Federal IT Steering Unit (FITSU) Federal Intelligence Service (FIS) Reporting and Analysis Centre for Information Assurance (IA) MELANI National Strategy.

Slides:

Advertisements

Similar presentations

Philippine Cybercrime Efforts

Advertisements

Critical Infrastructure Protection Policy Priorities Sara Pinheiro European Commission DG Home Affairs.

International Telecommunication Union An Insight into BDT Programme 3 Marco Obiso ICT Applications and Cybersecurity Division Telecommunication Development.

Department of Homeland Security Site Assistance Visit (SAV)

Dr. Chantal Lacroix PROGRAMME MANAGER DEPUTY HEAD OF MISSION

Tanzania Communications Regulatory Authority - TCRA Response to Cyber incidences in Tanzania: Where are we? Presented at Cyber Security Mini Conference.

Eidgenössisches Finanzdepartement EFD Informatiksteuerungsorgan des Bundes ISB Cloud Computing Strategy of Swiss Public Services Willy Müller

CIRAS PROJECT OVERVIEW

ENISA Cyber Security Strategies Workshop November 27, 2014 Brussels

GAMMA Overview. Key Data Grant Agreement n° Starting date: 1 st September 2013 Duration: 48 months (end date 31 st August 2017) Total Budget:

The French approach to CIIP ENISA workshop. Coordination of CIP in France ANSSI 2 A cross-ministerial issue The General Secretariat for Defense and National.

DHS, National Cyber Security Division Overview

Speaker: Tamar Shapatava

Protection of Classified Information & Cyber Security

MINISTRY OF NATIONAL DEFENCE REPUBLIC OF POLAND CLASSIFIED INFORMATION PROTECTION DEPARTMENT COL. PIOTR GRZYBOWSKI, Director, Classified Information Protection.

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Y. PERREAL, THALES - Project leader SECUR-ED, FP7 – SRC’10, Ostende.

PPA 573 – Emergency Management and Homeland Security Lecture 9b - Department of Homeland Security Strategic Plan.

Strategy and Policy Unit: Current Activities and Future Tasks

National CIRT - Montenegro “Regional Development Forum” Bucharest, April 2015 Ministry for Information Society and Telecommunications.

WORKSHOP ON DEVELOPING NATIONAL CRITICAL INFRASTRUCTURE PROTECTION IN SERBIA – ROLE OF PRIVATE SECURITY COMPANIES CoESS and developing critical infrastructure.

Giandonato CAGGIANO ENISA MANAGEMENT BOARD REPRESENTATIVE LEGAL ADVISER ON EUROPEAN AFFAIRS OF THE MINISTRY OF COMMUNICATIONS U. OF ROMA TRE LAW FACULTY.

VKT-GÖPL, IDIRA, L4S ISCM th March 2012 Christian Flachberger Collaboration in Complex Crisis Management Operations.

12/12/2013 Cluster Workshop on Cybersecurity 1 Michele Bezzi (SAP) Kazim Hussain (ATOS) SecCord & CYSPA Projects.

Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 DRAFT.

PREPAREDNESS AND RESPONSE TO CYBER THREATS REQUIRE A CSIRT By Jaco Robertson, Marthie Lessing and Simon Nare*

IAEA International Atomic Energy Agency IAEA Nuclear Security Programme Enhancing cybersecurity in nuclear infrastructure TWG-NPPIC – IAEA May 09 – A.

The role of private security in the protection of critical infrastructures Veerle Pashley Free University of Brussels Department of Criminology.

International Cyber Warfare and Security Conference Cyber Defence Germany's Analysis of Global Threats 19th November 2013, Ankara.

Workshops DeSIRE and DeFINE CNR, Pisa 25 th -27 th November, 2002 Dr. Stefano Bruno and Daniel Bircher, Ernst Basler + Partners Ltd. Ernst Basler + Partners.

Critical Infrastructure Protection Overview Building a safer, more secure, more resilient America The National Infrastructure Protection Plan, released.

Certification and Accreditation CS Phase-1: Definition Atif Sultanuddin Raja Chawat Raja Chawat.

Australia Cybercrime Capacity Building Conference April 2010 Brunei Darussalam Ms Marcella Hawkes Director, Cyber Security Policy Australian Government.

A National approach to Cyber security/CIIP: Raising awareness.

2 ictQATAR “ Information and Communication Technology (ICT) improves how we live and work in countless ways.”  The Ministry of Information Communication.

Jerry Cochran Principal Security Strategist Trustworthy Computing Group Microsoft Corporation.

The new cyber threats in 2013 – the hungarian approach Mr. Mihály Zala, Major-general President of National Security Authority of Hungary.

SmartNets Results Overview SmartNets SmartNets Methods.

Piemonte Workshop 1 11 September 2006 Paolo Salieri European Commission DG ENTR-H4 Security research in FP7.

ENISA efforts for securing European Internet Infrastructure

Hurdles in implementation of cyber security in India.

Cyber Security Architecture of Georgia Giorgi Tielidze 0 Current Challenges and Future Perspectives Tbilisi 2015.

Geneva, Switzerland, 14 November 2014 ENISA and Cloud Certification Dimitra Liveri Security and Resilience of Communication Networks Officer ENISA ITU.

Landscape of social innovation in Poland Brussels, May 2014.

NATIONAL CYBER SECURITY GOVERNANCE & EMERGING CYBER SECURITY THREATS

TRIAL WORKSHOP - NOVARA 6TH NOVEMBER 2013 A NEW PROJECTS FOR THE SAFETY IN CHEMICALS SUPPLY CHAINS (TRIAL)

ISACA Ireland Cyber Security Policy 9 February 2016.

M O N T E N E G R O Negotiating Team for the Accession of Montenegro to the European Union Working Group for Chapter 10 – Information society and media.

CRITICAL INFRASTRUCTURE RISK ASSESSMENT SUPPORT CIRAS PROJECT OVERVIEW 2nd Stakeholders’ Workshop Aschaffenburg, November, 26th, 2015 Jaime Martín, Project.

Cybersecurity, competence and preparedness

Crisis management related research at

Partnership introduction material

California Cybersecurity Integration Center (Cal-CSIC)

CIRAS FINAL CONFERENCE

About the NIS directive

Critical Infrastructure Protection Policy Priorities

Cybersecurity in Belarus a general overview of support areas

Security challenges in the Balkans

What does the State GIS Coordinator do?

Cyber Security coordination in Europe CERT-EU’s perspective

8 Building Blocks of National Cyber Strategies

America’s First National Critical Infrastructure Exercise

John M. Felker Director, NCCIC.

Forth International Forum

Trust and Security Unit

Enhanced alerting and collaborative incident management

The European Union response to cyber threats

Community of Users.

Computer Emergency Response Team

Cyber Security in a Risk Management Framework

Presentation transcript:

Federal IT Steering Unit (FITSU) Federal Intelligence Service (FIS) Reporting and Analysis Centre for Information Assurance (IA) MELANI National Strategy for the Protection of Switzerland against Cyber Risks High Level Meeting Cyber Security Strategies Workshop ENISA Marc Henauer Brussels, November 27, 2014

2 FITSU / FIS Reporting and Analysis Centre for IA MELANI Cyber Security Critical Infrastructure Protection Cyber crime Protection of Population and Economy Cyber defence Integration of Army for the protection of Switzerland Interface (FIS) International Coordination National Coordination Network Legal Basis Partners from Industry Col. Gérald Vernez

3 FITSU / FIS Reporting and Analysis Centre for IA MELANI NCS: A comprehensive Strategy 16 Massnahmen 16 Measures Impact Analysis 2017

4 FITSU / FIS Reporting and Analysis Centre for IA MELANI International Cooperation Population Private Sector/Critical Infrastructures National Authorities and Federal Administration Strategic Goals (Early) Recognition of Cyber Threats Increase Resilience of Critical Infrastructures Reduction Cyber Attacks (Crime, Espionage, Sabotage) Good situation analysis, relationship with CI Operators, CERTs CI are in the interest of national security and will have cascading effects Trojans, zero-day- exploits nedd observation and counter-measures

5 FITSU / FIS Reporting and Analysis Centre for IA MELANI The Logic Framework of the NCS Executives Board Understands Overall Risks for any given Process Decides about the implementation of the necessary security measures Personel Physical Security Measures (IT-)Technical Organizational (IT-)Technical Cyber Risks = Risks originating from maintaining or supporting a process by the use of IT. NCS Builds the Framework to choose and implement the necessary security measures Builds the Framework to identify Cyber Risks within overall Risk

6 FITSU / FIS Reporting and Analysis Centre for IA MELANI Im Zentrum Widerstandsfähigkeit: Stärkung der Cyber - Resilienz Informationsaustausch Bildung und Forscung Gesetzliche Grundlagen Informationsaustausch Internationales Bildung und Forschung Gesetzliche Grundlagen M1 M7 M11 M10 M9 M8 M16 Unterstützende Prozesse M3 M2 M13 M12 M6 M5 M4 M15 M14 Cyber - Resilienz Analyse Bedrohungs- lage und Risiko Incident Handling, Aktive Massnahmen Krisen- und Kontinuitäts- management

7 FITSU / FIS Reporting and Analysis Centre for IA MELANI Implementation and Responsibilities Decentral Implementation: Individual Self Responsibility, State offers Subsidiary Support Decentral Implementation: Individual Self Responsibility, State offers Subsidiary Support Risk Management: Risk based approach, Cyber is part of the overall risk management Risk Management: Risk based approach, Cyber is part of the overall risk management Flexibility: Customised solutions and technical and non technical solutions Flexibility: Customised solutions and technical and non technical solutions Cooperation: Public-Private- Partnership (PPP), Swiss Cyber Experts Cooperation: Public-Private- Partnership (PPP), Swiss Cyber Experts Prevention Reaction Continuity Supporting Risk and Vulnerability Analysis (M2) ICT Vulnerabilities Federal Level (M3) Situation Analysis (M4) Incident Handling (M5) Case Overview (M6) Identification Perpetrator (M14) Continuity MGMT (M12) Crisis MGMT (M13) Concept Crisis MGMT (M15) Research/Competence Building (M1,7,8) Int. Cooperation (M9,10,11) Legal Basis (M16)

8 FITSU / FIS Reporting and Analysis Centre for IA MELANI Roadmap

9 FITSU / FIS Reporting and Analysis Centre for IA MELANI FITSU –Technological Centre of Competence Contact to IT-Security Relevant Actors FIS – Intelligence Gathering and Analysis Contact to Security Relevant Services MELANI: Information Exchange Hub Responsibilities Operative Support Closed Constituency: Critical Infrastructure Operators M4 M5 M14 Identification Evaluation Analysis M2 M3 M6 M11 M12 M13

10 FITSU / FIS Reporting and Analysis Centre for IA MELANI Implementation is a Process 2013 Swiss Cyber Strategy has set a process in motion 2014 First results on operative level visible for over half of the 16 measures 2015 More results on the operative level will become visible 2016 Target reached for over half of the 16 measures 2017 Impact Analysis: implementation phase not terminated in It is continuous process... Process ahs to be continuously adapted to new threat landscape

11 FITSU / FIS Reporting and Analysis Centre for IA MELANI Thank You for Your Attention Dr. Stefanie Frey Coordinator National Cyber Strategy NCS Reporting and Analysis Centre for Information Assurance (MELANI) Federal IT Steering Unit (FITSU) Schwarztorstrasse 59 CH-3003 Bern NCS: Implementation Plan NCS: