Public-Private Partnership for Cyber Resilience -...
Transcript of Public-Private Partnership for Cyber Resilience -...
Public-Private Partnership
for Cyber Resilience
Dr. George Sharkov
National Cybersecurity Coordinator (Security Council), Adviser MoD
[email protected] ; [email protected]
National Cyber Security Strategy - Cyber Resilient Bulgaria 2020www.cyberBG.eu
Adopted by BG Government on July 13, 2016
National Cyber Security & Resilience:A multi stakeholder engagement
www.cyberBG.eu
National strategiesUSA, UK, Netherland, Finland…
Vision: Cyber Resilient Bulgaria 2020
Initiation
2016 -2017
Growth
2018 - 2019
Maturity & Leadership
2020 +
Unknown unknowns
Known unknowns(Non CIA)
Known knowns(CIA)
Cyber Resilience
Cyber Security
InformationSecurity
3 phases for 5 years:
Phase 1: Cyber secure institutionsNational coordination platformEngaging all stakeholdersInventory & Risk assessment
Phase 2: Cyber secure societyFrom capacity to capabilitiesInternational coordination networksResilient organizations (by design)
Phase 3: Cyber resilient organizations and societyEffective collaboration at national levelInternational joint capabilities – NATO/EUSpecialization and leadership
Credit: Eurocontrol: Manual for National ATM Security Oversight
Resilience strategy “translated”:Fields of action, goals and measures
1. Establish National Cyber Security and Resilience System: governance, situational awareness, coordinated response & prevention
2. Network and information security (NIS) – the foundation for cyber resiliency: minimal NIS requirements, specific for government and state administration CIS, institutions, CI, private sector engagement (ISP), CERTs capabilities
3. Improving the protection and sustainability of digitally dependent critical infrastructures: state-operators collaboration, system modernization vs. patching, scope of CI measures (new areas)
4. Better cooperation between government-economy-citizens: information sharing platforms, ISACs/ISAOs and CERTs, NGOs, PPP, industrial and technology capacity development
5. Legal and regulatory framework: harmonization of legal, regulations and standardization, self regulation
6. Cyber crime counter fighting: capacity development (organizational and administrative), law enforcement basis update, coordination, prevention
7. Cyber Defense: defense and armed forces CIS protection, national security (incl. counter terrorism, CI protection, hybrid threats and crisis)
8. Awareness, education and innovation
9. International cooperation: EU, NATO, OSCE, UN, ITU, ICANN, and regional, cross border
Key factors: “Actionable” strategy
multi stakeholder engagement and commitmentsinternational/regional cooperationjoint capabilities = Public-Private-Partnerships (P-P-P)
CERT
US
CERT
NCSCONNational CS Coordination and Organizational Network
monitoring response
RRT
EU
CERT
Europol
EC3NCIRC
AnalyticsCenters R&D
Regulators &Standardization
CMDR
C3 112
CERTs+
ISAC
Transport
CERTs+
ISAC
Energy
…
CERTs +
ISAC
Finances
Banks
Insurance
…
MInt/Cyber Crime
Center
MoD
Mil CIRC
SANS
CSIRTs
MTITC
RRT
RRT
RRT
RRT
RRT
Council of MinistersSecurity Council
NCSCNational Cyber
Security Coordinator
National CYBER Situational Center
President Parliament
Cyber ResilienceCouncil
Commanderin
Chief
CERTs+
ISAC
Telco
ISP
Industry
RRT
RRT
RRT
SA EGov
BGCERT
Cyber Domain: Collaborative ResiliencyCollective engagement „in action “ = PPP
• Cyber Resilience Council – Strategy & Plan
Hybrid threats, counter terrorism
e-Governence + eID …
• NCSCON as PPP
• ISACs
• CERT as PPP
• RRT as PPP – elections
• Education, Qualification, Resources sharing – Cyber Reserve
• R&D as PPP: Research Labs, Industrial Labs (ICSD, SCADA)
• Standards and compliances • IoT and Indurstial
• Formats – from associations to ISACs and PPP
• CIO Club • Association Commercial Banks
National (Cyber) Resilience Nations Resilience
Cyber Domain (Wales, Warsaw), Cyber Diplomacy
NATO Hybrid Warfare strategy & playbook (2015-2016)
European CS Strategy + Directive NIS, Privacy Regalement
P-P-P models (ENISA)ENISA (2011) COOPERATIVE MODELS FOR EFFECTIVE PUBLIC PRIVATE PARTNERSHIP ● DESKTOP RESEARCH REPORT
Run by one from withinmost frequently found organizationalstructure.
Run by a coordinating entityA less frequent option is to have a bodyspecifically created
Democratically Peer ledInfrequently (desktop study)e.g. rotating chair
PPP against Cyber terrorism
Similar tactics, different goals and targets
SMEs & state under attacks (campaign)
Supply/business chain: MITM & spear phishing
Cryptolocker Ransomware
Kimi Werner, 2008 Women’s
National Spearfishing
Champion
The goal of cyberterrorism is to cause damage and send a message rather than steal data and make money
TIER ZERO[internal risks]
TIER ONE[external dependencies]
TIER TWO TIER TWOTIER THREE TIER THREE
SMEprocesses
control
assets
LegalIT &
SecurityFinancial
environment risks[context/outsourced/enablers]
supplysiderisks
demandsiderisks
Supply/Value Chains as PPPGOV & SMEs in the business lifecycle: shared cyber risk
Public-Private Partnerships (good practices)
Center for Security and Defense Management www.IT4Sec.org
https://dnbl.ncia.nato.int
Center for Cybercrime early warning & prevention
http://cmdrcoe.org/index.php