1 / 9

CERTs as effective Networks

This document explores the effectiveness of Computer Emergency Response Teams (CERTs) in addressing internet crime and cybersecurity challenges. It highlights the successful aspects of CERTs while acknowledging their limitations in solving all problems. The text discusses the importance of trust and collaboration among network actors, the need for clear goals, and the role of public-private partnerships. It poses critical questions regarding the regulation and enhancement of CERT functions, emphasizing the importance of technical know-how and the necessity for trust in information sharing.

sol
Télécharger la présentation

CERTs as effective Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CERTs as effective Networks Dr. Serge Droz serge.droz@switch.ch Zürich, XX. July 2010

  2. Factoids • CERTs (Computer Emergency Response Teams) are successful • CERTs are increasingly taken as “the solution™” However … • CERTs cannot solve all Problems (But hey, some really good!)

  3. CERT-Theory: Network Governance 6. CRN Roundtable, Fall 2009: “Network Governance and the Role of Public-Private Partnerships in New Risks” In particular the contributions by Patrick Kenis and Erik-Hans Klijn Different types of governance: Market Hierachy Collaboration Network

  4. 2009 Nobel prize in Economy: Elinor Ostrom Governing the Commons Networks • Informal collaboration • Actors don’t necessarily have the same agenda • Come in different flavours • Need a clear goal • Need a high level of trust • Aren’t always easy to handle • Networks need a: • clear goal • high level of trust

  5. Trust Brooker CERT Common Interest GroupFIRST, TF-CSIRT, .. CERT CERT Constituency AbuseDesk NOC Organisation Organisation CERT Computer Emergency Response Teams Goal: Fight internet crime Trust model: Trust relationship CERT

  6. Example

  7. Example • Analyse  Attacks CH-Banks • Inform Customer • Use the Net, Luke! • Other Countries are affected • Agree on next steps • Exchange Know-How • Prevent damage! • However, no arrests :-( … +konto.baaderbank.de +rentenbank.de +clientcenter.ikb.de +online-banking.eurohypo.com +customer.mysql.com +globenewswire.com +businesswire.com +marketwire.com +unionfinancieredefrance.fr +groupama.fr +afub.org +cpr-online.net +cpr-online.com +bcinet.nc …

  8. Ingredients • Clear Goal: Prevent an attacker from succeeding • High level of Trust: Exchange of confidential info and agreement on common action • Technical Know-How: CERT specific • Networks need a: • clear goal • high level of trust

  9. Open issues • CERTs do good stuff • But they don’t solve all the problems • Some Questions • Should CERTs be regulated? • By whom? • How could CERTs supplement other entities (LEO, ..) ? • Some Questions • How could CERTs supplement other entities (LEO, ..) ? • Where is the Missing Link? • + • Quick • Crossborader • Skilled • Neutral • - • No authority • No legal entity • Weak in formal processes

More Related