1 / 7

„Planspiel“ – Scripted Exercise, June 2012

www.aco.net. „Planspiel“ – Scripted Exercise, June 2012. Report is a bit late, but.... Just another Cyber Exercise? Yes and No  The Background: Development of a National IT Security Strategy (ev. adopted Dec. 2012)

idola
Download Presentation

„Planspiel“ – Scripted Exercise, June 2012

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. www.aco.net „Planspiel“ – Scripted Exercise, June 2012 • Report is a bit late, but.... Just another Cyber Exercise? Yes and No  • The Background: • Development of a National IT Security Strategy (ev. adopted Dec. 2012) • Existing Exercises were seen as a tad limited, also in (political) visibility • Goals: • involve Public Administration and Industry, across industry sectors • involve all parties all the way up the escalation tree (to EKC,SKKM) • come up with a „credible“ attack/outage scenario (I borrowed from reality) • create awareness for cross-sector inter-dependencies • provide the logistics to observe, log, report and evaluate afterwards! • ~50 active players / 100+ exercise managers („gods“) / 100+ observers • Pre-existing escalation and management structure, but NOT (yet) for Cyber • EKC: Einsatz- und Krisen-Koordinationscenter • BMI – Ministry of the Interior Austrian Academic Computer Network 1

  2. www.aco.net „Planspiel“ – Scripted Exercise, June 2012 • What and where? Everybody @the Chamber of Commerce /„Haus der Industrie“, in Vienna (Observers‘ Room) Austrian Academic Computer Network 2

  3. www.aco.net „Planspiel“ – Scripted Exercise, June 2012 • Players: • Public Administration (BKA, BMI/BVT/Toplevel Police, BMF, BMLVS, Federal State Admins, Federal IT-Service,...) • Financial Industry Rep.s (ÖNB, Geldservice Austria, RI Informatik) • Power Distribution (Wien Energie, e-Control, ...) • A1 Telekom, CERT.at • ...distributed across different rooms in building • Experts (aka Gods): • Power Distribution (APG) • ISPs (ACOnet-CERT, UPC, A1Telekom) • Regional Health Services, Public Administration • Financial Industry, Telekom Regulator • IBM, Microsoft • Infraprotect (scripting engine and logistics) Austrian Academic Computer Network 3

  4. www.aco.net „Planspiel“ – Scripted Exercise, June 2012 • Incident „reality“ based on sophisticated scripts: Austrian Academic Computer Network 4

  5. www.aco.net „Planspiel“ – Scripted Exercise, June 2012 • Interesting results (from my point of view!): • Possibilty / Opportunity to (also) play against the own orgisation at home • done by ACOnet, A1Telekom,... • Preparation needs much more time to involve „all relevant“ players on a national level • both for the player role and he „god“ role (and observation) • Some lessons learned: • (not a surprise:) need for more human resources and split of responsibility • some organisations are well-prepared. others should start with internal exercises • internal communication and preparedness (helpdesk, management,...) • incompatibility of federal model for dealing with emergencies with the cyber environment • PR work at the end became a desaster^Wchallenge  integrate into scenario and better prepare for the real-world challenges at the end Austrian Academic Computer Network 5

  6. www.aco.net „Planspiel“ – Scripted Exercise, June 2012 • Some lessons learned (cont.): • mutual trust is a fundamental requirement • try to define, agree and document structures / responsibilities / interfaces • exchange of information across „sectors“ is vital • health services sector is important, but was missing next time  • while the lack of legal provisions sometimes helps in being „creative“, • the existing (future) legal framework must provide possibilities to share information and protect the „players“ • and • management of human resources is vital! • Next steps: • repeat the exercise • research project SCUDO • follow-up on national ICT-Security Strategy and Cyber-Security Strategy • http://www.kuratorium-sicheres-oesterreich.at/login/cyberplanspiel-2012/ Austrian Academic Computer Network 6

  7. www.aco.net Questions? Austrian Academic Computer Network

More Related