28.4-1.5.20064th CEENet Workshop on Network Policy, Istanbul Planning the Establishment of Armenia NREN CSIRT I. Mkrtumyan

Slides:



Advertisements
Similar presentations
The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.
Advertisements

Philippine Cybercrime Efforts
International Telecommunication Union An Insight into BDT Programme 3 Marco Obiso ICT Applications and Cybersecurity Division Telecommunication Development.
Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.
Advancing Our Profession INTRODUCTION Why Does It Matter?
Lynn Ray ISO Towson University Strategic Planning for IT Security Copyright Lynn Ray, This work is the intellectual property rights of the author.
STOP.THINK.CONNECT™ NATIONAL CYBERSECURITY AWARENESS CAMPAIGN SMALL BUSINESS PRESENTATION.
DHS, National Cyber Security Division Overview
SECR 5140-FL Critical Infrastructure Protection Dr. Barry S. Hess Spring 2 Semester Week 3: 1 April 2006.
Information Security Policies and Standards
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
Know the Client Own the Problem Share the Solution The 2005 Case for Information Technology Security October 14, 2004.
1 July 08, 2010 Information Security Officer Meeting.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.
(Geneva, Switzerland, September 2014)
Computer Security: Principles and Practice
Factors to be taken into account when designing ICT Security Policies
Session 3 – Information Security Policies
Copyright © Center for Systems Security and Information Assurance Lesson Eight Security Management.
Data Protection in Higher Education: Recent Experiences in Privacy and Security Institute for Computer Law and Policy Cornell University June 29, 2005.
Security Issues on Campus: Government Initiatives Rodney J. Petersen University of Maryland Educause/Internet2 Security Task Force Copyright Rodney J.
Network security policy: best practices
Comptroller of the Currency Administrator of National Banks E- Security Risk Mitigation: A Supervisor’s Perspective Global Dialogue World Bank Group September.
University of Missouri System 1 Security – Defending your Customers from Themselves StateNets Annual Meeting February, 2004.
Cybercrime Outlook on African banks Adwo Heintjes Global Head IT Audit & Ops Rabobank.
NATO ANW: The Third CEENet Workshop on Network Management Zagreb 2002 CEENET CEE Network for Education and Training Jacek Gajewski University of Warsaw.
Securing Information Systems
1 Group-IB: Digital investigations and forensic Ilya Sachkov Group-IB
US-CERT National Cyber Security Division/ U.S. Computer Emergency Readiness Team (US-CERT) Overview Lawrence Hale Deputy Director, US-CERT.
Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.
BITS Proprietary and Confidential © BITS Security and Technology Risks: Risk Mitigation Activities of US Financial Institutions John Carlson Senior.
Network Security Resources from the Department of Homeland Security National Cyber Security Division.
Security Services Agenda Overview of HEAnet security services HEAnet CERT (Computer Emergency Response) Anti-Spam RBL (Real time blacklist service) HEAnet.
IAEA International Atomic Energy Agency IAEA Nuclear Security Programme Enhancing cybersecurity in nuclear infrastructure TWG-NPPIC – IAEA May 09 – A.
Advancing Our Profession INTRODUCTION Why Does It Matter?
GSHRM Conference Cyber Security Education Shri Cockroft, CISO Piedmont Healthcare, Inc. September 21, 2015.
CERT AM: Securing NREN in Armenia. Armenian NREN ASNET AM – Connecting more than 40 academic institutes of NAS RA and more than 10 other research, educational.
The new cyber threats in 2013 – the hungarian approach Mr. Mihály Zala, Major-general President of National Security Authority of Hungary.
1 August 18, 2010 Disaster Recovery Coordinators’ Meeting.
Information Security: It’s Everyone’s Business September 16, 2003 Greg Garcia, Vice President, Information Security ITAA.
Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.
Note1 (Admi1) Overview of administering security.
SMS Planning.  Safety management addresses all of the operational activities of the entire organization.  The four (4) components of an SMS are: 1)
The Impact of Evolving IT Security Concerns On Cornell Information Technology Policy.
ITU CoE/ARB 11 th Annual Meeting of the Arab Network for Human Resources 16 – 18 December 2003; Khartoum - Sudan 1 The content is based on New OECD Guidelines.
Advanced attack techniques Advanced attack techniques Increased by passing techniques against the existing detection methods such as IDS and anti- virus.
Cyber Insecurity Under Attack Cyber Security Past, present and future Patricia Titus Chief Information Security Officer Unisys Corporation.
A Global Approach to Protecting the Global Critical Infrastructure Dr. Stephen D. Bryen.
AUB Department of Electrical and Computer Engineering Imad H. Elhajj American University of Beirut Electrical and Computer Engineering
The IT Vendor: HIPAA Security Savior for Smaller Health Plans?
IT Security Policies and Campus Networks The dilemma of translating good security policies to practical campus networking Sara McAneney IT Security Officer.
Networked Systems Survivability CERT ® Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA © 2002 Carnegie.
Security Discussion IST Retreat June IT Security Statement definition In the context of computer science, security is the prevention of, or protection.
Information Security tools for records managers Frank Rankin.
EUROPEAN SECURITY POLICY A SNAPSHOT ON SURVEILLANCE AND PRIVACY DESSI WORKSHOP, CPH 24 JUNE 2014 Birgitte Kofod Olsen, Chair Danish Council for Digital.
Welcome Information Security Office Services Available to Counties Security Operations Center Questions.
Risk Controls in IA Zachary Rensko COSC 481. Outline Definition Risk Control Strategies Risk Control Categories The Human Firewall Project OCTAVE.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 17 – IT Security.
Information Security Officer Meeting
Cybersecurity - What’s Next? June 2017
WISE 2017 Collaborating Communities
Compliance with hardening standards
Establishing national (governmental) CERTs in CIS Countries
8 Building Blocks of National Cyber Strategies
Cybersecurity Special Public Meeting/Commission Workshop for Natural Gas Utilities September 27, 2018.
Contact Center Security Strategies
Security week 1 Introductions Class website Syllabus review
Presentation transcript:

th CEENet Workshop on Network Policy, Istanbul Planning the Establishment of Armenia NREN CSIRT I. Mkrtumyan Internet Society - Armenia American University of Armenia

th CEENet Workshop on Network Policy, Istanbul Strategic Objectives Strategic objectives of the establishment of Armenia NREN CSIRT are to:  Prevent cyber attacks against Armenia’s NREN critical infrastructures  Reduce NREN vulnerability to cyber attacks  Minimize damage and recovery time from cyber attacks that do occur

th CEENet Workshop on Network Policy, Istanbul Critical Priorities for NREN Cyberspace Security The Armenia NREN Cyberspace Security strategy pronounces four priorities including: I. NREN Cyberspace Security Response System II. NREN Security Awareness and Training Program III. NREN Security Threat and Vulnerability Reduction Program IV. National and International Security Cooperation

th CEENet Workshop on Network Policy, Istanbul Priority I: A NREN Cyberspace Security Response System 1. Establish a NREN CSIRT for responding to NREN-level security incidents; 2. Provide registration and analysis of security attacks; 3. Provide information sharing involving security attacks, threats, and vulnerabilities. 4. Funding CSIRT

th CEENet Workshop on Network Policy, Istanbul Role of CEENet and NATO in establishing NREN CSIRTs CEENet organized the training “Establishing CSIRTs in Caucasus” in Tbilisi, August 24-26, 2005, CEENet and NATO are providing equipment for NREN CSIRT office and the annual stipend for the CSIRT administrator, This is a real and very important help for starting up CSIRTs, Many thanks to CEENet and NATO SILK BOARD and personally to Mr. J. Gajewski!

th CEENet Workshop on Network Policy, Istanbul I.1. Establish a NREN CSIRT The choice of the CSIRT hosting organization when there are more than one NREN: Internet Society – Armenia (ISOC AM) was chosen for for the following reasons: -there are two NRENs – ASNET and ARENA, -leaders of both organizations are members of ISOC AM, -ISOC AM is the local internet community, -ISOC AM is a member of CEENET representing Armenia NRENs and participates in other CEENET projects like Porta Optica, -ISOC AM is more responsive to the international cooperation and activity,

th CEENet Workshop on Network Policy, Istanbul Establish a NREN CSIRT ( continued ) -ISOC AM is a manager and registry (AM NIC) of AM TLD and as such accumulates an important information on security, vulnerabilities, attacks. -ISOC AM has a training center with qualified trainers, -ISOC AM is conducting network administrators training courses, -ISOC AM training center is a CIW authorized training center with training programs in Webdesign for E- commerce and Security, -ISOC AM is a participant of e-rider and community centers (telecenters) programmes. -A grant for training in information security for Armenia schools from OSI is expected soon.

th CEENet Workshop on Network Policy, Istanbul AM NREN CSIRT (ISOC AM) ASNET ARENA REN AM NREN CSIRT

th CEENet Workshop on Network Policy, Istanbul I.2. Provide registration and analysis of security attacks The most common security problems in Armenia domain: Permanent –UBE or spam –Viruses –Network scans Temporary –DOS –DDOS

th CEENet Workshop on Network Policy, Istanbul I.2. Provide registration and analysis of security attacks (continued) There is no website in Armenia where one can find registered cases of attacks and methods of remediation. The AM NREN CSIRT will: register and publish the statistics of attacks, their targets and sources (like develop an infrastructure for coordinating response to computer security incidents within NRENs, conduct incident and vulnerability analysis, disseminate information about reported vulnerabilities.

th CEENet Workshop on Network Policy, Istanbul I.3. Provide information sharing involving security attacks, threats, and vulnerabilities RENs’ system administrators should be assigned as Chief Information Security Officers (CSIO) with the corresponding job description. CSIRT should develop a model job description; CISOs will have orientation meetings; A community of CISOs will be established. They will become members of the NREN CSIRT. A best practice document for members of CSIRT describing the cooperation principles should be developed by the NREN CSIRT; A mailing list RENs’ CISOs will be created for distribution of information on security attacks, threats, and vulnerabilities.

th CEENet Workshop on Network Policy, Istanbul I.3. Provide information sharing involving security attacks, threats, and vulnerabilities (continued) A best practice document containing recommendations for the network security: firewalls, corporate antivirus, antispyware (keyloggers, trojan horses, system monitors, etc), antispam, patch update programs will be developed; Recommendations on setting corporate antivirus, patch update, enterprise antispyware servers, on the choice of open software, e.g. SPAMASSASIN for antispam, CLAMAV as a corporate antivirus program, etc. should be developed.

th CEENet Workshop on Network Policy, Istanbul I.4. Funding CSIRT First year: Stipend of CEENet/NATO Following years: ISOC AM/membership fee

th CEENet Workshop on Network Policy, Istanbul Priority II: A NREN Cyberspace Security Awareness and Training Program 1. Promote a comprehensive NREN awareness program to empower REN CIOs to secure their own parts of cyberspace; 2. Foster adequate training and education programs to support the REN’s cybersecurity needs; 3. Organize widely recognized professional cybersecurity certifications.

th CEENet Workshop on Network Policy, Istanbul Priority III: A NREN Cyberspace Security Threat and Vulnerability Reduction Program 1.Promote law enforcement for preventing and prosecuting security attacks; 2.Develop recommendations on measures against discovered attackers (administrative or legal): - Case of AUA: forging on-line voting by stealing students’ passwords, - Case of nude photo, - intimidation. 3.Create a process for NREN vulnerability assessments to better understand the potential consequences of threats and vulnerabilities; 4.Audit RENs’ security.

th CEENet Workshop on Network Policy, Istanbul Priority IV: National and International Security Cooperation 1. Use NREN CSIRT as a prototype of the country CERT (AMCERT). NREN CSIRT Industry CSIRT Gov CSIRT AM CERT

th CEENet Workshop on Network Policy, Istanbul Priority IV: National and International Security Cooperation (continued) 2. Work with international NRENs to facilitate dialogue and partnerships focusing on protecting information infrastructures and promoting a global “culture of security”; 3. Foster the establishment of national and international watch-and-warning networks to detect and prevent cyber attacks as they emerge: - establishment of cooperation with

th CEENet Workshop on Network Policy, Istanbul American University of Armenia: an example of a systematic approach to the security problem  Well-defined policies: University security policy, - Network acceptable use policy, - Lab computers acceptable use policy, - use policy;  Duty assignment: - Chief Information Security Officer (CISO) – sysadmin - Deputy ISO – netadmin - Database custodians  Security software: Antispam (free soft - Spamassasin, Centinel), Enterprise antivirus (freesoft – CLAMAV) Workstation antivirus (NAV corporate edition) Antispyware (enterprise Spysweeper) Automatic patch update (WUS);

th CEENet Workshop on Network Policy, Istanbul American University of Armenia: an example of a systematic approach to the security problem (continued)  Special attention to public access computers as they are the most vulnerable  Campus wireless (authentication with Radius server)  Outside wireless – connectivity to the Administration apartments; separate subnet; MAC address authentication;  Back-up channel;  Bandwidth shaping: - congestion is a security problem, - there is no such thing as a good channel, - loss of bandwidth because of non-existing addresses;  Use of AUA and other advanced organisations for the development of a BPD.

th CEENet Workshop on Network Policy, Istanbul What are the appeals for RENs to cooperate with the CSIRT?  Best practice documents,  Network auditing,  Training courses,  Up-to-date information on the local NREN security situation,  Warnings about local hackers,  Help on detection of source of attacks and counteractions.

th CEENet Workshop on Network Policy, Istanbul Proposals to CEENET-NATO  Trigger the development of: - free resident enterprise wide antispyware program, - free antivirus program of NAV corporate edition type;  Organise: - short orientation meetings-workshops for decision makers, - longer trainings for practitioners.

th CEENet Workshop on Network Policy, Istanbul

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.