Transcript PRESENTATION TITLE/SIZE 30

Security For Infrastructure Protection:
Public-Private Partnerships
KEN WATSON
15 OCT 2004
[email protected]
CIAG-HLS-10.24.03
© 2003 Cisco Systems, Inc. All rights reserved.
1
Many Infrastructures Exist – All Different
Transportation
Government Services
Electric Power
Infrastructure
Examples
Telecommunications
Water
CIAG-HLS-10.24.03
Emergency Services
Banking & Finance
© 2003 Cisco Systems, Inc. All rights reserved.
Oil & Gas
2
Why Public-Private Partnerships are Needed
Infrastructures…
•
•
•
•
Benefit the “informatization” of society
Depend on commercial networks
Are interdependent
Are largely owned and operated by private
companies
• Obtain most innovative approaches from the
private sector
Government needs industry in a
true public-private partnership
CIAG-HLS-10.24.03
© 2003 Cisco Systems, Inc. All rights reserved.
3
Effective Security Requires Technology, Process
and People – Both IT Users and Producers
LifeCycle
CIAG-HLS-10.24.03
7942_04_2003_c1
©
© 2003,
2003 Cisco
Cisco Systems,
Systems, Inc.
Inc. All
All rights
rights reserved.
reserved.
4
Current Industry Actions
• Deploy existing security products and services
• Develop new security products and services
• Integrate security technology and functionality into
all applications and devices
• Develop technical and operational security best
practices and voluntary standards
• Continue to improve secure design,
implementation, testing, certification, and
deployment methodology
• Exchange information with government on
voluntary best practices
CIAG-HLS-10.24.03
© 2003 Cisco Systems, Inc. All rights reserved.
5
Cross-Sector Collaboration
• Voluntary participation
by leaders
from government,
industry and academia
• Coordinates crosssector initiatives and
compliments publicprivate efforts
• Board of Directors
composed of critical
infrastructure “sector
coordinators”
CIAG-HLS-10.24.03
© 2003 Cisco Systems, Inc. All rights reserved.
http://www.pcis.org
6
National Cybersecurity Partnership
• Organized to implement
public-private National
Cybersecurity Strategy
• Five task forces, following
Strategy
Home/Small Business
Awareness
Early Warning
Software Development Life
Cycle
Corporate Governance
Technical Standards and
Common Criteria
www.cyberpartnership.org
CIAG-HLS-10.24.03
© 2003 Cisco Systems, Inc. All rights reserved.
7
National Cyber Security Alliance
• Public service site for
home/small business users
• “Top ten” tips, tutorials, selftest, links
• DHS choice for cyber security
awareness messaging to
homes/small businesses
• Board:
AOL
BellSouth
Cisco Systems
Microsoft
Network Associates
RSA Security
Symantec
www.staysafeonline.info
CIAG-HLS-10.24.03
© 2003 Cisco Systems, Inc. All rights reserved.
8
ISAC Council
• “The mission of the
Information Sharing and
Analysis Centers Council
(ISAC Council) is to advance
the physical and cyber
security of the critical
infrastructures of North
America by establishing and
maintaining a framework for
valuable interaction between
and among the ISACs and
with government.”
• Chemical Industry ISAC
• Electricity Sector ISAC
•
•
•
•
Energy ISAC
Financial Services ISAC
Health Care ISAC
Information Technology – ISAC
• National Coordinating Center
for Telecommunications ISAC
• Public Transit ISAC
• Surface Transportation ISAC
• Trucking ISAC
• Water ISAC
www.isaccouncil.org
CIAG-HLS-10.24.03
© 2003 Cisco Systems, Inc. All rights reserved.
9
Government Actions
• Information Sharing
Convene meetings of experts
• Voluntary global industrydeveloped standards, metrics,
and best practices
Sponsor information sharing
workshops
• Promote higher education
improvements
University “Center of
Excellence” program
Computer forensics
• Increase public and corporate
awareness
Talk about benefits
• Sponsor public-private
research into long-term
computer science issues
• Local law enforcement
• Law enforcement cooperation
Sponsor meetings
Interviews, articles
CIAG-HLS-10.24.03
© 2003 Cisco Systems, Inc. All rights reserved.
• International information
sharing, like this exchange
10
Summary
• Network-based management increases productivity and
benefits society
• Private sector working on security, innovation, and forwardlooking solutions
• Government helps by education, awareness, voluntary best
practices research, use of voluntary best practices in own
systems, and law enforcement
• The Internet is Global, and exchanges like this are important
and helpful
CIAG-HLS-10.24.03
© 2003 Cisco Systems, Inc. All rights reserved.
11
CIAG-HLS-10.24.03
© 2003 Cisco Systems, Inc. All rights reserved.
12