Matteo Cavallini – ULS MEF/Consip Digital Agenda Assembly – Cybersecurity: barriers and incentives Matteo Cavallini Cybersecurity: State of the Art and.

Slides:

Advertisements

Similar presentations

STRENGTHENING COOPERATION ON CYBER SECURITY WITHIN THE ASEAN REGION

Advertisements

Philippine Cybercrime Efforts

International Telecommunication Union An Insight into BDT Programme 3 Marco Obiso ICT Applications and Cybersecurity Division Telecommunication Development.

European Consumer Summit 2014 On-line and mobile payments Dr Florent Frederix Trust & Security Unit, DG CONNECT, European Commission 1 th of April 2014.

Course: e-Governance Project Lifecycle Day 1

ENISA Cyber Security Strategies Workshop November 27, 2014 Brussels

European Social Fund Evaluation in Italy Stefano Volpi Roma, 03 maggio 2011 Isfol Esf Evaluation Unit Human Resources Policies Evaluation Area Rome, Corso.

Enav.it Session 3 Steps towards the SESAR deployment and the ATM system modernisation.

Improving Cybersecurity Through Research & Innovation Dr. Steve Purser Head of Technical Competence Department European Network and Information Security.

DHS, National Cyber Security Division Overview

EU policy on Network and Information Security (NIS) and Critical Information Infrastructure Protection (CIIP) 15 March 2012 Valérie ANDRIANAVALY European.

MINISTRY OF NATIONAL DEFENCE REPUBLIC OF POLAND CLASSIFIED INFORMATION PROTECTION DEPARTMENT COL. PIOTR GRZYBOWSKI, Director, Classified Information Protection.

1. 2 A High Tech Crime Investigation Lessons learned by the National High Tech Crime Center Hans Oude Alink, project leader NHTCC November 2005.

(Geneva, Switzerland, September 2014)

Cross-border Empowerment of Next Generation Access National Networks MINISTRY OF TRANSPORT, INFORMATION TECHNOLOGY AND COMMUNICATIONS REPUBLIC OF BULGARIA.

NIS Directive and NIS Platform

National CIRT - Montenegro “Regional Development Forum” Bucharest, April 2015 Ministry for Information Society and Telecommunications.

European Union Agency for Network and Information Security Follow ENISA: ENISA and standards Sławomir Górniak European Union Agency.

15 April Fostering Entrepreneurship among young people through education: a EU perspective Simone Baldassarri Unit “Entrepreneurship” Forum “Delivering.

Resiliency Rules: 7 Steps for Critical Infrastructure Protection.

1 EU Collaboration in Network and Information Security Baltic IT&T Forum 2006 Riga, 6 April 2006 Dr. Ronald de Bruin ENISA.

Giandonato CAGGIANO ENISA MANAGEMENT BOARD REPRESENTATIVE LEGAL ADVISER ON EUROPEAN AFFAIRS OF THE MINISTRY OF COMMUNICATIONS U. OF ROMA TRE LAW FACULTY.

1 ENISA’s contribution to the development of Network and Information Security within the Community By Andrea PIROTTI Executive Director ENISA Cyprus, 28.

Isdefe ISXXXX XX Your best ally Panel: Future scenarios for European critical infrastructures protection Carlos Martí Sempere. Essen.

March 9th, 2006www.eMobility.pl Polish Platform on Mobile Communications and Wireless Technologies CISTRANA Workshop Budapest.

Rome Energy Meeting 2008 Rome, November 2008 Investments Opportunities and Project Finance in the Energy Market Luigi Marsullo President Finpublic.

EISAS Pilot Collaborative Awareness Information Dissemination to EU Citizens & SMEs 1.

Advocacy and policy dialogue at national level on development education Seminar for NGDO Platforms of New Member States Budapest, 9-10th March 2006 Rilli.

World summit on the information society 1 Pierre Gagné International Telecommunication Union March 2004 WSIS Follow-up Building the Information Society:

Australia Cybercrime Capacity Building Conference April 2010 Brunei Darussalam Ms Marcella Hawkes Director, Cyber Security Policy Australian Government.

Towards a European network for digital preservation Ideas for a proposal Mariella Guercio, University of Urbino.

ESTELA Summer Workshop, 26 June 2013 The EU-SOLARIS project.

INFORMATION SECURITY GOVERNANCE READINESS IN GOVERNMENT INSTITUTION

Page 1 Encouraging eGovernment innovation in Europe From „paper” oriented administration to eGovernment in Europe Krzysztof Glomb Cities on Internet Association.

How we work as a national CERT in China ZHOU Yonglin CNCERT/CC, China 2 Addressing security challenges on a global scaleGeneva, 6-7 December 2010.

Andrea SERVIDA European Commission DG INFSO.A3 Update on EU policy on Network and Information Security & Critical Information.

EU activities against cyber crime Radomír Janský Unit - Fight against Organised Crime Directorate-General Justice, Freedom and Security (DG JLS) European.

1 Tallinn, 7 June 2010 – roundtable with the HEREs EU support to HIGHER EDUCATION REFORM EXPERTS.

CERT cooperation with ISP’s on Cybersecurity C ă t ă lin P ă trașcu CERT-RO 29 October 2015 RONOG 2 Meeting1.

DAY 1: OVERVIEW The nature of internal auditing

Sofia, 09 June Sofia, 09 June 2010 MINISTRY OF TRANSPORT, INFORMATION TECHNOLOGY AND COMMUNICATIONS Executive Agency “Electronic Communication Networks.

Advisory Forum, July 2005 Outcome of the first retreat of ECDC Management Team (EXC) 4-5 July 2005 Krägga Herrgård Zsuzsanna Jakab Director ECDC.

Role and Objectives of the Cybersecurity Bureau კიბერუსაფრთხოების ბიურო Cyber Security Bureau Speaker: Mari Malvenishvili GITI 2015.

CISE TESTA Introduction November TESTA Introduction 2 TESTA – Trans European Services for Telematics between Administrations – is a data communication.

EU Cybersecurity Strategy and Proposal for Directive on network and information security (NIS) {JOIN(2013) 1 final} {COM(2013) 48 final} Digital Enlightenment.

SPANISH NATIONAL POLICE INNOVATION & DEVELOPMENT SERVICE LOGISTICS GENERAL DIRECTORATE SMI2GS - H2020, BRUSSELS 26 & 27 February 2016 H2020 (CALL 2016)

ISACA Ireland Cyber Security Policy 9 February 2016.

Botnets: Measurement, Detection, Disinfection and Defence Dr Giles Hogben ENISA.

M O N T E N E G R O Negotiating Team for the Accession of Montenegro to the European Union Working Group for Chapter 10 – Information society and media.

EUROPEAN SECURITY POLICY A SNAPSHOT ON SURVEILLANCE AND PRIVACY DESSI WORKSHOP, CPH 24 JUNE 2014 Birgitte Kofod Olsen, Chair Danish Council for Digital.

Evaluation Capacity Building at Country Level: GEF Focal Points 1 Osvaldo Néstor Feinstein AEA 2011 Conference GEF Evaluation Office Panel.

University of Piraeus Research Centre (UPRC) Assistant Professor Nineta Polemi “PREVENTION, PREPAREDENESS AND CONSEQUENCE MANAGEMENT OF.

World summit on the information society 1 WSIS: Building the Information Society: a global challenge in the new Millennium Tim Kelly, Claudia Sarrocco.

MONITORING AND EVALUATION IN THE GEF

About the NIS directive

European Cybercrime Centre - EC3

Joe, Larry, Josh, Susan, Mary, & Ken

Cyber Security coordination in Europe CERT-EU’s perspective

Managerial Accountability

8 Building Blocks of National Cyber Strategies

Romanian National Cyberspace - Quick facts -

AFRICAN UNION- 23RD-27TH July 2018 PRESENTER: Mr. Nawa J.T Samatebele

European Cybersecurity Month 2017 kick-off event

European Commission Initiatives for eGovernment

Trust and Security Unit

The European Union response to cyber threats

The Digital Skills and Jobs Coalition: join us!

Community of Users.

Computer Emergency Response Team

The e-government Conference main issues

Presentation transcript:

Matteo Cavallini – ULS MEF/Consip Digital Agenda Assembly – Cybersecurity: barriers and incentives Matteo Cavallini Cybersecurity: State of the Art and Future Trends in Italy Digital Agenda Assembly - Cybersecurity: barriers and incentives 16 June 2011, Brussels

Matteo Cavallini – ULS MEF/Consip Digital Agenda Assembly – Cybersecurity: barriers and incentives Since 2007 I have been the manager of the Local Security Unit (LSU) of the Italian Ministry of Economy Positions held: ● Senior security member fo the GovCERT.it team project ● Senior security expert for the Testing Commission of the Public Connectivity System ● Internet security manager of the Italian Ministry of Economy Certifications: ● Lead Auditor ISO ● EUCIP Professional “Security Adviser” About me

Matteo Cavallini – ULS MEF/Consip Digital Agenda Assembly – Cybersecurity: barriers and incentives Agenda Local Security Units and CERT-SPC - the security infrastructure of the Italian Public Administration Italian Governmental CERT - a start-up project National and International security exercises - the way to assure the right level of preparedness Italian AntiBotnet Center - an example of an incentive proposal

Matteo Cavallini – ULS MEF/Consip Digital Agenda Assembly – Cybersecurity: barriers and incentives LSUs are the Operational CERT in the PA Internal Organization Operational groups Reperibili Monitoring of the Information sources Supporting incident handling Operational activities for incident prevention and handling Receiving incident alerts & reports

Matteo Cavallini – ULS MEF/Consip Digital Agenda Assembly – Cybersecurity: barriers and incentives Consip Incident Prevention ● Monitoring of the sources ● Verifying & Prioritizing the reports ● Establishing the prevention activities LSUs are the Operational CERT in the PA MEF Incident Prevention Planned Activities Incident Prevention Planned Activities Tech. & Security Providers Security Information Sharing

Matteo Cavallini – ULS MEF/Consip Digital Agenda Assembly – Cybersecurity: barriers and incentives LSUs are the Operational CERT in the PA Operational coordination MEF Incident Reporting ● Incident triage ● Incident analysis ● Incident response plan definition Involvment of the Police cyber unit Incident Response Consip Incident handling operational support Incident handling operational support

Matteo Cavallini – ULS MEF/Consip Digital Agenda Assembly – Cybersecurity: barriers and incentives CERT-SPC is the Coordination Centre Tech. & Security Providers LSU SOC PCS’s Providers SOC PCS’s Providers SOC PCS’s Providers SOC of PCS Providers

Matteo Cavallini – ULS MEF/Consip Digital Agenda Assembly – Cybersecurity: barriers and incentives CERT DIFESA TC National Cyber Response Exercise Cybershot 2010 Coordination CERTs Operational CERTs “Real” injections: ● Network scan ● Brute force attack ● Intrusion ● Web Defacement

Matteo Cavallini – ULS MEF/Consip Digital Agenda Assembly – Cybersecurity: barriers and incentives Cyber Incident Exercise ● ISCOM – MISE partecipated in the first pan-European exercise (Cyber Europe 2010) acting as the Italian focal point and playing the roles of planner and moderator ● On the basis of the experience, ISCOM will partecipate in the second pan-European exercise in 2012, to start testing the planned EU cyber- incident contingency plan ● ISCOM will partecipate in the EU/US exercise within the area of EU/US Working Group on Cybersecurity and Cybercrime ● ISCOM will organize a national exercise in cooperation with other governmental institutions and private stakeholders

Matteo Cavallini – ULS MEF/Consip Digital Agenda Assembly – Cybersecurity: barriers and incentives ● ISCOM contributes to the “ad hoc” ENISA working group in order to define and harmonize the security measures among MSs to be accomplished by TELCO operators ● ISCOM has established a national working group with network operators and service providers to receive feedback from the private stakeholders Minimum Security Measures Art. 13 Directive 2009/140/EC

Matteo Cavallini – ULS MEF/Consip Digital Agenda Assembly – Cybersecurity: barriers and incentives Governmental CERT ● Currently Italian CERTs are dedicated to specific networks and users, such as Public Administration and Defense ● In order to establish a well-functioning network of CERTs at the EU level by 2012, the MSs are requested to implement an operational national/governmental CERT ● ISCOM will cooperate with other institutions to create a national CERT that will coordinate the other internal CERTs and will be a unique national contact point for the European counterparts

Matteo Cavallini – ULS MEF/Consip Digital Agenda Assembly – Cybersecurity: barriers and incentives Italian AntiBotnet Center Botnets are networks of infected PCs remotely managed by cybercriminals to perform illegal activities such as the following: spam, phishing, DDoS attacks, financial fraud, identity fraud, clickfraud, etc. Why Botnet? Botnets have a strong social impact on citizens and represent a serious obstacle to the development of the high value services (e-commerce, e- government programs, etc. ) over the Internet

Matteo Cavallini – ULS MEF/Consip Digital Agenda Assembly – Cybersecurity: barriers and incentives Italian AntiBotnet Center At the moment, the Center is a proposal still in the evaluation and feasibility study phase. The proposed structure would be linked to the German AntiBotnet Center and should be a Public-Private Partnership with the involvement of the: ● Internet Service P roviders ● Security and Technology Vendors ● Various Professional Associations The proposed funding would be limited to the start-up and the first two years of activity. The following years would be financed by the private sector, encouraged by the benefits achieved. In our view, this initiative is a good example of an incentive to deliver a higher level of network and information security.

Matteo Cavallini – ULS MEF/Consip Digital Agenda Assembly – Cybersecurity: barriers and incentives Thanks twitter