Presentation is loading. Please wait.

Presentation is loading. Please wait.

28.4-1.5.20064th CEENet Workshop on Network Policy, Istanbul Planning the Establishment of Armenia NREN CSIRT I. Mkrtumyan

Published byMarvin Farmer Modified over 9 years ago

Similar presentations

Presentation on theme: "28.4-1.5.20064th CEENet Workshop on Network Policy, Istanbul Planning the Establishment of Armenia NREN CSIRT I. Mkrtumyan"— Presentation transcript:

1 28.4-1.5.20064th CEENet Workshop on Network Policy, Istanbul Planning the Establishment of Armenia NREN CSIRT I. Mkrtumyan imkrtumyan@amnic.netimkrtumyan@amnic.net Internet Society - Armenia American University of Armenia

2 28.4-1.5.20064th CEENet Workshop on Network Policy, Istanbul Strategic Objectives Strategic objectives of the establishment of Armenia NREN CSIRT are to:  Prevent cyber attacks against Armenia’s NREN critical infrastructures  Reduce NREN vulnerability to cyber attacks  Minimize damage and recovery time from cyber attacks that do occur

3 28.4-1.5.20064th CEENet Workshop on Network Policy, Istanbul Critical Priorities for NREN Cyberspace Security The Armenia NREN Cyberspace Security strategy pronounces four priorities including: I. NREN Cyberspace Security Response System II. NREN Security Awareness and Training Program III. NREN Security Threat and Vulnerability Reduction Program IV. National and International Security Cooperation

4 28.4-1.5.20064th CEENet Workshop on Network Policy, Istanbul Priority I: A NREN Cyberspace Security Response System 1. Establish a NREN CSIRT for responding to NREN-level security incidents; 2. Provide registration and analysis of security attacks; 3. Provide information sharing involving security attacks, threats, and vulnerabilities. 4. Funding CSIRT

5 28.4-1.5.20064th CEENet Workshop on Network Policy, Istanbul Role of CEENet and NATO in establishing NREN CSIRTs CEENet organized the training “Establishing CSIRTs in Caucasus” in Tbilisi, August 24-26, 2005, CEENet and NATO are providing equipment for NREN CSIRT office and the annual stipend for the CSIRT administrator, This is a real and very important help for starting up CSIRTs, Many thanks to CEENet and NATO SILK BOARD and personally to Mr. J. Gajewski!

6 28.4-1.5.20064th CEENet Workshop on Network Policy, Istanbul I.1. Establish a NREN CSIRT The choice of the CSIRT hosting organization when there are more than one NREN: Internet Society – Armenia (ISOC AM) was chosen for for the following reasons: -there are two NRENs – ASNET and ARENA, -leaders of both organizations are members of ISOC AM, -ISOC AM is the local internet community, -ISOC AM is a member of CEENET representing Armenia NRENs and participates in other CEENET projects like Porta Optica, -ISOC AM is more responsive to the international cooperation and activity,

7 28.4-1.5.20064th CEENet Workshop on Network Policy, Istanbul Establish a NREN CSIRT ( continued ) -ISOC AM is a manager and registry (AM NIC) of AM TLD and as such accumulates an important information on security, vulnerabilities, attacks. -ISOC AM has a training center with qualified trainers, -ISOC AM is conducting network administrators training courses, -ISOC AM training center is a CIW authorized training center with training programs in Webdesign for E- commerce and Security, -ISOC AM is a participant of e-rider and community centers (telecenters) programmes. -A grant for training in information security for Armenia schools from OSI is expected soon.

8 28.4-1.5.20064th CEENet Workshop on Network Policy, Istanbul AM NREN CSIRT (ISOC AM) ASNET ARENA REN AM NREN CSIRT

9 28.4-1.5.20064th CEENet Workshop on Network Policy, Istanbul I.2. Provide registration and analysis of security attacks The most common security problems in Armenia domain: Permanent –UBE or spam –Viruses –Network scans Temporary –DOS –DDOS

10 28.4-1.5.20064th CEENet Workshop on Network Policy, Istanbul I.2. Provide registration and analysis of security attacks (continued) There is no website in Armenia where one can find registered cases of attacks and methods of remediation. The AM NREN CSIRT will: register and publish the statistics of attacks, their targets and sources (like www.hackerwatch.org),www.hackerwatch.org develop an infrastructure for coordinating response to computer security incidents within NRENs, conduct incident and vulnerability analysis, disseminate information about reported vulnerabilities.

11 28.4-1.5.20064th CEENet Workshop on Network Policy, Istanbul I.3. Provide information sharing involving security attacks, threats, and vulnerabilities RENs’ system administrators should be assigned as Chief Information Security Officers (CSIO) with the corresponding job description. CSIRT should develop a model job description; CISOs will have orientation meetings; A community of CISOs will be established. They will become members of the NREN CSIRT. A best practice document for members of CSIRT describing the cooperation principles should be developed by the NREN CSIRT; A mailing list RENs’ CISOs will be created for distribution of information on security attacks, threats, and vulnerabilities.

12 28.4-1.5.20064th CEENet Workshop on Network Policy, Istanbul I.3. Provide information sharing involving security attacks, threats, and vulnerabilities (continued) A best practice document containing recommendations for the network security: firewalls, corporate antivirus, antispyware (keyloggers, trojan horses, system monitors, etc), antispam, patch update programs will be developed; Recommendations on setting corporate antivirus, patch update, enterprise antispyware servers, on the choice of open software, e.g. SPAMASSASIN for antispam, CLAMAV as a corporate antivirus program, etc. should be developed.

13 28.4-1.5.20064th CEENet Workshop on Network Policy, Istanbul I.4. Funding CSIRT First year: Stipend of CEENet/NATO Following years: ISOC AM/membership fee

14 28.4-1.5.20064th CEENet Workshop on Network Policy, Istanbul Priority II: A NREN Cyberspace Security Awareness and Training Program 1. Promote a comprehensive NREN awareness program to empower REN CIOs to secure their own parts of cyberspace; 2. Foster adequate training and education programs to support the REN’s cybersecurity needs; 3. Organize widely recognized professional cybersecurity certifications.

15 28.4-1.5.20064th CEENet Workshop on Network Policy, Istanbul Priority III: A NREN Cyberspace Security Threat and Vulnerability Reduction Program 1.Promote law enforcement for preventing and prosecuting security attacks; 2.Develop recommendations on measures against discovered attackers (administrative or legal): - Case of AUA: forging on-line voting by stealing students’ passwords, - Case of nude photo, - e-mail intimidation. 3.Create a process for NREN vulnerability assessments to better understand the potential consequences of threats and vulnerabilities; 4.Audit RENs’ security.

16 28.4-1.5.20064th CEENet Workshop on Network Policy, Istanbul Priority IV: National and International Security Cooperation 1. Use NREN CSIRT as a prototype of the country CERT (AMCERT). NREN CSIRT Industry CSIRT Gov CSIRT AM CERT

17 28.4-1.5.20064th CEENet Workshop on Network Policy, Istanbul Priority IV: National and International Security Cooperation (continued) 2. Work with international NRENs to facilitate dialogue and partnerships focusing on protecting information infrastructures and promoting a global “culture of security”; 3. Foster the establishment of national and international watch-and-warning networks to detect and prevent cyber attacks as they emerge: - establishment of cooperation with www.cert.org, www.first.org.www.cert.org www.first.org

18 28.4-1.5.20064th CEENet Workshop on Network Policy, Istanbul American University of Armenia: an example of a systematic approach to the security problem  Well-defined policies: University security policy, - Network acceptable use policy, - Lab computers acceptable use policy, - Email use policy;  Duty assignment: - Chief Information Security Officer (CISO) – sysadmin - Deputy ISO – netadmin - Database custodians  Security software: Antispam (free soft - Spamassasin, Centinel), Enterprise antivirus (freesoft – CLAMAV) Workstation antivirus (NAV corporate edition) Antispyware (enterprise Spysweeper) Automatic patch update (WUS);

19 28.4-1.5.20064th CEENet Workshop on Network Policy, Istanbul American University of Armenia: an example of a systematic approach to the security problem (continued)  Special attention to public access computers as they are the most vulnerable  Campus wireless (authentication with Radius server)  Outside wireless – connectivity to the Administration apartments; separate subnet; MAC address authentication;  Back-up channel;  Bandwidth shaping: - congestion is a security problem, - there is no such thing as a good channel, - loss of bandwidth because of non-existing e-mail addresses;  Use of AUA and other advanced organisations for the development of a BPD.

20 28.4-1.5.20064th CEENet Workshop on Network Policy, Istanbul What are the appeals for RENs to cooperate with the CSIRT?  Best practice documents,  Network auditing,  Training courses,  Up-to-date information on the local NREN security situation,  Warnings about local hackers,  Help on detection of source of attacks and counteractions.

21 28.4-1.5.20064th CEENet Workshop on Network Policy, Istanbul Proposals to CEENET-NATO  Trigger the development of: - free resident enterprise wide antispyware program, - free antivirus program of NAV corporate edition type;  Organise: - short orientation meetings-workshops for decision makers, - longer trainings for practitioners.

22 28.4-1.5.20064th CEENet Workshop on Network Policy, Istanbul

Download ppt "28.4-1.5.20064th CEENet Workshop on Network Policy, Istanbul Planning the Establishment of Armenia NREN CSIRT I. Mkrtumyan"

Similar presentations

The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.

The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.
Philippine Cybercrime Efforts

Philippine Cybercrime Efforts
International Telecommunication Union An Insight into BDT Programme 3 Marco Obiso ICT Applications and Cybersecurity Division Telecommunication Development.

International Telecommunication Union An Insight into BDT Programme 3 Marco Obiso ICT Applications and Cybersecurity Division Telecommunication Development.
Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.

Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.
Advancing Our Profession INTRODUCTION Why Does It Matter?

Advancing Our Profession INTRODUCTION Why Does It Matter?
Lynn Ray ISO Towson University Strategic Planning for IT Security Copyright Lynn Ray, 2007. This work is the intellectual property rights of the author.

Lynn Ray ISO Towson University Strategic Planning for IT Security Copyright Lynn Ray, This work is the intellectual property rights of the author.
STOP.THINK.CONNECT™ NATIONAL CYBERSECURITY AWARENESS CAMPAIGN SMALL BUSINESS PRESENTATION.

STOP.THINK.CONNECT™ NATIONAL CYBERSECURITY AWARENESS CAMPAIGN SMALL BUSINESS PRESENTATION.
DHS, National Cyber Security Division Overview

DHS, National Cyber Security Division Overview
SECR 5140-FL Critical Infrastructure Protection Dr. Barry S. Hess Spring 2 Semester Week 3: 1 April 2006.

SECR 5140-FL Critical Infrastructure Protection Dr. Barry S. Hess Spring 2 Semester Week 3: 1 April 2006.
Information Security Policies and Standards

Information Security Policies and Standards
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.

Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
Know the Client Own the Problem Share the Solution The 2005 Case for Information Technology Security October 14, 2004.

Know the Client Own the Problem Share the Solution The 2005 Case for Information Technology Security October 14, 2004.
1 July 08, 2010 Information Security Officer Meeting.

1 July 08, 2010 Information Security Officer Meeting.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.

ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.

Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.
(Geneva, Switzerland, September 2014)

(Geneva, Switzerland, September 2014)
Computer Security: Principles and Practice

Computer Security: Principles and Practice
Factors to be taken into account when designing ICT Security Policies

Factors to be taken into account when designing ICT Security Policies
Session 3 – Information Security Policies

Session 3 – Information Security Policies

Similar presentations

Ads by Google