Presentation is loading. Please wait.

Presentation is loading. Please wait.

Mastering the Art of Collaboration for WISEr Global Security

Published byAldous Black Modified over 6 years ago

Similar presentations

Presentation on theme: "Mastering the Art of Collaboration for WISEr Global Security"— Presentation transcript:

1 Mastering the Art of Collaboration for WISEr Global Security
TNC17, Linz, 1/6/17 Hannah Short (CERN) WISE SC Chair

2 Why Collaborate? We can see that online attackers are moving in coordinated ways, Complex, global, distributed cybercrime economy 80% online crime connected to international organised gangs operating across borders (Source: Interpol) Malware as a service, outsourcing, etc. On our side Communication and collaboration blocks can be fatal to security incident response We operate E-Infrastructures spanning fields and nations, each with different mandates, practices and priorities We have heard a lot about collaboration at TNC, we’re all here to collaborate in some form or other. But why should we collaborate in a security setting? Surely it’s better to focus on yourself and your own resources?

3 The R&E Community must respond to collaboration, with collaboration!

4 Wise Information Security for Collaborating E- infrastructure
What is WISE? Wise Information Security for Collaborating E- infrastructure A trusted forum where security experts can share information on different topics like risk management, tools for operational security and threat intelligence in the context of e-Infrastructures Although this is the raison d’etre of WISE, it’s key value is that it provides the opportunity for security representatives at e-Infrastructures to meet. This is crucial.

5 How everything started
Joint effort of GEANT SIG-ISM (Special Interest Group on Information Security Management) and SCI (Security for Collaboration among Infrastructures) Workshop in Barcelona Spain, October 2015 A profound need for a real collaboration became evident -an open forum where experts from its community exchange information, knowledge, ideas and best practices about specific technical or other areas of business relevant to the research and education networking community - SCI (Security for Collaboration among Infrastructures) is a collaborative activity of information security officers from several large-scale infrastructures, including EGI, PRACE, EUDAT, WLCG, XSEDE and HBP

6 How everything started
Original idea: 4 big e-infrastructures EGI, EUDAT, GEANT and PRACE getting together to facilitate the exchange of experience and knowledge on security But also NRENs, XSEDE, NCSA, CTSC and communities like HEP/CERN, HBP and many others participated 4 workshops since Barcelona, the latest at Nikhef in March 2017

7 WISE – The community WISE Workshop – Nikhef – March 2017
WISE Workshop – Barcelona Supercomputing Center – October 2015 WISE Workshop – Nikhef – March 2017

8 Activities Working Groups Community of volunteers
Led by a Steering Committee Two face-to-face meetings a year, focus on producing practical output Working Groups Updating the SCI framework (SCIV2-WG) Security Training and Awareness (STAA-WG) Risk Assessment WISE (RAW-WG) Security in Big and Open Data (SBOD-WG)

9 STAA-WG Security Training and Awareness:
Training is wanted and needed for security professionals, systems and network managers and engineers, users of the infrastructures and for decision makers Recent progress includes: Target groups identified within umbrellas of users, technical people and management Subjects identified, e.g. Forensics, Software Hardening, Security Awareness Inventory and plan in progress Several organisations already have some or several trainings in place, but not on all topics. Some others have to get started with a training programme. There is a lot of training in the commercial market and there is a lot of open source material available.

10 https://wise-community.org/training-and-awareness/

11 RAW-WG WISE Risk Assessment Working Group shares information and best practices on how risk assessments can be effectively implemented RAW will now release an easy-to-use risk assessment template and related instructions for e-infrastructures for research and higher education Check our web page and our wiki: Join by contacting the chairs and by subscribing to our list More information from the WG chairs, Urpo Kaila Bart Bosma Bart Bosma has been appointed vice chair of RAW WG

12 Sharing Best Practices: Survey, Risks Related to Vulnerabilities
A survey* sent to IT security specialist and system and network administrators in research infrastructures , 55 persons from 19 countries replied: 9. The best way to mitigate risks caused by software vulnerabilities are (choose three) Interesting answers, more information in linked the article. *

13 Where to start – Alt. 2/NRENs (by courtesy of Bart Bosma)
Normally you start risk assessment and other security measures by identifying assets to be protected. In some environments, for example in NRENs the assets are well known, an you can instead start with identifying threats.

14 Release of RAW Risk Assessment template 1.0
An easy to use spreadsheet template with example implementations and with instructions on how to implement a risk assessment The tool is now available from RAW wiki Authors: Linda Cornwall, STFC; Stéphan Coutin,CINES; Sedat Çapkın, SURFsara; Urpo Kaila, CSC/EUDAT; Dankmar Lauter, DFN-CERT; Christian S. Fötinger, hs-augsburg.de; Bart Bosma, Surfnet; Mischa Sallé, NIKHEF, and Ingimar Örn Jónsson, RHNET. The WISE RAW Risk Assessment template is hereby released. Many thanks to all who contributed by sharing best practices. Asset or service Business value Risk targets Threat Existing controls Still existing vulnerabilities Description of Impact Impact Probability Risk Risk owner Approved residual risk Actions items Reviewed

15 SBOD-WG Security in Big and Open Data:
The WG focuses on security issues that arise when dealing with Big and Open data especially within the e-infrastructures Main activities of the WG: list and discuss already existing studies and state of the art as starting point for the rest of the work work on a list of issues particularly important for e-infrastructures and on a set of recommendations on how to minimize the impact of these issues Big data refers to large datasets that are not always public. Open data refers to datasets that are not necessarily large but are available to everyone and can be used and republished without restrictions. Large datasets from scientific research sources. Security issues in this context concentrate on confidentiality, integrity and availability. Confidentiality regulates access to the information, integrity assures that the information is trustworthy, i.e. has not been changed without authorisation, and availability guarantees access to the information by authorised people at any time.

16 Progress of the SBOD WG: Case Statement (published on the Wiki)
Progress of the SBOD WG: Case Statement (published on the Wiki) Definition of Big and Open Data (published on the Wiki) Status report whitepaper „Security in Big and Open Research Data“ (in preparation)

17 SCIV2-WG Updating the SCI framework:
Existing framework created by the SCI (Security for Collaborating Infrastructures) group at ISGC 2013 A version 2 completed at Nikhef to ensure applicability to a broader range of infrastructures, including NRENs SCIv2 will become the 1st WISE framework defining best practices, trust and policy standards for collaboration The aim of this work was to establish a common understanding of the security measures each infrastructure has implemented and to start work on guidelines for interoperation such as the exchange of information during security incident handling

18 SCIV2-WG, principles Governing principles of the SCI framework are
incident containment, ascertaining the causes of incidents, identifying affected parties, addressing data protection and risk management understanding measures required to prevent an incident from reoccurring.

19 SCIV2-WG, requirements Operational Security Incident Response
Traceability Participant Responsibilities Protection and processing of Personal Data WG has produced a first draft of a version 2 of the document,

20 SCIV2-WG, maturity assessment
Assessment Level Description Not implemented for critical services; 1 Implemented for all critical services, but not documented; 2 Implemented and documented for all critical services; 3 Implemented, documented, and reviewed by a collaborating Infrastructure or by an independent external body; Justifiable exclusion In the unlikely case that the function or feature is not relevant for the infrastructure. In the interest of promoting trust, Infrastructures should make their maturity assessments available to collaborating Infrastructures.

21 There is still time for last minute endorsements!
There is still time for last minute endorsements! Join us after this session for the SCI version 2 endorsement ceremony!

22 Participate in WISE www.wise-community.org Join the WISE Mailing List
Interested in any of the the working group subjects? Subscribe to the workgroup mailing list on the WISE website Contact the workgroup chair and let’s work together

23 Our next event WISE Workshop collocated with the NSF Cyber Security Summit (pending confirmation!) August Workshop to cover Software Assurance Assessment Risk Assessment SCI Walkthrough

24 Find out more

25 New Look! Many thanks to GEANT for the Logo and website re- vamp, and to EGI for templates and communication!

26 Questions? hannah.short@cern.ch
Thank you Questions?

Download ppt "Mastering the Art of Collaboration for WISEr Global Security"

Similar presentations

Www.egi.eu EGI-Engage www.egi.eu Recent Experiences in Operational Security: Incident prevention and incident handling in the EGI and WLCG infrastructure.

EGI-Engage Recent Experiences in Operational Security: Incident prevention and incident handling in the EGI and WLCG infrastructure.
Security Incident Response Trust Framework for Federated Identity (Sir-T-Fi) David Kelsey (STFC-RAL) REFEDS, Indianapolis 26 Oct 2014 and now abbreviated.

Security Incident Response Trust Framework for Federated Identity (Sir-T-Fi) David Kelsey (STFC-RAL) REFEDS, Indianapolis 26 Oct 2014 and now abbreviated.
UNDP-GEF Adaptation 0 0 Impact of National Communications on Process of Integrating Climate Change into National Development Policies UNFCCC Workshop on.

UNDP-GEF Adaptation 0 0 Impact of National Communications on Process of Integrating Climate Change into National Development Policies UNFCCC Workshop on.
Www.egi.eu EGI-Engage www.egi.eu Recent Experiences in Operational Security: Incident prevention and incident handling in the EGI and WLCG infrastructure.

EGI-Engage Recent Experiences in Operational Security: Incident prevention and incident handling in the EGI and WLCG infrastructure.
WLCG Security: A Trust Framework for Security Collaboration among Infrastructures David Kelsey (STFC-RAL, UK) CHEP2013, Amsterdam 17 Oct 2013.

WLCG Security: A Trust Framework for Security Collaboration among Infrastructures David Kelsey (STFC-RAL, UK) CHEP2013, Amsterdam 17 Oct 2013.
Networks ∙ Services ∙ People www.geant.org Alessandra Scicchitano TF-CSIRT meeting – Tallinn, Estonia SIG-ISM Update 24 th September 2015 SIG-ISM Secretary.

Networks ∙ Services ∙ People Alessandra Scicchitano TF-CSIRT meeting – Tallinn, Estonia SIG-ISM Update 24 th September 2015 SIG-ISM Secretary.
ENISA efforts for securing European Internet Infrastructure

ENISA efforts for securing European Internet Infrastructure
Www.egi.eu EGI-Engage www.egi.eu Recent Experiences in Operational Security: Incident prevention and incident handling in the EGI and WLCG infrastructure.

EGI-Engage Recent Experiences in Operational Security: Incident prevention and incident handling in the EGI and WLCG infrastructure.
A Trust Framework for Security Collaboration among Infrastructures David Kelsey (STFC-RAL, UK) 1 st WISE, Barcelona 20 Oct 2015.

A Trust Framework for Security Collaboration among Infrastructures David Kelsey (STFC-RAL, UK) 1 st WISE, Barcelona 20 Oct 2015.
A Trust Framework for Security Collaboration among Infrastructures David Kelsey (STFC-RAL, UK) WLCG GDB, CERN 10 Jul 2013.

A Trust Framework for Security Collaboration among Infrastructures David Kelsey (STFC-RAL, UK) WLCG GDB, CERN 10 Jul 2013.
Rafael Rodríguez Clemente. Coordinator* *Estación Biológica de Doñana, CSIC. Sevilla (Spain) MoCo Meeting, Casablanca (Morocco) 15-16.

Rafael Rodríguez Clemente. Coordinator* *Estación Biológica de Doñana, CSIC. Sevilla (Spain) MoCo Meeting, Casablanca (Morocco)
1 Item 2.1.b of the agenda IT Governance in the ESS and related issues Renewal of mandates STNE Adam WROŃSKI Eurostat, Unit B5.

1 Item 2.1.b of the agenda IT Governance in the ESS and related issues Renewal of mandates STNE Adam WROŃSKI Eurostat, Unit B5.
Networks ∙ Services ∙ People www.geant.org Laura Durnford TF-CPR, Cambridge What are other working groups up to? 29 October 2015 GÉANT.

Networks ∙ Services ∙ People Laura Durnford TF-CPR, Cambridge What are other working groups up to? 29 October 2015 GÉANT.
3rd Helix Nebula Workshop on Interoperability among e-Infrastructures and Commercial Clouds Carmela ASERO, EGI.eu 17 September 2013, Madrid

3rd Helix Nebula Workshop on Interoperability among e-Infrastructures and Commercial Clouds Carmela ASERO, EGI.eu 17 September 2013, Madrid
Networks ∙ Services ∙ People www.geant.org GÉANT Community Innovation Programme DISCUSSION 14th October 2015 GÉANT General Assembly.

Networks ∙ Services ∙ People GÉANT Community Innovation Programme DISCUSSION 14th October 2015 GÉANT General Assembly.
Who doesn’t need to be WISE? Bringing into reality global information security collaboration Alessandra Scicchitano GÉANT - Project Development Officer.

Who doesn’t need to be WISE? Bringing into reality global information security collaboration Alessandra Scicchitano GÉANT - Project Development Officer.
PRACE security Jules Wolfrat, SURFsara, The Netherlands April 25, 2013, EGI CSIRT meeting, Linköping, Sweden 10 May 2011- Montpellier.

PRACE security Jules Wolfrat, SURFsara, The Netherlands April 25, 2013, EGI CSIRT meeting, Linköping, Sweden 10 May Montpellier.
Making the future happen Some remarks from the perspective of the Reykjavik-Group Chair full report: www.terena.org/about/ga/ga38/GA(12)020-Reykjavik.pdf.

Making the future happen Some remarks from the perspective of the Reykjavik-Group Chair full report:
Project: EaP countries cooperation for promoting quality assurance in higher education Maria Stratan European Institute for Political Studies of Moldova.

Project: EaP countries cooperation for promoting quality assurance in higher education Maria Stratan European Institute for Political Studies of Moldova.
Cloud Security Session: Introduction 25 Sep 2014Cloud Security, Kelsey1 David Kelsey (STFC-RAL) EGI-Geant Symposium Amsterdam 25 Sep 2014.

Cloud Security Session: Introduction 25 Sep 2014Cloud Security, Kelsey1 David Kelsey (STFC-RAL) EGI-Geant Symposium Amsterdam 25 Sep 2014.

Similar presentations

Ads by Google