1 / 26

The Swedish Initiative on Critical Infrastructure Protection

The Swedish Initiative on Critical Infrastructure Protection. Presentation at ETH/ÖCB Workshop Zurich 9 November 2001. Dir. Lars D. Nicander, National Office of IO/CIP-Studies, Swedish National Defence College Secretary of The Cabinet Working-Group on IO-D/CIP.

peyton
Télécharger la présentation

The Swedish Initiative on Critical Infrastructure Protection

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The Swedish Initiative on Critical Infrastructure Protection Presentation at ETH/ÖCB Workshop Zurich 9 November 2001 Dir. Lars D. Nicander, National Office of IO/CIP-Studies, Swedish National Defence College Secretary of The Cabinet Working-Group on IO-D/CIP

  2. The Swedish Initiative on Critical Infrastructure Protection • Our view on IO/CIP • Issues • How to organize a National IO-D/CIP-Management • Some proposals • Time frame • Possible areas of international co-operation

  3. CO KK DRE DRE NCP SwSS OMB FI State PTS DoJ Information Warfare - threats, security, protection ÖCB DoD (chair) NDC (secr) TCN DRI GAO JCS Stkt DMA DoInd. Psycdef AFHQ Mil. I&S Telia Teracom SAF SVT SJ/BV Sv.Bf SNUS SR LME Cabinet Working Group on IW-D/CIP(970101-000621) Sv Kraftnät ?

  4. CO/Adm NDC (secr) DoD (chair + dep.) Cabinet Working Group on IO-D/CIP(000622-011231) Council DoD (3) Do Fi DoJ (2) NCID SwSS PTS MoFA (2) NSD ÖCB Information Operations - threats, security, protection FOA DoI,E&C. SwAAD Psycdef AF/Ops Mil. I&S DMA FRA FI SwBA

  5. IO/IW Synergy Strategic/Economic Environment Joint Operations IO/ IW Information, Intelligence Perceptions Information Systems, Infosec

  6. Coalitions Nations Organisations Individuals Levels Classes (W. Schwartau) Coalitions III Nations II Organisations Individuals I

  7. Defensive Information Operations (IO-D)/ Defensive Information Warfare (IW-D) Critical Infrastructure Protection Information Assurance Taxonomy

  8. Threats • First strike attack for nations • Means of diplomatic pressures • Terrorists • Corporate espionage • Drug cartels, criminal organisations • The disgruntled employee

  9. FBI/CSI-Survey • Interviews with 634 companies on IT-incidents • $25 billion losses in year 2000

  10. Some Weapons • Psychological Operations • Blackmail, extortion • Data manipulation • Cryptoanalysis • Virus • Logical bombs • Backdoors • Chipping • EMP; electromagnetic pulse • Physical destruction

  11. Issues • Policy development  “Sweden should be a safe marketplace!” • Organisation/structure • Focal point? • Threat overview • Setting security standards for government and recommend standards for critical private infrastructure • National CERT • Programs for awareness, education and training • Funding for security and redundancy incentives • International Co-operation and Regimes

  12. Protective philosophy- Report no 2 • Protect-Detect-React (RM-perspective) • Clarify the hidden statistics of IT-incidents • Define Minimal Essential Critical Information Infrastructure • ”Helpdesk” + responsive functions in real time ---> GovCERT

  13. Structures, responsibilities- Report no 2 • Problem • ”Who´s in charge?” • Need for a new bureaucratic syntesis • Character • Intelligence or operational matter? • Organisational direction • A new agency? • A new function hosted by an established agency?

  14. Criteria for a ”lead agency” • Strong linkage threat-planning • Far-reaching administrative and operational responsibility • Organic relations within the Total Defense Community as well as with the Private Sector (c.f. PCCIP) • Law Enforcement Authorities • Education, training and personal development of a national Red Team-unit

  15. National IO-D Management Cabinet co-ordination group Threat/ IO-intel Security Incident analysis SwSS Joint planning and co-ordination ”Joint Venture” private/public Private Sector ÖCB Statistics unit (Nat. ISAC) GAO PsyB PTS FI AFHQ NCID Counter Psyops/Deception I&W-unit CESG GovCERT Red Team DRE

  16. Defense Bill March -99 Wait Wait OK OK OK Cabinet WG - Report 2- main proposals • Consensus • A co-ordination group within Cabinet Office • A new national IO-D co-ordination body on the Agency-level (separate division within ÖCB) • A GovCERT will be organised by PTS (LEA support) • A National ISAC will be organised • Reporting duty within Government

  17. OK OK OK OK OK Cabinet WG - Report 2- main proposals (cont.) • Expanded Armed Forces mandate for support of vital National Information Systems • An active IT-check function for the government administration will be organised within the Armed Forces • Constitutional amendments • Analysis of perception/desinformation methods on Internet at The National Board of Psychological Defence • New forms of co-operation etc. concerning IC

  18. SWE c.f. US in CIP approaches • More emphasis on the top-down perspective (IO-D) than on the infosec bottom-up perspective (IA). • More emphasis on the CIAO-equivalent and less on the NIPC, due to the assessment of tight linkage between threat and planning • One stop-shop to the Private Sector through the Private Sectors Security Delegation • One Private-Government National ISAC • GovCERT+ deals with private CERTs ---> NatCERT

  19. The Committee on Vulnerability and Security in Civil Society IT security and IO protection: • Presented to The Cabinet 11 May 2001 • Explicit IT security strategy • Cross-boundary co-ordination centre • Overall public IT security responsibility within a new agency for civil planning • National CERT • A new technology competence centre • Certification body

  20. Structure Co-ordination centre Planning, risk assessment Technology Competence Centre National CERT Certification Body

  21. Time frame • Parliament Decision I, May 1999 • Swedish Defence Commission: White Paper 2, September 1999 ”...of great importance to security policy!” • Parliament Decision II, March 2000 • Special Commissioner on Vulnerabilities in Society, May 2001 • Cabinet Bill to Parliament, September 2001 • Parliament Decision III, November 2001 • Implementation 2002-2003 (New agency etc.)

  22. International law (”use of force”) etc International Co-operation, Regimes etc Management issues (”bending pipes”) Three Challenges International tasks • Domestic tasks

  23. Collective Security in Cyberspace • There are no borders in Cyberspace! • A cyber-intrusion could be routed from country A through country B, C and D before it ends up in country E. • How can we trace back these intrusions? • Today: International Law Enforcement or private initiatives (FIRST etc) • Tomorrow: ”Fishwebs” between national CERT:s for tracing intrusions back in real time?

  24. Country A Country B Country C Country D Country E Building fishwebs in Cyberspace Country Z Country Y UN, ITU etc Country X

  25. Areas of international co-operation? • Doctrines concerning use of IO/IW under UN or other international legal auspices (international operations, upholding sanctions etc.) • Principles of building Regimes for defensive actions taken in Cyberspace (tracing, counterhacking etc.)

  26. More info…. Website: <www.fhs.mil.se>

More Related