Presentation is loading. Please wait.

Presentation is loading. Please wait.

Protection of Classified Information & Cyber Security

Published byAnna June Gregory Modified over 10 years ago

Similar presentations

Presentation on theme: "Protection of Classified Information & Cyber Security"— Presentation transcript:

1 Protection of Classified Information & Cyber Security
Bruno VERMEIRE Belgian NSA INFOSEC Competent PRS Authority Federal Public Service Foreign Affairs

2 Overview Legal Principles Classified Information (CI) a target?
The BEL NSA Belgian Cyber Security Strategy Protecting CIS handling CI Outsourcing Challenges

3 Legal Principles National Security Authority : Preventive
Police : Proactive, Reactive Justice : Repressive

4 Classified Information (CI) a target?
Paper world thinking  Cyber thinking CI = protection of national assets + assets of other states on the territory CI = targeted with sophisticated tools, even when not connected Are we target ? yes, all CIS handling CI are targeted

5 The BEL NSA 8 administrations:
Includes all principles Collegial decisions Cyber is not within the legal framework for protecting CI Legal framework cyber includes the protection of CI BEL CERT, limited services Mil CERT

6 Belgian Cyber Security Strategy
BELNIS All BEL administrations with cyber security responsibility, includes BEL NSA Strategy approved by the government Includes Mechanism for approving security products Accreditation of systems beyond protection of CI only Implementation probably next Government Strong focus on centralised approach, awareness & education Appropriate cyber crime regulation Includes adaption of Budapest Convention on Cybercrime

7 Protecting CIS handling CI
Pro’s Appropriate security installed Appropriate separation Very good documented trusted users

8 Protecting CIS handling CI
Contra data exchange high risk (MemStick, DVD, …) patch policy not easy to implement Off line, direct assessment difficult Wireless (3G, 4G, WiFi, …)

9 Outsourcing Focus on Vulnerability assessment Protection Trusted products Creating technical legal framework (cyber security standards for CIS handling CI) Civil accredited evaluators Government accreditors (BELAC - NSA)

10 Challenges : taxonomy Electronic Surveillance COMPUSEC Cyber Terrorism
Information Assurance Cyber Defense Electronic Warfare Electronic Defense Computer Network Exploitation Information Operations Infosec Cyber Warfare COMSEC Computer Network Defense Cyber Security Emanation security (EMSEC) Electronic Attack ISTAR Cyber Network Operations Computer Network Attack Information Deception OSINT SIGINT Computer Network Offensive Cyber Monitoring Operations Security (OPSEC)

11 Challenges : high speed revolution
Gov evolution speed  Internet revolution No global legal framework Identification of responsibilities Recognition as an armed attack/military domain

12 Challenges : collaboration
It takes two to tango Win/Win  minimal level & equality requirement Exposure risk If you know what I can detect, … you also know what I can’t … Technology advantage

13 Cyber Capabilities must be developed during personnel and budget cuts…
Challenges : means People Knowledge & Training Computers & networks Cyber Capabilities must be developed during personnel and budget cuts…

14 Thank You !!

Download ppt "Protection of Classified Information & Cyber Security"

Similar presentations

Philippine Cybercrime Efforts

Philippine Cybercrime Efforts
Lynn Ray ISO Towson University Strategic Planning for IT Security Copyright Lynn Ray, 2007. This work is the intellectual property rights of the author.

Lynn Ray ISO Towson University Strategic Planning for IT Security Copyright Lynn Ray, This work is the intellectual property rights of the author.
Cyber Security R&D Challenges: A Homeland Security Perspective Simon Szykman, Ph.D. Director, Cyber Security R&D 202-254-5802.

Cyber Security R&D Challenges: A Homeland Security Perspective Simon Szykman, Ph.D. Director, Cyber Security R&D
INFORMATION SYSTEMS & GLOBAL SERVICES Craig Solem, CISSP Lockheed Martin Information Systems and Global Services Program Manager, Joint Medical information.

INFORMATION SYSTEMS & GLOBAL SERVICES Craig Solem, CISSP Lockheed Martin Information Systems and Global Services Program Manager, Joint Medical information.
MINISTRY OF NATIONAL DEFENCE REPUBLIC OF POLAND CLASSIFIED INFORMATION PROTECTION DEPARTMENT COL. PIOTR GRZYBOWSKI, Director, Classified Information Protection.

MINISTRY OF NATIONAL DEFENCE REPUBLIC OF POLAND CLASSIFIED INFORMATION PROTECTION DEPARTMENT COL. PIOTR GRZYBOWSKI, Director, Classified Information Protection.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
MSIA 711 1 Introduction to Information Systems Security Training and Policy Week 1 Live Session Presentation.

MSIA Introduction to Information Systems Security Training and Policy Week 1 Live Session Presentation.
Information Security Policies and Standards

Information Security Policies and Standards
© BT PLC 2005 ‘Risk-based’ Approach to Managing Infrastructure a ‘Commercial Prospective’ Malcolm Page BT UK AFCEA Lisbon 2005.

© BT PLC 2005 ‘Risk-based’ Approach to Managing Infrastructure a ‘Commercial Prospective’ Malcolm Page BT UK AFCEA Lisbon 2005.
OPM Cybersecurity Competencies by Occupation (Technical Competencies) 2210085508540391 Information Technology Management Series Electronics Engineering.

OPM Cybersecurity Competencies by Occupation (Technical Competencies) Information Technology Management Series Electronics Engineering.
Stephen S. Yau CSE465 & CSE591, Fall 2006 1 Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,

Stephen S. Yau CSE465 & CSE591, Fall Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,
Lesson 1-What Is Information Security?. Overview History of security. Security as a process.

Lesson 1-What Is Information Security?. Overview History of security. Security as a process.
Strategy and Policy Unit: Current Activities and Future Tasks

Strategy and Policy Unit: Current Activities and Future Tasks
Computer Security: Principles and Practice

Computer Security: Principles and Practice
Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.

Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.
Stephen S. Yau CSE 465-591, Fall 2006 1 Security Strategies.

Stephen S. Yau CSE , Fall Security Strategies.
1 Kuwait Central Agency for information technology.

1 Kuwait Central Agency for information technology.
Session 3 – Information Security Policies

Session 3 – Information Security Policies
Comptroller of the Currency Administrator of National Banks E- Security Risk Mitigation: A Supervisor’s Perspective Global Dialogue World Bank Group September.

Comptroller of the Currency Administrator of National Banks E- Security Risk Mitigation: A Supervisor’s Perspective Global Dialogue World Bank Group September.
Introduction to Network Defense

Introduction to Network Defense

Similar presentations

Ads by Google