Presentation is loading. Please wait.

Presentation is loading. Please wait.

Information and Network security: Lithuania Tomas Lamanauskas Deputy Director Communications Regulatory Authority (RRT) Republic of Lithuania; ENISA Liaison.

Similar presentations


Presentation on theme: "Information and Network security: Lithuania Tomas Lamanauskas Deputy Director Communications Regulatory Authority (RRT) Republic of Lithuania; ENISA Liaison."— Presentation transcript:

1 Information and Network security: Lithuania Tomas Lamanauskas Deputy Director Communications Regulatory Authority (RRT) Republic of Lithuania; ENISA Liaison Officer for Lithuania

2 RRT Responsible for regulation of electronic communications and postal sectors Established on 1 May 2001 Independent state institution, accountable to the Government and the Parliament headed by the Director and the Council (formed of 6 representatives of state and academic (scientific) institutions and chaired by the Director) The Director and the Council are appointed for 5 years by the President of the Republic on the recommendation of the Prime Minister

3 I&N security: some statistics In 2003, various security problems on the Internet were experienced by… –almost 11 % adult Lithuania’s residents –or 59 % of internet users Most recently mentioned are… –computer viruses (47.5 %), –unsolicited e-mails (SPAM) (44.5 %), –break-in to computer networks (9,1 %) and –illegal usage of credit card information (1,4 %).

4 I&N security in Lithuania: some statistics Increase of incidents (one of the biggest ISP in LT) Incidents (one of the biggest ISP in LT)

5 Survey of ISP regarding spam By end 2004, survey of ISP was conducted: –38% of agreements foresee direct prohibition of spam, –47% of agreements foresee indirect prohibition of spam, –71% of ISP use spam filtering measures (with 50% efficiency):  Static and dynamic filtering  White lists & black lists  Rate limiting  Blocking of port 25 –Rare customer complaints about spam, – Proposals were submitted, e.g. development of Lithuanian “black-lists” (Spam from Eastern Europe, Asia) Raising awareness, To encourage use of other authentification protocols than SMTP…

6 Survey of ISP regarding CERT By start 2005, survey of ISP was conducted: 65 % of ISPs do security incidents management of they networks Only biggest ISPs have fully functioning CERT.

7 Legal Framework of I&N security: present status Laws… –… on electronic communications –… on legal protection of personal data –… on electronic signature –… on advertising Government decision… –… regarding control of off-the-record information in computer networks of public usage and rules of distribution of limited public information Order of Minister of Economy… –… regarding the regulation of provision of some services of information society, especially of electronic commerce, in internal market

8 Legal Framework of I&N security: plans for 2005-2006 Strategy and its’ implementation plan for… –… security of electronic communication networks and information Law on… –… security of electronic communication networks and information (consolidation on legal requirements) Establishment of… –CERT (within RRT)

9 I&N security: Institutional overview State Data Protection Inspectorate Information Society Development Committee Ministry of the Internal Affairs Ministry of Transport and Communications Communications Regulatory Authority (RRT) National Consumer Rights Protection Board Policy, arranging strategies and implementation plans (both) Network and information security in state institutions (MIA) Digital signature supervision agency, supervision of illegal online content. Responsible for personal data protection and supervision of Directive 2002/58/EC Law on Electronic Communications supervisory authority; involvement in anti- spam, rules to personal data and privacy protection & protection against unauthorized access; control and monitor the national DNS; Participate in ENISA activities. Future: National CERT, expansion of I&N security activities Actions against using spam for advertising

10 Recent activities of RRT on IN security: raising awareness In 2004 started counter-spam activities: –Co-operation with National Consumer Rights Protection Board and State Data Protection Inspectorate –Participation in meetings of anti-spam authorities organized by European Commission –Joining of London declaration-action plan –Awareness raising E.g., In 2004, RRT announced information on the possibility to report spam originating from the USA. Market surveys on spam and ensuring of IT security within ISPs

11 Recent activities of RRT on I&N security: raising awareness Started warnings on new viruses –E.g., on 14 December 2004 RRT was the first who warned about the new “Christmas” virus; On 11 February 2005 RRT launched Network and information security section on its web site www.rrt.lt designated for internet service users as well as providers… www.rrt.lt –Legislation on network and information security –Computer viruses –SPAM –CERT –ENISA –Other information

12 Nearest plans for activities of RRT on I&N security Actively participate in legislation development projects Establish a contact network on network and information security items among existing Lithuanian CERTs and ISPs Launch a national CERT within RRT Release a new awareness project consisting of the comprehensive network and information security web site Work on media coverage over IN security issues…

13 Cooperation for I&N security ENISA IRG / WG IT security London action plan Member of the Board, V.Šalauskas (Undersecretary, Ministry of Transport) Alternate member of the Board, T.Barakauskas (Director, RRT) Liaison Officer, T.Lamanauskas (Deputy director, RRT) Informal working group, established 2002 by European NRAs Action plan signed by European and US anti-spam authorities (RRT participating)

14 ENISA: expectations Suggestions and information on best practices –Awareness raising –Involvement of stakeholders –Regulation –Etc. Suggestions on priorities for national I&N Security strategies –Analysis of most-important current and emerging risks –Information on European level business and consumer concerns Point for exchange of information Facilitation and co-operation in common European or national level projects

15 Co-operation: what could we do? Provision of information and opinions Participation in preparation of documents on best practices and common positions Organising of events (seminars, conferences), including European level events Other forms of co-operation

16 THANK YOU


Download ppt "Information and Network security: Lithuania Tomas Lamanauskas Deputy Director Communications Regulatory Authority (RRT) Republic of Lithuania; ENISA Liaison."

Similar presentations


Ads by Google