A Framework to Implement a National Cyber Security Structure for Developing Nations ID Ellefsen - SH von Solms - Academy.

Slides:

Advertisements

Similar presentations

1 Embedding International Financial Reporting Standards to Promote Private Sector Growth Baku – May 17, 2005 Jody Campbell, Managing Partner, Ernst & Young.

Advertisements

International Telecommunication Union An Insight into BDT Programme 3 Marco Obiso ICT Applications and Cybersecurity Division Telecommunication Development.

T HE ROLE OF GOVERNMENTS AND STAKEHOLDERS IN THE ICT PROMOTION DEVELOPMENT.

Botswana Policy Statement at the WSIS+10 Honourable Nonofo E. Molefhi Minister of Transport and Communications.

Tanzania Communications Regulatory Authority - TCRA Response to Cyber incidences in Tanzania: Where are we? Presented at Cyber Security Mini Conference.

State of Indiana Business One Stop (BOS) Program Roadmap Updated June 6, 2013 RFI ATTACHMENT D.

Watershed Approaches and Community Based Planning

REEP A Process Model for Developing and Implementing Collectively owned enterprises in rural areas (AgriSETA Workshop: Premier Hotel O.R. Tambo) 21 September.

National Cyber Security and Information (Cyber) Security Awareness Prof SH (Basie) von Solms Immediate Past President : IFIP University of Johannesburg.

Speaker: Tamar Shapatava

Technical Review Group (TRG)Agenda 27/04/06 TRG Remit Membership Operation ICT Strategy ICT Roadmap.

Strategy and Policy Unit: Current Activities and Future Tasks

National CIRT - Montenegro “Regional Development Forum” Bucharest, April 2015 Ministry for Information Society and Telecommunications.

Geneva, Switzerland, September 2014 Overview of Kenya’s Cybersecurity Framework Michael K. Katundu Director, Information Technology Communications.

1 Kuwait Central Agency for information technology.

Hong Kong E-commerce Readiness. APEC E-commerce Readiness Assessment Guide 2 The assessment helps identify actions needed to improve e-commerce environment.

GOVERNANCE ELECTRONIC. ” “ E-Governance is the application of Information and Communication Technology (ICT) for delivering government services, exchange.

Experiences from establishing a national Centre for Information Security in Norway TERENA Networking Conference 2003 Maria Bartnes Dahl &

© 2012-Robert G Parker May 24, 2012 Page: 1 © 2012-Robert G Parker May 24, 2012 Page: 1 © 2012-Robert G Parker May 24, 2012 Page: 1 © 2012-Robert G Parker.

1 Presentation On Disaster and preparedness situation in Uganda At SILVER SPRINGS HOTEL, UGANDA 16 th -SEPTEMBER-2011 BY LAZARUS OCIRA

1 Group-IB: Digital investigations and forensic Ilya Sachkov Group-IB

Topic: Information Security Risk Management Framework: China Aerospace Systems Engineering Corporation (Case Study) Supervisor: Dr. Raymond Choo Student:

PEIP National workshop in Montenegro: developing environmental infrastructure projects in the water sector Feasibility Study Preparation Venelina Varbova.

Keynote II - ICT4DEV Keynote II - ICT4DEV global e-schools and communities initiative transforming education, empowering communities, promoting development.

The challenges of inclusive education Israel November 21, 2007.

Transforming Services Creating Efficiencies Empowering Citizens Transforming Services Creating Efficiencies Empowering Citizens Transforming Services Creating.

PREPAREDNESS AND RESPONSE TO CYBER THREATS REQUIRE A CSIRT By Jaco Robertson, Marthie Lessing and Simon Nare*

Resources to Support Training Programs for CSIRTs.

Guidance for AONB Partnership Members Welsh Member Training January 26/

BOTSWANA NATIONAL CYBER SECURITY STRATEGY PROJECT

Natural Gas Shortages in Developing Countries Natural gas: The bridging fuel in the next decades Bent Svensson World Bank ENERGY WEEK 2006.

ICTs Tackling Climate Changes Dr. Amr Badawi Executive President NTRA.

AMERICAN HUMANE ASSOCIATION The nation’s voice for the protection of children & animals THE CHILD WELFARE RESPONSE CONTINUUM CHRONIC ISSUES THAT HAVE PLAGUED.

Crossing Methodological Borders to Develop and Implement an Approach for Determining the Value of Energy Efficiency R&D Programs Presented at the American.

Adaptation knowledge needs and response under the UNFCCC process Adaptation Knowledge Day V Session 1: Knowledge Gaps Bonn, Germany 09 June 2014 Rojina.

A National approach to Cyber security/CIIP: Raising awareness.

Strategic Plan th October Management and Governance “GeSCI’s corporate structures and management arrangements were appropriate for.

The Brain Project – Building Research Background Part of JISC Virtual Research Environments (Phase 3) Programme Based at Coventry University with Leeds.

1 “NEPAD and the Role of the Internet” By Dr Andile Ngcaba, DG, Department of Communications 12 September 2002 Department: Communications.

2011 East African Internet Governance Forum (EA – IGF) Rwanda Cyber briefing: Positive steps and challenges Didier Nkurikiyimfura IT Security Division.

Current Status of Food Losses in the APEC region Dr. David Hong President of Taiwan Institute of Economic Research (TIER)

5-1 Lesson 5 | Common Issues & Challenges. Describe how RSAs address project schedule (time), project cost, and agency liability concerns. Explain the.

GEELONG REVISITED FROM ESD TO EBFM - future directions for fisheries management A COMMERCIAL INDUSTRY PERSPECTIVE ON THE ESD FRAMEWORK Neil MacDonald,

International Telecommunication Union Geneva, 9(pm)-10 February 2009 BEST PRACTICES FOR ORGANIZING NATIONAL CYBERSECURITY EFFORTS James Ennis US Department.

MedLiHer Contribution to Implementing the Convention for Safeguarding of the ICH in Mediterranean Countries Phase II Evaluation Meeting Cairo – Egypt 28-30/11/2010.

IP Offices and the Implementation of the WIPO Development Agenda: Challenges and Opportunities September 18, 2009 Geneva Irfan Baloch World Intellectual.

Environment and Disaster Planning Hari Srinivas, GDRC Rajib Shaw, Kyoto University Contents of the presentation: -What is the problem? -Precautionary Principles.

1 CREATING AND MANAGING CERT. 2 Internet Wonderful and Terrible “The wonderful thing about the Internet is that you’re connected to everyone else. The.

Foresight Planning & Strategy Dr. Sameh Aboul Enein.

Sustainable Community EMS Design Including Pollution Prevention Michelle M. Wyman Reed Smith Shaw & McClay LLP EMS Models and Strategies: ISO & Beyond.

Regional Telecommunications Workshop on FMRANS 2015 Presentation.

Resource Review for Teaching Resource Review for Teaching Victoria M. Rizzo, LCSW-R, PhD Jessica Seidman, LMSW Columbia University School of Social Work.

Tools for Mainstreaming Disaster Risk Reduction: Guidance Notes for Development Organisations Charlotte Benson and John Twigg Presented by Margaret Arnold.

Exploring Capacity and Accountability Gaps Joan Kagwanja, Chief Land Policy Initiative World Bank Conference on Land and Poverty March 2016.

Domain Day ICANN and Reform Tuesday, 5 November 2002 Milan, Italy Theresa Swinehart, Counsel for International Legal Affairs, ICANN.

EUROPEAN SECURITY POLICY A SNAPSHOT ON SURVEILLANCE AND PRIVACY DESSI WORKSHOP, CPH 24 JUNE 2014 Birgitte Kofod Olsen, Chair Danish Council for Digital.

COBIT. The Control Objectives for Information and related Technology (COBIT) A set of best practices (framework) for information technology (IT) management.

Information Security in Laurier Grant Li Wilfrid Laurier University.

GEO Strategic Plan : Implementing GEOSS Douglas Cripe GEO Work Programme Symposium 2-4 May 2016, Geneva.

Society for Maintenance and Reliability Professionals (SMRP)

MGMT 452 Corporate Social Responsibility

Health Promotion & Aging

Introduction to Business (MRK 151)

About the NIS directive

High level National Data Forum

Social Distancing Decision Making Protocol

Computer Emergency Response Team

Risk Mitigation & Incident Response Week 12

Millennium Development Goals (MDGs)

The Strategic Focus of the Department for Women, Children and Persons with Disabilities 11 AUGUST 2009 V Y Nxasana.

Presentation transcript:

A Framework to Implement a National Cyber Security Structure for Developing Nations ID Ellefsen - SH von Solms - Academy for Information Technology University of Johannesburg

Outline Introduction Critical Information Infrastructure Protection – Background Protection Structures CSIRTs C-SAWs CIIP Framework for Developing Nations Challenges Two-Factor Development Role of the CSIRT and C-SAW Stages of Development Initial, Intermediate, Mature Timeline Conclusions SACSAW '11 - ID Ellefsen & SH von Solms - University of Johannesburg 2

Introduction I With the growth of the Internet in developing countries there is a need to develop CIIP solutions Growth of Internet facilities effects all levels of society: Cost of connection Speed of connections Number of users SACSAW '11 - ID Ellefsen & SH von Solms - University of Johannesburg 3 Table: Showing various cable systems that are becoming operational since 2009

Introduction II Developing nations are finding themselves on the receiving end of massive improvements in bandwidth They do not have structures in place to deal with the effects of increasing bandwidth Distributed Denial of Service (DDoS) attacks SPAM Phishing Malware Increasing size of the user-base. Users are unaware of how to deal with these new threats. Companies and Governments might not be aware of the possible threats to their systems. SACSAW '11 - ID Ellefsen & SH von Solms - University of Johannesburg 4

Critical Information Infrastructure Protection - Background The internal structures that countries have in place to prevent attacks on their information infrastructures. Many systems are now making use of Internet technologies Critical Systems (Power, Water, Telecommunications, etc.) Economic Systems (Stock Exchanges, Reserve Banks, Financial Institutions, etc.) eServices (Tolling Systems, Online Booking Systems, etc.) If any of these systems were to be attacked via the Internet it would have serious implications. All countries need to create structures to handle possible cyber attacks. For often historic reasons, developing nations often have unique challenges that must be addressed in the development of these structures. SACSAW '11 - ID Ellefsen & SH von Solms - University of Johannesburg 5

Protection Structures The structures counties create to handle cyber security incidents. Computer Security Incident Response Teams (CSIRTs) Well-understood platform Operates within a constituency of users Encapsulates the expertise to responding to computer security incidents “Top-Down” by design – implemented at a governmental level. Unique for a particular environment Computer Security, Advisory and Warning (C-SAW) Team Part of continuing research Smaller in scale to that of a CSIRT Operates within a community of related members Focuses the computer security expertise of the community “Bottom-Up” by design Interfaces with the community and a larger CSIRT SACSAW '11 - ID Ellefsen & SH von Solms - University of Johannesburg 6

A CIIP Framework for Developing Nations Developing nations must deploy these structures quickly They must be customised for their environment Structures in Developed Countries have evolved over the past 20 years Grown and developed with the development of technology Developing countries have unique challenges Directly importing an existing structure will not effectively address these challenges Development of a unique structure for a unique environment Heavily influenced by social problems SACSAW '11 - ID Ellefsen & SH von Solms - University of Johannesburg 7

Specific Challenges Significantly faster development of information infrastructures. High-levels of “cyber security illiteracy”. A high number of users utilising mobile technologies. A demand to adopt and provision eServices. Inadequate legislation addressing cyber security. Inadequate policy documentation addressing cyber security. SACSAW '11 - ID Ellefsen & SH von Solms - University of Johannesburg 8

Two-Factor CIIP Development SACSAW '11 - ID Ellefsen & SH von Solms - University of Johannesburg 9 Approach the development of a holistic cyber security structure on two fronts: Top-Down Large entities Direct coordination from CSIRT Bottom-up Smaller entities Interaction with C-SAW teams Two structures are developed concurrently Resulting in a comprehensive final structure

Role of the CSIRT To provide high-level coordination Bridge between government and the national computer security structure Focused on large roleplayers: Governmental Entities Departments, Military, etc. Large Commercial Entities Financial Institutions Telecommunications Manufacturing, etc. Large Academic Entities National Research Organisations Large Tertiary Academic Institutions All of these roleplayer have: Established computer facilities Consume large amounts of bandwidth High number of users SACSAW '11 - ID Ellefsen & SH von Solms - University of Johannesburg 10

Role of the C-SAW To provide “low-level” coordination Bridge between small roleplayers and the national computer security structure Focused on small roleplayers: Small Academic Entities Primary and Secondary Schools, etc. Small Commercial Entities Small and Medium Enterprises Individuals The “man-on-the-street” All of these roleplayers have: Limited computer facilities Consume “small” amounts of bandwidth Relatively little collective knowledge of computer security threats SACSAW '11 - ID Ellefsen & SH von Solms - University of Johannesburg 11

Stages of Development (Framework) A high-level structure should developed in three stages: Initial Stage Intermediate Stage Mature Stage Each stages consists of a number of goals that must be achieved Each goal allows the resulting national computer security structure to develop incrementally Each the actual length of each stage would depend on the environment Ideally would allow for rapid deployment of a national computer security structure on two fronts: Top-down Bottom-up SACSAW '11 - ID Ellefsen & SH von Solms - University of Johannesburg 12

Initial Stage Concerned with initial assessments and environmental reports The deployment environment must be evaluated and the following taken into consideration: The Deployment Environment Critical systems Stakeholders Legislation Expertise The Legal Environment Current Legislation Required amendments Technological Environment Current and future technologies International Partners Finally, small-scale test deployments should be done to practically evaluate the environment SACSAW '11 - ID Ellefsen & SH von Solms - University of Johannesburg 13

Intermediate Stage Primarily concerned with the development of the national structures, CSIRT is formally created A number of C-SAW Teams are deployed Communities and Constituencies are established Relationships are solidified: International Local CSIRTs and C-SAWs should focus on awareness: The national computer security structure Computer security in general The development can follow directly from the initial phase. Build on from the small-scale structure SACSAW '11 - ID Ellefsen & SH von Solms - University of Johannesburg 14

Mature Stage The mature stages indicates a fully functioning and operations national computer security structure Does not signify complete protection of critical information infrastructure The structure is able to operate on a day-to-day basis and is able to respond to incidents There must be on-going development There must be on-going awareness campaigns New services that can be offered by the national computer security structure can be identified Education campaigns to expand local expertise. SACSAW '11 - ID Ellefsen & SH von Solms - University of Johannesburg 15

Timeline Ideally the development of a national computer security structure to happen quickly Deployment time will vary Commitment from all roleplayers is needed in order for the development to be successful. Idealised timeline (3 years) – assuming all preparation been done Initial Phase: 8 months Intermediate Phase: 1 ½ to 2 years Mature Phase (development): 1 year SACSAW '11 - ID Ellefsen & SH von Solms - University of Johannesburg 16

Framework Timeline SACSAW '11 - ID Ellefsen & SH von Solms - University of Johannesburg 17

Conclusions Developing counties must deploy national computer security structure There are many unique challenges that developing nations face In light of this, importing an existing structure or framework will not adequately address these challenges Two-factor development: Top-down: focused on the development of a CSIRT structure Bottom-up: focused on the development of a C-SAW structure Concurrent development to promote the rapid development of a comprehensive, holistic, structure. Questions? SACSAW '11 - ID Ellefsen & SH von Solms - University of Johannesburg 18