Presentation is loading. Please wait.

Presentation is loading. Please wait.

Matteo Cavallini – ULS MEF/Consip Digital Agenda Assembly – Cybersecurity: barriers and incentives Matteo Cavallini Cybersecurity: State of the Art and.

Published byDominic Potter Modified over 8 years ago

Similar presentations

Presentation on theme: "Matteo Cavallini – ULS MEF/Consip Digital Agenda Assembly – Cybersecurity: barriers and incentives Matteo Cavallini Cybersecurity: State of the Art and."— Presentation transcript:

1 Matteo Cavallini – ULS MEF/Consip Digital Agenda Assembly – Cybersecurity: barriers and incentives Matteo Cavallini Cybersecurity: State of the Art and Future Trends in Italy Digital Agenda Assembly - Cybersecurity: barriers and incentives 16 June 2011, Brussels

2 Matteo Cavallini – ULS MEF/Consip Digital Agenda Assembly – Cybersecurity: barriers and incentives Since 2007 I have been the manager of the Local Security Unit (LSU) of the Italian Ministry of Economy Positions held: ● Senior security member fo the GovCERT.it team project ● Senior security expert for the Testing Commission of the Public Connectivity System ● Internet security manager of the Italian Ministry of Economy Certifications: ● Lead Auditor ISO 27001 ● EUCIP Professional “Security Adviser” About me

3 Matteo Cavallini – ULS MEF/Consip Digital Agenda Assembly – Cybersecurity: barriers and incentives Agenda Local Security Units and CERT-SPC - the security infrastructure of the Italian Public Administration Italian Governmental CERT - a start-up project National and International security exercises - the way to assure the right level of preparedness Italian AntiBotnet Center - an example of an incentive proposal

4 Matteo Cavallini – ULS MEF/Consip Digital Agenda Assembly – Cybersecurity: barriers and incentives LSUs are the Operational CERT in the PA Internal Organization Operational groups Reperibili Monitoring of the Information sources Supporting incident handling Operational activities for incident prevention and handling Receiving incident alerts & reports

5 Matteo Cavallini – ULS MEF/Consip Digital Agenda Assembly – Cybersecurity: barriers and incentives Consip Incident Prevention ● Monitoring of the sources ● Verifying & Prioritizing the reports ● Establishing the prevention activities LSUs are the Operational CERT in the PA MEF Incident Prevention Planned Activities Incident Prevention Planned Activities Tech. & Security Providers Security Information Sharing

6 Matteo Cavallini – ULS MEF/Consip Digital Agenda Assembly – Cybersecurity: barriers and incentives LSUs are the Operational CERT in the PA Operational coordination MEF Incident Reporting ● Incident triage ● Incident analysis ● Incident response plan definition Involvment of the Police cyber unit Incident Response Consip Incident handling operational support Incident handling operational support

7 Matteo Cavallini – ULS MEF/Consip Digital Agenda Assembly – Cybersecurity: barriers and incentives CERT-SPC is the Coordination Centre Tech. & Security Providers LSU SOC PCS’s Providers SOC PCS’s Providers SOC PCS’s Providers SOC of PCS Providers

8 Matteo Cavallini – ULS MEF/Consip Digital Agenda Assembly – Cybersecurity: barriers and incentives CERT DIFESA TC National Cyber Response Exercise Cybershot 2010 Coordination CERTs Operational CERTs “Real” injections: ● Network scan ● Brute force attack ● Intrusion ● Web Defacement

9 Matteo Cavallini – ULS MEF/Consip Digital Agenda Assembly – Cybersecurity: barriers and incentives Cyber Incident Exercise ● ISCOM – MISE partecipated in the first pan-European exercise (Cyber Europe 2010) acting as the Italian focal point and playing the roles of planner and moderator ● On the basis of the experience, ISCOM will partecipate in the second pan-European exercise in 2012, to start testing the planned EU cyber- incident contingency plan ● ISCOM will partecipate in the EU/US exercise within the area of EU/US Working Group on Cybersecurity and Cybercrime ● ISCOM will organize a national exercise in cooperation with other governmental institutions and private stakeholders

10 Matteo Cavallini – ULS MEF/Consip Digital Agenda Assembly – Cybersecurity: barriers and incentives ● ISCOM contributes to the “ad hoc” ENISA working group in order to define and harmonize the security measures among MSs to be accomplished by TELCO operators ● ISCOM has established a national working group with network operators and service providers to receive feedback from the private stakeholders Minimum Security Measures Art. 13 Directive 2009/140/EC

11 Matteo Cavallini – ULS MEF/Consip Digital Agenda Assembly – Cybersecurity: barriers and incentives Governmental CERT ● Currently Italian CERTs are dedicated to specific networks and users, such as Public Administration and Defense ● In order to establish a well-functioning network of CERTs at the EU level by 2012, the MSs are requested to implement an operational national/governmental CERT ● ISCOM will cooperate with other institutions to create a national CERT that will coordinate the other internal CERTs and will be a unique national contact point for the European counterparts

12 Matteo Cavallini – ULS MEF/Consip Digital Agenda Assembly – Cybersecurity: barriers and incentives Italian AntiBotnet Center Botnets are networks of infected PCs remotely managed by cybercriminals to perform illegal activities such as the following: spam, phishing, DDoS attacks, financial fraud, identity fraud, clickfraud, etc. Why Botnet? Botnets have a strong social impact on citizens and represent a serious obstacle to the development of the high value services (e-commerce, e- government programs, etc. ) over the Internet

13 Matteo Cavallini – ULS MEF/Consip Digital Agenda Assembly – Cybersecurity: barriers and incentives Italian AntiBotnet Center At the moment, the Center is a proposal still in the evaluation and feasibility study phase. The proposed structure would be linked to the German AntiBotnet Center and should be a Public-Private Partnership with the involvement of the: ● Internet Service P roviders ● Security and Technology Vendors ● Various Professional Associations The proposed funding would be limited to the start-up and the first two years of activity. The following years would be financed by the private sector, encouraged by the benefits achieved. In our view, this initiative is a good example of an incentive to deliver a higher level of network and information security.

14 Matteo Cavallini – ULS MEF/Consip Digital Agenda Assembly – Cybersecurity: barriers and incentives Thanks matteo.cavallini@tesoro.it www.matteocavallini.com twitter account: @Nientenomi

Download ppt "Matteo Cavallini – ULS MEF/Consip Digital Agenda Assembly – Cybersecurity: barriers and incentives Matteo Cavallini Cybersecurity: State of the Art and."

Similar presentations

STRENGTHENING COOPERATION ON CYBER SECURITY WITHIN THE ASEAN REGION

STRENGTHENING COOPERATION ON CYBER SECURITY WITHIN THE ASEAN REGION
Philippine Cybercrime Efforts

Philippine Cybercrime Efforts
International Telecommunication Union An Insight into BDT Programme 3 Marco Obiso ICT Applications and Cybersecurity Division Telecommunication Development.

International Telecommunication Union An Insight into BDT Programme 3 Marco Obiso ICT Applications and Cybersecurity Division Telecommunication Development.
European Consumer Summit 2014 On-line and mobile payments Dr Florent Frederix Trust & Security Unit, DG CONNECT, European Commission 1 th of April 2014.

European Consumer Summit 2014 On-line and mobile payments Dr Florent Frederix Trust & Security Unit, DG CONNECT, European Commission 1 th of April 2014.
Course: e-Governance Project Lifecycle Day 1

Course: e-Governance Project Lifecycle Day 1
ENISA Cyber Security Strategies Workshop November 27, 2014 Brussels

ENISA Cyber Security Strategies Workshop November 27, 2014 Brussels
European Social Fund Evaluation in Italy Stefano Volpi Roma, 03 maggio 2011 Isfol Esf Evaluation Unit Human Resources Policies Evaluation Area Rome, Corso.

European Social Fund Evaluation in Italy Stefano Volpi Roma, 03 maggio 2011 Isfol Esf Evaluation Unit Human Resources Policies Evaluation Area Rome, Corso.
Enav.it Session 3 Steps towards the SESAR deployment and the ATM system modernisation.

Enav.it Session 3 Steps towards the SESAR deployment and the ATM system modernisation.
Improving Cybersecurity Through Research & Innovation Dr. Steve Purser Head of Technical Competence Department European Network and Information Security.

Improving Cybersecurity Through Research & Innovation Dr. Steve Purser Head of Technical Competence Department European Network and Information Security.
DHS, National Cyber Security Division Overview

DHS, National Cyber Security Division Overview
EU policy on Network and Information Security (NIS) and Critical Information Infrastructure Protection (CIIP) 15 March 2012 Valérie ANDRIANAVALY European.

EU policy on Network and Information Security (NIS) and Critical Information Infrastructure Protection (CIIP) 15 March 2012 Valérie ANDRIANAVALY European.
MINISTRY OF NATIONAL DEFENCE REPUBLIC OF POLAND CLASSIFIED INFORMATION PROTECTION DEPARTMENT COL. PIOTR GRZYBOWSKI, Director, Classified Information Protection.

MINISTRY OF NATIONAL DEFENCE REPUBLIC OF POLAND CLASSIFIED INFORMATION PROTECTION DEPARTMENT COL. PIOTR GRZYBOWSKI, Director, Classified Information Protection.
1. 2 A High Tech Crime Investigation Lessons learned by the National High Tech Crime Center Hans Oude Alink, project leader NHTCC November 2005.

1. 2 A High Tech Crime Investigation Lessons learned by the National High Tech Crime Center Hans Oude Alink, project leader NHTCC November 2005.
(Geneva, Switzerland, September 2014)

(Geneva, Switzerland, September 2014)
Cross-border Empowerment of Next Generation Access National Networks MINISTRY OF TRANSPORT, INFORMATION TECHNOLOGY AND COMMUNICATIONS REPUBLIC OF BULGARIA.

Cross-border Empowerment of Next Generation Access National Networks MINISTRY OF TRANSPORT, INFORMATION TECHNOLOGY AND COMMUNICATIONS REPUBLIC OF BULGARIA.
NIS Directive and NIS Platform

NIS Directive and NIS Platform
National CIRT - Montenegro “Regional Development Forum” Bucharest, April 2015 Ministry for Information Society and Telecommunications.

National CIRT - Montenegro “Regional Development Forum” Bucharest, April 2015 Ministry for Information Society and Telecommunications.
Www.enisa.europa.eu European Union Agency for Network and Information Security Follow ENISA: ENISA and standards Sławomir Górniak European Union Agency.

European Union Agency for Network and Information Security Follow ENISA: ENISA and standards Sławomir Górniak European Union Agency.
15 April 2011. Fostering Entrepreneurship among young people through education: a EU perspective Simone Baldassarri Unit “Entrepreneurship” Forum “Delivering.

15 April Fostering Entrepreneurship among young people through education: a EU perspective Simone Baldassarri Unit “Entrepreneurship” Forum “Delivering.
Resiliency Rules: 7 Steps for Critical Infrastructure Protection.

Resiliency Rules: 7 Steps for Critical Infrastructure Protection.

Similar presentations

Ads by Google