Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 2003-05-19 Experiences from establishing a national Centre for Information Security in Norway TERENA Networking Conference 2003 Maria Bartnes Dahl &

Published byRoland Arnold Modified over 9 years ago

Similar presentations

Presentation on theme: "1 2003-05-19 Experiences from establishing a national Centre for Information Security in Norway TERENA Networking Conference 2003 Maria Bartnes Dahl &"— Presentation transcript:

1 1 2003-05-19 Experiences from establishing a national Centre for Information Security in Norway TERENA Networking Conference 2003 Maria Bartnes Dahl & Lillian Røstad Centre for Information Security SINTEF Telecom and Informatics

2 2 2003-05-19 Background Two major incidents recent years: –Telenor: Main and backup cable cut at the same time Large areas without telephone connection, >5 hrs –EDB Teamco: One human mistake - all Internet banking services unavailable A whole week until normal operation restored Increased focus on information security –Have realised how vulnerable the society is –Vulnerability Committee and a national strategy

3 3 2003-05-19 Establishment of SIS (I) Commissioned by the Norwegian Ministry of Trade and Industry Preliminary duration: Apr 1 st 2002 - Dec 31 st 2004 Part of the national strategy for reducing society’s vulnerability within information and communication (ICT) technology

4 4 2003-05-19 Establishment of SIS (II) Hosted by SINTEF Telecom and Informatics in collaboration with UNINETT in Trondheim SINTEF: –Foundation for Industrial and Technological Research –Vision: “Technology for a better society” –~2000 employees UNINETT: –The Norwegian Network for Research & Education –Computer Emergency Response Team (CERT)

5 5 2003-05-19 Why SINTEF? Alternatives: –Governmental departments, directorates –Norw. Defense - Norwegian National Security Authority –Private organisations SINTEF: –Large, independent research institution –Experience within the areas of safety and security –Located close to the Norwegian University of Science and Technology (NTNU) and UNINETT

6 6 2003-05-19 Main objectives To survey the threats towards ICT systems in Norwegian society Spread knowledge and expertise about threats and their countermeasures Network with organisations providing similar services in other countries

7 7 2003-05-19 Deliverables Threat assessment: a dynamic updated overview of threats Overview of who delivers security services and products Increase awareness about security in both private and public sectors Establish a network of relevant contacts

8 8 2003-05-19 Long-term objective To be responsible for the national coordination of tasks within incident response, warning, response of threats and attacks, and exchange of expertise. –In trial period not responsible for security and preparedness in emergency situations

9 9 2003-05-19 SIS complements existing efforts SIS Society at large NO NSA - National security - Critical societal operations - Key industry Staff: SIS + NO NSA  150 people SIS Degree of protection Extent

10 10 2003-05-19 Current status Premises approved according to the Norwegian Security Act –Approved for handling classified information Fully staffed as of Jan 1 st 2003: –Seven people –Educated and/or work experienced within information security Web page: http://www.norsis.no

11 11 2003-05-19 Status - main objectives (I) Threat assessment: –formal agreements –based on reported incidents AND –other surveys and information sources –June 2003 - first publication Challenge: –Evaluate tools and methods for handling and analyzing incident reports –Produce useful reports - determine what constitutes a useful report based on user demands

12 12 2003-05-19 Status - main objectives (II) Spread knowledge: –Participation in national and international conferences –Student tutoring –www.norsis.no Advisories and articles Best practice Checklists Challenge: –Collect, sort out and communicate publicly available information –Supplement where necessary

13 13 2003-05-19 Status - main objectives (III) Networking: –Established trust relationships - contact networks in Norway –Nordic meeting fall 2003 –UK - NISCC/UNIRAS Challenge: –Identify and establish relationships with key people within important organisations

14 14 2003-05-19 Main challenge Determine possible functions, goals and working methods of the centre –Identify main users, and –Figure out what is really needed by the users

15 15 2003-05-19 Results so far June 2003: –Publication of the first threat assessment Formal agreements - information exchange Map of the security industry in Norway Identified key players - both governmental and commercial

16 16 2003-05-19 Contact SIS: http://www.norsis.no post@norsis.no Maria Bartnes Dahl

Download ppt "1 2003-05-19 Experiences from establishing a national Centre for Information Security in Norway TERENA Networking Conference 2003 Maria Bartnes Dahl &"

Similar presentations

National Infrastructure Security Co-ordination Centre

National Infrastructure Security Co-ordination Centre
A safe and robust society – where everyone takes responsibility Norways internal analysis of laws pursuant to IDRL Guidelines Dag Olav Høgvold

A safe and robust society – where everyone takes responsibility Norways internal analysis of laws pursuant to IDRL Guidelines Dag Olav Høgvold
Steps towards E-Government in Syria

Steps towards E-Government in Syria
Computer Emergency Response Teams

Computer Emergency Response Teams
Tanzania Communications Regulatory Authority - TCRA Response to Cyber incidences in Tanzania: Where are we? Presented at Cyber Security Mini Conference.

Tanzania Communications Regulatory Authority - TCRA Response to Cyber incidences in Tanzania: Where are we? Presented at Cyber Security Mini Conference.
Sociedade Portuguesa de Inovação ChinaFrontier: China’s Realities from a Frontier Research Perspective Overall Objectives of the Project and a Summary.

Sociedade Portuguesa de Inovação ChinaFrontier: China’s Realities from a Frontier Research Perspective Overall Objectives of the Project and a Summary.
Jinhyun CHO Senior Researcher Korea Internet and Security Agency.

Jinhyun CHO Senior Researcher Korea Internet and Security Agency.
FACILITY SAFETY: Creating a Safe and Secure Environment in the Community Health Center Presented by Steve Wilder, BA, CHSP, STS Sorensen, Wilder & Associates.

FACILITY SAFETY: Creating a Safe and Secure Environment in the Community Health Center Presented by Steve Wilder, BA, CHSP, STS Sorensen, Wilder & Associates.
A Framework to Implement a National Cyber Security Structure for Developing Nations ID Ellefsen - SH von Solms - Academy.

A Framework to Implement a National Cyber Security Structure for Developing Nations ID Ellefsen - SH von Solms - Academy.
DHS, National Cyber Security Division Overview

DHS, National Cyber Security Division Overview
MINISTRY OF NATIONAL DEFENCE REPUBLIC OF POLAND CLASSIFIED INFORMATION PROTECTION DEPARTMENT COL. PIOTR GRZYBOWSKI, Director, Classified Information Protection.

MINISTRY OF NATIONAL DEFENCE REPUBLIC OF POLAND CLASSIFIED INFORMATION PROTECTION DEPARTMENT COL. PIOTR GRZYBOWSKI, Director, Classified Information Protection.
1 Case Study ESTABLISHING NATIONAL CERT By Saleem Al-Balooshi Etisalat - AE.

1 Case Study ESTABLISHING NATIONAL CERT By Saleem Al-Balooshi Etisalat - AE.
Strategy and Policy Unit: Current Activities and Future Tasks

Strategy and Policy Unit: Current Activities and Future Tasks
Geneva, Switzerland, 15-16 September 2014 Overview of Kenya’s Cybersecurity Framework Michael K. Katundu Director, Information Technology Communications.

Geneva, Switzerland, September 2014 Overview of Kenya’s Cybersecurity Framework Michael K. Katundu Director, Information Technology Communications.
Inter-Agency Crisis Management,28 June 2012 Inter-Agency Crisis Management in the Netherlands.

Inter-Agency Crisis Management,28 June 2012 Inter-Agency Crisis Management in the Netherlands.
Building Public Health / Clinical Health Information Exchanges: The Minnesota Experience Marty LaVenture, MPH, PhD Director, Center for Health Informatics.

Building Public Health / Clinical Health Information Exchanges: The Minnesota Experience Marty LaVenture, MPH, PhD Director, Center for Health Informatics.
1 ENISA’s contribution to the development of Network and Information Security within the Community By Andrea PIROTTI Executive Director ENISA Cyprus, 28.

1 ENISA’s contribution to the development of Network and Information Security within the Community By Andrea PIROTTI Executive Director ENISA Cyprus, 28.
Peter Burnett Head of Information Sharing National Infrastructure Security Co-ordination Centre.

Peter Burnett Head of Information Sharing National Infrastructure Security Co-ordination Centre.
ICT 1 Towards an Integrated Approach to Access Control to Health Information Presented by: Inger Anne Tøndel SINTEF Co-authors: Per Håkon Meland SINTEF.

ICT 1 Towards an Integrated Approach to Access Control to Health Information Presented by: Inger Anne Tøndel SINTEF Co-authors: Per Håkon Meland SINTEF.
Information Literacy in the workplace: implications for trainers By Dr. Mark Hepworth Department of Information Science Loughborough University.

Information Literacy in the workplace: implications for trainers By Dr. Mark Hepworth Department of Information Science Loughborough University.

Similar presentations

Ads by Google