Cyber Security Strategy of Georgia



Similar documents
The final version of the Cyber Security Strategy and Action Plan note the following priorities to be implemented in :

Government Decision No. 1139/2013 (21 March) on the National Cyber Security Strategy of Hungary

Government Decision No. 1139/2013 (21 March) on the National Cyber Security Strategy of Hungary

Cyber Diplomacy A New Component of Foreign Policy 6

Germany: Report on Developments in the Field of Information and Telecommunications in the Context of International Security (RES 69/28),

National Cyber Security Strategy of Afghanistan (NCSA)

(U) Appendix E: Case for Developing an International Cybersecurity Policy Framework

Cyber Security Strategy for Germany

EU policy on Network and Information Security and Critical Information Infrastructure Protection

ITU National Cybersecurity/CIIP Self-Assessment Tool

Harmful Interference into Satellite Telecommunications by Cyber Attack

Internet Safety and Security: Strategies for Building an Internet Safety Wall

CYBERSECURITY INDEX OF INDICES

2 Gabi Siboni, 1 Senior Research Fellow and Director,

Presidency of the Council of Ministers THE NATIONAL PLAN FOR CYBERSPACE PROTECTION AND ICT SECURITY

CYBER SECURITY. Marcin Olender Head of Unit Information Society Department

National Cyber Security Policy -2013

NATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA

Strategic Priorities for the Cooperation against Cybercrime in the Eastern Partnership Region

Cybersecurity and the Romanian business environment in the regional and European context

OUTCOME OF PROCEEDINGS

A Detailed Strategy for Managing Corporation Cyber War Security

REPUBLIC OF LATVIA MINISTRY OF DEFENCE NATIONAL ARMED FORCES CYBER DEFENCE UNIT (CDU) CONCEPT

Cyber Incident Annex. Cooperating Agencies: Coordinating Agencies:

Council of Europe Project on Cybercrime in Georgia Report by Virgil Spiridon and Nigel Jones. Tbilisi 28-29, September 2009

Cyber Security Strategy

CYBER SECURITY STRATEGY OF THE CZECH REPUBLIC FOR THE PERIOD

Cyber Stability 2015 Geneva, 09 July African Union Perspectives on Cybersecurity and Cybercrime Issues.

EU Cybersecurity: Ensuring Trust in the European Digital Economy

Cybersecurity Strategy of the Republic of Cyprus

Developing and Enhancing Cyber Security Capabilities in the Region. Khaled Gamo Technology Advisor Ministry of communication and informatics

Keynote. Professor Russ Davis Chairperson IC4MF & Work Shop Coordinator for Coordinator for Technology, Innovation and Exploitation.

Cyber Space in Estonia: Greater Security, Greater Challenges

Cybersecurity Global status update. Dr. Hamadoun I. Touré Secretary-General, ITU

JOINT STATEMENT OF THE SECURITY CONSULTATIVE COMMITTEE

ESTABLISHING A NATIONAL CYBERSECURITY SYSTEM IN THE CONTEXT OF NATIONAL SECURITY AND DEFENCE SECTOR REFORM

STRATEGIC OBJECTIVE 2.4 OVERCOME GLOBAL SECURITY CHALLENGES THROUGH DIPLOMATIC ENGAGEMENT AND DEVELOPMENT COOPERATION

Testimony of. Before the United States House of Representatives Committee on Oversight and Government Reform And the Committee on Homeland Security

Home Security: Russia s Challenges

What legal aspects are needed to address specific ICT related issues?

Cyber Incident Annex. Federal Coordinating Agencies. Coordinating Agencies. ITS-Information Technology Systems

Honourable members of the National Parliaments of the EU member states and candidate countries,

CYBER SECURITY LEGISLATION AND POLICY INITIATIVES - UGANDA CASE

Chairman's Summary of the Outcomes of the G8 Justice and Home Affairs Ministerial Meeting. (Moscow, June 2006)

How To Understand And Understand The European Priorities In Information Security

How To Write An Article On The European Cyberspace Policy And Security Strategy

EU Cybersecurity Strategy and Proposal for Directive on network and information security (NIS) {JOIN(2013) 1 final} {COM(2013) 48 final}

Cybersecurity: Authoritative Reports and Resources

A COMPREHENSIVE INTER-AMERICAN CYBERSECURITY STRATEGY: A MULTIDIMENSIONAL AND MULTIDISCIPLINARY APPROACH TO CREATING A CULTURE OF CYBERSECURITY

Actions and Recommendations (A/R) Summary

CO-CHAIRS SUMMARY REPORT ARF CYBERCRIME CAPACITY-BUILDING CONFERENCE BANDAR SERI BEGAWAN, BRUNEI DARUSSALAM APRIL 27-28, 2010

v. 03/03/2015 Page ii

SCREENING CHAPTER 24 JUSTICE, FREEDOM AND SECURITY AGENDA ITEM 7A: ORGANISED CRIME

Global Cybersecurity Index Good Practices

U.S. Cyber Security Readiness

The Guidelines for U.S.-Japan Defense Cooperation April 27, 2015

ITU. Carla Licciardello Policy Analyst Carla.licciardello@itu.int.

Session 9 Cyber threats in the EU s and NATO s new strategic context General Kees Homan: Introduction Political cyber attacks

Roadmap for new Cyber security education in ME

Council Conclusions on a Concerted Work Strategy and Practical Measures Against Cybercrime

The main object of my research is :

S. ll IN THE SENATE OF THE UNITED STATES

DSCI Inputs on TRAI Consultation on Regulatory Framework for OTT services

GOVERNMENT OF THE REPUBLIC OF LITHUANIA

Cyber Security Strategy(Information Security Policy Council, June 10, 2013)

Cybersecurity. Canisius College

The Battlefield. critical infrastructure:

National Cyber Security Strategy

Cyber security Country Experience: Establishment of Information Security Projects.

AN INSIGHT TO CYBER WORLD WITH PROF. MICHAEL E.SMITH

EU Priorities in Cybersecurity. Steve Purser Head of Core Operations Department June 2013

Ministry of Defence Bosnia and Herzegovina

THE CRITICAL ROLE OF EDUCATION IN EVERY CYBER DEFENSE STRATEGY

Update on U.S. Critical Infrastructure and Cybersecurity Initiatives

Governmental Efforts and Strategies to Reinforce Security in Cyberspace

Subject: Critical Infrastructure Identification, Prioritization, and Protection

PROJECT PROPOSAL: PROTECTION OF INTELLECTUAL PROPERTY RIGHTS AND FIGHT AGAINST COUNTERFEITING IN THE T/C SECTOR

December 17, 2003 Homeland Security Presidential Directive/Hspd-7

DECLARATION STRENGTHENING CYBER-SECURITY IN THE AMERICAS

UNCLASSIFIED. UNCLASSIFIED Office of Secretary Of Defense Page 1 of 9 R-1 Line #139

On the European experience in critical infrastructure protection

CYBER RISK INTERNATIONAL COMPANY PROFILE

Towards defining priorities for cybersecurity research in Horizon 2020's work programme Contributions from the Working Group on Secure ICT

Proposal for a DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL

The EU approach to Cybersecurity and Cybercrime

National Security Concept of Georgia

2. Taking into account the developments in the next five years, which are the actions to be launched at the EU level?

Cybersecurity & International Relations. Assist. Prof. D. ARIKAN AÇAR, Ph.D. Department of International Relations, Yaşar University, Turkey.

MONTENEGRO NATIONAL CYBER SECURITY STRATEGY FOR MONTENEGRO

CYBER SECURITY THREATS AND RESPONSES

Transcription:

Cyber Security Strategy of Georgia 1

1. Introduction The Government of Georgia publishes its Cyber Security Strategy for the first time. Large-scale cyber attacks launched by Russia against Georgia in August 2008 have clearly demonstrated that the national security of Georgia cannot be achieved without ensuring security of its cyberspace. In the course of the Russian-Georgian war, Russian Federation engaged in targeted and massive cyber attacks against Georgia alongside land, aerial and naval assault. These attacks showed that the protection of cyberspace is as important for national security as land, maritime, and air defenses. The Georgian Cyber Security Strategy is a principal document outlining state policy in the area of cyber-security, reflecting strategic goals and guiding principles, and laying down action plans and tasks. Based on this Strategy, the Government of Georgia will undertake actions facilitating safe operation of state agencies, private sector and the public in cyberspace, secure electronic transactions and unhindered functioning of Georgian economy and business. The Georgian Cyber Security Strategy represents a part of the package of conceptual and strategic documents developed in the framework of the National Security Review process. Consequently, the Strategy is based upon the Threat Assessment Document for 2010-2013 and the National Security Concept of Georgia. The Strategy has been developed by the Permanent Inter-agency Commission under the auspices of the National Security Council tasked to coordinate drafting national security strategic documents. 2

2. Basic Principles of Implementing the Georgian Cyber Security Policy The National Security Concept of Georgia defines cyber security as one of the principal directions of its security policy. Georgia aims to set up a system of cyber security that will facilitate resilience of cyber infrastructure against cyber threats as well as will represent additional factor in the economic growth and social development of the country. In this regard, it is necessary to adhere to the following principles of cooperation: Whole-of-Government Approach. The Government of Georgia attaches great importance to the security policy as well as institutionalization of mechanisms for implementation of the policy components. In this regard, development of cooperation modalities between state agencies is essential for ensuring cyber security, where such modalities facilitate whole-ofgovernment approach and unhindered, coordinated work of different state agencies in planning and implementing cyber security policy. Public-private cooperation. Development of mechanisms for cooperation extending beyond governmental agencies to public-private partnership is essential for ensuring cyber security. Larger part of critical information systems of Georgia is owned by private businesses and relevant experience and knowledge is mainly available in private companies. Consequently, it is important to develop cooperation modalities that facilitate proper operation of critical information systems as well as will offer additional incentives for economic growth. Active international cooperation. The Government of Georgia acknowledges that the no single government can solely rely on its own resources in overcoming current challenges and threats to cyber security. Georgia is a part of the global democratic community and therefore is vulnerable to threats against this community. Accordingly, Georgia aims to actively cooperate with its partners on cyber security issues in bilateral and multilateral formats. 3

3. Cyber Threats and Challenges Georgia aims to develop a system of information security that is able to minimize harmful effects of any cyber attack and allows rapid recovery of information infrastructure to being fully operational in the aftermath of such attacks. Establishment of electronic government leads to increased threats and challenges to critical information systems of Georgia. At the same time, Georgia faces global threats and challenges that endanger democratic societies in the international community. Therefore, planning and implementation of the Georgian security policy should pay significant attention to the following threats and challenges in cyberspace: Cyber war. In 2008, parallel to the military attacks, Georgian cyber space was exposed to the Russian aggression. Potential adversaries of Georgia possess significant capabilities for conducting new types of warfare in cyberspace. At the same time, Georgia faces recurrent risk of massive cyber attacks. Cyber terrorism. Growing dependence of important areas of Georgian state management and business on critical information systems leads to elevated cyber terrorism threats. Attacks launched in cyberspace against the objects of critical information systems can significantly affect state security. Cybercrime and other security threats. Security challenges for Georgia include categories of cybercrime directed against critical information systems of Georgia and/or for the purpose of obtaining secret information, economic sabotage and other politically motivated means. Also lower-level acts against information/cyber security that jeopardize access to information and proper operation of information systems. 4

4. Major Directions of the Georgian Cyber Security Policy The main directions of the Georgian Cyber Security policy are as follows: Research and analysis; New legislative and regulatory framework; Institutional coordination for ensuring cyber security; Public awareness and education; International cooperation. 4.1. Research and analysis It is important to ensure that the legislative drafts, by-laws, guidelines, recommendations and actions undertaken by Georgia in the area of cyber security are based upon research and analysis as a prerequisite for efficiency of the cyber security policy. In this regard, the following directions of research and analysis are necessary to implement state policy in cyber security: Study of other states' best practices and sharing experience; Research the criteria and standards to identify objects of critical information systems; Resilience analysis of critical information systems; Analysis of the problems in the region regarding the cyber security. 4.2. New legislative framework As of 2012, Georgia has not yet introduced specialized national cyber security laws. It is important to establish legislative framework of cyber security that would facilitate development of effective and efficient security mechanisms. To improve legislative framework in the field cyber security, it is necessary to undertake the following steps: 5

Introduction of legislative acts on information security; Development of the regulatory framework to identify the critical information systems and actions necessary for ensuring cyber security; Introduction of the legal basis for Computer Emergency Response Team operations; Ratification of the 2001 Council of Europe Convention Against Cybercrime; Legal identification of an agency or agencies responsible for designation of information security policies and undertaking coordinating functions; Development of the contingency plans and recovery procedures. 4.3 Institutional coordination for ensuring cyber security Ensuring cyber security requires clear definition of functions of the state agencies, establishment of the inter-agency coordination mechanism to implement whole-of-government approach, and publicprivate cooperation. The following actions are necessary to ensure the coordination in cyber security field: Further development of the Computer Emergency Response Team (CERT.GOV.GE); Establishment of the 24/7 high-tech crime (cybercrime) international contact point as required by the 2001Convention against Cybercrime; Designation of the expert support team/unit in cybercrime cases; Establishment of the format and modalities for public-private cooperation. 4.4. Public awareness and education An important part of the Cyber Security Strategy of Georgia is to raise the public awareness and increase relevant professional capacity. In this regard, it is important to undertake the following actions: Establishment of the public awareness and educational programs on cyber security; 6

Training of the staff and technical personnel of the critical information system subjects and other interested organizations in order to learn international and local standards of information security; Training of the specialized cybercrime experts in the area of handling electronic evidence (cyber forensics); Support the science and research projects in cyber security; Creation of the research lab. 4.5. International cooperation To develop the international cooperation in cyber security Georgia undertakes the following actions: Strengthening relations on cyber security issues with international organizations (OECD, EU, OSCE, NATO, UN, ITU) working in cyber security field as well as relevant national authorities; Active participation in international activities related to cyber security and support of the relevant initiatives on a regional scale; Initiating bilateral and multilateral cooperation with national CERTs in the area of cyber security. 7

5. Mechanisms and Time-frames for Strategy Implementation The Strategy will be implemented in. Agencies responsible for implementation of the Strategy will take into account actions necessary for implementing this Strategy within relevant policy areas. Results of the Strategy implementation will be assessed annually and the annual assessment report will be presented to the Permanent Inter-agency Commission for coordination of drafting national security strategic documents at the National Security Council of Georgia. 8

Draft Action Plan for the Cyber Security Strategy of Georgia (2012 ) # Goal Activity Period Responsible agency 1 Research and analysis 1.1 Study of other states' best practices and sharing experience 1.2 Research into criteria and standards for identifying objects of critical information systems 2012 Agency 2012 Agency 1.3 Resiliency analysis of critical information systems 2012 Agency 1.4 Analysis of the problems in the region regarding the cyber security. 2013 Agency 2 New legislative framework 2.1 Initiating legislative acts on information security 2012 Ministry of Justice 2.2 Laying down regulatory framework for identifying critical information systems and actions necessary for ensuring cyber security 2013 Ministry of Justice 9

Draft 2.3 Ensuring legal basis for Computer Emergency Response Team operations 2.4 Ratification of the 2001 Council of Europe Convention Against Cybercrime 2012 Ministry of Justice 2012 Parliament 2.5 Identifying, by legal act, an agency or agencies whose competence includes designation of information security policies and undertaking coordinating functions 2.6 Developing cyber security disaster recovery plans and procedures Relevant state agencies Relevant state agencies 3 Institutional coordination in cyber security 3.1 Further development of the Computer Emergency Response Team (CERT.GOV.GE) 2012 Agency 3.2 Establishment of the 24/7 high-tech crime (cybercrime) international contact point as required by the 2001Convention against Cybercrime 2013 Ministry of Internal Affairs 3.3 Designation of the expert support team/unit in cybercrime cases 2013 Relevant state agencies 3.4 Establishing format and modalities for public-private cooperation 4 Public awareness and 2013 2013-2013- 2014 Agency 10

Draft education 4.1 Establishment of public awareness and educational programs on cyber security 4.2 Training of staff and technical personnel of critical information system subjects and other interested organizations in international and local standards of information security Agency, Ministry of Education and Science and international assistance Agency and international assistance 4.3 Specialized training of cybercrime experts in handling digital evidence (cyber forensics) 4.4 Facilitating science and research projects in cyber security Relevant state agencies and international assistance Agency, Ministry of Education and Science and international assistance 4.5 Creation of the research lab 2014- Relevant state agencies and international 11

Draft assistance 5 International cooperation 5.1 Strengthening relations in cyber security matters with international organizations working in cyber security (OECD, EU, OSCE, NATO, UN, ITU) as well as relevant national authorities 5.2 Active participation in international activities related to cyber security and supporting relevant initiatives on a regional scale 5.3 Initiating bilateral and multilateral cooperation with national CERTs in the area of cyber security Ministry of Foreign Affairs, Agency, National Security Council administration, other state agencies Ministry of Foreign Affairs, Agency, National Security Council administration, other state agencies Agency and CERT Georgia 12

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information