close

Вход

Забыли?

вход по аккаунту

?

Critical Information Infrastructure Protection - Essential during

код для вставкиСкачать
Critical Information Infrastructure Protection –
essential during War times or Peace times or both?
Prof Basie von Solms
University of Johannesburg
Johannesburg
basievs@uj.ac.za
AGENDA
• What is Critical Information Infrastructure (CII)?
• What does CIIs consist of?
• What are the risks related to CIIs?
• What is Critical Information Infrastructure Protection (CIIP)?
• When is CIIP needed/required – during war or during peace?
• Who is responsible for CIIP?
• What is the relationship between CIIP and Corporate Governance?
• The Estonia - Russia Cyber war of 2007
• The role of a CERT/CSIRT
• The position in SA and Africa
WARNING!!!!
• Nothing I will say is new!
• Most of you will be up to date on everything I am going to
say!
• However, we must say it again to stimulate discussion!!
What is CII ?
• Critical information infrastructures (CIIs) are communications
and/or information services whose availability, reliability and
resilience are essential to the functioning of a modern economy
Critical Information Infrastructure Protection, A Report of the 2005 Rueschlikon Conference on
Information Policy
•Telecommunications, power distribution, water supply,
public health services, national defense (including the military’s
warfighting capability), law enforcement, government services,
and emergency services (are all part of a country’s CII)
INFORMATION SECURITY, GAO 03-564, Progress Made, but Challenges Remain to Protect Federal
Systems and the Nation’s Critical Infrastructures, 2003
What is CII ?
• Computers, networks, and network components
are now essential to virtually all of (a) nation’s
critical infrastructures
Cybersecurity – A Crisis of Prioritization, Office of the Executive President of the USA, 2005
• CIIs are NOT infrastructures limited to the domains
of defence, the military, intelligence services,
police services etc –
they are part of the daily modern economy and
existence of any country
What does CII consist of?
(IT workers) work with the information technologies in many visible
application areas every day
Less visible, and certainly less well understood, is the fact that these
technologies – computers, mass storage devices, high-speed networks and
network components such as routers and switches, systems and
applications software, embedded and wireless devices, and the Internet itself
– are now also essential to virtually all of the Nation’s critical infrastructures
Cybersecurity – A Crisis of Prioritization, Office of the Executive President of the USA, 2005
What does CII consist of?
The growing use of the Internet in CIIs
What are the risks related to CII?
• ….. an increasing concern (is growing) about
attacks from individuals and groups with malicious
intent, such as crime, terrorism, foreign intelligence
gathering, and acts of war.
INFORMATION SECURITY, GAO 03-564, Progress Made, but Challenges remain
to Protect Federal Systems and the Nation’s Critical Infrastructures, 2003
• Cybercrime to today the fastest growing form of
crime in the world
What are the risks related to CII?
… concerns are well founded for a number of reasons,
including
* the dramatic increases in reported computer security
incidents,
* the ease of obtaining and using hacking tools,
* the steady advance in the sophistication and effectiveness
of attack technology, and
* the dire warnings of new and more destructive attacks.
INFORMATION SECURITY, GAO 03-564, Progress Made, but Challenges remain to Protect Federal
Systems and the Nation’s Critical Infrastructures, 2003
What are the risks related to CII?
The use of the Internet in CIIs!!!!
Information Warfare/National Security
(Estonia case study)
What is Critical Information Infrastructure Protection (CIIP)?
Ensuring the
• Confidentiality,
• Integrity and
• Availability
(CIA) of these infrastructures
When is CIIP needed/required –
during war or during peace?
From the discussion above, it is absolutely clear that CIIP is required
• 24/7/365 �for ever’
• <CIIs are NOT infrastructures limited to the domains of defence, the
military, intelligence services, police services etc – they are part of
the daily modern economy and existence of any country>
• Protecting the computer systems that support our nation’s critical
operations and infrastructures is a continuing concern
INFORMATION SECURITY, GAO 03-564, Progress Made, but Challenges remain to Protect Federal
Systems and the Nation’s Critical Infrastructures, 2003
When is CIIP needed/required –
during war or during peace?
The challenge is to realize that CIIP is as essential
during peace times as it is during war times –
In fact, failures of CIIs during peace times can
result in riots and attacks and even war!!!
Who is responsible for CIIP?
About 85 percent of the United States'
critical infrastructures, telecommunications, energy,
finance, and transportation systems, are owned and
operated by private companies
If our critical infrastructures are targets,
it is the private sector that is on the front line.
Critical Infrastructure Information Security Act
http://www.senate.gov/~bennett/press/record.cfm?id=226461
Who is responsible for CIIP?
Thus, we have to think differently about national security,
as well as who is responsible for it.
In the past, the defense of the Nation was about
geography and an effective military command-and-control structure.
However, now prevention and protection must shift from the
command-control structure to partnerships that span
private and government interests. (2)
Critical Infrastructure Information Security Act
http://www.senate.gov/~bennett/press/record.cfm?id=226461
What is Corporate Governance?
�Corporate Governance consists of the set of policies and internal controls
by which organizations, irrespective of size or form, are directed and managed.
Information security governance is a subset of organizations’ overall
(corporate) governance program.’
Information Security Governance – A Call to Action, National Cyber Security Summit Task Force,
http://www.entrust.com/news/2004/corporategovernancetaskforce.pdf?entsrc=isgfullreport,
accessed on 2 April 2008
What is the relationship between CIIP and Corporate Governance?
The final area where industry ought to act is in making CIIP
a board-level matter, concomitant with general
corporate governance activities.
CIIP is not a technical matter, but mainstream business matter.
Critical Information Infrastructure Protection, A Report of the 2005 Rueschlikon Conference on
Information Policy
•The Estonian Cyber war
The Estonian Cyberwar refers to a series of cyber attacks that began
April 27 2007 and swamped websites of Estonian organizations,
including Estonian parliament, banks, ministries, newspapers and
broadcasters, amid the country's row with Russia about relocation of
a Soviet-era memorial to fallen soldiers, as well as war graves in
Tallinn
Wikipedia
•The Estonian Cyber war
Some observers reckoned that the onslaught on
Estonia was of a sophistication not seen before. The
case is studied intensively by many countries and
military planners, because, at the time it occurred, it
may have been the second-largest instance of statesponsored cyberwarfare, following Titan Rain
Wikipedia
•The Estonian Cyber war
The main targets have been the websites of:
В· the Estonian presidency and its parliament
В· almost all of the country's government ministries
В· political parties
В· three of the country's six big news organisations
В· two of the biggest banks and
• firms specializing in communications
Russia accused of unleashing cyberwar to disable Estonia
http://www.guardian.co.uk/world/2007/may/17/topstories3.russia
•The Estonian Cyber war
Influence on international military doctrines
The attacks triggered a number of military organisations around the world to
reconsider the importance of network security to modern military doctrine.
On June 14 2007, defence ministers of NATO members held a meeting in
Brussels, issuing a joint communiquГ© promising immediate action.
On June 25, 2007, Estonian president met with the president of USA
Among the topics discussed were the attacks on Estonian infrastructure.
As to the placement of a newly planned NATO Cooperative Cyber Defence
Centre of Excellence (CCD COE) Bush proclaimed the policy of USA as
supporting Estonia as this centre's location.
Russia accused of unleashing cyberwar to disable Estonia
http://www.guardian.co.uk/world/2007/may/17/topstories3.russia
Summary
CIIP is a coordinated synergistic effort including
• the Government
• the Private sector
• the Defence/Military/intelligence agencies
• Research agencies
• Academics and Universities
• all IT workers
• friendly countries
Summary
CIIP is a coordinated synergistic effort including
• the Government
• the Private sector
• the Defence/Military/intelligence agencies
• Research agencies
• Academics and Universities
• all IT workers
• friendly countries
Computer Security Incident Response Team (CSIRT)/
Computer Emergency Response Team (CERT)
The role of a CERT/CSIRT
The United States Computer Emergency Readiness Team
(US-CERT) is …… intended to coordinate the respond
to security threats from the Internet.
As such, it releases information about current security issues,
vulnerabilities and exploits …….
The role of a CERT/CSIRT
A CSIRT can most easily be described by analogy
with a fire department.
• reactive
• proactive
CSIRTs in SA
2005 – Cobus Venter & Bernard Taute
2007 – JCSE
2008 – No up to date info could be found (any inputs???)
The cost of cybercrime, http://www.polity.org.za/article.php?a_id=69510
SA takes first steps towards Computer Security Incident Response Team (CSIRT),
http://cbr.co.za/news.aspx?pklNewsId=27281&pklCategoryID=378
CSIRTs in Africa
Why am I here:
I (on behalf of the international Cyber Security Incident Response Teams
community) want National point of contact CSIRT at each of the African
countries to be the focal point for the incident response coordination!
Yurie Ito, Director of Technical Operation, JPCERT/Coordination Center,
Japan, @CSIRT Training in AfNOG tutorial, Morocco. 1 June, 2008
Setting up CSIRTin the Africa Region, www.afnog.org/talks.html
CSIRTs in Africa
JPCERT/CC is a CSIRT established in Japan. It acts as a "CSIRT of the CSIRTs"
in the Japanese community.
JPCERT/CC coordinates its activities with trusted CSIRTs worldwide.
The goal of AfNOG is to share experience of technical challenges in
setting up, building and running IP networks on the African continent.
Summary
CIIP is essential for SA and Africa
CIIP is a Corporate Governance responsibility
CIIP involves a comprehensive set of role players
CIIP needs CSIRTs
CIIP need inter country cooperation
Where do we stand in SA and in Africa???
New journal
The scope of the journal includes, but is not limited to:
Information security challenges and implementation issues that are
common (as well as unique) to infrastructure sectors.
Elucidation of the interdependencies existing between infrastructure
sectors and their information security protection.
Core security principles and techniques that can be applied to address
problems in information infrastructure protection.
Development of sophisticated information infrastructure protection
solutions that blend scientific methods, engineering techniques and
public policy.
Let’s talk!!!!
Thanks
Документ
Категория
Презентации
Просмотров
13
Размер файла
189 Кб
Теги
1/--страниц
Пожаловаться на содержимое документа