Peter Burnett Head of Information Sharing National Infrastructure Security Co-ordination Centre.

Slides:



Advertisements
Similar presentations
National Infrastructure Security Co-ordination Centre
Advertisements

STRENGTHENING COOPERATION ON CYBER SECURITY WITHIN THE ASEAN REGION
1 ASEAN Regional Forum Meeting 28 – 30 April 2010 Bandar Seri Begawan, Brunei CERT-Ins Initiative on International Information Security Dr A S Kamble Director.
The Internet and Older Citizens European Congress on Gender and the Information Society Athens 5-6 May 2003 Dr. Susan ODonnell - Itech Research (Ireland)
International Telecommunication Union An Insight into BDT Programme 3 Marco Obiso ICT Applications and Cybersecurity Division Telecommunication Development.
Computer Emergency Response Teams
7 th Framework Programme (FP7) - Malta’s participation th January 2013 Anthea Fabri FP7 National Coordinator Malta Council for Science and.
Malta Council for Science and Technology Seventh Framework Programme (FP7) 15 July, 2008 Anthea Frendo FP7 National Contact Point.
Europe and Education School Education COMENIUS. The School Education Action of the European Community’s Programme “Socrates” on Education 2 nd phase:
RESPONSIBLE CARE ® COMMUNITY AWARENESS & EMERGENCY RESPONSE CODE Daniel Roczniak Senior Director, Responsible Care American Chemistry Council June 2010.
A project implemented by the HTSPE consortium This project is funded by the European Union SECURITY AND CITIZENSHIP EUROPE FOR CITIZENS
Research and Educational Networking Information Analysis and Sharing Center (REN-ISAC) Mark S. Bruhn, Interim Director University Copyright.
Steven KrauwerCLARIN-NL Launch CLARIN-EU: Where do we stand? Steven Krauwer Utrecht institute of Linguistics UiL OTS CLARIN-EU Coordinator.
1 Case Study ESTABLISHING NATIONAL CERT By Saleem Al-Balooshi Etisalat - AE.
Eye on Earth (EoE), Citizen Science and the Invasive Alien Species project Malene Bruun NRC’s for EIS June 17, 2011.
The implementation of the rural development policy and its impacts on innovation and modernisation of rural economy Christian Vincentini, European Commission.
JPCERT/CC May Fixed-Point Auto Data Collecting System Getting more accurate Scan and Prove data to provide more accurate network traffic analysis.
Experiences from establishing a national Centre for Information Security in Norway TERENA Networking Conference 2003 Maria Bartnes Dahl &
1 ENISA: Fostering the European Cooperation on Network & Information Security Dr. Panagiotis Trimintzios, CISSP European Network &
1 EU Collaboration in Network and Information Security Baltic IT&T Forum 2006 Riga, 6 April 2006 Dr. Ronald de Bruin ENISA.
1 ENISA’s contribution to the development of Network and Information Security within the Community By Andrea PIROTTI Executive Director ENISA Cyprus, 28.
1 ”Pathways in the Open Classroom” Copenhagen 2002 A Norwegian perspective and understanding of the Nordic pedagogy Ingeborg Bø Norwegian Association for.
STRENGTHENING the AFRICA ENVIRONMENT INFORMATION NETWORK An AMCEN initiative A framework to support development planning processes and increase access.
Look,Listen and Learn Project Regional Conference November 2005 Birchwood Hotel, Johannesburg By Fred Kalibwani SADC FOOD SECURITY POLICY PROCESSES.
European Commission Enterprise Directorate General Innovation Policy R&D and Innovation in the Regional Operational Programs Meeting with Regions 11 July.
Setting up a Grid-CERT Experiences of an academic CSIRT TERENA Networking Conference May, Lyngby, Denmark Klaus Möller DFN-CERT Services GmbH.
A General Overview of Information Security Senior advisor Mona Naomi Lintvedt
A project implemented by the HTSPE consortium This project is funded by the European Union SECURITY AND CITIZENSHIP JUSTICE
EISAS Pilot Collaborative Awareness Information Dissemination to EU Citizens & SMEs 1.
RTD-B.4 - Regions of Knowledge and Research Potential Regional Dimension of the 7th Framework Programme Regions of Knowledge Objectives and Activities.
Ensuring Food Safety in Europe through Scientific Cooperation and Networking The Role of EFSA Carola Sondermann EFSA Polish Focal Point – Annual Experts.
1 The Project Circle, January 27, 2005 How can the NCP support you? Mária Búciová, IST NCP Slovak University of Technology in Bratislava, Slovakia.
Time to act on the Future of Europe …
Towards a European network for digital preservation Ideas for a proposal Mariella Guercio, University of Urbino.
FAO/WHO CODEX TRAINING PACKAGE Enhancing participation in Codex activities Developed by the Food and Agriculture Organization of the United Nations (FAO)
Communications-Electronics Security Group. Excellence in Infosec.
WOMEN ENTREPRENEURS IN RURAL TOURISM Sustainability Report by PRISMA Centre for Development Studies Parnu, September 2012.
Recent Cyber Attacks and Countermeasures September 2006.
Creating A CERT at WARP Speed.
InfraGard A Government and Private Sector Alliance Information sharing begins with human relationships – people talking with people whom they trust. Information.
1 Direction scientifique Networks of Excellence objectives  Reinforce or strengthen scientific and technological excellence on a given research topic.
Cyber-security policy to encourage CSIRTs activities Yasuhiro KITAURA Ministry of Economy, Trade and Industry, JAPAN.
NSF Cybersecuity Summit May REN-ISAC Goal The goal of the REN-ISAC is to aid and promote cyber security protection and response within the higher.
MEDIN Work Plan for By March 2011 MEDIN will be 3 years into the original 5 year development plan started in Would normally ask for continued.
AGENDA NCSIP Mandate IT Security Threats Specific Action Items Additional Initiatives.
Advanced attack techniques Advanced attack techniques Increased by passing techniques against the existing detection methods such as IDS and anti- virus.
Click to edit Master title style 1 Baltic IT&T 2005 Forum EU cooperation for a culture of network and information security Pernilla Skantze, ENISA.
The industrial relations in the Commerce sector EU Social dialogue: education, training and skill needs Ilaria Savoini Riga, 9 May 2012.
A Global Approach to Protecting the Global Critical Infrastructure Dr. Stephen D. Bryen.
1 Hellenic Open University eCoMeT Lab Maria Aspioti.
A project implemented by the HTSPE consortium This project is funded by the European Union SECURITY AND CITIZENSHIP RIGHT AND CITIZENSHIP
Peter Burnett Head of Information Sharing National Infrastructure Security Co-ordination Centre
GEO Standards and Interoperability Forum SIF First Organizational Meeting 27 July 2007 Barcelona, Spain.
Strengthening Academic and Industrial Links: A Framework to Support Academic-Industry Collaboration in Europe Joaquin Alonso Andaluz Project Manager Fundacion.
Enterprise Directorate General European Commission Kurt König Head of Unit “Communication and Awareness” Innovation Directorate
ESF Networking in the UK and at the Community level James Ritchie Information Officer – England and Gibraltar ESF programme.
Leader+ Observatory Seminar ‘The Legacy of Leader+ at local level: Building the future of rural areas’ April 2007 Cap Corse, Nebbiù è Custera, Corse,
Internet2 Abilene & REN-ISAC Arbor Networks Peakflow SP Identification and Response to DoS Joint Techs Winter 2006 Albuquerque Doug Pearson.
EUROPEAN SOCIAL FUND Promotion of transnational cooperation and partnership among Member States within ESF Vilnius, 11 June 2007 By Peter Stub.
1 Second call for proposals – National Information Day EUROPEAN REGIONAL DEVELOPMENT FUND Benoît Dalbert, Project Officer, Joint Technical Secretariat.
Artec new media literacy Frank Boyd arts technology centre BBC future development
European collaboration on research networking development update on TERENA activities Karel Vietsch TERENA CEO Spring 2002 Internet2 Member Meeting Arlington.
The Practices of CERT -- Building National Computer Network Emergency Response Capability Mingqi CHEN CNCERT/CC APCERT APAN Bangkok.
EUROPEAN SECURITY POLICY A SNAPSHOT ON SURVEILLANCE AND PRIVACY DESSI WORKSHOP, CPH 24 JUNE 2014 Birgitte Kofod Olsen, Chair Danish Council for Digital.
A network of European National Platforms and Focal Points for Natural Disaster Reduction Common Goals To facilitate and improve the exchange of information.
Theodore Papazoglou ERC/European Commission RTD, Directorate S Fax ERC Funding Actions/Grant Agreement Modalities.
TSI Project Funded by Implemented by Kick-off training seminar Brussels, 4-6 Nov 2014 Digital platform Isabelle Gachie Vinson Luca Salvadori.
London Action Plan Wout de Natris OPTA Strasbourg, 12 June 2007.
Cyber Security coordination in Europe CERT-EU’s perspective
Strengthening Early Warning Systems in Europe
Presentation transcript:

Peter Burnett Head of Information Sharing National Infrastructure Security Co-ordination Centre

Background Late 70’s – Mainframes, Minis, Micros Languages Evaluation & Certification, CLEFs Compusec, Infosec CNI/CIP Programme CERT Management EU & Intnl Liaison

What is it ? ‘Incident Reporting’, + –Intrusions, Viruses, Observation, Tipoffs Warnings, Alerts etc, + Education/Awareness material, + Peer to Peer exchanges, networking, + Threat & vulnerability information, + Help, Advice, To improve Internet Security Information Sharing

Who is it ? CIP Organisations (e.g. incl CESG) + Research Centres, Groups + – (e.g. SANS, EICAR, AVIEN) Vendors, AVS etc + ISACs ? + WARPs –Warning, Advice & Reporting Points Information Sharing

Who is it ? Most important of all …. CERTs & CSIRTs Key to the whole network Already doing it. –RFC 2350 The model for development. Information Sharing

UK CERT Involvement UNIRAS - Govt CERT since 1992 Incorporated into CIP organisation Links to US/CAN/AUS/NZ European Govt CERTs Forum Participation in TF/CSIRT, FIRST Information Sharing

UK Initiatives UK CERTs forum Encouraging new CERTs in UK Encouraging Information Sharing Bodies –SAINT, ISACs Support for EU projects (CASES, EWIS etc) Conceive & promote WARPs –Warning, Advice & Reporting Points –Linked to CyberHood Watch (IAAC) Information Sharing

Warning, Advice & Reporting Points (WARPs) - Functions Issue Alerts & Warnings from CERT/WARP network (and CASES) Act as helpdesk for Advice on Internet/Infosec problems Gather, sanitise, and share Incident Reports (with CERTs, WARPs, CASES) Geared to SMEs, small organisations & Citizens Information Sharing

The WARP model e-COMMUNITY WARP Information Sharing Network Incident Reports Problems Warnings Advice Trade association, interest group, local authority, industry sector

WARPs Approach Internet-based –Distributed (the Internet is not mainframe-based) –User-oriented ( bottom-up) –Devolved (allows specialisation) Small is beautiful –In touch with community’s requirements –Builds trust through familiarity Builds on successful ideas –Neighbourhood Watch –Citizens Advice Bureaux –CERTs/CSIRTs Information Sharing

–Receive warnings/advisories from WARPs/CSIRTs/CERTs and other sources, filter and assess them, and reissue them to their community where appropriate, (perhaps with increased priority or added value). –Provide and/or telephone advice to community members on security matters. –Solicit and record IT-security incident reports from community. Information Sharing What do WARPs do ?

–Share (possibly sanitised) incident reporting data with other WARPs/CERTs etc with whom a sharing agreement has been reached (formal or informal). –Contribute incident data, resources and/or expertise/knowledge to peers etc to help deal with widespread problems. –Participate in ‘networking’ and sharing of experiences and knowledge with other members of Information Sharing network –Develop close links with selected WARPs/CSIRTs/CERTs for support and collaboration on problems. Information Sharing

WARPS – What DON’T they do ? RESPONSE !!! Information Sharing

Objectives Increase Awareness, Education : –general e-environment (reduce Viruses, Worms, Trojans, DDoS etc) Provide useful and timely warnings Gather incident reports –Crime reports (pass on only with consent) –Statistics, Trends –Attack detection Information Sharing

Information Sharing Network NISCC/ UNIRAS ISACs CIP orgs Other Sources CSIRTs WARPs CASES

CSIRTs & WARPs ? What’s in it for you ? 1.Your country needs more CSIRTs 2.WARPs are cheap & simple (relatively) 3.CSIRTs can increase their coverage, effectiveness and influence, at little cost 4.You can help SMEs, Citizens & others 5.We can improve the general environment 6.It’s an incident early warning system Information Sharing - CSIRTs

CSIRTs & WARPs ? What do they need from you ? 1.Acceptance/tolerance 2.Advice on establishing themselves 3.A feed of advisories etc 4.Technical advice (if convenient) 5.Trust (eventually) 6.Someone to pass incident reports to, (with no obligation for Response) Information Sharing - CSIRTs

CSIRTs & WARPs ? Think of WARPS as: –Satellites –Sub-CSIRTs –Local branches –Nodes to help reach a wider audience –Something to fill the coverage gaps –Future CSIRTs ? –Anything you like really ! Information Sharing - CSIRTs

CASES Cyber-Awareness and Security Enhancement Structure A Coordinating Centre to encourage dissemination of Warning & Awareness materials via National Nodes

NCP Dissemination NCP CASES Dissemination National Contact Point (Node)

CASES – Transnational approach Builds on elements already there (CSIRTs, WARPs, e- Platforms) Provides Coordination i.e. Cooperation (not control) Aids e-Europe Programmes (confidence) Promotes new national nodes (where they don’t exist) Stimulates national Dissemination network, WARPs Complements R&D work (identifies needs) Provides test-bed CASES

WARPs – A local approach Builds on elements already there Reflects Internet philosophy Cooperation not control Provides help & advice –Builds Trust –Builds Confidence –Builds an Incident Reporting network Information Sharing

WARP e-COMMUNITY WARP CASES e-COMMUNITY National Node

Plain Sailing from now on ?

No such thing as Plain Sailing !

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.