90 likes | 108 Vues
Cyberspace threats. Mr. Mario Beccia – Cyber Defence Project Officer November 2018. Cyberspace. For the purpose of this session, cyberspace can be described with the following properties: Bilateral Human and network engagement Hyper connectivity and networking
E N D
Cyberspace threats Mr. Mario Beccia – Cyber Defence Project Officer November 2018
Cyberspace For the purpose of this session, cyberspace can be described with the following properties: • Bilateral Human and network engagement • Hyper connectivity and networking • No geographical boundaries • Owned by commercial entities (not owned or controlled by governments)
Cyber weapon • A cyber weapon: • Is sponsored or employed by a state or non-state actor • Meets an objective which would otherwise require espionage or the use of force • Is employed against specific targets • Its effects vary greatly with usage and time • Unlike for instance CBR agents, cyber ‘weapons’ are neither banned nor controlled internationally.
Who do we defend from? Diplomatic / Political measures Tier IInject new vulnerabilities, create game-changing tools (infinite) State Actors Tier IIFind new vulnerabilities, exploit them with new tools Commercial Cybersecurity measures Resources Actor Counter measures (incremental) 100000s of EUR Cybercriminals Tier IIIUse existing tools & vulnerabilities Cyber Hygiene 100s of EUR Hacktivists, casual hackers
Our mission in cyberspace Cyber Resilience= Cybersecurity+ BusinessResilience* • Risk Management, as opposed to Risk Avoidance • Manage the “unknown” (known and unknown unknowns), as opposed to manage the “known” • People, Process, Technology Achieve BetterCybersecurityResilience Source: adapted from the ISO27001 definition of Cyber Resilience
Cyber Resilience: Goals • Anticipate Maintain a state of informed preparedness in order to forestall compromises of mission/business functions from adversary attacks • WithstandContinue essential mission/business functions despite successful execution of an attack by an adversary • Recover Restore mission/business functions to the maximum extent possible subsequent to successful execution of an attack by an adversary • EvolveTo change missions/business functions, so as to minimize adverse impacts from actual or predicted adversary attacks
Achieve better Cybersecurity Resilience • Better cybersecurity resilience implies: • Better preparedness (people) • Better organization of assets (process) • Better assets (technology) • A mixture of cybersecurity capabilities (in the DOTMLPFI sense, including materiel, personnel, organization, etc…) • Once in place, appropriate capabilities ensure the ability to execute processes across the entire scope of cybersecurity, such as: • Preparedness • Incident analysis and response • Deterrence • Information sharing
EDA Cyber defence projects CDTEX-P (training course management) Senior Decision Makers Seminar (training&education) Cyber Ranges Federation (training&education) CySAP(cyber situational awareness) MASFAD II (APT detection) DCEC2 (forensics)
Thank you For More information www.eda.europa.eu Follow us on Twitter @EUDefenceAgency