Leader or Manager - The Security Network

Transcript Leader or Manager - The Security Network

International Cyber Collaboration –

Issues and Opportunities

Moderator – Dr Andrew Vallerand Canadian Centre for Security Science Panellists Mr. Josh Caplan Office Assistant Sec Def for Res & Engineering Dr. Peeter Lorents NATO CyberSecurity COE Dr Arun Sood International Cyber Center, George Mason Unviv

Introduction

Cyberspace

• Its use is totally pervasive across governments, economies, and individuals.

• The growing dependency on our use of cyberspace makes it an attractive target for those who would do us harm.

• We know cyber attacks are daily events, yet there is an incredible amount of ongoing work in cyber security.

Why is it important to collaborate internationally?

Interdependent Security

• In an interdependent world, the risks faced by any ONE agent depend not only on its choices but also on the choice of all OTHERS.

• Failures of a weak link in an interdependent system can have devastating impacts on all parts of the system.

• Cyber Interdependence does not require proximity … 3

Cyber Security

• Like airline passenger flows, cyberspace has a large number of entry points • No one country / carrier can independently secure the system or take effective unilateral actions • We must work collectively and collaboratively in a variety of areas to close the gaps.

ALLIED Cyber Security Strategies

Canada’s Cyber Security Strategy is consistent with… • Estonia 2008 • UK 2009 • US 2003 & 2010 • AUS 2009 5

Interdependent Security…

• Demands that we acknowledge others security levels • Suggests it is in our own best interests to share – Threat analysis; approach to Risk; – Security capability enhancements (Prepare, Detect, Respond, Recover capabilities) – Best Practices against Malware to combat cyber crime – Network contacts with Subject Matter Experts – Trans-Border Experiments/ Exercises 6

Cost of Cyber Crime in UK? £ 27B/yr!

• £2B/yr: Govt systems • £3B/yr:Citizens systems •

£22B/yr: Industry systems

• Key domains? – IP Theft – Industrial Espionage – Extortion – OnLine Theft – ID Theft • Common Intl issue? – Low barrier of entry into rich field… – Anonymous Web and Investigation… – Attribution, Deterrence, Prosecution…

Today’s Panellists

Each Panellist is a Subject Matter Expert in one of three distinct areas of international cyber security 1. Cyber Network Operations 2. Cooperative Cyber Security and Defence 3. Strategic Intl collaboration and information sharing of Cyber Security 8

THE Strategic View 9

• Some Canadian WHOLE of GOVERNMENT perspectives …from the Centre for Security Science

Defence R&D Canada

Established Productive collaborative partnerships focused on S&T for National Security Capabilities … across the Federal Government

• Agriculture & Agri-Food Canada • Atomic Energy Canada Ltd • Canada Border Services Agency • Canadian Food Inspection Agency • Canadian Nuclear Safety

Commission

• Canadian Security Intelligence

Service

• Communications Research Centre

Canada

• Communications Security

Establishment Canada

• Environment Canada • Fisheries and Oceans Canada • Health Canada • Industry Canada • Infrastructure Canada • National Defence • National Research Council • Natural Resources Canada • Privy Council Office • Public Safety Canada • Public Health Agency Canada • RCMP • Transport Canada • Treasury Board Secretariat

… as well as with Provincial and Municipal first responders; … and with Canada ’ s Academic, Industrial and International 12 partners

• • • • • • •

Landscape of Canadian Clients/ Partners in Cyber Security

Privy Council Office

(PCO or White House in US) – National Security Advisor to the Prime Minister of Canada

Public Safety Canada

– Integrated Threat Assessment Centre (ITAC) / Canadian Cyber Incident Response Centre (

CCIRC

or CERT in US) – Royal Canadian Mounted Police (

RCMP

; FBI & US Marshall Serv in US) – Canadian Security Intelligence Service (

CSIS

or CIA in US)

Industry Canada

– Telecommunications & ISP Regulator; Communications Research Centre (

CRC

) – National Research Council (

NRC

), Competition Bureau,

eCommerce Office

– National Science & Engineering Research Council (

NSERC

)

Treasury Board Secretariat

– Chief Information Officer

National Defence

–

Defence Research and Development Canada (DRDC; DDR&E in US)

– Communications Security Establishment Canada (

CSEC

: NSA in US) – Assistant Deputy Minister (Information Management);

Cyber Task Force PWGSC, Dept of Justice, Dept Foreign Affairs Intl Trade, Dept of Finance, Revenue Canada.; NCFTA Canada; Academia Business Associations

: TELCO; ePayment Assoc., IT Assoc can.