Cyber Security Strategies and Approaches

Cyber Security Strategies and Approaches

Sue Daley
Government Relations Manager UK & Ireland

1

1 Given threat environment what response needed?

2 Outline of different approaches and strategies

3 Commonalities , best practices and lessons

Presentation Identifier Goes Here 4

What is Symantec seeing?
– US and EU leading thought leadership

– Connected nations realizing need to work across
borders

– Legislators, regulators seeing  IT security as
horizontal issue

– Increasing recognition target is not just system but
information

– Understanding that response must  be operational,
reactive and dynamic

So what’s the result?
• Various projects, initiatives, strategies, operational
structures
•National

•Regional, multi‐national

•Public ‐ Private sector

• Symantec advised or involved at all levels

National Approach

7

… in the nineteenth
century we had to
secure the seas…and in
the twentieth century
we had to secure the air,
in the twenty first
century we also have to
secure our position in
cyber space...
8

UK Approach
• Launched June 2009

1. Reduce risks to UK use’s of internet

2. Exploit opportunities – gather
intelligence and intervene

3. Improve knowledge, capabilities and
decision making – policies, governance

• Strategic leadership across government – coordination
• 8 key work streams
policy and regulatory issues awareness and culture change
technical capabilities/R&D international engagement

• GCHQ, Cheltenham
• Improve UK technical response to cyber incidents
• Disseminate information on risks, attacks and coordinate
action

Thank you!

Copyright © 2010 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in
the U.S. and other countries. Other names may be trademarks of their respective owners.

This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied,
are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.

1

US 60 day Review….
• May 2009 ‐ “Assuring a trusted and resilient information and
communications infrastructure”
• Builds on 2008 Comprehensive National Cyber security
Initiative

• Since the review…
• Enhanced 2009 Cyber security Enhancement Act
• Boost federal R&D, stimulate US workforce
• Estimated to give $396 million
• Cyber Storm Exercise Feb 2010 ‐ Symantec key partner
• Appointment Cyber Tsar


Cyber Security Tsar – Howard Schmidt
• March 2010 key themes

Partnerships
Transparency

“ Transparency improves our
collective knowledge and
helps bind our partnerships
together to form the most
powerful cyber tools that we
have”

Estonia
• September 2008 strategy
– graduated system of security measures
– Expertise development
– appropriate regulatory and legal framework
– international co‐operation
– Awareness raising
• November 2009 NATO‐accredited Cooperative Cyber Defence
Centre of Excellence (CCDCOE)
– Symantec and NATO memorandum of understanding
– Joint research project to promote cooperation on online threats
– Explore modus operandi of attackers


Singapore

• iN2015 Master Plan 2005 (3 years)
– Intelligent and trusted infocomm infrastructure
• Led by Infocomm Development Authority (IDA)
– Included National Infocomm Security committee
– formulates IT security policies
• Result of 2005 plan
– “enhanced overall security situational awareness”
• So 2nd Master plan launched 2008
“…first Master plan aimed largely at providing the public sector with
measures to counter infocomm security threats, the second Master
plan will expand on that and engage both the public and private
sectors “

Emerging technologies Users International Relations
R&D
Threats Practioners Industry Standards

•Association of
Security Cyber Security CERT-to-CERT
Awareness Alliance
Cyber Watch Centre Professionals Meridan process -
(CWC) (AiSP)
National Infocomm CIIP trust building
security Scholarship
Creation of SISTA


Singapore next steps…

• Singapore Infocomm Technology Security Authority (SITSA)
– Created Oct 2009
– Safeguard Singapore against IT Security Threats
– Develop, execute contingency operations and plans

• Core Activities:
• Partnership Development
• Critical Information Infrastructure Protection
• Technology Development
• Planning, preparedness response
• cyber attack exercises


EU Approach


EU Approach
• Interdependence of European Member State
• Common shared approach to security needed

• Regulation and legislation role
– European Cyber crime Convention ‐2001
– Framework Decision on attacks against information
systems – 2005
– Commission Communication ‐ "Protecting Europe from
large scale cyber‐attacks and disruptions” ‐ 2009
1.Preparedness and prevention
2.Detection and response
3.Mitigation and recovery
4.International and EU wide cooperation

But its not just legislation only…

19

EU Working together

• Research and development
—EU FP7 funding
–WOMBAT ‐ Worldwide Observatory of Malicious
Behaviours and Attack Threats
–LOBSTER ‐ European broadband security
Thank you!
• Co‐operation, Collaboration, Partnership
—ENISA – European Network Information Security
Agency
—Critical Infrastructure Warning Information Network
(CIWIN) project
—European Information Sharing and Alert System (EISAS)
—CERTS


20

CERTS across Europe

Thank you!



Public – Private Sector Collaboration


Collaboration is key

• Up to 90% of critical infrastructure private sector operated
– Industry, government and law enforcers coming together
– Developing public, private partnerships and approaches

• Symantec’s involvement
– Joint deployment of security intelligence technologies
– Joint exercises – US Cyber storm, UK CWID, US IT‐ Information
Sharing and Analysis Centre (ISAC)
– Joint research projects– EU FP7 , Wombat, Lobster, NATO Estonia
centre
– Participation in expert groups, committees ‐ ENISA, UK IACG, UK
Council for Child Safety, UK e‐Crime Reduction Partnership,
– Sponsoring events and conferences – UK IA09,

Public Awareness and Culture Change
• Online security key to trust, take up and buy‐in of citizens
• Industry can help by reaching public


Commonalities
Best practices
Lessons


Recognition of interconnected nature of IT systems

Move from attack detection to prevention measures

Role of regulation and legislation

Need for joint approach to protect society

Need to work with private sector partners

Importance of international engagement

Information sharing and trusted networks are needed

Raising awareness and addressing culture change is key

Lessons learnt ‐ Symantec’s top 5 to leave behind…

1. A holistic approach to security policy is required
• Move away from closed, nationally protected computer
networks
• Understand moving threat environment
2. Real time awareness of threat landscape vital
• 24 – 7
• Information and intelligence is power
3. Both proactive and reactive capabilities needed
• Operational and technical
• Threat awareness and analysis based
• Technical expertise and skills needed

Lessons learnt ‐ what is important
4. Collaboration and co‐operation at different levels is key
• Trusted environment, network, systems
• Secure information sharing structures
• Relationship, partner building

5. Technology is one part of the solution
• People, process, technology
• Culture change
• Awareness raising


Thank you!
Susan_daley@symantec.com
+44 7809 492 490




Cyber Security Strategies and Approaches

More Related Content

What's hot (20)

Viewers also liked (20)

Similar to Cyber Security Strategies and Approaches (20)

More from vngundi (11)

Cyber Security Strategies and Approaches