190 likes | 721 Views
Cyber security implementation within an organization. Ltn Andri Rebane Estonian MoD CIO. Estonian Ministry of Defence. Ministry of Defence Defence Forces CCDCOE CIRC Cyber Lab Defence League Cyber Unit Defence Resources Agency Information ’ s Agency Estonian War Museum
E N D
Cyber security implementation within an organization Ltn Andri Rebane Estonian MoD CIO
Estonian Ministry of Defence • Ministry of Defence • Defence Forces • CCDCOE • CIRC • Cyber Lab • Defence League • Cyber Unit • Defence Resources Agency • Information’s Agency • Estonian War Museum • Seli Health Center
Basis documents for MoD National Defence Strategy National Military Defence Development Plan National Security Policy National Cyber Security Strategy NATO Policy on Cyber Defence NATO directives
MoD Cyber Space Strategy • Defines cyber space as independent domain • Covers following areas of Cyber Space: • Leadership of MoD through information technology • Cyber Defence of MoD • Cyber Operations of MoD • Other important issues: • Cooperation • Personnel • Technology
Cyber defence • Cyber hygene • Inside threats • Outside threats • Monitoring • Prevention, detection, response, recovery • Forensic • etc
Cyber operations • Legal and law enforcement • Public relations • Gathering and analyzing electronic information • Using “red” teams in exercises • etc
Subordinate documents • Documents in subordinate establishments • ICT Development Plan (for leadership in an establishment) • Cyber Defence Development Plan • Cyber Operations Development Plan • etc
Organization • ICT consolidation to Defence Forces • Cyber Defence • Defence Forces (CIRC) • Defence League (Cyber Unit) • Cyber Operations • MoD • Defence Forces • Defence League • Information’s Agency
Defence League Cyber Unit • Voluntary ogranization • Mission is to protect Estonia’s high-tech way of life, including protection of information infrastructure and supporting broader objectives of national defence • development of cooperation among qualified volunteer IT specialists • education and training in information security • participation in international cyber security training events
Personnel • Mixed environment of civilians and military personnel • Different nations in CCDCOE • Recruits with ICT education serve in Signal Battalion
Infrastructure • Inside communication through MoD owned infrastructure • Defence Forces is a Provider Independent ISP • Basic capability to maintain own infrastructure • Cyber Lab (exercise environment)
Technological areas • Intrusion detection/prevention systems • Antivirus • Data loss prevention • Removable media encryption • Web filtering • Mobile device security • Log collection and correlation
Resource allocation • ICT Development Council • Large investments • Projects that influence entire MoD governance area • Resources for cyber defence and cyber operations mainly in Defence Forces and Defence League • Resource sharing between establishments • R&D with universities
Domestic cooperation • Government coordination • Estonian Information System’s Agency • CERT-EE • Universities • “Cyber Security” masters programe • Coming soon: “e-Governance Innovation” and “Cyber Forensic” (not yet confirmed)
Foreign cooperation • Mainly NATO and NATO members • NCIA • NCIRC • Nordic countries • Finland • Sweden