Download presentation
Presentation is loading. Please wait.
Published byAldous Black Modified over 7 years ago
1
Mastering the Art of Collaboration for WISEr Global Security
TNC17, Linz, 1/6/17 Hannah Short (CERN) WISE SC Chair
2
Why Collaborate? We can see that online attackers are moving in coordinated ways, Complex, global, distributed cybercrime economy 80% online crime connected to international organised gangs operating across borders (Source: Interpol) Malware as a service, outsourcing, etc. On our side Communication and collaboration blocks can be fatal to security incident response We operate E-Infrastructures spanning fields and nations, each with different mandates, practices and priorities We have heard a lot about collaboration at TNC, we’re all here to collaborate in some form or other. But why should we collaborate in a security setting? Surely it’s better to focus on yourself and your own resources?
3
The R&E Community must respond to collaboration, with collaboration!
4
Wise Information Security for Collaborating E- infrastructure
What is WISE? Wise Information Security for Collaborating E- infrastructure A trusted forum where security experts can share information on different topics like risk management, tools for operational security and threat intelligence in the context of e-Infrastructures Although this is the raison d’etre of WISE, it’s key value is that it provides the opportunity for security representatives at e-Infrastructures to meet. This is crucial.
5
How everything started
Joint effort of GEANT SIG-ISM (Special Interest Group on Information Security Management) and SCI (Security for Collaboration among Infrastructures) Workshop in Barcelona Spain, October 2015 A profound need for a real collaboration became evident -an open forum where experts from its community exchange information, knowledge, ideas and best practices about specific technical or other areas of business relevant to the research and education networking community - SCI (Security for Collaboration among Infrastructures) is a collaborative activity of information security officers from several large-scale infrastructures, including EGI, PRACE, EUDAT, WLCG, XSEDE and HBP
6
How everything started
Original idea: 4 big e-infrastructures EGI, EUDAT, GEANT and PRACE getting together to facilitate the exchange of experience and knowledge on security But also NRENs, XSEDE, NCSA, CTSC and communities like HEP/CERN, HBP and many others participated 4 workshops since Barcelona, the latest at Nikhef in March 2017
7
WISE – The community WISE Workshop – Nikhef – March 2017
WISE Workshop – Barcelona Supercomputing Center – October 2015 WISE Workshop – Nikhef – March 2017
8
Activities Working Groups Community of volunteers
Led by a Steering Committee Two face-to-face meetings a year, focus on producing practical output Working Groups Updating the SCI framework (SCIV2-WG) Security Training and Awareness (STAA-WG) Risk Assessment WISE (RAW-WG) Security in Big and Open Data (SBOD-WG)
9
STAA-WG Security Training and Awareness:
Training is wanted and needed for security professionals, systems and network managers and engineers, users of the infrastructures and for decision makers Recent progress includes: Target groups identified within umbrellas of users, technical people and management Subjects identified, e.g. Forensics, Software Hardening, Security Awareness Inventory and plan in progress Several organisations already have some or several trainings in place, but not on all topics. Some others have to get started with a training programme. There is a lot of training in the commercial market and there is a lot of open source material available.
10
https://wise-community.org/training-and-awareness/
11
RAW-WG WISE Risk Assessment Working Group shares information and best practices on how risk assessments can be effectively implemented RAW will now release an easy-to-use risk assessment template and related instructions for e-infrastructures for research and higher education Check our web page and our wiki: Join by contacting the chairs and by subscribing to our list More information from the WG chairs, Urpo Kaila Bart Bosma Bart Bosma has been appointed vice chair of RAW WG
12
Sharing Best Practices: Survey, Risks Related to Vulnerabilities
A survey* sent to IT security specialist and system and network administrators in research infrastructures , 55 persons from 19 countries replied: 9. The best way to mitigate risks caused by software vulnerabilities are (choose three) Interesting answers, more information in linked the article. *
13
Where to start – Alt. 2/NRENs (by courtesy of Bart Bosma)
Normally you start risk assessment and other security measures by identifying assets to be protected. In some environments, for example in NRENs the assets are well known, an you can instead start with identifying threats.
14
Release of RAW Risk Assessment template 1.0
An easy to use spreadsheet template with example implementations and with instructions on how to implement a risk assessment The tool is now available from RAW wiki Authors: Linda Cornwall, STFC; Stéphan Coutin,CINES; Sedat Çapkın, SURFsara; Urpo Kaila, CSC/EUDAT; Dankmar Lauter, DFN-CERT; Christian S. Fötinger, hs-augsburg.de; Bart Bosma, Surfnet; Mischa Sallé, NIKHEF, and Ingimar Örn Jónsson, RHNET. The WISE RAW Risk Assessment template is hereby released. Many thanks to all who contributed by sharing best practices. Asset or service Business value Risk targets Threat Existing controls Still existing vulnerabilities Description of Impact Impact Probability Risk Risk owner Approved residual risk Actions items Reviewed
15
SBOD-WG Security in Big and Open Data:
The WG focuses on security issues that arise when dealing with Big and Open data especially within the e-infrastructures Main activities of the WG: list and discuss already existing studies and state of the art as starting point for the rest of the work work on a list of issues particularly important for e-infrastructures and on a set of recommendations on how to minimize the impact of these issues Big data refers to large datasets that are not always public. Open data refers to datasets that are not necessarily large but are available to everyone and can be used and republished without restrictions. Large datasets from scientific research sources. Security issues in this context concentrate on confidentiality, integrity and availability. Confidentiality regulates access to the information, integrity assures that the information is trustworthy, i.e. has not been changed without authorisation, and availability guarantees access to the information by authorised people at any time.
16
Progress of the SBOD WG: Case Statement (published on the Wiki)
Progress of the SBOD WG: Case Statement (published on the Wiki) Definition of Big and Open Data (published on the Wiki) Status report whitepaper „Security in Big and Open Research Data“ (in preparation)
17
SCIV2-WG Updating the SCI framework:
Existing framework created by the SCI (Security for Collaborating Infrastructures) group at ISGC 2013 A version 2 completed at Nikhef to ensure applicability to a broader range of infrastructures, including NRENs SCIv2 will become the 1st WISE framework defining best practices, trust and policy standards for collaboration The aim of this work was to establish a common understanding of the security measures each infrastructure has implemented and to start work on guidelines for interoperation such as the exchange of information during security incident handling
18
SCIV2-WG, principles Governing principles of the SCI framework are
incident containment, ascertaining the causes of incidents, identifying affected parties, addressing data protection and risk management understanding measures required to prevent an incident from reoccurring.
19
SCIV2-WG, requirements Operational Security Incident Response
Traceability Participant Responsibilities Protection and processing of Personal Data WG has produced a first draft of a version 2 of the document,
20
SCIV2-WG, maturity assessment
Assessment Level Description Not implemented for critical services; 1 Implemented for all critical services, but not documented; 2 Implemented and documented for all critical services; 3 Implemented, documented, and reviewed by a collaborating Infrastructure or by an independent external body; Justifiable exclusion In the unlikely case that the function or feature is not relevant for the infrastructure. In the interest of promoting trust, Infrastructures should make their maturity assessments available to collaborating Infrastructures.
21
There is still time for last minute endorsements!
There is still time for last minute endorsements! Join us after this session for the SCI version 2 endorsement ceremony!
22
Participate in WISE www.wise-community.org Join the WISE Mailing List
Interested in any of the the working group subjects? Subscribe to the workgroup mailing list on the WISE website Contact the workgroup chair and let’s work together
23
Our next event WISE Workshop collocated with the NSF Cyber Security Summit (pending confirmation!) August Workshop to cover Software Assurance Assessment Risk Assessment SCI Walkthrough
24
Find out more
25
New Look! Many thanks to GEANT for the Logo and website re- vamp, and to EGI for templates and communication!
26
Questions? hannah.short@cern.ch
Thank you Questions?
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.