1 / 26

EISA on cybersecurity

EISA on cybersecurity. Tallinn 19.07.2012. 2007 attacks. DDoS attacks against government services, news portals and banks Service disruptions in Estonia ca 1,5h, longer abroad Peak traffic exceeded avg by several hundred times Attacks carried out in waves, precise timing. Use of botnets

moral
Download Presentation

EISA on cybersecurity

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. EISA on cybersecurity Tallinn 19.07.2012

  2. 2007 attacks • DDoS attacks against government services, news portals and banks • Service disruptions in Estonia ca 1,5h, longer abroad • Peak traffic exceeded avg by several hundred times • Attacks carried out in waves, precise timing. Use of botnets • Cyber attacks were just one method used in the larger political campaign together with other methods (economic sanctions, political pressure) • Difficulties with verifiable attribution

  3. Threat environment in cyberspace • No clear dividing line between criminal or terrorist activity and strategic attack • Cyber attack is low-cost, technologically available, asymmetric, crosses borders • No attribution for attacks, many 3rd parties • Civilian critical infrastructure and private sector most vulnerable • Not a “new threat”, but “new vulnerability” • Policy goal: extend rule of law and stability into a chaotic domain

  4. Defending an e-way of life • E-stonia – a balanced demand and supply of e-services from private and public sector • E-solutions widely in use and dependable • 98% of banking, 92% tax declarations • M-parking • Ca 1,148,000 national ID cards issued • Sign and encrypt documents using E-ID • E- & M-voting • National Electronic Health Records • Public transport ID-ticket, ID-fishing licenses etc etc • = NO GOING BACK

  5. Types of attacks

  6. Many responsibilities Govt: Economic Regulation, monitoring consequence management Civil society: Regulations, ideas, participation Cyber Security Govt: Defence and security Military, criminal, intel, Prevent and investigate Private users: Ownsecurity, consumers, privacy International actors – state and private Corporate: Ownsecurity, IP, vital services, information, infrastructure

  7. Legislation • National Cyber Security Strategy of 2008 • Creation of a cabinet-level National Cyber Security Council • Restructuring of theEstonian Informatics Centre for critical civilian information infrastructure protection and monitoring the country’s cyber space • Emergency Act of 2009 • Cyber attacks can constitute a national emergency • Re-definition of critical services and coordinating agencies in light of lessons learned • Compulsory baseline IT security standards for the public sector • Creation of the Cyber Defence League

  8. National Level:Estonia’s whole-of-country approach Legislation and regulations up to date National Cybersecurity Council provides cabinet-level and inter-agency coordination Public-private partnerships with private sector companies, civil society, individuals Private-private partnerships Contribute internationally

  9. National organization Government National Security Council National Cyber Security Council Ministry of Economic Affairs and Communications Private sector stakeholders MoD Ministry of Interior Affairs Ministry of Justice Ministry of Finance MFA Ministry of Science & Education EISA Information security network: CISO-s of critical companies and state agencies which provide or oversee critical services

  10. FOR OFFICIAL USE ONLY Legislation cont. • Ministry of Economics and Communications: • Estonian Informatics centre: • Coordination and development of state information systems including provision of guidance for IT baseline protection • Computer Emergency Response Team (CERT): • Management of security incidents in .ee computer networks • Incident handling and warnings

  11. FOR OFFICIAL USE ONLY Legislation cont. • Ministry of Interior: • Responsible for regulating the handling of emergency situations within the state • Criminal Police: • organized crime; • pursuit/intelligence/simulation of crime • Security police: • prevention and combating of activities aimed against the constitutional order and territorial integrity

  12. FOR OFFICIAL USE ONLY Legislation cont. • Ministry of Defense: • Preparations for military defense including cyber security: • Policy • Information office (Teabeamet): • Counterintelligence • General Staff J6: • Overall coordination • Cyber Defense League • Training and preparation

  13. PPP Highlights • EISA ‘s CIIP Council- most critical vital service providers represented • Update of Security Regulations, Recommendations and Best Practices • IT security community (Key Vital Service Providers and Government )hosted by national CERT – 24/7 comm lines, regular meetings etc.

  14. Individual citizens, awareness and education Graduate programs in information security and cyber defence IS modules in BA programs, training for specialists Increased funding for IS research Primary and secondary education include computer safety classes in curricula Not just government

  15. Triangle of Critical Infrastructure ENERGY COMM DATA

  16. CIIP- (e-)Estonia the Vulnerable • Comprehensive risk analysis of vital services for IT dependency assessment was conducted in 2010 • 95% of vital services have IT dependency, critical dependency was detected in 30% of cases • 10% of vital services don’t have fallback option to some low tech alternative • Protection of IT infrastructure is critical for each vital service. CIIP=CIP

  17. CIIP setup in Estonia

  18. EISA • Since June 1st 2011, the Estonian Informatics Centre has been re-organised to the Estonian Information System's Authority (EISA). • The new authority helps private and public sector's organisations to maintain the security of their information systems, the authority has also the right of supervision. • The Estonian Information System's Authority has 11 main topics. • Re-organisation involves mostly two departments dealing with information security. • The authority will also have a new purview – supervision.

  19. Cyber Security Division of State Information’s Authority

  20. CIIP • The Department of Critical Information Infrastructure Protection (CIIP) evaluates the security of information systems in Estonia and carries out risk assessments. • Every provider of a vital service in Estonia is responsible for the security of their system. • CIIP advises the owners of information systems on how to assess risks and how to protect vital services.

  21. CERT • CERT-EE (Computer Emergency Response Team Estonia) handles security incidents taking place in the .ee domain. • The department helps in case Estonian websites or services should fall under cyber attack or if Estonian computers distribute malware. • CERT-EE also engages in malware reverse-engineering.

  22. Supervision • The new area of activity of the authority is supervision of the security of vital services and development of new information systems. • EISA will supervise and oversight the architecture and maintenance of the vital information systems in public and private sector.

  23. Cyber Defence League • A voluntary national cyber corps • Both private and public sector experts • Training, education and exercising in cyber security of national critical organisations • Benefits the individuals, their employers as well as the country as a whole

More Related