Making our Cyber Space Safe

Size: px
Start display at page:

Download "Making our Cyber Space Safe"

Transcription

1 Making our Cyber Space Safe Ghana s Emerging Cyber Security Policy & Strategy William Tevie Director General 5/28/2014 1

2 Agenda Cyber Security Issues Background to Policy Target Audience for Framework National Strategy Level of coverage Mission & Vision Identified CNII Policy Thrusts Action Plans Implementation Plan 5/28/2014 2

3 Cyber Security Issues in Ghana National Image SIM Box Fraud Need to ensure protection of CNII Large Extensive Government Network by NITA Data center running cloud applications and service Exposure to risk Low Awareness about cyber security issues Lack of empowerment to enforce law in cyberspace Need to review laws in relation to cyber security Need for capacity building of law enforcement Lack of Coordination of Cyber Initiatives 5/28/2014 3

4 The Genesis of ICT Policy in Ghana ICT4AD policy Driving Ghana s ICT Agenda Policy Developed and adopted in Pillars Addressing all sectors Pillar 14 Address Law enforcement and Cyber security 5/28/2014 4

5 ICT4AD Pillar 14 Policy measures and mechanisms to address national security law and order issues relating to the deployment exploitation and the utilization of ICTs within the economy and society. Address security issues relating to privacy, data and consumer protection security of computer networks and information systems and their information and data contents 5/28/2014 5

6 Evolution of e-government Strategy Pillars All sectors Address 2006 Preparatory Work for e-government NITA ACT (771 Electronic Transaction Legal framework and enabling environment Design of eghana Project ACT (772) Electronic Communication ACT (775) NCA ACT (769) 2003 ICT4AD Adopted 2008 Legal Instruments enacted 5/28/2014 6

7 Electronic Transaction Act (ACT 772) Developed as result of Pillar 14 and other pillars Legal Instrument embracing all Electronic transaction Certifying authorities Registry ICT Tribunal Cyber Inspectors Electronic Government Services Cyber Offenses Protected computers and Databases Consumer protection 5/28/2014 7

8 ACT 772 Cyber Related Provisions Cyber inspectors Powers of law enforcement officers Law enforcement officer and third party assistance Preservation of evidence Disclosure of electronic information Inadmissible evidence 5/28/2014 8

9 ACT 772 Cyber Related Provisions Cyber offences Stealing Appropriation Representation Charlatanic advertisement Attempt to commit crimes Aiding and abetting Duty to prevent felony Conspiracy Forgery 5/28/2014 9

10 Why Need for Policy review Cyber Security Has grown bigger Every user is at risk Law enforcement can provide security Require full participation of everyone Element of developing culture of cyber security PPP approach to resolving cyber security issues 5/28/

11 Target Groups of Cyber Security Framework Person Specific Consumer User Corporate user Device Specific Telephones Wireless Cell Devices Personal Digital Assistant (PDA) Network Specific Wireless Carrier s Transport Local Area, Metropolitan Area and Wireless Area Internet 5/28/

12 Background to Policy Development Existing Ghana ICT4AD pillar 14 National security and law enforcement in cyber space Implemented by Electronic Transaction Act (Act 772) Some shortfall in policy Does not adopt a PPP approach All target audience not addressed Protection of CNII not covered under policy Culture of cyber security across sectors not properly covered Capacity building focused on only National security agencies and law enforcement Pillar not citizen-centric 5/28/

13 National Strategy Level of Coverage Level 1:Home and Small Business users Level 2: Large Enterprise Users Level 3: Critical Sectors Level 4: National Priorities Level 5: Global 5/28/

14 Vision Vision and Mission Our vision is to secure the Critical National Information Infrastructure (CNII) and make it resilient, and for Ghana to be self-reliant in securing its cyber space by infusing a culture of security to promote stability, social well being and wealth creation of our people. All actors in law enforcement, national security, network security practitioners in government and business, and the public will take part in the vision.. Mission Our mission is for Ghana to become a self-sufficient country attending to its cyber security needs by /28/

15 Identified CNII Sectors 1. National Defense and Security 2. Banking and Finance 3. Information and Communications 4. Energy 5. Transportation 6. Water 7. Health Services 8. Government machinery 9. Emergency services 5/28/ Food and Agriculture 15

16 The Eight thrusts of the Policy THRUST THEME DETAIL 1 Effective Governance centralize coordination of national cyber security initiatives promote effective cooperation between public and private sectors 2 Legislative & Regulatory Framework Attorney General s department periodic reviewing and enhancing Ghana s laws relating to cyber space progressive capacity building programs to acquire new skills and effective ways of enforcing cyber laws 3 Cyber Security Technology Framework develop a national cyber security technology framework that specifies cyber security requirement controls and baselines for CNII elements mechanism to implement an evaluation/certification program for cyber security product and systems 4 Culture of security and Capacity Building invest every resource needed to develop, foster and maintain a national culture of security Establish an effective mechanism for cyber security knowledge dissemination at the national level Identify minimum requirements and qualifications for information security professionals 5 Research & Development towards Self-Reliance formalize the coordination and prioritization of cyber security research and develop activities to enlarge and strengthen the cyber security research 5/28/2014 measures in place to nurture the growth of cyber security industry 16

17 The Eight thrust of the policy Thrust THEME DETAILS 6 Compliance and Enforcement standardize cyber security systems across all elements of the CNII strengthen the monitoring and enforcement of standards and develop a standard cyber security risk assessment framework 7 Cyber Security Emergency Readiness develop effective cyber security incident reporting mechanisms o include the development and strengthening of the national CSIRT development of a standard business continuity management framework and perform periodic vulnerability assessment programs 8 International Cooperation encourage the active participation of Ghana in all relevant international cyber security bodies and conferences 5/28/

18 Action Plans Item Thrust Action Plan Policy Drivers 1. Effective Governance Setup Governance Structure and institutions to enable long term substance of Cyber Security activity including information exchange. Institutions include: National Cyber Security Council National Cyber Security Center National Computer Emergency Response Team National Cyber Security Policy Working Group Ministry of Communications, National Security Council, NITA, NCA 2. Legislative and Regulatory Framework 3. Cyber Security Technology Framework 5/28/2014 Setup Cyber Law Review Committee under the Attorney Attorney General s General s Department to do a study on the laws of Department Ghana to accommodate legal challenges in the Cyber environment and review every three year Stage 1: identifications of issues in the cyber environment Stage 2. Review current laws on cyber environment Stage 3. Make recommendations for amendment of national laws Review and adopt international cyber security Ministry of standard such as MS ISO/IEC to increase Communications, NITA robustness of CNII sectors NSC Expansion of national certification scheme for information security management & assurance 18

19 Action Plans Item Thrust Action Plan Policy Drivers 4. Culture of Cyber Security & Capacity Building Reduce number of Information security incidents through improved awareness & skill level Ministry of Communications, Ministry of Information, (National o Increase Certification course on information and cyber security, Cyber Security Council, National Cyber Security Center, National Develop a National Cyber Security Awareness program and portal targeted at stakeholders by content providers using different packaging for different demographics CSIRT, National Cyber Security Policy Working Group) 5. Research & Development towards Self Reliance o o o o Develop National R&D Roadmap for Cyber Security Identify technologies relevant & desirable for CNII Provide domain competency development Nature growth of Cyber Security Industry Update roadmap regularly National Cyber Security Council, National Cyber Security center, National CERT, Universities, CSIR, Professional certification Centers 6. Compliance & Enforcement Develop Risk Assessment framework for CNII 7. 5/28/2014 Cyber Security Emergency Readiness Frame work for cyber attack responds Mitigation of National Cyber Security Council Cyber attacks National and sector CSIRTs National Cyber Crises management Committee National Cyber Crises Management WG 19

20 Action Plans Item Thrust Action Plan Policy Drivers 8. International Cooperation Engage in relevant international cyber security meetings Prioritize international engagements, sign and ensure compliance of International/regional conventions Ministry of Communications Ministry of Foreign Affairs Attorney Generals Department National Security Council 5/28/

21 Implementation Period Issues to be Addresses Activities Short Term (0-1 Years) Identifying CNII and Addressing Immediate Concerns - Identify Critical National Information Infrastructure - Stop-gap measures to address fundamental vulnerabilities to the cyber security of the CNII - Creating a centralized platform for security mechanism - Establish Cyber Incidence Response readiness - Raising awareness of cyber security and its implications Medium Term (2-3 Years) Building the Infrastructure - Setting-up the necessary systems, process, standards and institutional arrangements (mechanisms) - Building capacity amongst researches and information security professionals Long Term (Year 4-5): Developing Self-Reliance - Developing self-reliance in terms of technology as well as professionals - Monitoring the mechanisms for compliance - Evaluating and improving the mechanisms - Creating the culture of cyber security 5/28/

22 Structure of Initiatives within Strategy 5/28/

23 Opportunities for Security Communities Information System Security practitioners are key drivers Critical mass of expertise needed to drive whole process Capacity building to be driven by practitioners Risk Management framework and strategies for maintaining CNII require skill set that can be found in the community ISACA and related professional bodies have a critical role in emerging cyber security strategy 5/28/

24 Thank You! Visit our Contact: Phone: /28/

REPUBLIC OF GHANA MINISTRY OF COMMUNICATIONS. Ghana National Cyber Security Policy & Strategy

REPUBLIC OF GHANA MINISTRY OF COMMUNICATIONS. Ghana National Cyber Security Policy & Strategy REPUBLIC OF GHANA MINISTRY OF COMMUNICATIONS Ghana National Cyber Security Policy & Strategy Final Draft July 23 2015 Document Version Version Date Remark Ver. 1.0 March 2015 Final Draft handed over to

More information

REPUBLIC OF GHANA MINISTRY OF COMMUNICATIONS. Ghana National Cyber Security Policy & Strategy

REPUBLIC OF GHANA MINISTRY OF COMMUNICATIONS. Ghana National Cyber Security Policy & Strategy REPUBLIC OF GHANA MINISTRY OF COMMUNICATIONS Ghana National Cyber Security Policy & Strategy Final Draft March 2014 EXECUTIVE Document Contact a. SUMMARY Table of Contents I. SECTION ONE: BACKGROUND i.

More information

Developing and Enhancing Cyber Security Capabilities in the Region. Khaled Gamo Technology Advisor Ministry of communication and informatics

Developing and Enhancing Cyber Security Capabilities in the Region. Khaled Gamo Technology Advisor Ministry of communication and informatics Developing and Enhancing Cyber Security Capabilities in the Region Khaled Gamo Technology Advisor Ministry of communication and informatics 1 Content 1 2 3 Cyber Security Strategy and Key Requirement Efforts

More information

aecert Roadmap Eng. Mohammed Gheyath Director, Technical Affairs TRA

aecert Roadmap Eng. Mohammed Gheyath Director, Technical Affairs TRA aecert Roadmap Eng. Mohammed Gheyath Director, Technical Affairs TRA Agenda Introduction aecert Vision & Mission The need to establish a UAE National CERT Constituent Framework & Service Catalog National

More information

CAPACITY BUILDING TO STRENGTHEN CYBERSECURITY. Sazali Sukardi Vice President Research CyberSecurity Malaysia

CAPACITY BUILDING TO STRENGTHEN CYBERSECURITY. Sazali Sukardi Vice President Research CyberSecurity Malaysia CAPACITY BUILDING TO STRENGTHEN CYBERSECURITY by Sazali Sukardi Vice President Research CyberSecurity Malaysia SCOPE INTRODUCTION CYBER SECURITY INCIDENTS IN MALAYSIA CAPACITY BUILDING The Council For

More information

National Cyber Security Policy -2013

National Cyber Security Policy -2013 National Cyber Security Policy -2013 Preamble 1. Cyberspace 1 is a complex environment consisting of interactions between people, software and services, supported by worldwide distribution of information

More information

JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015

JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015 JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015 The following consists of the joint explanatory statement to accompany the Cybersecurity Act of 2015. This joint explanatory statement

More information

GLOBAL BUSINESS DIALOGUE ON ELECTRONIC COMMERCE CYBER SECURITY AND CYBER CRIME SEPTEMBER 26, 2000. CEO EDS Corporation

GLOBAL BUSINESS DIALOGUE ON ELECTRONIC COMMERCE CYBER SECURITY AND CYBER CRIME SEPTEMBER 26, 2000. CEO EDS Corporation GLOBAL BUSINESS DIALOGUE ON ELECTRONIC COMMERCE CYBER SECURITY AND CYBER CRIME SEPTEMBER 26, 2000 Issue Chair: Issue Sherpa: Dick Brown CEO EDS Corporation Bill Poulos EDS Corporation Tel: (202) 637-6708

More information

Cybersecurity Standards: A Case Study on Malaysian Banking Sector

Cybersecurity Standards: A Case Study on Malaysian Banking Sector Cybersecurity Standards: A Case Study on Malaysian Banking Sector Anwer Yusoff Head, Industry & Business Department CyberSecurity Malaysia Sept 18 th 2013 Internet use in Malaysia 17,723,000 i n t e r

More information

Legislative Council Panel on Information Technology and Broadcasting. Information Security

Legislative Council Panel on Information Technology and Broadcasting. Information Security For Information on 8 July 2013 LC Paper No. CB(4)834/12-13(05) Legislative Council Panel on Information Technology and Broadcasting Information Security Purpose This paper updates Members on the latest

More information

Cyber security Indian perspective & Collaboration With EU

Cyber security Indian perspective & Collaboration With EU Cyber security Indian perspective & Collaboration With EU Abhishek Sharma, BIC IAG member, On behalf of Dr. A.S.A Krishnan, Sr. Director, Department of Electronics & Information Technology Government of

More information

TRINIDAD AND TOBAGO CYBER SECURITY AGENCY POLICY AND BILL

TRINIDAD AND TOBAGO CYBER SECURITY AGENCY POLICY AND BILL TRINIDAD AND TOBAGO CYBER SECURITY AGENCY POLICY AND BILL Presented By: Sunita Ramsumair Legal Officer Ministry of National Security September 29, 2014 Format of Presentation Background Trinidad and Tobago

More information

www.pwc.co.uk Cyber security Building confidence in your digital future

www.pwc.co.uk Cyber security Building confidence in your digital future www.pwc.co.uk Cyber security Building confidence in your digital future November 2013 Contents 1 Confidence in your digital future 2 Our point of view 3 Building confidence 4 Our services Confidence in

More information

Priority III: A National Cyberspace Security Awareness and Training Program

Priority III: A National Cyberspace Security Awareness and Training Program Priority III: A National Cyberspace Security Awareness and Training Program Everyone who relies on part of cyberspace is encouraged to help secure the part of cyberspace that they can influence or control.

More information

Cyber security trends & strategy for business (digital?)

Cyber security trends & strategy for business (digital?) Cyber security trends & strategy for business (digital?) Presentation by Anwer Yusoff Head, Industry & Business Development C y b e r S e c u r i t y M a l a y s i a NATIONAL CYBERSECURITY TECHNICAL SPECIALIST

More information

European priorities in information security

European priorities in information security European priorities in information security Graeme Cooper Head of Public Affairs Unit, ENISA 12th International InfoSec and Data Storage Conference, 26th September 2013, Sheraton Hotel, Sofia, Bulgaria

More information

For Discussion Paper No. 9/2011 on 3 November 2011 DIGITAL 21 STRATEGY ADVISORY COMMITTEE. Cyber Security

For Discussion Paper No. 9/2011 on 3 November 2011 DIGITAL 21 STRATEGY ADVISORY COMMITTEE. Cyber Security For Discussion Paper No. 9/2011 on 3 November 2011 DIGITAL 21 STRATEGY ADVISORY COMMITTEE Cyber Security Purpose This paper briefs Members on the global cyber security outlook facing governments of some

More information

CYBER SECURITY AND CYBER DEFENCE IN THE EUROPEAN UNION OPPORTUNITIES, SYNERGIES AND CHALLENGES

CYBER SECURITY AND CYBER DEFENCE IN THE EUROPEAN UNION OPPORTUNITIES, SYNERGIES AND CHALLENGES CYBER SECURITY AND CYBER DEFENCE IN THE EUROPEAN UNION OPPORTUNITIES, SYNERGIES AND CHALLENGES By Wolfgang Röhrig, Programme Manager Cyber Defence at EDA and Wg Cdr Rob Smeaton, Cyber Defence Staff Officer

More information

2 Gabi Siboni, 1 Senior Research Fellow and Director,

2 Gabi Siboni, 1 Senior Research Fellow and Director, Cyber Security Build-up of India s National Force 2 Gabi Siboni, 1 Senior Research Fellow and Director, Military and Strategic Affairs and Cyber Security Programs, Institute for National Security Studies,

More information

The internet and digital technologies play an integral part

The internet and digital technologies play an integral part The Cyber challenge Adjacent Digital Politics Ltd gives an overview of the EU Commission s Cyber Security Strategy and Commissioner Ashton s priorities to increase cyber security in Europe The internet

More information

GOVERNMENT OF THE REPUBLIC OF LITHUANIA

GOVERNMENT OF THE REPUBLIC OF LITHUANIA GOVERNMENT OF THE REPUBLIC OF LITHUANIA RESOLUTION NO 796 of 29 June 2011 ON THE APPROVAL OF THE PROGRAMME FOR THE DEVELOPMENT OF ELECTRONIC INFORMATION SECURITY (CYBER-SECURITY) FOR 20112019 Vilnius For

More information

Commonwealth Approach to Cybergovernance and Cybersecurity. By the Commonwealth Telecommunications Organisation

Commonwealth Approach to Cybergovernance and Cybersecurity. By the Commonwealth Telecommunications Organisation Commonwealth Approach to Cybergovernance and Cybersecurity By the Commonwealth Telecommunications Organisation Trends in Cyberspace Cyberspace provides access to ICT Bridging the digital divide and influencing

More information

Lessons from Defending Cyberspace

Lessons from Defending Cyberspace Lessons from Defending Cyberspace The Challenge of Addressing National Cyber Risk Andy Purdy Workshop on Cyber Security Center for American Studies, Christopher Newport College 10 28-2009 Cyber Threat

More information

An Overview of Cybersecurity and Cybercrime in Taiwan

An Overview of Cybersecurity and Cybercrime in Taiwan An Overview of Cybersecurity and Cybercrime in Taiwan I. Introduction To strengthen Taiwan's capability to deal with information and communication security issues, the National Information and Communication

More information

Honourable members of the National Parliaments of the EU member states and candidate countries,

Honourable members of the National Parliaments of the EU member states and candidate countries, Speech by Mr Rudolf Peter ROY, Head of division for Security Policy and Sanctions of the European External Action Service, at the L COSAC Meeting 29 October 2013, Vilnius Honourable members of the National

More information

EU Cybersecurity Policy & Legislation ENISA s Contribution

EU Cybersecurity Policy & Legislation ENISA s Contribution EU Cybersecurity Policy & Legislation ENISA s Contribution Steve Purser Head of Core Operations Oslo 26 May 2015 European Union Agency for Network and Information Security Agenda 01 Introduction to ENISA

More information

Business Plan 2012/13

Business Plan 2012/13 Business Plan 2012/13 Contents Introduction 3 About the NFA..4 Priorities for 2012/13 4 Resources.6 Reporting Arrangements.6 Objective 1 7 To raise the profile and awareness of fraud among individuals,

More information

Cybersecurity Strategy of the Republic of Cyprus

Cybersecurity Strategy of the Republic of Cyprus Policy Document Cybersecurity Strategy of the Republic of Cyprus Network and Information Security and Protection of Critical Information Infrastructures Version 1.0 23 April 2012 TABLE OF CONTENTS EXECUTIVE

More information

Middle Class Economics: Cybersecurity Updated August 7, 2015

Middle Class Economics: Cybersecurity Updated August 7, 2015 Middle Class Economics: Cybersecurity Updated August 7, 2015 The President's 2016 Budget is designed to bring middle class economics into the 21st Century. This Budget shows what we can do if we invest

More information

CYBER SECURITY AND RISK MANAGEMENT. An Executive level responsibility

CYBER SECURITY AND RISK MANAGEMENT. An Executive level responsibility CYBER SECURITY AND RISK MANAGEMENT An Executive level responsibility Cyberspace poses risks as well as opportunities Cyber security risks are a constantly evolving threat to an organisation s ability to

More information

Cyber security Country Experience: Establishment of Information Security Projects.

Cyber security Country Experience: Establishment of Information Security Projects. Cyber security Country Experience: Establishment of Information Security Projects. Mr. Vincent Museminali vincent.museminali@rura.rw Internet and New media regulations Rwanda Utilities Regulatory Authority

More information

Kenya s Presentation to CAFRAD Conference of ICT Security and Defence Experts Tangier, Morocco, 23-25 June 2014

Kenya s Presentation to CAFRAD Conference of ICT Security and Defence Experts Tangier, Morocco, 23-25 June 2014 Kenya s Presentation to CAFRAD Conference of ICT Security and Defence Experts Tangier, Morocco, 23-25 June 2014 1 July 2014 RESTRICTED 1 ICT as a Modern Solution Security Threats, Early Detection and Prevention

More information

Safety by trust: British model of cyber security. David Wallace, First Secretary, Head of of the Policy Delivery Group British Embassy in Warsaw

Safety by trust: British model of cyber security. David Wallace, First Secretary, Head of of the Policy Delivery Group British Embassy in Warsaw Safety by trust: British model of cyber security David Wallace, First Secretary, Head of of the Policy Delivery Group British Embassy in Warsaw Strategy Structure Campaign Partnerships Strategy The UK

More information

ASEAN s Cooperation on Cybersecurity and against Cybercrime

ASEAN s Cooperation on Cybersecurity and against Cybercrime ASEAN s Cooperation on Cybersecurity and against Cybercrime Presentation by the ASEAN Secretariat Octopus Conference: Cooperation Against Cybercrime 4 December 2013, Strasbourg, France Outline ASEAN Mechanisms

More information

Partnership for Cyber Resilience

Partnership for Cyber Resilience Partnership for Cyber Resilience Principles for Cyber Resilience 1. Recognition of interdependence: All parties have a role in fostering a resilient shared digital space 2. Role of leadership: Encourage

More information

National Cyber Security Strategy of Afghanistan (NCSA)

National Cyber Security Strategy of Afghanistan (NCSA) Islamic Republic of Afghanistan Ministry of Communications and IT National Cyber Security Strategy of Afghanistan (NCSA) Prevention Protection Safety Resiliency AUTHOR VERSION CONTROL DATE ZMARIALAI WAFA

More information

NICE and Framework Overview

NICE and Framework Overview NICE and Framework Overview Bill Newhouse NIST NICE Leadership Team Computer Security Division Information Technology Lab National Institute of Standards and Technology TABLE OF CONTENTS Introduction to

More information

Experience the commitment WHITE PAPER. Information Security Continuous Monitoring. Charting the Right Course. cgi.com 2014 CGI GROUP INC.

Experience the commitment WHITE PAPER. Information Security Continuous Monitoring. Charting the Right Course. cgi.com 2014 CGI GROUP INC. Experience the commitment WHITE PAPER Information Security Continuous Monitoring Charting the Right Course May 2014 cgi.com 2014 CGI GROUP INC. During the last few months of 2013, six federal agencies

More information

October 24, 2014. Mitigating Legal and Business Risks of Cyber Breaches

October 24, 2014. Mitigating Legal and Business Risks of Cyber Breaches October 24, 2014 Mitigating Legal and Business Risks of Cyber Breaches AGENDA Introductions Cyber Threat Landscape Cyber Risk Mitigation Strategies 1 Introductions 2 Introductions To Be Confirmed Title

More information

ESKISP6054.01 Conduct security testing, under supervision

ESKISP6054.01 Conduct security testing, under supervision Overview This standard covers the competencies required to conduct security testing under supervision. In order to contribute to the determination of the level of resilience of an information system to

More information

Subject: Critical Infrastructure Identification, Prioritization, and Protection

Subject: Critical Infrastructure Identification, Prioritization, and Protection For Immediate Release Office of the Press Secretary The White House December 17, 2003 Homeland Security Presidential Directive / HSPD-7 Subject: Critical Infrastructure Identification, Prioritization,

More information

Governance and Management of Information Security

Governance and Management of Information Security Governance and Management of Information Security Øivind Høiem, CISA CRISC Senior Advisor Information Security UNINETT, the Norwegian NREN About Øivind Senior Adviser at the HE sector secretary for information

More information

December 17, 2003 Homeland Security Presidential Directive/Hspd-7

December 17, 2003 Homeland Security Presidential Directive/Hspd-7 For Immediate Release Office of the Press Secretary December 17, 2003 December 17, 2003 Homeland Security Presidential Directive/Hspd-7 Subject: Critical Infrastructure Identification, Prioritization,

More information

State of Minnesota. Enterprise Security Strategic Plan. Fiscal Years 2009 2013

State of Minnesota. Enterprise Security Strategic Plan. Fiscal Years 2009 2013 State of Minnesota Enterprise Security Strategic Plan Fiscal Years 2009 2013 Jointly Prepared By: Office of Enterprise Technology - Enterprise Security Office Members of the Information Security Council

More information

Cyber Security Bangladesh Perspectives. Reza Salim*

Cyber Security Bangladesh Perspectives. Reza Salim* Cyber Security Bangladesh Perspectives by Reza Salim* Paper prepared for ITU WSIS Thematic Meeting on Cyber Security ITU Headquarters, Geneva, Switzerland June 28 - July 1, 2005 * Reza Salim, Associate

More information

S. ll IN THE SENATE OF THE UNITED STATES

S. ll IN THE SENATE OF THE UNITED STATES OLL0 TH CONGRESS ST SESSION S. ll To secure the United States against cyber attack, to improve communication and collaboration between the private sector and the Federal Government, to enhance American

More information

No. 33 February 19, 2013. The President

No. 33 February 19, 2013. The President Vol. 78 Tuesday, No. 33 February 19, 2013 Part III The President Executive Order 13636 Improving Critical Infrastructure Cybersecurity VerDate Mar2010 17:57 Feb 15, 2013 Jkt 229001 PO 00000 Frm 00001

More information

RECOMMENDATIONS OF JOINT WORKING GROUP ON ENGAGEMENT WITH PRIVATE SECTOR ON CYBER SECURITY

RECOMMENDATIONS OF JOINT WORKING GROUP ON ENGAGEMENT WITH PRIVATE SECTOR ON CYBER SECURITY RECOMMENDATIONS OF JOINT WORKING GROUP ON ENGAGEMENT WITH PRIVATE SECTOR ON CYBER SECURITY NATIONAL SECURITY COUNCIL SECRETARIAT Salient Features of the JWG Report on Engagement with Private Sector on

More information

The European CYberSecurity cppp ECYS Draft Proposal

The European CYberSecurity cppp ECYS Draft Proposal The European CYberSecurity cppp ECYS Draft Proposal 12 April 2016 The urgency to act We cannot miss the window opportunity for budgetary reasons: create a synergy among the different EC budgets via the

More information

7 Homeland. ty Grant Program HOMELAND SECURITY GRANT PROGRAM. Fiscal Year 2008

7 Homeland. ty Grant Program HOMELAND SECURITY GRANT PROGRAM. Fiscal Year 2008 U.S. D EPARTMENT OF H OMELAND S ECURITY 7 Homeland Fiscal Year 2008 HOMELAND SECURITY GRANT PROGRAM ty Grant Program SUPPLEMENTAL RESOURCE: CYBER SECURITY GUIDANCE uidelines and Application Kit (October

More information

Cyber Security @ ITU. By Tomas Lamanauskas, ITU

Cyber Security @ ITU. By Tomas Lamanauskas, ITU Cyber Security @ ITU By Tomas Lamanauskas, ITU ITU Overview Founded in 1865 UN Specialized Agency for ICTs HQs in Switzerland 4 Regional Offices & 7 Area Offices 193 Member States; 750 Sector Members and

More information

LEGISLATION ON CYBERCRIME IN NIGERIA: IMPERATIVES AND CHALLENGES

LEGISLATION ON CYBERCRIME IN NIGERIA: IMPERATIVES AND CHALLENGES LEGISLATION ON CYBERCRIME IN NIGERIA: IMPERATIVES AND CHALLENGES T.G. George-Maria Tyendezwa, Head, Computer Crime Prosecution Unit, Federal Ministry of Justice, OUTLINE Interconnected world The Nigerian

More information

Supporting CSIRTs in the EU Marco Thorbruegge Head of Unit Operational Security European Union Agency for Network and Information Security

Supporting CSIRTs in the EU Marco Thorbruegge Head of Unit Operational Security European Union Agency for Network and Information Security Supporting CSIRTs in the EU Marco Thorbruegge Head of Unit Operational Security European Union Agency for Network and Information Security www.enisa.europa.eu European Union Agency for Network and Information

More information

Today s Global Cyber Security Status and Trustworthy Systems That Leverage Distrust Amongst Sovereigns

Today s Global Cyber Security Status and Trustworthy Systems That Leverage Distrust Amongst Sovereigns Today s Global Cyber Security Status and Trustworthy Systems That Leverage Distrust Amongst Sovereigns Benjamin GITTINS Ronald KELSON What is cyberspace and why is it so important? US Government Cyberspace

More information

SCOPE OF WORK. Social Work Organizational Development Specialist OVERVIEW OF VOLUNTEER ASSIGNMENT

SCOPE OF WORK. Social Work Organizational Development Specialist OVERVIEW OF VOLUNTEER ASSIGNMENT SCOPE OF WORK Country: Host Site: Partner Organization: Assignment title: Length of assignment: Lusaka, Zambia Social Workers Association of Zambia Zambia Rising Project Social Work Organizational Development

More information

COMMUNIQUE. AFRICAN ICT MINISTERIAL ROUND-TABLE ON 42 nd MEETING OF ICANN. Hotel Méridien Dakar, SENEGAL. 21 Octobre 2011

COMMUNIQUE. AFRICAN ICT MINISTERIAL ROUND-TABLE ON 42 nd MEETING OF ICANN. Hotel Méridien Dakar, SENEGAL. 21 Octobre 2011 COMMISSION DE L UNION AFRICAINE REPUBLIQUE DU SENEGAL ---------------- MINISTERE DE LA COMMUNICATION, DES TELECOMMUNICATIONS ET DES TECHNOLOGIES DE L INFORMATION ET DE LA COMMUNICATION AFRICAN ICT MINISTERIAL

More information

Government of Kenya Ministry of Information Communications and Technology Telposta Towers, 10th Floor, Kenyatta Ave Nairobi, Kenya

Government of Kenya Ministry of Information Communications and Technology Telposta Towers, 10th Floor, Kenyatta Ave Nairobi, Kenya i Government of Kenya Ministry of Information Communications and Technology Telposta Towers, 10th Floor, Kenyatta Ave Nairobi, Kenya ii Executive Summary Global information and communication technology

More information

Government Decision No. 1139/2013 (21 March) on the National Cyber Security Strategy of Hungary

Government Decision No. 1139/2013 (21 March) on the National Cyber Security Strategy of Hungary Government Decision No. 1139/2013 (21 March) on the National Cyber Security Strategy of Hungary 1. The Government hereby approves the National Cyber Security Strategy of Hungary laid down in Annex No.

More information

FedVTE Training Catalog SUMMER 2015. advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov

FedVTE Training Catalog SUMMER 2015. advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov FedVTE Training Catalog SUMMER 2015 advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov Access FedVTE online at: fedvte.usalearning.gov If you need any assistance please

More information

Global Cybersecurity Index Good Practices

Global Cybersecurity Index Good Practices AUSTRALIA Global Cybersecurity Index Good Practices LEGAL Australia has acceded to the Council of Europe Convention on Cybercrime. The convention came into force on 1 March 2013. Cybercrime Legislation

More information

FedVTE Training Catalog SPRING 2015. advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov

FedVTE Training Catalog SPRING 2015. advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov FedVTE Training Catalog SPRING 2015 advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov If you need any assistance please contact the FedVTE Help Desk here or email the

More information

REPUBLIC OF MAURITIUS NATIONAL CYBER SECURITY STRATEGY

REPUBLIC OF MAURITIUS NATIONAL CYBER SECURITY STRATEGY REPUBLIC OF MAURITIUS 5555555555555555555555555555555555555555555555555555555555 5555555555555555555555555555555555555555555555555555555555 NATIONAL CYBER SECURITY STRATEGY 2014-2019 The time has come

More information

www.pwc.nl/cybersecurity Cyber security Building confidence in your digital future

www.pwc.nl/cybersecurity Cyber security Building confidence in your digital future www.pwc.nl/cybersecurity Cyber security Building confidence in your digital future 2015 Contents 1 Confidence in your digital future 2 Our point of view 3 Building confidence 4 Our services Confidence

More information

Microsoft Services Premier Support. Security Services Catalogue

Microsoft Services Premier Support. Security Services Catalogue Microsoft Services Premier Support Security Services Catalogue 2014 Microsoft Services Microsoft Services helps you get the most out of your Microsoft Information Technology (IT) investment with integrated

More information

Cyber security initiatives in European Union and Greece The role of the Regulators

Cyber security initiatives in European Union and Greece The role of the Regulators Cyber security initiatives in European Union and Greece The role of the Regulators Constantinos Louropoulos President of Hellemic Telecoms and Post Commission Agenda Cyberspace challenges EU security initiatives

More information

Cyber Stability 2015 Geneva, 09 July 2015. African Union Perspectives on Cybersecurity and Cybercrime Issues.

Cyber Stability 2015 Geneva, 09 July 2015. African Union Perspectives on Cybersecurity and Cybercrime Issues. Cyber Stability 2015 Geneva, 09 July 2015 African Union Perspectives on Cybersecurity and Cybercrime Issues. FACTS AND FIGURES As African countries increase access to broadband Internet, issues relating

More information

OUTCOME OF PROCEEDINGS

OUTCOME OF PROCEEDINGS Council of the European Union Brussels, 18 November 2014 15585/14 COPS 303 POLMIL 103 CYBER 61 RELEX 934 JAI 880 TELECOM 210 CSC 249 CIS 13 COSI 114 OUTCOME OF PROCEEDINGS From: Council On: 17 18 November

More information

Instructional and Information Technology Strategic Plan Update. June 1, 2015

Instructional and Information Technology Strategic Plan Update. June 1, 2015 Instructional and Information Technology Strategic Plan Update June 1, 2015 Context Strategic Plan Drivers Why create a new plan now? IT Strategy 2012-15 is expiring Technology has evolved Signficant portion

More information

Focusing on the purpose of the authority and on outcomes for the community and creating and implementing a vision for the local area

Focusing on the purpose of the authority and on outcomes for the community and creating and implementing a vision for the local area CODE OF CORPORATE GOVERNANCE INTRODUCTION Corporate Governance is a term used to describe how organisations direct and control what they do. As well as systems and processes this includes cultures and

More information

Update on U.S. Critical Infrastructure and Cybersecurity Initiatives

Update on U.S. Critical Infrastructure and Cybersecurity Initiatives Update on U.S. Critical Infrastructure and Cybersecurity Initiatives Presented to Information Security Now! Seminar Helsinki, Finland May 8, 2013 MARK E. SMITH Assistant Director International Security

More information

The Changing IT Risk Landscape Understanding and managing existing and emerging risks

The Changing IT Risk Landscape Understanding and managing existing and emerging risks The Changing IT Risk Landscape Understanding and managing existing and emerging risks IIA @ Noon Kareem Sadek Senior Manager, Deloitte Canada Chris Close Senior Manager, Deloitte Canada December 2, 2015

More information

Jyväskylä Cyber Security Ecosystem

Jyväskylä Cyber Security Ecosystem Jyväskylä Cyber Security Ecosystem Adjunct Professor, Dr. (Military Sciences), Col (ret.) Martti Lehto 30.9.2015 High Level Cyber Security Comment 4.2.2014 President Sauli Niinistö highlighted cyber security.

More information

Guidelines. for setting up. Dedicated Project Team. Page 1 of 14

Guidelines. for setting up. Dedicated Project Team. Page 1 of 14 Guidelines for setting up Dedicated Project Team Page 1 of 14 Foreword The National e-governance Plan of Indian Government seeks to lay the foundation and provide the impetus for long-term growth of e-governance

More information

Tentative Action Plan

Tentative Action Plan Republic of Serbia Ministry of Science and Environmental Protection Serbia and Montenegro Tentative Action Plan Draft 1 Belgrade, September 2005 Tentative Action Plan - Draft 1 Section 1 and 2 Information

More information

Cybersecurity Initiatives

Cybersecurity Initiatives Port Vila, 20 November 2014 The Government of The Republic of Vanuatu Cybersecurity Initiatives Telecommunications & Radiocommunications Regulator By Louise Nasak, Technical and Internet Governance Manager,

More information

Information Security ISO Standards. Feb 11, 2015. Glen Bruce Director, Enterprise Risk Security & Privacy

Information Security ISO Standards. Feb 11, 2015. Glen Bruce Director, Enterprise Risk Security & Privacy Information Security ISO Standards Feb 11, 2015 Glen Bruce Director, Enterprise Risk Security & Privacy Agenda 1. Introduction Information security risks and requirements 2. Information Security Management

More information

TERMS OF REFERENCE (TORs) OF CONSULTANTS - (EAG) 1. Reporting Function. The Applications Consultant reports directly to the CIO

TERMS OF REFERENCE (TORs) OF CONSULTANTS - (EAG) 1. Reporting Function. The Applications Consultant reports directly to the CIO TERMS OF REFERENCE (TORs) OF CONSULTANTS - (EAG) Consultant - Enterprise Systems & Applications 1. Reporting Function. The Applications Consultant reports directly to the CIO 2. Qualification and Experience

More information

SECURITY RISK MANAGEMENT

SECURITY RISK MANAGEMENT SECURITY RISK MANAGEMENT ISACA Atlanta Chapter, Geek Week August 20, 2013 Scott Ritchie, Manager, HA&W Information Assurance Services Scott Ritchie CISSP, CISA, PCI QSA, ISO 27001 Auditor Manager, HA&W

More information

TEXAS HOMELAND SECURITY STRATEGIC PLAN 2015-2020: PRIORITY ACTIONS

TEXAS HOMELAND SECURITY STRATEGIC PLAN 2015-2020: PRIORITY ACTIONS TEXAS HOMELAND SECURITY STRATEGIC PLAN 2015-2020: PRIORITY ACTIONS INTRODUCTION The purpose of this document is to list the aligned with each in the Texas Homeland Security Strategic Plan 2015-2020 (THSSP).

More information

SUMMARY OF THE ESTONIAN INFORMATION SYSTEM S AUTHORITY ON ENSURING CYBER SECURITY IN 2012

SUMMARY OF THE ESTONIAN INFORMATION SYSTEM S AUTHORITY ON ENSURING CYBER SECURITY IN 2012 SUMMARY OF THE ESTONIAN INFORMATION SYSTEM S AUTHORITY ON ENSURING CYBER SECURITY IN 2012 Cyberspace is both an ecosystem consisting of an infrastructure and services, and an environment where and through

More information

Department of Defense DIRECTIVE

Department of Defense DIRECTIVE Department of Defense DIRECTIVE NUMBER 8140.01 August 11, 2015 DoD CIO SUBJECT: Cyberspace Workforce Management References: See Enclosure 1 1. PURPOSE. This directive: a. Reissues and renumbers DoD Directive

More information

Cyber Security Research and Development: A Homeland Security Perspective

Cyber Security Research and Development: A Homeland Security Perspective Cyber Security Research and Development: A Homeland Security Perspective Simon Szykman, Ph.D. Director, Cyber Security R&D 202-772-9867 Outline! DHS Organizational Overview Cyber Security Stakeholders

More information

National Cyber Security Strategy 2015-2017

National Cyber Security Strategy 2015-2017 National Cyber Security Strategy 2015-2017 Table of Contents Table of Contents...i Executive Summary... 1 1. Introduction... 2 2. Context - People, Economy, and State... 4 3. Guiding Principles... 10 4.

More information

Compliance Risk Management IT Governance Assurance

Compliance Risk Management IT Governance Assurance Compliance Risk Management IT Governance Assurance Solutions That Matter Introduction to Federal Information Security Management Act (FISMA) Without proper safeguards, federal agencies computer systems

More information

DHS, National Cyber Security Division Overview

DHS, National Cyber Security Division Overview DHS, National Cyber Security Division Overview Hun Kim, Deputy Director Strategic Initiatives Information Analysis and Infrastructure Protection Directorate www.us-cert.gov The strategy of DHS, as defined

More information

Building National and Regional Cybersecurity Competences through the UbuntuNet Alliance NRENS

Building National and Regional Cybersecurity Competences through the UbuntuNet Alliance NRENS Building National and Regional Cybersecurity Competences through the UbuntuNet Alliance NRENS UbuntuNet Connect 2015 F.F. Tusubira & A. Ndiwalana Knowledge Consulting Ltd Outline Background Current reality

More information

COMMUNIQUÉ ON PRINCIPLES FOR INTERNET POLICY-MAKING OECD HIGH LEVEL MEETING ON THE INTERNET ECONOMY,

COMMUNIQUÉ ON PRINCIPLES FOR INTERNET POLICY-MAKING OECD HIGH LEVEL MEETING ON THE INTERNET ECONOMY, COMMUNIQUÉ ON PRINCIPLES FOR INTERNET POLICY-MAKING OECD HIGH LEVEL MEETING ON THE INTERNET ECONOMY, 28-29 JUNE 2011 The Seoul Declaration on the Future of the Internet Economy adopted at the 2008 OECD

More information

[STAFF WORKING DRAFT]

[STAFF WORKING DRAFT] S:\LEGCNSL\LEXA\DOR\OI\PARTIAL\CyberWD..xml [STAFF WORKING DRAFT] JULY, 0 SECTION. TABLE OF CONTENTS. The table of contents of this Act is as follows: Sec.. Table of contents. Sec.. Definitions. TITLE

More information

JOB ANNOUNCEMENT. Chief Security Officer, Cheniere Energy, Inc.

JOB ANNOUNCEMENT. Chief Security Officer, Cheniere Energy, Inc. JOB ANNOUNCEMENT Chief Security Officer, Cheniere Energy, Inc. Position Overview The Vice President and Chief Security Risk Officer (CSRO) reports to the Chairman, Chief Executive Officer and President

More information

CYBER SECURITY LEGISLATION AND POLICY INITIATIVES - UGANDA CASE

CYBER SECURITY LEGISLATION AND POLICY INITIATIVES - UGANDA CASE CYBER SECURITY LEGISLATION AND POLICY INITIATIVES - UGANDA CASE 2009 ITU Regional Cybersecurity Forum for Africa and Arab States Tunis, 4-5 June 2009 Patrick Mwesigwa, Director/Technology & Licensing,

More information

Cyber-Security. FAS Annual Conference September 12, 2014

Cyber-Security. FAS Annual Conference September 12, 2014 Cyber-Security FAS Annual Conference September 12, 2014 Maysar Al-Samadi Vice President, Professional Standards IIROC Cyber-Security IIROC Rule 17.16 BCP The regulatory landscape Canadian Government policy

More information

Security Architecture Principles A Brief Introduction. Mark Battersby 2013-05-22, Oslo

Security Architecture Principles A Brief Introduction. Mark Battersby 2013-05-22, Oslo Security Architecture Principles A Brief Introduction Mark Battersby 2013-05-22, Oslo Agenda About Me Enterprise Architecture Architecture Principles Our Philosophy Security Architecture Principles Security

More information

A COMPREHENSIVE INTER-AMERICAN CYBERSECURITY STRATEGY: A MULTIDIMENSIONAL AND MULTIDISCIPLINARY APPROACH TO CREATING A CULTURE OF CYBERSECURITY

A COMPREHENSIVE INTER-AMERICAN CYBERSECURITY STRATEGY: A MULTIDIMENSIONAL AND MULTIDISCIPLINARY APPROACH TO CREATING A CULTURE OF CYBERSECURITY APPENDIX A A COMPREHENSIVE INTER-AMERICAN CYBERSECURITY STRATEGY: A MULTIDIMENSIONAL AND MULTIDISCIPLINARY APPROACH TO CREATING A CULTURE OF CYBERSECURITY INTRODUCTION The Internet and related networks

More information

Information Assurance. and Critical Infrastructure Protection

Information Assurance. and Critical Infrastructure Protection Information Assurance and Critical Infrastructure Protection A Federal Perspective Information Assurance Presented by the Government Electronics and Information Technology Association 2001 Executive Summary

More information

defense through discovery

defense through discovery defense through discovery about krypton krypton is an advisory and consulting services firm, specialized in the domain of information technology (it) and it-related security krypton is a partnership amongst

More information

ASEAN Regional Forum Cyber Incident Response Workshop Republic of Singapore 6-7 September 2012. Co-Chair s Summary Report

ASEAN Regional Forum Cyber Incident Response Workshop Republic of Singapore 6-7 September 2012. Co-Chair s Summary Report ASEAN Regional Forum Cyber Incident Response Workshop Republic of Singapore 6-7 September 2012 Co-Chair s Summary Report 1. Pursuant to the 18 th ASEAN Regional Forum (ARF) Ministerial meeting in Bali,

More information

Cyber Security Strategy(Information Security Policy Council, June 10, 2013)

Cyber Security Strategy(Information Security Policy Council, June 10, 2013) Environmental Change Vision to aim as a Goal Basic Principles Cyber Security Strategy(Information Security Policy Council, June 10, 2013) Areas of Efforts Increasing severity of the risk surrounding cyberspace

More information

Information Security Management Systems

Information Security Management Systems Information Security Management Systems Øivind Høiem CISA, CRISC, ISO27001 Lead Implementer Senior Advisor Information Security UNINETT, the Norwegian NREN About Øivind Senior Adviser at the HE sector

More information

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown Cyber Resilience Implementing the Right Strategy Grant Brown specialist, CISSP @TheGrantBrown 1 2 Network + Technology + Customers = $$ 3 Perfect Storm? 1) Increase in Bandwidth (extended reach) 2) Available

More information

Submission of the.au Domain Administration Ltd (auda) to the Australian Government's Cyber Security Review

Submission of the.au Domain Administration Ltd (auda) to the Australian Government's Cyber Security Review Submission of the.au Domain Administration Ltd (auda) to the Australian Government's Cyber Security Review About auda.au Domain Administration Ltd (auda) is the industry self regulatory, not for profit

More information