Presentation is loading. Please wait.

Presentation is loading. Please wait.

Federal IT Steering Unit (FITSU) Federal Intelligence Service (FIS) Reporting and Analysis Centre for Information Assurance (IA) MELANI National Strategy.

Similar presentations


Presentation on theme: "Federal IT Steering Unit (FITSU) Federal Intelligence Service (FIS) Reporting and Analysis Centre for Information Assurance (IA) MELANI National Strategy."— Presentation transcript:

1 Federal IT Steering Unit (FITSU) Federal Intelligence Service (FIS) Reporting and Analysis Centre for Information Assurance (IA) MELANI National Strategy for the Protection of Switzerland against Cyber Risks High Level Meeting Cyber Security Strategies Workshop ENISA Marc Henauer Brussels, November 27, 2014

2 2 FITSU / FIS Reporting and Analysis Centre for IA MELANI Cyber Security Critical Infrastructure Protection Cyber crime Protection of Population and Economy Cyber defence Integration of Army for the protection of Switzerland Interface (FIS) International Coordination National Coordination Network Legal Basis Partners from Industry Col. Gérald Vernez

3 3 FITSU / FIS Reporting and Analysis Centre for IA MELANI NCS: A comprehensive Strategy 16 Massnahmen 16 Measures Impact Analysis 2017

4 4 FITSU / FIS Reporting and Analysis Centre for IA MELANI International Cooperation Population Private Sector/Critical Infrastructures National Authorities and Federal Administration Strategic Goals (Early) Recognition of Cyber Threats Increase Resilience of Critical Infrastructures Reduction Cyber Attacks (Crime, Espionage, Sabotage) Good situation analysis, relationship with CI Operators, CERTs CI are in the interest of national security and will have cascading effects Trojans, zero-day- exploits nedd observation and counter-measures

5 5 FITSU / FIS Reporting and Analysis Centre for IA MELANI The Logic Framework of the NCS Executives Board Understands Overall Risks for any given Process Decides about the implementation of the necessary security measures Personel Physical Security Measures (IT-)Technical Organizational (IT-)Technical Cyber Risks = Risks originating from maintaining or supporting a process by the use of IT. NCS Builds the Framework to choose and implement the necessary security measures Builds the Framework to identify Cyber Risks within overall Risk

6 6 FITSU / FIS Reporting and Analysis Centre for IA MELANI Im Zentrum Widerstandsfähigkeit: Stärkung der Cyber - Resilienz Informationsaustausch Bildung und Forscung Gesetzliche Grundlagen Informationsaustausch Internationales Bildung und Forschung Gesetzliche Grundlagen M1 M7 M11 M10 M9 M8 M16 Unterstützende Prozesse M3 M2 M13 M12 M6 M5 M4 M15 M14 Cyber - Resilienz Analyse Bedrohungs- lage und Risiko Incident Handling, Aktive Massnahmen Krisen- und Kontinuitäts- management

7 7 FITSU / FIS Reporting and Analysis Centre for IA MELANI Implementation and Responsibilities Decentral Implementation: Individual Self Responsibility, State offers Subsidiary Support Decentral Implementation: Individual Self Responsibility, State offers Subsidiary Support Risk Management: Risk based approach, Cyber is part of the overall risk management Risk Management: Risk based approach, Cyber is part of the overall risk management Flexibility: Customised solutions and technical and non technical solutions Flexibility: Customised solutions and technical and non technical solutions Cooperation: Public-Private- Partnership (PPP), Swiss Cyber Experts Cooperation: Public-Private- Partnership (PPP), Swiss Cyber Experts Prevention Reaction Continuity Supporting Risk and Vulnerability Analysis (M2) ICT Vulnerabilities Federal Level (M3) Situation Analysis (M4) Incident Handling (M5) Case Overview (M6) Identification Perpetrator (M14) Continuity MGMT (M12) Crisis MGMT (M13) Concept Crisis MGMT (M15) Research/Competence Building (M1,7,8) Int. Cooperation (M9,10,11) Legal Basis (M16)

8 8 FITSU / FIS Reporting and Analysis Centre for IA MELANI Roadmap

9 9 FITSU / FIS Reporting and Analysis Centre for IA MELANI FITSU –Technological Centre of Competence Contact to IT-Security Relevant Actors FIS – Intelligence Gathering and Analysis Contact to Security Relevant Services MELANI: Information Exchange Hub Responsibilities Operative Support Closed Constituency: Critical Infrastructure Operators M4 M5 M14 Identification Evaluation Analysis M2 M3 M6 M11 M12 M13

10 10 FITSU / FIS Reporting and Analysis Centre for IA MELANI Implementation is a Process 2013 Swiss Cyber Strategy has set a process in motion 2014 First results on operative level visible for over half of the 16 measures 2015 More results on the operative level will become visible 2016 Target reached for over half of the 16 measures 2017 Impact Analysis: implementation phase not terminated in It is continuous process... Process ahs to be continuously adapted to new threat landscape

11 11 FITSU / FIS Reporting and Analysis Centre for IA MELANI Thank You for Your Attention Dr. Stefanie Frey Coordinator National Cyber Strategy NCS Reporting and Analysis Centre for Information Assurance (MELANI) Federal IT Steering Unit (FITSU) Schwarztorstrasse 59 CH-3003 Bern NCS: Implementation Plan NCS:


Download ppt "Federal IT Steering Unit (FITSU) Federal Intelligence Service (FIS) Reporting and Analysis Centre for Information Assurance (IA) MELANI National Strategy."

Similar presentations


Ads by Google