1 SNDC/IOS LN 0111 The Swedish Initiative on Critical Infrastructure Protection Dir. Lars D. Nicander, National Office of IO/CIP-Studies, Swedish National.

Slides:



Advertisements
Similar presentations
Secretariat for Multidimensional Security
Advertisements

1 ASEAN Regional Forum Meeting 28 – 30 April 2010 Bandar Seri Begawan, Brunei CERT-Ins Initiative on International Information Security Dr A S Kamble Director.
Critical Infrastructure Protection Policy Priorities Sara Pinheiro European Commission DG Home Affairs.
Towards a framework for integrated cross-border law enforcement initiatives Based on the Consultation Paper circulated to CACOLE in July 2008 by Public.
The new Hungarian cybersecurity landscape Dr. Ferenc Suba Vice-Chair, European Network and Information Security Agency Chairman, National CERT Working.
SECURITY STRATEGIES OF THE REGION Witek Nowosielski.
Cyber Security R&D Challenges: A Homeland Security Perspective Simon Szykman, Ph.D. Director, Cyber Security R&D
DHS, National Cyber Security Division Overview
MINISTRY OF NATIONAL DEFENCE REPUBLIC OF POLAND CLASSIFIED INFORMATION PROTECTION DEPARTMENT COL. PIOTR GRZYBOWSKI, Director, Classified Information Protection.
CIAO July Critical Infrastructure Assurance Office Protecting America’s Cyberspace: Version 1.0 of the National Plan Jeffrey Hunker National.
The Federal Bureaucracy
Chapter 15 Government at Work: Bureaucracy.
SECR 5140-FL Critical Infrastructure Protection Dr. Barry S. Hess Spring 2 Semester Week 3: 1 April 2006.
Conference Report – part 1.  Total number of selected abstracts – 19  Total Number Presented – 6.
(Geneva, Switzerland, September 2014)
Strategy and Policy Unit: Current Activities and Future Tasks
Counter-Terrorism Implementation Task Force (CTITF) Open Briefing to Member States 27 July 2010 Conference Room 2 NLB.
1 DEPARTMENT FOR SOCIAL INCLUSION OF PERSONS WITH DISABILITIES REPUBLIC OF CYPRUS MINISTRY OF LABOUR AND SOCIAL INSURANCE Department for Social Inclusion.
IT Security Policy in Japan 23 September 2002 Office of IT Security Policy Ministry of Economy, Trade and Industry JAPAN.
IAEA International Atomic Energy Agency International Cooperation in Nuclear Security David Ek Office of Nuclear Security.
SNDC/CATS 0802 LN Presentation at the Symposium “Threats from the Net” New asymmetric threats in modern information societies Tallinn February 29, 2008.
Homeland Security. Learning Topics Purpose Introduction History Homeland Security Act Homeland Defense Terrorism Advisory System Keeping yourself safe.
The Private Sector and Building Effective Demand for Corporate Governance Caribbean Corporate Governance Forum September g.
4th International Conference on Agruculture Statistics, Beijing, October 2007 Statistics Sweden and the System of Official Statistics in Sweden Inger Eklund.
BELLRINGER:.
© 2001 by Prentice Hall, Inc. C H A P T E R 15 Government at Work: The Bureaucracy.
World summit on the information society 1 Pierre Gagné International Telecommunication Union March 2004 WSIS Follow-up Building the Information Society:
Information Sharing Challenges, Trends and Opportunities
EU responses to international terrorism. Definition of terrorism Schmit & Jongman: ‘an anxiety-inspiring method of repeated violent action, employed by.
Australia’s National Security Apparatus Ms Vikki Templeman Director Strategic Assessments and Long Range Planning.
Confidence Building Measures Anatoly A.Streltsov D.Tech., D.J., prof. deputy director of the IPII MSU named by M.V.Lomonosov.
Critical Infrastructure: Commerce/NTIA Lead Agency Role by Shirl Kinney Deputy Assistant Secretary, NTIA October - November, 1998 A Composite of Recent.
The new cyber threats in 2013 – the hungarian approach Mr. Mihály Zala, Major-general President of National Security Authority of Hungary.
Information Security: It’s Everyone’s Business September 16, 2003 Greg Garcia, Vice President, Information Security ITAA.
COMPARABLE EU STATISTICS ON CRIME, VICTIMISATION AND CRIMINAL JUSTICE Political Background Elements of an Action Plan European Commission Directorate-General.
Piemonte Workshop 1 11 September 2006 Paolo Salieri European Commission DG ENTR-H4 Security research in FP7.
Enforcement of Shareholders’ Rights: The Case of Bulgaria First South East Europe Corporate Governance Roundtable Bucharest, September 2001 Enforcement.
A Global Approach to Protecting the Global Critical Infrastructure Dr. Stephen D. Bryen.
What is “national security”?  No longer defined only by threat of arms  It really is the economy  Infrastructure not controlled by the government.
The Executive Branch: The Chief Executive Unit 6: The Executive Branch and Bureaucracy.
International International Standards on Regulating DNFBPs & The way forward Mr Peter KWOK Assistant Secretary for Security 27 February 2009 Narcotics.
“Executive Departments & Cabinet” “Independent Agencies and Regulatory Commissions.
New approach in EU Accession Negotiations: Rule of Law Brussels, May 2013 Sandra Pernar Government of the Republic of Croatia Office for Cooperation.
Cybersecurity Strategy in Japan May 2016 Yasu TANIWAKI Deputy Director-General National center of Incident readiness and Strategy for Cybersecurity (NISC)
BRA/NVF 23 August 2009: Restructuring Public Management of the Swedish Transport sector Lena Erixon Director General Swedish Road Administration
EUROPEAN SECURITY POLICY A SNAPSHOT ON SURVEILLANCE AND PRIVACY DESSI WORKSHOP, CPH 24 JUNE 2014 Birgitte Kofod Olsen, Chair Danish Council for Digital.
1 M O N T E N E G R O Negotiating Team for the Accession of Montenegro to the European Union Working Group for Chapter 31 – Foreign, security and defence.
November 19, 2002 – Congress passed the Homeland Security Act of 2002, creating a new cabinet-level agency DHS activated in early 2003 Original Mission.
Unit I: The Executive Branch Chapter 15: Government at Work: The Bureaucracy U.S. Government.
Enforcement of Shareholders’ Rights: The Case of Bulgaria First South East Europe Corporate Governance Roundtable Bucharest, September 2001 Enforcement.
Dr. Maria Chr. Alvanou Criminologist-Terrorism Expert Rome 20/10/2016
The Swedish Initiative on Critical Infrastructure Protection
Presidential Advisers and Executive Agencies
The Executive Branch Bureaucracy.
Chef of Section for Strategic Documents,
Critical Infrastructure Protection Policy Priorities
United states government
Helping the President To help the president with all of his/her many tasks, the “Executive Office of the President” (“EOP”) was created in This includes.
U. S. Department of Homeland Security. Office for Civil Rights
8 Building Blocks of National Cyber Strategies
AFRICAN UNION- 23RD-27TH July 2018 PRESENTER: Mr. Nawa J.T Samatebele
Nick Bonvoisin Secretary to the Convention on the
“Presidential Advisers and Executive Agencies”
Foundations of Homeland Security & Emergency Management Law & Policy Post NPHS 1510.
Helping the President To help the president with all of his/her many tasks, the “Executive Office of the President” (“EOP”) was created in This includes.
Helping the President To help the president with all of his/her many tasks, the “Executive Office of the President” (“EOP”) was created in This includes.
Special Features of the Swedish Government Sector
Phanindra Gautam September, 2017
Helping the President To help the president with all of his/her many tasks, the “Executive Office of the President” (“EOP”) was created in This includes.
What is the United Nations?
Presentation transcript:

1 SNDC/IOS LN 0111 The Swedish Initiative on Critical Infrastructure Protection Dir. Lars D. Nicander, National Office of IO/CIP-Studies, Swedish National Defence College Secretary of The Cabinet Working-Group on IO-D/CIP Presentation at ETH/ÖCB Workshop Zurich 9 November 2001

2 SNDC/IOS LN 0111 The Swedish Initiative on Critical Infrastructure Protection n Our view on IO/CIP n Issues n How to organize a National IO-D/CIP-Management n Some proposals n Time frame n Possible areas of international co-operation

3 SNDC/IOS LN 0111 Cabinet Working Group on IW-D/CIP ( ) DoD (chair) NDC (secr) DRE NCPSwSS DoInd.PsycdefAFHQMil. I&S Information Warfare - threats, security, protection CO Telia State DoJ OMB Stkt TCN GAO Teracom SR SVT SJ/BV LME SAF SNUS Sv.Bf JCS PTS DMA FI KK DRI ÖCB Sv Kraftnät ?

4 SNDC/IOS LN 0111 Cabinet Working Group on IO-D/CIP ( ) NDC (secr) DoD (chair + dep.) Information Operations - threats, security, protection DoI,E&C. MoFA (2) PsycdefAF/OpsMil. I&S NCID SwSSDoJ (2)PTS DMAFRAFI NSD SwBA CO/Adm FOA ÖCB SwAAD Council Do FiDoD (3)

5 SNDC/IOS LN 0111 Strategic/Economic Environment IO/IW Synergy Information Systems, Infosec Information, Intelligence Perceptions Joint Operations IO/ IW

6 SNDC/IOS LN 0111 Levels Coalitions Nations Organisations Individuals Coalitions Nations Organisations Individuals Classes (W. Schwartau) III II I

7 SNDC/IOS LN 0111 Taxonomy Defensive Information Operations (IO-D)/ Defensive Information Warfare (IW-D) Critical Infrastructure Protection Information Assurance

8 SNDC/IOS LN 0111 First strike attack for nations First strike attack for nations Means of diplomatic pressures Means of diplomatic pressures Terrorists Terrorists Corporate espionage Corporate espionage Drug cartels, criminal organisations Drug cartels, criminal organisations The disgruntled employee The disgruntled employee Threats

9 SNDC/IOS LN 0111 FBI/CSI-Survey  Interviews with 634 companies on IT- incidents  $25 billion losses in year 2000

10 SNDC/IOS LN 0111 Some Weapons n Psychological Operations n Blackmail, extortion n Data manipulation n Cryptoanalysis n Virus n Logical bombs n Backdoors n Chipping n EMP; electromagnetic pulse n Physical destruction

11 SNDC/IOS LN 0111 Issues n Policy development  “Sweden should be a safe marketplace!” n Organisation/structure –Focal point? »Threat overview »Setting security standards for government and recommend standards for critical private infrastructure –National CERT n Programs for awareness, education and training n Funding for security and redundancy incentives n International Co-operation and Regimes

12 SNDC/IOS LN 0111 Protective philosophy - Report no 2 n Protect-Detect-React (RM-perspective) n Clarify the hidden statistics of IT- incidents n Define Minimal Essential Critical Information Infrastructure n ”Helpdesk” + responsive functions in real time ---> GovCERT

13 SNDC/IOS LN 0111 Structures, responsibilities - Report no 2 Problem Problem –”Who´s in charge?” »Need for a new bureaucratic syntesis Character Character –Intelligence or operational matter? Organisational direction Organisational direction –A new agency? –A new function hosted by an established agency?

14 SNDC/IOS LN 0111 Criteria for a ”lead agency” n Strong linkage threat-planning n Far-reaching administrative and operational responsibility n Organic relations within the Total Defense Community as well as with the Private Sector (c.f. PCCIP) n Law Enforcement Authorities n Education, training and personal development of a national Red Team- unit

15 SNDC/IOS LN 0111 National IO-D Management National IO-D Management Cabinet co-ordination group AFHQ CESG GovCERT Threat/ IO-intel Joint planning and co-ordination Security Incident analysis Statistics unit (Nat. ISAC) Red Team DRE Private Sector FI PTS SwSS NCID GAO ”Joint Venture” private/public ÖCB PsyB Counter Psyops/Deception I&W-unit

16 SNDC/IOS LN 0111 Cabinet WG - Report 2 - main proposals Consensus Consensus A co-ordination group within Cabinet Office A co-ordination group within Cabinet Office A new national IO-D co-ordination body on the Agency-level (separate division within ÖCB) A new national IO-D co-ordination body on the Agency-level (separate division within ÖCB) A GovCERT will be organised by PTS (LEA support) A GovCERT will be organised by PTS (LEA support) A National ISAC will be organised A National ISAC will be organised Reporting duty within Government Reporting duty within Government Defense Bill March -99 Wait OK

17 SNDC/IOS LN 0111 Cabinet WG - Report 2 - main proposals (cont.)  Expanded Armed Forces mandate for support of vital National Information Systems  An active IT-check function for the government administration will be organised within the Armed Forces  Constitutional amendments  Analysis of perception/desinformation methods on Internet at The National Board of Psychological Defence  New forms of co-operation etc. concerning IC OK

18 SNDC/IOS LN 0111 SWE c.f. US in CIP approaches  More emphasis on the top-down perspective (IO-D) than on the infosec bottom-up perspective (IA).  More emphasis on the CIAO-equivalent and less on the NIPC, due to the assessment of tight linkage between threat and planning  One stop-shop to the Private Sector through the Private Sectors Security Delegation –One Private-Government National ISAC –GovCERT+ deals with private CERTs ---> NatCERT

19 SNDC/IOS LN 0111 Presented to The Cabinet 11 May 2001 Presented to The Cabinet 11 May 2001 Explicit IT security strategy Explicit IT security strategy Cross-boundary co-ordination centre Cross-boundary co-ordination centre Overall public IT security responsibility within a new agency for civil planning Overall public IT security responsibility within a new agency for civil planning National CERT National CERT A new technology competence centre A new technology competence centre Certification body Certification body The Committee on Vulnerability and Security in Civil Society IT security and IO protection:

20 SNDC/IOS LN 0111 Structure Co-ordination centre Technology Competence Centre National CERT Planning, risk assessment Certification Body

21 SNDC/IOS LN 0111 Time frame Parliament Decision I, May 1999 Parliament Decision I, May 1999 Swedish Defence Commission: White Paper 2, September 1999 ”...of great importance to security policy!” Swedish Defence Commission: White Paper 2, September 1999 ”...of great importance to security policy!” Parliament Decision II, March 2000 Parliament Decision II, March 2000 Special Commissioner on Vulnerabilities in Society, May 2001 Special Commissioner on Vulnerabilities in Society, May 2001 Cabinet Bill to Parliament, September 2001 Cabinet Bill to Parliament, September 2001 Parliament Decision III, November 2001 Parliament Decision III, November 2001 Implementation (New agency etc.) Implementation (New agency etc.)

22 SNDC/IOS LN 0111 Three Challenges Management issues (”bending pipes”) International Co-operation, Regimes etc International law (”use of force”) etc Domestic tasks International tasks

23 SNDC/IOS LN 0111 Collective Security in Cyberspace There are no borders in Cyberspace! There are no borders in Cyberspace! A cyber-intrusion could be routed from country A through country B, C and D before it ends up in country E. A cyber-intrusion could be routed from country A through country B, C and D before it ends up in country E. How can we trace back these intrusions? How can we trace back these intrusions? –Today: International Law Enforcement or private initiatives (FIRST etc) –Tomorrow: ”Fishwebs” between national CERT:s for tracing intrusions back in real time?

24 SNDC/IOS LN 0111 Country X Country E Country C Country D Country ACountry B Country Y Country Z Building fishwebs in Cyberspace UN, ITU etc

25 SNDC/IOS LN 0111 Areas of international co- operation? Doctrines concerning use of IO/IW under UN or other international legal auspices (international operations, upholding sanctions etc.) Doctrines concerning use of IO/IW under UN or other international legal auspices (international operations, upholding sanctions etc.) Principles of building Regimes for defensive actions taken in Cyberspace (tracing, counterhacking etc.) Principles of building Regimes for defensive actions taken in Cyberspace (tracing, counterhacking etc.)

26 SNDC/IOS LN 0111 More info…. Website:

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.