Australia
WMO Global Multi-Hazard Alert System
Decisions on CBS activities to support WMO priority activities
IPET-OPSLS: Activities and Achievements (after April 2016 Beijing Meeting) Arun Kumar Chair, CBS/CCL IPET-OPSLS Climate Prediction Center, USA
ENQA Agency Reviews – main changes from the old review process
Approving Amendments to the Technical Regulations
Decisions and Recommendations for the
Approving Amendments to the Technical Regulations
Organisation Météorologique Mondiale Pour une collaboration active dans le domaine du temps, du climat et de l’eau OMM Operating principles of the WMO.
MMO Services and Forecasting Systems Document 5
Performance Audit Subcommittee Project for ISSAI Level 4 review 66th INTOSAI Governing Board Meeting Vienna, November 5-7, 2014.
Review of SNA research agenda
IPET-OPSLS/CCl-17 relevant issues before EC-70
MODULE B - PROCESS SUBMODULES B1. Organizational Structure
ETS WG, 31 January-2 February 2005
Informal document GRVA st GRVA, September 2018
Status report of TF-CS/OTA
WIGOS Pre-Operational Phase;
Internal Controls Assessment
Evolution of WIS: Implications from EC-70
ET-CAC Report Kevin ALDER Agenda item 6-3 (1)
ICTT-WIS 1st Session CAS perspective on WIS
Audit Criteria Mark Francis ET-WISC/TT-DC Agenda item 10
Report from Task Team on GISC (TT-GISC)
Development of common training materials
ET-WISC structure and work plan
WIGOS regulatory and guidance material
The WIGOS Pre-Operational Phase
Introduction to CBS-16
The GEF Public Involvement Policy
Approving Amendments to the Technical Regulations
Item V.11 – Discussion Managing WIS
Information Management Framework
The status and Plan in 2019 for the WIGOS centers in RA II
WMO new mini site for the GSICS Portal
Roles and Responsibilities
WIS Project Office WMO Managing WIS WIS Project Office WMO
SIG RFC 2019 Relevant Summary
CONSTITUENT BODY REFORM (CBR)
Inter-Commission Coordination Group On WIGOS
TT-eWIS/2018 Introduction
Presentation transcript:

WMO IT Security Incident Process Phil Chamberlain ET-CTS 3-1 Expert Team on Communication Techniques and Systems ET-CTS2017 13-17 November 2017, Geneva

Agenda What is our task? Where are we now? What to we need to do? Status of proposal Status of actions Wider considerations What to we need to do? What is the plan for that work?

1. What is our task? Decision 25 (CBS-16) Decides that there is a need for a security incident response process that can be used by organizations participating in the operation of WIS;

1. What is our task? (1) To continue the development of a common security incident management process that: (a) Encourages a centralized and definitive view on security incidents, reduces misinformation and prevents individual Members from undue levels of queries; (b) Provides a single and definitive national contact point for security incidents that will have the authoritative voice for organizations in that Member, increasing clarity and reducing misinformation; (c) Accommodates requirements relating to the security incidents of all organizations participating in the operation of WIS;

1. What is our task? (2) To provide a recommended process to the CBS Management Group for review and subsequent consideration by the Executive Council at its sixty-ninth session; Requests the Secretary-General to provide the necessary support to the development and implementation of a common security incident management process; Urges Members to participate in the development and implementation of a sustainable security incident management process.

2. Where are we now? 2.1 Status of current proposal Draft proposal was submitted to CBS-16. Annex 3 to Recommendation 36 (CBS-16) Inter-commission task team the WMO Information System (ICTT-WIS) provided some small amendments, concerning confidentiality of communications. (http://wis.wmo.int/file=3007) Changes accepted by ET-CTS. Specific actions were proposed in the document. Document is not perfect! Inconsistencies in terminology.

2. Where are we now? 2.2 Status of Actions 2.2.1 ”Proposals to be adopted” Amend the draft procedure to ensure that it is internally consistent Recommend to ICT-ISS (Jan 2018) Inclusion the content of the draft paper as a Appendix to the Guide to WIS (WMO-No. 1061) with ‘hook’ in the Guide itself and the Manual on WIS To draft terms of reference for [WMO IT Security Focal Point] - see Annex to Decision 9 (CBS-16) Terms of reference of national focal points supporting the work of the OPAG-ISS Draft terms of reference for IT Security Focal Points at GISCs will include some addition actions with respect to general WIS Centres, e.g. the coordination of incident response within their AMDCN The provisions in the Manual on WIS will require GISCs and Member states to follow the security incident response procedure; which as a minimum is the nomination of a [WMO IT Security Focal Point] and the consideration of what IT security information they can share.

2. Where are we now? 2.2.2 Agree mechanism for WMO single point of contact Draft request to Secretary General to make provision for the 24x7 coordination of IT security incident response among WIS Centres, by establishing a contact point whose terms of reference are defined in the security incident response procedure, including provision of a summary report on an annual basis about security incidents identified by WIS Centres

2. Where are we now? 2.2.3 Agree that GISC [staff] will be trained to enact these processes Given GISC will be asked to nominate their contact point (Focal Point), Secretariat to coordinate training (e.g. Webinar) to ensure that all designated Focal Points understand their role and responsibilities - especially with respect to confidentiality of information and the coordination of incident response within their AMDCN

2. Where are we now? 2.2.4 Agree mechanism for hosting the contact list and collaboration mechanism Request Secretariat to establish a private WMO mailing list and the IT Security incident information sharing as a closed space on WMO WIS wiki resource (with private access groups - global, GISCs, and for each AMDCN) and associated Wiki-Tracker for easy publication of incident details.

2. Where are we now? 2.3 Wider considerations Conversation between group and Kate Gagnon of UNICC, as thought they might have a solution to our requirements. They were unware of our constraints, so a mandatory regulatory process will not be pursued. However, the conversation was useful, as it aligned with thinking on GISC accreditation and ET-CAC introduction of an (IT Security) maturity model & risk-based approach, and use of tools like IDS could be shown as best practise.

2. Where are we now? 2.3 continued Rather than prescribing a specific technical solution, ET-CTS recommends amending the WIS Centre audit criteria to include an IT Security ‘maturity model’ approach to determine how well WIS centres understand and mitigate cyber security issues. This audit should define the minimum level of maturity expected for WIS centres (noting this may differ between GISC, DCPC, NC).

2. Where are we now? 2.3 summary There is no need for further engagement with UNICC at this time.  The draft security incident response procedure describes a ‘minimal’ information sharing mechanism, but it is the best compromise possible for the federated WIS system where there is no centralized control. Other aspects, such as the demonstration of maturity in cyber security approaches and provision of cyber security training can be taken forward by the expert teams of OPAG-ISS.

3. What do we need to do? 3.1 Proposal Review Existing draft proposal to be reviewed: Consistent use of terms. Agreed use of “focal point” rather than contact point for all non-WMO roles. Roles to be fully defined for all the stakeholders. Make suitable for use as annex to WIS guide.

3. What do we need to do? 3.2 Additional Documents Changes to existing WMO documents also needed: Manual on WIS Guide to WIS New document: Draft terms of reference for IT Security Focal / Contact Points.

3. What do we need to do? 3.3 Decisions still to be made Information Security requirements for IT Security information shared on the WIS-wiki (lessons learned, incidents, shared best practise information) to be defined. Roles & responsibilities to be fully defined for all the actors.

4. Plan for work ACTION: ET-CTS (Phil Chamberlain) (by Jan 2018, ICT-ISS) to make final decisions, update the draft document, and prepare amendments to the Manual on WIS and Guide to WIS  ACTION: ET-CTS (Phil Chamberlain) (by Jan 2018, ICT-ISS) draft terms of reference for the focal/contact points

Thank you Merci

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.