Presenting

Download Report

Transcript Presenting 

Strategy and Policy Unit:
Current Activities and Future Tasks
+ new NCSS (2015 - 2020)
Daniel P. Bagge
Head of Unit
(NSA CZE/NCSC)
ORGANIZATIONAL FRAMEWORK
Government
TOP level
Cyber Security
Council
Governmental CERT
National Cyber
Security Centre
National Security
Authority
memorandum
(GovCERT.CZ)
Strategy and Policy
Unit
National CERT
(CSIRT.CZ)
Ministry of Defence
Military CERT
(CIRC Centre)
Strategy and Policy Unit + new NCSS --- 27th November 2014
CURRENT ACTIVITIES
o Fulfilling international obligations (ENISA,
OSCE, EU, NATO, CCDCOE , CECSP, etc.)
o Presenting and promoting NCSC activities at
both the national and international levels
o Participating in cyber security exercises
o Mapping and defining CII and IIS
Strategy and Policy Unit + new NCSS --- 27th November 2014
CURRENT ACTIVITIES (cont'd)
o Giving strategy advice and policy analysis on
cyber security issues
o Creating and updating strategic and policy
documents
o Supporting GovCERT activities
o Etc.
Strategy and Policy Unit + new NCSS --- 27th November 2014
FUTURE ACTIVITIES (NCSS 2015-2020)
o Cyber security awareness / educational
programmes
o R&D
o Deeper cooperation with CII and IIS subjects
o Risks and threats analysis
o Legal and other support to Police (cybercrime)
o Etc.
Strategy and Policy Unit + new NCSS --- 27th November 2014
CURRENT NCSS (2012 – 2015)
- EVALUATION
o about to expire
o main goals have already been met / ongoing
o 2 milestones:
1. NCSC
2. The Act on Cyber Security
o shift from elementary to more
holistic/comprehensive approach
Strategy and Policy Unit + new NCSS --- 27th November 2014
NEW NCSS (2015 – 2020)
o NCSS drafted by NSA CZE and coordinated
with stakeholders (legal advisors, experts,
relevant ministries, police, military and
intelligence agencies, etc.).
o NCSS will be submitted to the National
Security Council soon and later to the
Government for approval.
o NCSS will be effective from JAN 15 and valid
till 2020.
Strategy and Policy Unit + new NCSS --- 27th November 2014
OUTLINE OF THE NCSS
o Introduction
1) Visions (long-term vision, exceeds the timeframe of the
NCSS)
2) Principles (basic principles which shall be followed by the
3)
4)
State IOT ensure cyber security)
Challenges (specific challenges both for the Czech Republic
and international environment)
Main goals (main strategic goals facing the challenges)
o Implementation of NCSS
o Annex (acronyms, glossary)
o + Action Plan (being drafted, definition of its
implementation by the NSA CZE)
Strategy and Policy Unit + new NCSS --- 27th November 2014
1) VISIONS
o Smooth functioning of information society
o Raising cyber security knowledge and capabilities
to face the latest cyber security threats
o Focus on security of industrial systems that are
included in critical information infrastructure, IOT
get strong expertise and knowledge in this area
o Become a state with major position in cyber
security both within its region and whole Europe
o Active assistance to alliance partners, fulfillment
of commitments for the collective defense and
support security in other countries of the world
Strategy and Policy Unit + new NCSS --- 27th November 2014
2) PRINCIPLES
o Protection of fundamental human rights,
freedom and democratic principles
o Comprehensive cyber security approach based
on the principle of subsidiarity and
cooperation
o Confidence building and cooperation between
public, private sector and civil society
o Capacity development for ensuring cyber
security
Strategy and Policy Unit + new NCSS --- 27th November 2014
3) CHALLENGES
o The Czech Republic as a test bed
o Insufficient cyber security protection of small
and medium enterprises
o Malware is increasingly sophisticated
o Botnets and DDoS/DoS attacks
o Increased cyber crime
o APTs
o Etc…
Strategy and Policy Unit + new NCSS --- 27th November 2014
4) MAIN GOALS
o Ensuring the efficiency and strengthening of existing structures,
processes and cooperation in the area of cyber security
o Effective international cooperation
o National critical information infrastructure and important
information systems protection
o Cooperation with the private sector
o Research & Development
o Education support, awareness raising and development of the
information society
o Cybercrime: Promoting the development of capabilities of the
Czech Police to investigate and prosecute cybercrime
o Cyber security legal framework creation and active participation in
the European and international legislation development and
implementation.
Strategy and Policy Unit + new NCSS --- 27th November 2014
Thank you for your attention!
Daniel P. Bagge
e-mail: [email protected]
www.GovCERT.CZ