Government Information Assurance Strategy LogicaCMG Security Event 30 September 2004 PowerPoint PPT Presentation

presentation player overlay
1 / 21
About This Presentation
Transcript and Presenter's Notes

Title: Government Information Assurance Strategy LogicaCMG Security Event 30 September 2004


1
Government Information Assurance
Strategy(LogicaCMG Security Event 30 September
2004)
  • Harvey Mattinson
  • Head of Accreditation, CSIA

2
Business drivers
  • Efficiency Effectiveness
  • Customer service delivery
  • Integration of supply chains
  • Remote working
  • Back office rationalisation
  • Just as in the private sector...

3
Security context
  • Continuity of Government
  • Business as usual
  • Government during crisis
  • Economic and Social well-being
  • Broader policy objectives
  • National Security

4
Security Challenges
  • Complex interdependencies
  • local optimisation vs. large scale weakness
  • People
  • training / vetting /authentication / authority
  • Market forces
  • COTS products, etc
  • Timescales
  • evaluation / assurance

5
Central Sponsor for Information Assurance
  • Created in Cabinet Office - April 2003
  • To assure government that the risks to the
    national information infrastructure are
    appropriately managed

6
Information Assurance
  • The confidence that information systems will
  • function when they need to
  • function as they need to
  • be controlled by legitimate users
  • protect the information they handle

7
Government Strategic Direction
  • Provide an information risk management capability
  • Benefit and influence where we dont control

8
Quotes form Sir Andrew Turnbulls letter
(09/02/04)
  • In the past information risks have often been
    delegated to IT Departments, but managing
    information risk is now a Board level function.
  • .nominate a Board member to take ownership of
    information risk.
  • .Head of e-Government will work with these
    Board members to ensure we are developing the
    culture and process for effective information
    risk management, and measuring and auditing our
    performance.

9
IA Governance
  • Information Risks must be addressed at Board
    level!
  • Head of e-Government to lead cross-departmental
    network
  • Metrics State of Union
  • Accreditation Profession

10
Partnerships
  • Joined-up Government - GSi / GSe / GSx /
    Extranets
  • GIPSI CIPCOG/DIPCOG
  • GTPS
  • Outreach Awareness/Training/Professionalism

11
Partnership
Dept Boards, BS7799, IAAC, SAINT, BCS, NCC etc
Govt, public sector, CNI
Public sector Private sector National
International
CSIA NISCC
CSIA CO, DTI
Risk analysis
Governance Culture
Understanding Threats Vulnerabilities
Counter- Measures
NISCC CESG
CESG CSIA
Incident Response
Vendors, Service Providers, GIPSI
Vendors, CERTs, WARPs
NISCC, NHCTU CCS, HO
Govt, public sector, CNI, private sector
12
Government Secure Intranet
  • New service March 2004
  • Over 140 connected organisations
  • Approx 300,000 users - expanding!
  • Central AV protection
  • Central services
  • Remote access to GSi and xGSi
  • Back Office functions

13
GIPSI Claims Test Mark (GCTM)
September 2004
14
What Is GIPSI?
  • The National IA products services expert panel
  • An innovative approach to the attainment of the
    National IA Strategy
  • Oversees the work of CIPCOG, DIPCOG and SIAF

15
GIPSI Claims Test Mark
16
Incident Response
  • The National Plan
  • Contingency Telecommunications
  • Network resilience
  • 24 hr watch
  • Common reporting format
  • WARPs
  • Contracts

17
Outreach
  • Protecting Our Information Systems
  • Warn and Inform
  • Public Relations Campaign
  • Survey of Participants

18
Training and Professionalisation
  • Future of ITPC
  • Private sector requirements
  • Industry / academic delivery

19
Protecting our Information Systems
  • Public IA Document - launched 22 /06/04
  • IA Strategy aimed at Public Private Sectors,
    Home Users and Home Business IT Users
  • Combating hi-tech crime
  • Increasing protection of information systems
  • Promoting education awareness of Infosec
  • Training Skills for professionals
  • Developing International co-operation

20
Summary
  • Strategic approach to Information Assurance
  • Addressing all key systems of public interest
  • Partnership is essential
  • Public sector - Private sector
  • National and International

21
Central Sponsor for Information Assurance
Questions? Contact Harvey Mattinson Head of
AccreditationCSIA/Cabinet Office Tel 44 (0) 20
7276 3094Mobile 44 (0) 7786 702029E-mail
harvey.mattinson_at_cabinet-office.x.gsi.gov.ukhttp
//www.cabinet-office.gov.uk/csia/ The CSIA is a
unit within the UK Government's Cabinet Office
and works with partners in both the public and
private sectors, as well as its international
counterparts, to help safeguard the nation's IT
and telecommunications services. The CSIA will
provide a central focus for information assurance
in promoting the understanding that is essential
for government and business alike to maintain a
reliable, secure and resilient national
information infrastructure.
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2026 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The : "Government Information Assurance Strategy LogicaCMG Security Event 30 September 2004" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!