Critical Information Infrastructure Protection - PowerPoint PPT Presentation

Loading...

PPT – Critical Information Infrastructure Protection PowerPoint presentation | free to download - id: 145647-OTg1N



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

Critical Information Infrastructure Protection

Description:

Critical Information Infrastructure Protection. essential ... Some observers reckoned that the onslaught on Estonia was of a sophistication not seen before. ... – PowerPoint PPT presentation

Number of Views:79
Avg rating:3.0/5.0
Slides: 32
Provided by: vons
Learn more at: http://www.csir.co.za
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: Critical Information Infrastructure Protection


1
Critical Information Infrastructure Protection
essential during War times or Peace times or
both?
Prof Basie von Solms University of
Johannesburg Johannesburg basievs_at_uj.ac.za
2
AGENDA
  • What is Critical Information Infrastructure
    (CII)?
  • What does CIIs consist of?
  • What are the risks related to CIIs?
  • What is Critical Information Infrastructure
    Protection (CIIP)?
  • When is CIIP needed/required during war or
    during peace?
  • Who is responsible for CIIP?
  • What is the relationship between CIIP and
    Corporate Governance?
  • The Estonia - Russia Cyber war of 2007
  • The role of a CERT/CSIRT
  • The position in SA and Africa

3
WARNING!!!!
  • Nothing I will say is new!
  • Most of you will be up to date on everything I
    am going to say!
  • However, we must say it again to stimulate
    discussion!!

4
What is CII ?
  • Critical information infrastructures (CIIs) are
    communications
  • and/or information services whose
    availability, reliability and
  • resilience are essential to the functioning of
    a modern economy
  • Critical Information Infrastructure Protection, A
    Report of the 2005 Rueschlikon Conference on
  • Information Policy
  • Telecommunications, power distribution, water
    supply,
  • public health services, national defense
    (including the militarys
  • warfighting capability), law enforcement,
    government services,
  • and emergency services (are all part of a
    countrys CII)
  • INFORMATION SECURITY, GAO 03-564, Progress Made,
    but Challenges Remain to Protect Federal
  • Systems and the Nations Critical
    Infrastructures, 2003

5
What is CII ?
  • Computers, networks, and network components
  • are now essential to virtually all of (a)
    nations
  • critical infrastructures
  • Cybersecurity A Crisis of
    Prioritization, Office of the Executive President
    of the USA, 2005
  • CIIs are NOT infrastructures limited to the
    domains
  • of defence, the military, intelligence
    services,
  • police services etc
  • they are part of the daily modern economy and
  • existence of any country

6
What does CII consist of?
(IT workers) work with the information
technologies in many visible application areas
every day Less visible, and certainly less well
understood, is the fact that these technologies
computers, mass storage devices, high-speed
networks and network components such as routers
and switches, systems and applications software,
embedded and wireless devices, and the Internet
itself are now also essential to virtually all
of the Nations critical infrastructures
Cybersecurity A Crisis of Prioritization,
Office of the Executive President of the USA,
2005
7
What does CII consist of?
The growing use of the Internet in CIIs
8
What are the risks related to CII?
  • .. an increasing concern (is growing) about
  • attacks from individuals and groups with
    malicious
  • intent, such as crime, terrorism, foreign
    intelligence
  • gathering, and acts of war.
  • INFORMATION SECURITY, GAO 03-564, Progress Made,
    but Challenges remain
  • to Protect Federal Systems and the Nations
    Critical Infrastructures, 2003
  • Cybercrime to today the fastest growing form of
  • crime in the world

9
What are the risks related to CII?
concerns are well founded for a number of
reasons, including the dramatic
increases in reported computer security
incidents, the ease of obtaining and using
hacking tools, the steady advance in the
sophistication and effectiveness of attack
technology, and the dire warnings of new and
more destructive attacks. INFORMATION SECURITY,
GAO 03-564, Progress Made, but Challenges remain
to Protect Federal Systems and the Nations
Critical Infrastructures, 2003
10
What are the risks related to CII?
The use of the Internet in CIIs!!!! Information
Warfare/National Security (Estonia case study)
11
What is Critical Information Infrastructure
Protection (CIIP)?
  • Ensuring the
  • Confidentiality,
  • Integrity and
  • Availability
  • (CIA) of these infrastructures

12
When is CIIP needed/required during war or
during peace?
  • From the discussion above, it is absolutely clear
    that CIIP is required
  • 24/7/365 for ever
  • ltCIIs are NOT infrastructures limited to the
    domains of defence, the military, intelligence
    services, police services etc they are part of
    the daily modern economy and existence of any
    countrygt
  • Protecting the computer systems that support our
    nations critical
  • operations and infrastructures is a continuing
    concern
  • INFORMATION SECURITY, GAO 03-564, Progress Made,
    but Challenges remain to Protect Federal
  • Systems and the Nations Critical
    Infrastructures, 2003

13
When is CIIP needed/required during war or
during peace?
The challenge is to realize that CIIP is as
essential during peace times as it is during war
times In fact, failures of CIIs during peace
times can result in riots and attacks and even
war!!!
14
Who is responsible for CIIP?
About 85 percent of the United States' critical
infrastructures, telecommunications, energy,
finance, and transportation systems, are owned
and operated by private companies If our
critical infrastructures are targets, it is the
private sector that is on the front line.
Critical Infrastructure Information Security Act
http//www.senate.gov/bennett/press/record.cfm?i
d226461
15
Who is responsible for CIIP?
Thus, we have to think differently about national
security, as well as who is responsible for it.
In the past, the defense of the Nation was
about geography and an effective military
command-and-control structure. However, now
prevention and protection must shift from the
command-control structure to partnerships that
span private and government interests.
(2) Critical Infrastructure Information Security
Act http//www.senate.gov/bennett/press/record.c
fm?id226461
16
What is Corporate Governance?
Corporate Governance consists of the set of
policies and internal controls by which
organizations, irrespective of size or form, are
directed and managed. Information security
governance is a subset of organizations overall
(corporate) governance program.
Information Security Governance A Call to
Action, National Cyber Security Summit Task
Force, http//www.entrust.com/news/2004/corporateg
overnancetaskforce.pdf?entsrcisgfullreport,
accessed on 2 April 2008
17
What is the relationship between CIIP and
Corporate Governance?
The final area where industry ought to act is in
making CIIP a board-level matter, concomitant
with general corporate governance
activities. CIIP is not a technical matter, but
mainstream business matter. Critical Information
Infrastructure Protection, A Report of the 2005
Rueschlikon Conference on Information Policy
18
  • The Estonian Cyber war

The Estonian Cyberwar refers to a series of cyber
attacks that began April 27 2007 and swamped
websites of Estonian organizations, including
Estonian parliament, banks, ministries,
newspapers and broadcasters, amid the country's
row with Russia about relocation of a Soviet-era
memorial to fallen soldiers, as well as war
graves in Tallinn
Wikipedia
19
  • The Estonian Cyber war

Some observers reckoned that the onslaught on
Estonia was of a sophistication not seen before.
The case is studied intensively by many countries
and military planners, because, at the time it
occurred, it may have been the second-largest
instance of state-sponsored cyberwarfare,
following Titan Rain
Wikipedia
20
  • The Estonian Cyber war
  • The main targets have been the websites of
  • the Estonian presidency and its parliament
  • almost all of the country's government
    ministries
  • political parties
  • three of the country's six big news
    organisations
  • two of the biggest banks and
  • firms specializing in communications
  • Russia accused of unleashing cyberwar to disable
    Estonia http//www.guardian.co.
    uk/world/2007/may/17/topstories3.russia

21
  • The Estonian Cyber war

Influence on international military
doctrines The attacks triggered a number of
military organisations around the world to
reconsider the importance of network security to
modern military doctrine. On June 14 2007,
defence ministers of NATO members held a meeting
in Brussels, issuing a joint communiqué promising
immediate action. On June 25, 2007, Estonian
president met with the president of USA Among the
topics discussed were the attacks on Estonian
infrastructure. As to the placement of a newly
planned NATO Cooperative Cyber Defence Centre of
Excellence (CCD COE) Bush proclaimed the policy
of USA as supporting Estonia as this centre's
location. Russia accused of unleashing
cyberwar to disable Estonia
http//www.guardian.co.uk/wor
ld/2007/may/17/topstories3.russia
22
Summary
  • CIIP is a coordinated synergistic effort
    including
  • the Government
  • the Private sector
  • the Defence/Military/intelligence agencies
  • Research agencies
  • Academics and Universities
  • all IT workers
  • friendly countries

23
Summary
  • CIIP is a coordinated synergistic effort
    including
  • the Government
  • the Private sector
  • the Defence/Military/intelligence agencies
  • Research agencies
  • Academics and Universities
  • all IT workers
  • friendly countries

Computer Security Incident Response Team
(CSIRT)/ Computer Emergency Response Team (CERT)
24
The role of a CERT/CSIRT
The United States Computer Emergency Readiness
Team (US-CERT) is intended to coordinate the
respond to security threats from the Internet.
As such, it releases information about current
security issues, vulnerabilities and exploits .
25
The role of a CERT/CSIRT
  • A CSIRT can most easily be described by analogy
  • with a fire department.
  • reactive
  • proactive

26
CSIRTs in SA
2005 Cobus Venter Bernard Taute 2007
JCSE 2008 No up to date info could be found
(any inputs???)
The cost of cybercrime, http//www.polity.org.za/a
rticle.php?a_id69510 SA takes first steps
towards Computer Security Incident Response Team
(CSIRT), http//cbr.co.za/news.aspx?pklNewsId2728
1pklCategoryID378
27
CSIRTs in Africa
Why am I here I (on behalf of the international
Cyber Security Incident Response Teams community)
want National point of contact CSIRT at each of
the African countries to be the focal point for
the incident response coordination! Yurie Ito,
Director of Technical Operation,
JPCERT/Coordination Center, Japan, _at_CSIRT
Training in AfNOG tutorial, Morocco. 1 June, 2008
Setting up CSIRTin the Africa Region,
www.afnog.org/talks.html
28
CSIRTs in Africa
JPCERT/CC is a CSIRT established in Japan. It
acts as a "CSIRT of the CSIRTs" in the Japanese
community. JPCERT/CC coordinates its activities
with trusted CSIRTs worldwide.
The goal of AfNOG is to share experience of
technical challenges in setting up, building and
running IP networks on the African continent.
29
Summary
CIIP is essential for SA and Africa CIIP is a
Corporate Governance responsibility CIIP
involves a comprehensive set of role
players CIIP needs CSIRTs CIIP need inter
country cooperation Where
do we stand in SA and in Africa???
30
New journal
The scope of the journal includes, but is not
limited to Information security challenges and
implementation issues that are common (as well as
unique) to infrastructure sectors. Elucidation
of the interdependencies existing between
infrastructure sectors and their information
security protection. Core security principles
and techniques that can be applied to address
problems in information infrastructure
protection. Development of sophisticated
information infrastructure protection solutions
that blend scientific methods, engineering
techniques and public policy.
31
Lets talk!!!!
Thanks
About PowerShow.com