Challenges in the Information Age
|
|
- Antony Stevens
- 8 years ago
- Views:
Transcription
1 Federal Office for Information Security The Role of the BSI in the German IT-Security Market Challenges in the Information Age Office History, Tasks and Services Information & Awareness Programme Baseline Security Product Certification Projects with Industry on IT-Security Bernd Kowalski Bundesamt für Sicherheit in der Informationstechnik (BSI) Federal Office for Information Security San Francisco, February 23rd 2004 Bernd Kowalski Folie 1 Challenges in the Information Age ICT changes social and commercial structures ICT gets major impact on national economy. Business infrastructures depend on reliability of ICT. e-business and e-government redefine relationship to business partners, customers and citizens. Electronic Funds Transfer and e-payment replace banknotes and other traditional payment systems. Smartcards & Biometrics push electronic passport-management. ICT is essential to manage all national critical infrastructures like traffic, energy, chemical, healthcare, telco, emergency etc. Providing reliability and control of national ICT-infrastructures will be a question of national security and sovereignty. Bernd Kowalski Folie 2
2 Challenges in the Information Age Threats to National ICT Infrastructures Security weaknesses in IT-Systems. Difficulty to detect attacks and attackers. Security investments jeopardize commercial success. More than 80% of critical IT-infrastructures are private. Difficulty of national regulations in a global competitive environment. IT-infrastructures are highly interdependent, e.g.: Weaknesses of customers`/citizens` systems may be used to attack industrial or governmental systems (DDoS). Bernd Kowalski Folie 3 Challenges in the Information Age German Government Initiatives Define Security of information systems as a part of national security. Rules for the certification and approval of IT-Security systems. Provide services for the security of government IT-systems. Support industry and citizens to increase their IT-Security level. Commit to Public Private Partnerships (PPP`s) to increase the security of critical national IT-infrastructures. Provide for a strong and independent IT-Security industry. Bernd Kowalski Folie 4
3 Office History and Structure History and Figures Office founded by law in Associated with the Federal Ministery of Interior. Annual budget: 45 Mio. Employees: 380. Location: Bonn. The BSI is the German Federal IT Security Authority associated with national and international partners in the field of Cryptography, Internet-Security and Certification. Bernd Kowalski Folie 5 Tasks and Services Tasks by Law Analysis of IT-threats and -risks. Improve national IT-Security in cooperation with industry. Security Evaluation and Certification of IT systems. Provide the protection of classified information. Operation of central security services like Keymanagement. Bernd Kowalski Folie 6
4 Tasks and Services BSI as a part of the national IT-Security Environment Federal Government Suppliers Directives National IT-Infrastructure Deliverables Initiatives Services Citizens, Public Sector, Industry Partners Bernd Kowalski Folie 7 Services: Tasks and Services Citizens (consuming IT-Security) Webportal service information about Internet security issues Gov`t & Industry: (consuming IT-Security) baseline security standard Grundschutz, for corporate IT-infrastructures with medium-level requ. Critical Information Infrastructure Protection: provide means for extraordinary security events. Warning & Alerting services in case of security events: Federal-CERT serving the German Federal Gov`t. Devices & services to protect classified communication in gov`t & industry. Counter-eavesdropping services&standards for Fed.Gov`t, incl. physical -, emission -, mobile security Manufacturers & Service Prov`s: (offering IT-Security) Security Certification&Approval of IT-Products&Systems Bernd Kowalski Folie 8
5 Information & Awareness Programme IT security: Situation in Germany IT-Market Total Market: 12 Bio. Security: 1,2 Bio. Government: 25% each IT-penetration: 52% households have a PC 44% have an internet access 32 Mio. people are online IT-Threats: increasing IT-dependency data privacy viruses & spam computer crime: cases in 2002 (BKA-Federal Bureau of Criminal Investigation) Bernd Kowalski Folie 9 Information & Awareness Programme Citizen Awareness Programme BSI provides information for different target groups: citizens (general): = Webportal + CD-ROM children & teens: (new project) Partner Communication Channels: other print & online media manufacturers like Fujitsu-Siemens D21 PPP-programme Bernd Kowalski Folie 10
6 Mechanismenstärke hoch mittel niedrig Architektur E1 E-Stufen und Mechanismenstärke E2 Quellcode Tests der Mechnismen E3 E4 E5 Feinentwurf Konfigurations- kontrollsystem Tests enger Zusam- menhang Sicherheits- zwischen modell Feinentwurf und semiformale Quellcode Entwicklungs- methoden formale Endwick- lungsmethoden E6 E-Stufe Information & Awareness Programme Small & Medium Enterprises and Administrations public administration: e-government manual private businesses: IT baseline protection manual Bernd Kowalski Folie 11 Vertrauen Funktionalität Funktionalität IT Baseline Protection Introduction Problems and motivation: Increasing number of IT-Security incidents with loss of business. Limited corporate IT-budgets and -competence, esp. in SMEs. Business partners want to check the IT-security level of cooperating institutions by an independant method. Traditional risk analysis methods are complex & not reusable. Objectives: IT-Sec.guidelines applicable & affordable for standard IT- Method: infrastr. Define standard types of IT-components, threats & safeguards. Give practical advice how to implement these safeguards. Result: Modular concept: threat & safeguard catalogue per component. Applicable to common IT-infrastr. in public & private sectors. Bernd Kowalski Folie 12
7 IT Baseline Protection Tools General Guideline Overview and awareness program for CEOs. Handbook Available in CD, Online and printed format. Software Toolkit Menu-based planning tool. Gets you to your individual security soluition. Web Tutorial Provides an overview on baseline protection. Introduces the concept of the SW-Toolkit. Available on the Web. Bernd Kowalski Folie 13 Objectives Product Certification Evaluation of security features of IT-Products. Improve both security and quality of IT-infrastructures. Independant and trustworthy product evaluation and certification. Consideration of national security requirements. Strategic support for national IT-Security industry. Legal Framework BSI is the national authority for the German certification scheme. No general legal obligation to purchase certified products. Except: approval of products for the processing of classified information. Bernd Kowalski Folie 14
8 Product Certification Why should manufactures apply for a certificate? Improve product quality and security. Use public product certificate for product marketing. Government requirements in certain areas: German Signature Law, EU- and NATO-Directives etc. Why should Buyers request for a certified product? Product has been evaluated by an independant, accredited body. Manufacturer is responsible for evaluation expenses not the buyer. Certificate may help to provide evidence for resistance against certain threats. Bernd Kowalski Folie 15 History Kriterien für die Bewertung der Sicherheit von Systemen der Informationstechnik (ITSEC) Juni 1991 Product Certification Certification Criteria 1985: US-Orange Book IT-Security acquisition requirements from the US DoD for special systems. 1989: The BSI Greenbook for Germany. 1991: European Information Technology Security Evaluation Criteria (ITSEC). Common Criteria for Information Technology Security Evaluation Part I: Introduction and general model May 1998 Version 2.0 CCIB : Common Criteria (CC) V2.1 - the first agreed international certification standard published under ISO/IEC Bernd Kowalski Folie 16
9 Certificate producing and accepting nations Product Certification The Common Criteria Community Certificate accepting nations DSD Australia/ Newsealand BSI Germany DCSSI France CESG United Kingdom CSE Canada USA NIAP CCRA = Common Criteria - Recognition Arrangement Hungary Finland Greece Israel Italy Netherlands Norway Spain Sweden Austria Turkey Bernd Kowalski Folie 17 Product Certification Contributors in the Certification procedure Manufacturer: requests for a certificate provides complete product documentation Evaluation Facility: design evaluation, penetration tests audits in development and production evaluation report to certification body Certification body: develop certif. criteria together with CCRA-partners accept evaluation report, issue product certificate Bernd Kowalski Folie 18
10 Product Certificates recently issued by the BSI: Infineon Smartcard-Controller (Smart Card IC SLE66CX322P) Gemplus Smart Card Betriebssystem(GemXpressoPro E64PK) SuSE Betriebssystem (Linux) IBM Betriebssysteme, Directory-Server, Tivoli Microsoft Firewall GeNUA Firewall Product Certification Utimaco PC-Sicherheitsprodukte Renesas (Hitachi) Smartcard-Controller (AE43C Version 01) Philips Smartcard-Controller (P16WX064V0C) G + D Tachosmart Card (STARCOS 2.4 Tach.Card Applic.) Bernd Kowalski Folie 19 Product Certification European Projects with obligations to apply CC-Certification: EU Commission: NATO: Multilateral Defense: UN: Digital Tachograph: legally binding Directive several activities several projects Principles on Critical Infrastructure Protection D: Several governmental projects, German Digital Signature Law Bernd Kowalski Folie 20
11 Product Certification US-Government Obligations to use CC-Certification: FACT SHEET NSTISSP No. 11 National Information Assurance Acquisition Policy By July the acquisition of all COTS IA and IA-enabled IT products to be used on systems specified, shall be limited only to those which have been evaluated and validated [acc to CC, NIST/NSA/NIAP or FIPS program]. CCRA Legend: COTS: Commercial of the shelf IA: Information Assurance NST/ISSP: National Security Telco and Info Systems Security Policy The US-Directive #11 might have a significant future impact on the global IT market. Bernd Kowalski Folie 21 Projects with Industry on IT-Security Selected Projects from the National PPP-Programme IVBB voice & data network for the federal government. Root Certification Authority (CA) for German Governments. European Bridge CA for secure communication between Government and Industry. Federal CERT Community with Large and Medium Enterprises. Others on Smartcards, Biometrics etc. Bernd Kowalski Folie 22
12 Contact Thank You for Your Attention! Bernd Kowalski Bundesamt für Sicherheit in der Informationstechnik Godesberger Allee Bonn Phone: Fax: Bernd.Kowalski@bsi.bund.de Bernd Kowalski Folie 23
BSI - Federal Office for Information Security. Evaluation and Certification of IT Security Technology in Germany
Bernd Kowalski 27.10.2004 Folie 1 BSI - Federal Office for Information Security Evaluation and Certification of IT Security Technology in Germany The BSI - History, Tasks and Services Product Certification
More informationISO 15408. The international IT security standard. Marcel Weinand. 049-228/9582-152 MarcelWeinand@bsi.bund.de. Marcel Weinand
The international IT security standard ISO 15408 1 049-228/9582-152 MarcelWeinand@bsi.bund.de History of IT-Security Criteria Canada CTCPEC 3 USA 93 2 US TCSEC 83, 85 Germany France UK Netherlands Federal
More informationUpdate on the German Scheme
Update on the German Scheme Dipl.-Math. Irmela Ruhrmann Head of Certification Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik - BSI) Folie 1 BSI CERTIFICATION
More informationCERTIFIED. SECURE SOFTWARE DEVELOPMENT with COMMON CRITERIA
CERTIFIED SECURE SOFTWARE DEVELOPMENT with COMMON CRITERIA CONTENT CC IN A NUTSHELL CC BACKGROUND AIM AND GOAL OF CC ADVANTAGES OF CC WHY DO WE RECOMMEND CC TO DEVELOPERS? WHEN IS CC THE RIGHT CHOICE?
More informationCommon Criteria Evaluations for the Biometrics Industry
Common Criteria Evaluations for the Biometrics Industry Kathy Malnick Senior Manager Criterian Independent Labs An initiative of the WVHTC Foundation Presentation outline Common Criteria defined Common
More informationInformation Security Standards by Dr. David Brewer Gamma Secure Systems Limited Diamond House, 149 Frimley Road Camberley, Surrey, GU15 2PS +44 1276
Information Security Standards by Dr. David Brewer Gamma Secure Systems Limited Diamond House, 149 Frimley Road Camberley, Surrey, GU15 2PS +44 1276 702500 dbrewer@gammassl.co.uk Agenda Background and
More informationBSI-DSZ-CC-S-0040-2015. for. Dream Chip Technologies GmbH Germany. Dream Chip Technologies GmbH
BSI-DSZ-CC-S-0040-2015 for Dream Chip Technologies GmbH Germany of Dream Chip Technologies GmbH BSI - Bundesamt für Sicherheit in der Informationstechnik, Postfach 20 03 63, D-53133 Bonn Phone +49 (0)228
More informationMalaysian Common Criteria Evaluation & Certification (MyCC) Scheme Activities and Updates. Copyright 2010 CyberSecurity Malaysia
Malaysian Common Criteria Evaluation & Certification (MyCC) Scheme Activities and Updates Copyright 2010 CyberSecurity Malaysia Agenda 1. Understand Why we need product evaluation and certification ICT
More informationBSI-DSZ-CC-S-0035-2014. for. GLOBALFOUNDRIES Singapore Pte. Ltd. GLOBALFOUNDRIES Singapore Pte. Ltd.
BSI-DSZ-CC-S-0035-2014 for GLOBALFOUNDRIES Singapore Pte. Ltd. of GLOBALFOUNDRIES Singapore Pte. Ltd. BSI - Bundesamt für Sicherheit in der Informationstechnik, Postfach 20 03 63, D-53133 Bonn Phone +49
More informationNational Plan for Information Infrastructure Protection
National Plan for Information Infrastructure Protection www.bmi.bund.de Contents 1 Introduction 2 1.1 Germany s information infrastructures 2 1.2 Threats and risks to our information infrastructures 3
More informationTechnical information on the IT security certification of products, protection profiles and sites
Technical information on the IT security certification of products, protection profiles and sites (including confirmations in accordance with SigG) BSI 7138 Version 2.1, as per 5 November 2012 Document
More informationORGANISATION FOR ECONOMIC CO-OPERATION AND DEVELOPMENT
2 OECD RECOMMENDATION OF THE COUNCIL ON THE PROTECTION OF CRITICAL INFORMATION INFRASTRUCTURES ORGANISATION FOR ECONOMIC CO-OPERATION AND DEVELOPMENT The OECD is a unique forum where the governments of
More informationProtection Profile Digital Tachograph Vehicle Unit (VU PP) Version 1.0 BSI-CC-PP-0057-2010
Protection Profile Digital Tachograph Vehicle Unit (VU PP) Version 1.0 BSI-CC-PP-0057-2010 Dipl.-Phys. Certification Federal Office for Information Security (BSI), Germany Topics of VU-PP CC 3.1 R3 Overview
More informationSecurity Compliance: Making the Proper Decisions
Security Compliance: Making the Proper Decisions L. Arnold Johnson National Information Assurance Partnership National Institute of Standards and Technology Short Answer to Moderators Questions Advice
More informationJTEMS A Community for the Evaluation and Certification of Payment Terminals
JTEMS A Community for the Evaluation and Certification of Payment Terminals Jürgen Blum, Federal Office for Information Security (BSI), Germany 14 th ICCC, USA Outline Brief overview: What is JTEMS? Who
More informationBSI-PP-0004-2002. for. Protection Profile Secure Signature-Creation Device Type 1, Version 1.05. developed by
BSI-PP-0004-2002 for Protection Profile Secure Signature-Creation Device Type 1, Version 1.05 developed by CEN/ISSS Information Society Standardization System, Workshop on Electronic Signatures - Bundesamt
More informationAgenda. Emphasized text to show one more strong point on this slide TAKE-AWAY MESSAGE
Agenda Emphasized text to show one more strong point on this slide TAKE-AWAY MESSAGE INTRACOM Group Core Companies MARKET POSITION A leading regional telecommunications systems manufacturer and solutions
More informationCertification Report. NXP Secure Smart Card Controller P40C012/040/072 VD
TÜV Rheinland Nederland B.V. Version 20101101 Certification Report NXP Secure Smart Card Controller P40C012/040/072 VD Sponsor and developer: NXP Semiconductors Germany GmbH, Business Unit Identification
More informationThe Challenge of Raising Business Value through Objective Evaluation of IT Security, & Japan s IT Security Policy
Ministry of Economy, Trade and Industry The Challenge of Raising Business Value through Objective Evaluation of IT Security, & Japan s IT Security Policy September 28, 2005 TANABE, Takefumi Deputy Director,
More informationSmart grid cyber security certification
Smart grid cyber security certification 1 Introduction On 30th September 2014 ENISA organised a workshop where the results of the report on Smart grid security certification (to be published by end of
More informationGermany: Report on Developments in the Field of Information and Telecommunications in the Context of International Security (RES 69/28),
Germany: Report on Developments in the Field of Information and Telecommunications in the Context of International Security (RES 69/28), General appreciation of the issues of information security Information
More informationSafeguards Frameworks and Controls. Security Functions Parker, D. B. (1984). The Many Faces of Data Vulnerability. IEEE Spectrum, 21(5), 46-49.
Safeguards Frameworks and Controls Theory of Secure Information Systems Features: Safeguards and Controls Richard Baskerville T 1 F 1 O 1 T 2 F 2 O 2 T 3 F 3 O 3 T 4... T n...... F l O m T F O Security
More informationNIAP CC Evaluation & Validation Scheme: Scheme Home. From the United States:
Pagina 1 di 5 The following information technology (IT) products and protection p evaluated and certified/validated in accordance with the provisi Common Criteria Evaluation and Validation Scheme and the
More informationSupporting CSIRTs in the EU Marco Thorbruegge Head of Unit Operational Security European Union Agency for Network and Information Security
Supporting CSIRTs in the EU Marco Thorbruegge Head of Unit Operational Security European Union Agency for Network and Information Security www.enisa.europa.eu European Union Agency for Network and Information
More informationMonitoring the Information Economy
Monitoring the Information Economy Prepared by: Dr. Sabine Graumann Florian Neinert Munich, April 2004 1 Germany s Positioning Top Positions worldwide No. 1 in Europe European Leadership Improvements Penetration
More informationSUMMARY OF THE ESTONIAN INFORMATION SYSTEM S AUTHORITY ON ENSURING CYBER SECURITY IN 2012
SUMMARY OF THE ESTONIAN INFORMATION SYSTEM S AUTHORITY ON ENSURING CYBER SECURITY IN 2012 Cyberspace is both an ecosystem consisting of an infrastructure and services, and an environment where and through
More informationElectronic Citizen Identities and Strong Authentication
Electronic Citizen Identities and Strong Authentication Sanna Suoranta, Lari Haataja, Tuomas Aura Department of Computer Science Aalto University Finland Sanna Suoranta sanna.suoranta@aalto.fi Content
More informationEUROPEAN WORKSHOP ON INDUSTRIAL COMPUTER SYSTEMS
EUROPEAN WORKSHOP ON INDUSTRIAL COMPUTER SYSTEMS TECHNICAL COMMITTEE 7 RELIABILITY, SAFETY & SECURITY Document Number: WP 5016 V1 Plenary O Category: Workplan O Subgroup Curr O Minutes O FM O Technical
More informationThe ratification of the Kyoto-protocol in Turkey and its implementation into domestic law
The ratification of the Kyoto-protocol in Turkey and its implementation into domestic law Cihan Avcı PhD student at the University of Heidelberg Cihan_avci@hotmail.com Terms United Nations Framework Convention
More informationHow many students study abroad and where do they go?
From: Education at a Glance 2012 Highlights Access the complete publication at: http://dx.doi.org/10.1787/eag_highlights-2012-en How many students study abroad and where do they go? Please cite this chapter
More informationISO/IEC 24727 for secure mobile web applications
ISO/IEC 24727 for secure mobile web applications Jan Eichholz 1 Detlef Houdeau 2 Detlef Hühnlein 3 Manuel Bach 4 1 Giesecke & Devrient GmbH, jan.eichholz@gi-de.com 2 Infineon Technologies AG, detlef.houdeau@infineon.com
More information1. Perception of the Bancruptcy System... 2. 2. Perception of In-court Reorganisation... 4
Bankruptcy Systems and In-court Reorganisation of Firms, 2010 Content: 1. Perception of the Bancruptcy System... 2 2. Perception of In-court Reorganisation... 4 3. Perception of Creditor Committees, Fast
More information2008 by Bundesamt für Sicherheit in der Informationstechnik (BSI) Godesberger Allee 185-189, 53175 Bonn
2008 by Bundesamt für Sicherheit in der Informationstechnik (BSI) Godesberger Allee 185-189, 53175 Bonn Contents Contents 1 Introduction 1.1 Version History 1.2 Objective 1.3 Target group 1.4 Application
More informationHigher education institutions as places to integrate individual lifelong learning strategies
Higher education institutions as places to integrate individual lifelong learning strategies Andrzej Krasniewski Warsaw University of Technology Bologna Expert QUALIFICATIONS FRAMEWORKS AS INSTRUMENTS
More informationIT Security Certification and Criteria Progress, Problems and Perspectives
IT Security Certification and Criteria Progress, Problems and Perspectives Kai Rannenberg Microsoft Research Cambridge, UK St. George House, 1 Guildhall Street, GB Cambridge CB2 3NH kair@microsoft.com
More informationSpoof Detection and the Common Criteria
Spoof Detection and the Common Criteria Ralph Breithaupt (BSI) Nils Tekampe (TÜViT) Content Today s situation The BSI projects LifeFinger I & II Spoofing The definition Spoof Detection in Common Criteria
More informationCompliance Risk Management IT Governance Assurance
Compliance Risk Management IT Governance Assurance Solutions That Matter Introduction to Federal Information Security Management Act (FISMA) Without proper safeguards, federal agencies computer systems
More informationGovernment at a Glance 2015
Government at a Glance 2015 Size of public procurement Strategic public procurement E-procurement Central purchasing bodies 135 Size of public procurement Public procurement refers to the purchase by governments
More informationOpen Smart Card Infrastructure for Europe
Open Smart Card Infrastructure for Europe v2 Volume 8: Part 3-1: Authors: Security and Protection Profiles (Common Criteria Supporting Document) eesc TB3 Protection Profiles, Security Certification NOTICE
More informationInformation security audit (IS audit) - A guideline for IS audits based on IT-Grundschutz
Information security audit (IS audit) - A guideline for IS audits based on IT-Grundschutz German Federal Office for Information Security Postfach 20 03 63 53133 Bonn Tel.: +49 22899 9582-0 E-Mail: isrevision@bsi.bund.de
More informationBSI-DSZ-CC-0889-2013. for. tru/cos tacho v1.1. from. Trueb AG
BSI-DSZ-CC-0889-2013 for tru/cos tacho v1.1 from Trueb AG BSI - Bundesamt für Sicherheit in der Informationstechnik, Postfach 20 03 63, D-53133 Bonn Phone +49 (0)228 99 9582-0, Fax +49 (0)228 9582-5477,
More informationERASMUS+ MASTER LOANS
ERASMUS+ MASTER LOANS Erasmus+ Master Loan: opening up access to more affordable lending for cross-border studies The Erasmus+ programme makes it possible for students who want to take a full Masters level
More informationInnovative means to exchange telecom fraud and network security risks information
Innovative means to exchange telecom fraud and network security risks information Anastasius Gavras Eurescom GmbH Outline Who is Eurescom? Collaboration as an innovation instrument INNO-UTILITIES Sharing
More informationTOWARDS PUBLIC PROCUREMENT KEY PERFORMANCE INDICATORS. Paulo Magina Public Sector Integrity Division
TOWARDS PUBLIC PROCUREMENT KEY PERFORMANCE INDICATORS Paulo Magina Public Sector Integrity Division 10 th Public Procurement Knowledge Exchange Platform Istanbul, May 2014 The Organization for Economic
More informationA Structured Comparison of Security Standards
A Structured Comparison of Security Standards Kristian Beckers 1, Isabelle Côté 3, Stefan Fenz 2, Denis Hatebur 1,3, and Maritta Heisel 1 1 paluno - The Ruhr Institute for Software Technology - University
More informationForeign Taxes Paid and Foreign Source Income INTECH Global Income Managed Volatility Fund
Income INTECH Global Income Managed Volatility Fund Australia 0.0066 0.0375 Austria 0.0045 0.0014 Belgium 0.0461 0.0138 Bermuda 0.0000 0.0059 Canada 0.0919 0.0275 Cayman Islands 0.0000 0.0044 China 0.0000
More informationBSI-DSZ-CC-0678-2011. for. Microsoft Forefront Unified Access Gateway 2010 (CC) Version / Build 4.0.1752.10000. from. Microsoft Corporation
BSI-DSZ-CC-0678-2011 for Microsoft Forefront Unified Access Gateway 2010 (CC) Version / Build 4.0.1752.10000 from Microsoft Corporation BSI - Bundesamt für Sicherheit in der Informationstechnik, Postfach
More informationNorway Post s Electronic ID Case study on authentication. Oslo 17. June 1999 Terje Kolnes, Norway Post
Norway Post s Electronic ID Case study on authentication Oslo 17. June 1999 Terje Kolnes, Norway Post.0 Presentation Objective The Norway Post National electronic ID, The enabler for e-commerce Global
More informationSecurity Audit VIS Central System. Summary Report
Security Audit VIS Central System Summary Report 1 June 2012 1 1. INTRODUCTION 1.1 Visa information system The Visa Information System (VIS) is a system for the exchange of data on short-stay visas among
More informationExploring the Landscape of Philippine Cybersecurity
Exploring the Landscape of Philippine Cybersecurity Understanding the Risk and Taking Appropriate Steps to Mitigate Cybersecurity Threats Freddy Tan, CISSP Chairperson, (ISC)² Board of Directors Copyright
More informationCloud Computing - Starting Points for Privacy and Transparency
Computing - Starting Points for Privacy and Transparency Ina Schiering Ostfalia University of Applied Science Wolfenbüttel, Germany IFIP Summerschool: Privacy and Identity Management for Life, Helsingborg,
More informationInsurance corporations and pension funds in OECD countries
Insurance corporations and pension funds in OECD countries Massimo COLETTA (Bank of Italy) Belén ZINNI (OECD) UNECE, Expert Group on National Accounts, Geneva - 3 May 2012 Outline Motivations Insurance
More informationBSI Baseline Protection Manual - How to measure IT-Security -
BSI Baseline Protection Manual - How to measure IT-Security - Thomas Biere Federal Information Security Agency, Germany Prejudices against IT-Security! IT-Security - causes a lot of expenses - is too expencive
More informationNational Information Assurance Program (NIAP) Evolution
National Information Assurance Program (NIAP) Evolution 28 September 2010 Brian Henderson NSA Commercial Solutions Center A Historical Perspective 1983-1997 NSA s National Computer Security Center (NCSC)
More informationPreventing fraud and corruption in public procurement
Preventing fraud and corruption in public procurement CRIM, European Parliament 24 September 2012 Brussels János Bertók Head of division Public Sector Integrity OECD Data on trends in procurement Size
More informationCommon Criteria V3.1. Evaluation of IT products and IT systems
Common Criteria V3.1 Evaluation of IT products and IT systems Contents 1 Background... 1 2 Benefits of Evaluations... 3 3 Levels of Assurance... 3 3.1 EAL1 - Functionally Tested... 4 3.2 EAL2 - Structurally
More informationSC2 BIOECONOMY in Horizon 2020
SC2 BIOECONOMY in Horizon 2020 Food security, sustainable agriculture and forestry, marine and maritime and inland water research and the bioeconomy 19 DICEMBRE 2013 TAVOLA ROTONDA Iniziative e partenariati
More informationThe value of accredited certification
Certified Once Accepted Everywhere The value of accredited certification Survey Report Published May 212 In 21/11, the IAF carried out a global survey to capture market feedback on the value of certification.
More informationOctober 30, 2014. How IT, Including the Cloud and IOT, Can Drive Canadian Economic Growth. Dr. Robert D. Atkinson, President, ITIF.
October 30, 2014 How IT, Including the Cloud and IOT, Can Drive Canadian Economic Growth Dr. Robert D. Atkinson, President, ITIF @RobAtkinsonITIF The Information Technology and Innovation Foundation is
More informationSecuring VoIP Networks using graded Protection Levels
Securing VoIP Networks using graded Protection Levels Andreas C. Schmidt Bundesamt für Sicherheit in der Informationstechnik, Godesberger Allee 185-189, D-53175 Bonn Andreas.Schmidt@bsi.bund.de Abstract
More informationERASMUS+ MASTER LOANS
Ref. Ares(2015)660570-17/02/2015 ERASMUS+ MASTER LOANS Erasmus+ Master Loan: opening up access to more affordable lending for cross-border studies The Erasmus+ programme makes it possible for students
More informationEUF STATISTICS. 31 December 2013
. ESTIMATES OF EU TURNOVER VOLUMES. Turnover volumes by product, allocation and notification (Estimates of EU s, Millions of ) Estimate of the EU % on Turnover Significance of the sample on total turnover
More informationCyber Security Strategy for Germany
Cyber Security Strategy for Germany Contents Introduction 2 IT threat assessment 3 Framework conditions 4 Basic principles of the Cyber Security Strategy 4 Strategic objectives and measures 6 Sustainable
More informationCommon Criteria Explained Series Common Criteria Guidance for Developers Evaluation Assurance Level 4. January 2013, v 1.42
Common Criteria Explained Series Common Criteria Guidance for Developers Evaluation Assurance Level 4 January 2013, v 1.42 BRIGHTSIGHT COMMON CRITERIA EXPLAINED SERIES 2 22 Contact information If you have
More informationReporting practices for domestic and total debt securities
Last updated: 4 September 2015 Reporting practices for domestic and total debt securities While the BIS debt securities statistics are in principle harmonised with the recommendations in the Handbook on
More informationMutual Recognition Agreement of Information Technology Security Evaluation Certificates
Final Version January 8 th, 2010 Mutual Recognition Agreement of Information Technology Security Evaluation Certificates VERSION 3.0 MANAGEMENT COMMITTEE January 2010 This document supersedes the document
More informationFinland must take a leap towards new innovations
Finland must take a leap towards new innovations Innovation Policy Guidelines up to 2015 Summary Finland must take a leap towards new innovations Innovation Policy Guidelines up to 2015 Summary 3 Foreword
More informationBSI-DSZ-CC-0636-2012. for. IBM Tivoli Access Manager for e-business version 6.1.1 FP4 with IBM Tivoli Federated Identity Manager version 6.2.
BSI-DSZ-CC-0636-2012 for IBM Tivoli Access Manager for e-business version 6.1.1 FP4 with IBM Tivoli Federated Identity Manager version 6.2.1 FP2 from IBM Corporation BSI - Bundesamt für Sicherheit in der
More informationBellevue University Cybersecurity Programs & Courses
Undergraduate Course List Core Courses: CYBR 250 Introduction to Cyber Threats, Technologies and Security CIS 311 Network Security CIS 312 Securing Access Control CIS 411 Assessments and Audits CYBR 320
More informationACP-NEP Co-ord (Smith, Lyn C2) Military Goods: A400M Collaborative Programme OPEN GENERAL EXPORT LICENCE APRIL 2014
ACP-NEP Co-ord (Smith, Lyn C2) OPEN GENERAL EXPORT LICENCE Military Goods: A400M Collaborative Programme APRIL 2014 - This page has been left intentionally blank - - 2 - April 2014 Open General Export
More informationInformation Technology Security Evaluation Criteria ( ITSEC ) Critères d'évaluation de la securitie des systémes informatiques
Information Technology Security Evaluation Criteria ( ITSEC ) Critères d'évaluation de la securitie des systémes informatiques Kriterien für die Bewertung der Sicherheit von Systemen der Informationstechnik
More informationFostering Information Security Awareness Among Responding Countries
Unclassified DSTI/ICCP/REG(2005)1/FINAL DSTI/ICCP/REG(2005)1/FINAL Unclassified Organisation de Coopération et de Développement Economiques Organisation for Economic Co-operation and Development 16-Dec-2005
More informationHow To Manage Information Technology
Nachweis der erreichten Sicherheit durch Prüfungen nach Standards?! DECUS Rheinlandtreffen St. Augustin, 18.11.2004 Bundesamt für Sicherheit in der Informationstechnik ISO/IEC nicht ISO/IEC 2. Standards
More informationNational Infrastructure Security Co-ordination ordination Centre. Peter Burnett Head of Information Sharing
National Infrastructure Security Co-ordination ordination Centre Peter Burnett Head of Information Sharing Background Late 70 s Mainframes, Minis, Micros Languages Evaluation & Certification, CLEFs Compusec,
More informationCyber security Indian perspective & Collaboration With EU
Cyber security Indian perspective & Collaboration With EU Abhishek Sharma, BIC IAG member, On behalf of Dr. A.S.A Krishnan, Sr. Director, Department of Electronics & Information Technology Government of
More informationDetails for the structure and content of the ETR for Site Certification. Version 1.0
Details for the structure and content of the ETR for Site Certification Version 1.0 Bundesamt für Sicherheit in der Informationstechnik Postfach 20 03 63 53133 Bonn Tel.: +49 22899 9582-111 E-Mail: zerti@bsi.bund.de
More informationSUSE Linux Enterprise 12 Security Certifications
SUSE Linux Enterprise 12 Security Certifications Common Criteria, FIPS, PCI DSS, DISA STIG,... What's All This About? Thomas Biege Team Lead Maintenance/Security thomas@suse.com 2 Evaluation Validation
More informationInclusive Economic Growth and Sustainability
UN DPADM: EGM 2015 Inclusive Economic Growth and Sustainability Dennis Anderson, Ph.D. Professor St. Francis College USA March 16-17, 2015 UN HQ About Me Professor & Chairman of Management and IT Executive
More informationInformation Sheet. Ref. No: J0-TR-51611
Title: Place: Information Sheet Ref. No: J0-TR-51611 Regional Training Course on Information and Computer Security Advanced Practices for Nuclear Security Karlsruhe, Germany Dates: 19 23 October 2015 Deadline
More informationNational Cyber Security Policy -2013
National Cyber Security Policy -2013 Preamble 1. Cyberspace 1 is a complex environment consisting of interactions between people, software and services, supported by worldwide distribution of information
More informationVS-NUR FÜR DEN DIENSTGEBRAUCH (RESTRICTED)
Instruction sheet on the Handling of Protectively Marked Information Classified VS-NUR FÜR DEN DIENSTGEBRAUCH (RESTRICTED) (short title: VS-NfD-Merkblatt; Instructions on the Handling of RESTRICTED information)
More informationEgyptian Best Practices Securing E-Services
Egyptian Best Practices Securing E-Services Dr. Sherif Hazem Nour El-Din Information Security Systems Consultant Root CA Manager, ITIDA Agenda Security Measures for E-Services Examples of E- Services Threats
More informationLegislative Council Panel on Information Technology and Broadcasting. Hacking and Virus Activities and Preventive Measures
For discussion on 12 June 2000 Legislative Council Panel on Information Technology and Broadcasting Hacking and Virus Activities and Preventive Measures Purpose This paper briefs Members on the common
More informationDelegation in human resource management
From: Government at a Glance 2009 Access the complete publication at: http://dx.doi.org/10.1787/9789264075061-en Delegation in human resource management Please cite this chapter as: OECD (2009), Delegation
More informationElectricity, Gas and Water: The European Market Report 2014
Brochure More information from http://www.researchandmarkets.com/reports/2876228/ Electricity, Gas and Water: The European Market Report 2014 Description: The combined European annual demand for electricity,
More informationMeasurements and indicators for healthcare IT. Leif Panduro Jensen, MD, MHM Director of Centre, Rigshospitalet, Copenhagen, DK
Measurements and indicators for healthcare IT Leif Panduro Jensen, MD, MHM Director of Centre, Rigshospitalet, Copenhagen, DK Measurements and indicators for healthcare IT Working group from January to
More informationBSI-DSZ-CC-0724-2012. For. Red Hat Enterprise Linux, Version 5.6 Virtualization with KVM. from. Red Hat, Inc.
BSI-DSZ-CC-0724-2012 For Red Hat Enterprise Linux, Version 5.6 Virtualization with KVM from Red Hat, Inc. BSI - Bundesamt für Sicherheit in der Informationstechnik, Postfach 20 03 63, D-53133 Bonn Phone
More informationStatus quo des 'Memorandum of Understanding' zwischen APMG und IPMA. Mag. Brigitte Schaden, IPMA Chairman pma Vorstandsvorsitzende
Status quo des 'Memorandum of Understanding' zwischen APMG und IPMA Mag. Brigitte Schaden, IPMA Chairman pma Vorstandsvorsitzende Köln, 26. April 2012 IPMA Komplexität in Projekten - Zertifizierungslevel
More informationBSI-DSZ-CC-0683-2014. for. IBM Security Access Manager for Enterprise Single Sign-On, Version 8.2. from. IBM Corporation
BSI-DSZ-CC-0683-2014 for IBM Security Access Manager for Enterprise Single Sign-On, Version 8.2 from IBM Corporation BSI - Bundesamt für Sicherheit in der Informationstechnik, Postfach 20 03 63, D-53133
More informationThe Economic Impact of Cloud Computing in the EU
The Economic Impact of Cloud Computing in the EU Jerusalem March 19, 2012 Professor Federico Etro University of Venice Ca Foscari What will be the impact of cloud computing on business creation and on
More informationEUREKA Funding Schema in Turkey. Hüseyin GÖREN EUREKA National Project Coordinator
EUREKA Funding Schema in Turkey Hüseyin GÖREN EUREKA National Project Coordinator İstanbul ITEA2 Event, February 6,2008 EUREKA initiative is... intergovermental, Austria Belgium Croatia Czech Republic
More informationTrends in Digitally-Enabled Trade in Services. by Maria Borga and Jennifer Koncz-Bruner
Trends in Digitally-Enabled Trade in Services by Maria Borga and Jennifer Koncz-Bruner Digitally-enabled are those for which digital information and communications technologies (ICT) play an important
More informationH2020 "Secure Societies" Work Programme Digital Security 2015
H2020 "Secure Societies" Work Programme Digital Security 2015 Rafael Tesoro Trust and Security Unit H.4 DG Communications Networks, Content and Technology European Commission Rafael.TESORO-CARRETERO@ec.europa.eu
More informationPre-Commercial Procurement (PCP)
Pre-Commercial Procurement (PCP) Tsanidis Vassilis DG CONNECT F2 unit ( Innovation ) Rationale Health care Climate Change Energy Efficiency Transport Security q Public sector is faced with important societal
More informationStatewatch Briefing ID Cards in the EU: Current state of play
Statewatch Briefing ID Cards in the EU: Current state of play Introduction In March 2010, the Council Presidency sent out a questionnaire to EU Member States and countries that are members of the socalled
More informationAPPENDIX A: COUNTRY REPORTS
Austria The current conditions are that a should meet two out of the following three requirements: Balance sheet Number of Small < 7,3 mio. < 3,65 mio. 50 Medium-sized < 29,2 mio. < 14,6 mio. 250 *Austrian
More informationThe Austrian Citizen Card
The Austrian Citizen Card A European Best Practice The E-Government Innovation Centre is a joint initiative of the Federal Chancellery and the Graz University of Technology Herbert Leitold Innovation Forum
More information41 T Korea, Rep. 52.3. 42 T Netherlands 51.4. 43 T Japan 51.1. 44 E Bulgaria 51.1. 45 T Argentina 50.8. 46 T Czech Republic 50.4. 47 T Greece 50.
Overall Results Climate Change Performance Index 2012 Table 1 Rank Country Score** Partial Score Tendency Trend Level Policy 1* Rank Country Score** Partial Score Tendency Trend Level Policy 21 - Egypt***
More informationIFI 2011-2013 SPONSOR & PARTNER OPPORTUNITIES CELEBRATING 50 YEARS
IFI 2011-2013 SPONSOR & PARTNER OPPORTUNITIES CELEBRATING 50 YEARS IFI practice. The International Federation of Interior Architects/ Designers (IFI) is the global voice and authority for professionals
More informationCommon Criteria. Introduction 2014-02-24. Magnus Ahlbin. Emilie Barse 2014-02-25. Emilie Barse Magnus Ahlbin
Common Criteria Introduction 2014-02-24 Emilie Barse Magnus Ahlbin 1 Magnus Ahlbin Head of EC/ITSEF Information and Security Combitech AB SE-351 80 Växjö Sweden magnus.ahlbin@combitech.se www.combitech.se
More information