Presentation is loading. Please wait.

Presentation is loading. Please wait.

Protection of Classified Information & Cyber Security

Similar presentations

Presentation on theme: "Protection of Classified Information & Cyber Security"— Presentation transcript:

1 Protection of Classified Information & Cyber Security
Bruno VERMEIRE Belgian NSA INFOSEC Competent PRS Authority Federal Public Service Foreign Affairs

2 Overview Legal Principles Classified Information (CI) a target?
The BEL NSA Belgian Cyber Security Strategy Protecting CIS handling CI Outsourcing Challenges

3 Legal Principles National Security Authority : Preventive
Police : Proactive, Reactive Justice : Repressive

4 Classified Information (CI) a target?
Paper world thinking  Cyber thinking CI = protection of national assets + assets of other states on the territory CI = targeted with sophisticated tools, even when not connected Are we target ? yes, all CIS handling CI are targeted

5 The BEL NSA 8 administrations:
Includes all principles Collegial decisions Cyber is not within the legal framework for protecting CI Legal framework cyber includes the protection of CI BEL CERT, limited services Mil CERT

6 Belgian Cyber Security Strategy
BELNIS All BEL administrations with cyber security responsibility, includes BEL NSA Strategy approved by the government Includes Mechanism for approving security products Accreditation of systems beyond protection of CI only Implementation probably next Government Strong focus on centralised approach, awareness & education Appropriate cyber crime regulation Includes adaption of Budapest Convention on Cybercrime

7 Protecting CIS handling CI
Pro’s Appropriate security installed Appropriate separation Very good documented trusted users

8 Protecting CIS handling CI
Contra data exchange high risk (MemStick, DVD, …) patch policy not easy to implement Off line, direct assessment difficult Wireless (3G, 4G, WiFi, …)

9 Outsourcing Focus on Vulnerability assessment Protection Trusted products Creating technical legal framework (cyber security standards for CIS handling CI) Civil accredited evaluators Government accreditors (BELAC - NSA)

10 Challenges : taxonomy Electronic Surveillance COMPUSEC Cyber Terrorism
Information Assurance Cyber Defense Electronic Warfare Electronic Defense Computer Network Exploitation Information Operations Infosec Cyber Warfare COMSEC Computer Network Defense Cyber Security Emanation security (EMSEC) Electronic Attack ISTAR Cyber Network Operations Computer Network Attack Information Deception OSINT SIGINT Computer Network Offensive Cyber Monitoring Operations Security (OPSEC)

11 Challenges : high speed revolution
Gov evolution speed  Internet revolution No global legal framework Identification of responsibilities Recognition as an armed attack/military domain

12 Challenges : collaboration
It takes two to tango Win/Win  minimal level & equality requirement Exposure risk If you know what I can detect, … you also know what I can’t … Technology advantage

13 Cyber Capabilities must be developed during personnel and budget cuts…
Challenges : means People Knowledge & Training Computers & networks Cyber Capabilities must be developed during personnel and budget cuts…

14 Thank You !!

Download ppt "Protection of Classified Information & Cyber Security"

Similar presentations

Ads by Google