TÜBİTAK – BİLGEM – SGE Cyber Security Institute

Slides:



Advertisements
Similar presentations
Strengthening innovation in chemical clusters
Advertisements

Department of Homeland Security Site Assistance Visit (SAV)
David A. Brown Chief Information Security Officer State of Ohio
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Fiscal Year 2008 Urban Areas Security Initiative Nonprofit Security Grant Program Investment Justification Questions, Criteria, and Prioritization Methodology.
National Disaster Risk Management Program NDRMP Belgrade, March
S5-1 © 2001 Carnegie Mellon University OCTAVE SM Process 5 Identify Key Components Software Engineering Institute Carnegie Mellon University Pittsburgh,
Risk Management Strategies in an Uncertain World April 12-13, 2002 Objectives of Roundtable Agenda for Roundtable.
(Geneva, Switzerland, September 2014)
Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.
Comptroller of the Currency Administrator of National Banks E- Security Risk Mitigation: A Supervisor’s Perspective Global Dialogue World Bank Group September.
K E M A, I N C. Current Status of Cyber Security Issues 2004 Keynote Address Joe Weiss January 20, 2004.
ICT 7: Advanced cloud infrastructures and services ICT 8: Boosting public sector productivity and innovation through cloud computing services Jorge GASOS.
Critical Information Infrastructure Protection: Urgent vs. Important Miguel Correia 2012 Workshop on Cyber Security and Global Affairs and Global Security.
Securing Information Systems
Giandonato CAGGIANO ENISA MANAGEMENT BOARD REPRESENTATIVE LEGAL ADVISER ON EUROPEAN AFFAIRS OF THE MINISTRY OF COMMUNICATIONS U. OF ROMA TRE LAW FACULTY.
 Jonathan Trull, Deputy State Auditor, Colorado Office of the State Auditor  Travis Schack, Colorado’s Information Security Officer  Chris Ingram,
Lessons Learned in Smart Grid Cyber Security
Isdefe ISXXXX XX Your best ally Panel: Future scenarios for European critical infrastructures protection Carlos Martí Sempere. Essen.
SECURE –FORCE Project Christodoulos Keratidis Atlantis Consulting S.A. 1 st SEE-INNOVATION Know How Event Skopje, December 2006.
© 2001 Carnegie Mellon University S8A-1 OCTAVE SM Process 8 Develop Protection Strategy Workshop A: Protection Strategy Development Software Engineering.
Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.
Idaho Cybersecurity Task Force Department of Administration 16 Sep 2015.
1 Smart Grid Cyber Security Annabelle Lee Senior Cyber Security Strategist Computer Security Division National Institute of Standards and Technology June.
Maritime Cyber Vulnerabilities in the Energy Sector Center for Joint Operations of the Sea ODU Maritime Institute Students Crow, Fresco, Lee.
Project co-funded by the European Commission within the 7th Framework Program (Grant Agreement No ) Business Convergence WS#2 Smart Grid Technologies.
EFDRR Our Goal… Good HFA Exchanges 1.Describe some exchanges that have taken place and any results. 2.Analyse the results of the questionnaire. 3.Make.
THE REPUBLIC OF SLOVENIA MINISTRY OF HIGHER EDUCATION, SCIENCE AND TECHNOLOGY e: Kotnikova 38, 1000 Ljubljana p:
Piemonte Workshop 1 11 September 2006 Paolo Salieri European Commission DG ENTR-H4 Security research in FP7.
ENISA efforts for securing European Internet Infrastructure
CIP 2015 Smart Grid Vulnerability Assessment Using National Testbed Networks IHAB DARWISHOBINNA IGBETAREQ SAADAWI.
IT Controls Global Technology Auditing Guide 1.
Features Governmental organization Critically important ICT objects Distributed infrastructure Three levels of confidentiality Dozens of subsidiary organizations.
EU activities against cyber crime Radomír Janský Unit - Fight against Organised Crime Directorate-General Justice, Freedom and Security (DG JLS) European.
1 Thoughts on ERCOT-Wide Critical Infrastructure Protection Committee Bill Muston October 31, 2006.
NATIONAL CYBER SECURITY GOVERNANCE & EMERGING CYBER SECURITY THREATS
Information Security Measures Confidentiality IntegrityAccessibility Information cannot be available or disclosed to unauthorized persons, entities or.
Fiscal Year 2007 Urban Area Security Initiative Nonprofit Security Grant Program Investment Justification Questions, Criteria, and Prioritization Methodology.
Sectoral Operational Programme “INCREASE OF ECONOMIC COMPETITIVENESS” October 2005 MINISTRY OF ECONOMY AND TRADE.
Role and Objectives of the Cybersecurity Bureau კიბერუსაფრთხოების ბიურო Cyber Security Bureau Speaker: Mari Malvenishvili GITI 2015.
SPANISH NATIONAL POLICE INNOVATION & DEVELOPMENT SERVICE LOGISTICS GENERAL DIRECTORATE SMI2GS - H2020, BRUSSELS 26 & 27 February 2016 H2020 (CALL 2016)
OAS Secretariat for Multidimensional Security CICTE Secretariat Disasters and Critical Infrastructure Protection.
TÜBİTAK – BİLGEM – SGE Cyber Security Institute Asım Gençer Gökce TÜBİTAK BİLGEM Cyber Security Institute (SGE) Role: Cyber.
Cyber Security Institute Dr. Ferhat Ozgur Catak TÜBİTAK BİLGEM Cyber Security Institute Role: Senior Researcher Proposal activity:
CIP Prevention, detection, response and mitigation of the combination of physical and cyber threats to the transport infrastructure of Europe Dr.
ONTOREST Ontology based integrated disaster response tool Zeynep Sofuoglu MD PhD MSc AAHD / Emergency Ambulance Physicians Association.
Homeland Security, First Edition © 2012 Pearson Education, Inc. All rights reserved. Overview of National Infrastructure Protection CHAPTER 3.
MTRS3 Solutions and Services (SME, IL). MTRS in a nutshell  A security consulting company specialising in high risk environments (SME)  Main fields.
NEW ZEALAND’S CYBER SECURITY STRATEGY Presentation by: MED, DIA & GCSB.
Cybersecurity Assessment Framework (MCSAF) focused on multidisciplinary assessment of system failures Andrzej Bialas Institute.
LETS-CROWD Novel Law Enforcement methodologies and ToolS for CROWD protection Santiago Cáceres ETRA Research and Development.
CYSM Risk Assessment Methodology Co-funded by the Prevention, Preparedness and Consequence Management of Terrorism and other Security-related Risks Programme.
1 Iowa Emergency Management Association Iowa Homeland Security and Emergency Management Department Emergency Management Program Development Course EMERGENCY.
BizSmart Lunch & Learn Webinar Information Security and Protecting your business With the increased risk of some sort of cyber- attack over the past few.
Digital Security Focus Area & Critical Infrastructure Protection in H2020 SC7 WP Aristotelis Tzafalias Trust and Security Unit DG Communications.
Horizon 2020 Secure Societies Secure Societies Briefing Day 21 January /06/2016.
SEC 470 OUTLET The learning interface/sec470outletdotcom.
Security and resilience for Smart Hospitals Key findings
Information Security Program
Cyber Security Enterprise Risk Management: Key to an Organization’s Resilience Richard A. Spires CEO, Learning Tree International Former CIO, IRS and.
Agenda Control systems defined
and Security Management: ISO 28000
Figure 3: TSN Analysis Methodology
CIRAS FINAL CONFERENCE
Session 4 – ICT role in critical infrastructure protection
The U.S. Department of Homeland Security
General information Targeted topics SU-INFRA
Cyber Security in a Risk Management Framework
General information Targeted topics SU-INFRA
Adding security to your ICS environment? Fine! But how?!
Presentation transcript:

TÜBİTAK – BİLGEM – SGE Cyber Security Institute Asım Gençer Gökce agencer.gokce@tubitak.gov.tr TÜBİTAK BİLGEM Cyber Security Institute (SGE) Role: Cyber Security Services Unit Manager/Project Manager Targeted Call (CIP Session): CIP-01-2016-2017: Prevention, detection, response and mitigation of the combination of physical and cyber threats to the critical infrastructure of Europe Disclaimer: with the submission of this presentation the consent is given by its author for the organisers to distribute the presentation. SMIG2016 - 26-27 January 2016

TÜBİTAK – BİLGEM – SGE Previous / on going projects National Critical Infrastructure, Asset and Facility Determination, Risk Assessment and Prioritization Project (2015-…) (funded by the Republic of Turkey, Prime Ministry, Disaster & Emergency Management Authority) National Critical Infrastructure Information Systems Protection Project (2012-2013) (funded by the Republic of Turkey, Ministry of Development) Projects funded under European Commission FP7 Managing Threats And Vulnerabilities in the Future Internet (SYSSEC) Project (2010-2014) Cloud For Europe (C4E) Project (2013-…) Penetration Testing and Security Assessment for critical public sector organizations, financial institutions, etc. ISO 27001 Consultancy for critical sector institutions such as the Turkish Atomic Energy Agency. SMIG2016 - 26-27 January 2016 - National Critical Infrastructure, Asset and Facility Determination, Risk Assessment and Prioritization Project (2015-…) General sector assessment in regards to the critical infrastructures Interviews with each sector facilities/Corporation Determination of critical assets in each sectors Prioritization of critical assets Critical infrastructure assessment (critical infrastructure security assessment metodology) and Critical Sector Assessment Report Analysis of Energy (Electric, Petrol, Natural Gas, Solid Fuel), Transport (Maritime Lines, Airways, Highways, Railways), Water Managements and Dams, Communication, Banking and Finance, Agriculture and Food, Culture and Turism, Critical Production/Trading Facilities, Health, Critical Public Services - National Critical Infrastructure Information Systems Protection (2012-2013) Risk Analysis methodology formulation. Penetration tests and audits of critical sectors Analysis of Energy, Communication, Water and Wastewater, Government Facilities sectors “ Information Systems Security ” regulaion development for energy sector Minimum Security Precautions guideline. - Advanced Persistent Threat Analysis (2012-2015) (funded by Republic of Turkey Ministry of Transport, Maritime Affairs and Communications) Objectives of this project is threefold. First objective is developing custom tools and systems for aiding APT analysis tasks in areas including computer and network forensics, as well as malware analysis. Second objective is preparing and publishing analysis documents for guiding agencies on APT analysis. Third and most important objective is conducting on site APT analyses in critical governmental agencies, a total of 21 top agencies, and sharing the findings with a confidential analysis report. Project has 6 phases, each for 6 months. After every 2 phases, new versions of the tools and documents are published, therefore it is aimed to improve and enhance them after gaining more experience with ongoing APT analyses in agencies." - Projects funded under European Comission FP7 - Managing Threats And Vulnerabilities in the Future Internet (SYSSEC) (2010-2014) Network of Excellence Increase cooperation between universities in EU Specification of future cyber threats Malware map of Türkiye - Cloud For Europe (C4E) Project (2013-…) Contribution to cloud deployment in public sector Requirements for government clouds Scenarios for government clouds Procedures for cloud service procurement - Penetration Testing and Security Assessment Custom testing methodology 15 different test categories; DDoS, Social Engineering, External Tests, Web Application, Mobile Application,… Expert personnel Automatic reporting Systems hardening support Industry specific reports and analysis (like Banking)

TÜBİTAK – BİLGEM – SGE Potential partnership activity CIP-01-2016-2017: Prevention, detection, response and mitigation of the combination of physical and cyber threats to the critical infrastructure of Europe Critical infrastructure assessment methodology, risk analysis methodology formulation, Analysis of Critical Sectors Security audit checklist development of ICT components in the Industrial Control Systems (ICS). Vulnerability assessment methodology development of ICSs. Penetration testing methodology development of web and desktop applications of ICSs. Determination of fuzzing and reverse engineering methods for ICSs. Firmware analysis methodology development for ICSs components. Remote Terminal Unit (RTU) security audits and penetrations testing. ICSs network security and protocol security formulation. Hardware security testing method formulation for DCSs (Distributed Control Systems), and PLCs (Programmable Logic Controllers). SMIG2016 - 26-27 January 2016 Analysis of Critical Sectors Energy (Electric, Petrol, Natural Gas, Solid Fuel), Transport (Maritime Lines, Airways, Highways, Railways), Water Managements and Dams, Communication, Banking and Finance, Agriculture and Food, Culture and Turism, Critical Production/Trading Facilities, Health, Critical Public Services

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.