Security Officer: An NREN Secondee Perspective



Similar documents
DANCERT RFC2350 Description Date: Dissemination Level:

Cybersecurity and Incident Response Initiatives: Brazil and Americas

Hans Bos Microsoft Nederland.

Personal Security Practices of the CAO

A BRAINSTORMING ON SECURITY FIRE DRILLS

How to manage IT Risks and IT Compliance as a Service

Pharma CloudAdoption. and Qualification Trends

Coordinating Attack Response at Internet Scale (CARIS)

Core Fittings C-Core and CD-Core Fittings

JUNIPER NETWORKS SPOTLIGHT SECURE THREAT INTELLIGENCE PLATFORM

Can We Become Resilient to Cyber Attacks?

Cloud Security. Peter Jopling IBM UK Ltd Software Group Hursley Labs. peterjopling IBM Corporation

A Flexible and Comprehensive Approach to a Cloud Compliance Program

Security & privacy in the cloud; an easy road?

How To Protect Gante From Attack On A Network With A Network Security System

Program Overview and 2015 Outlook

Securing the Microsoft Cloud Infrastructure. Reto Häni Chief Security Officer Microsoft Western Europe MEET SWISS INFOSEC!

Managing Cloud Computing Risk

Cyber Security & Role of CERT-In. Dr. Gulshan Rai Director General, CERT-IN Govt. of India grai@mit.gov.in

IBM Cloud Academy Conference ICACON 2015

The Current State of Cyber Security

Anomaly Detection in Backbone Networks: Building A Security Service Upon An Innovative Tool

Protec'ng Data and Privacy in a World of Clouds and Third Par'es Vincent Campitelli

Cloud and Security (Cloud hacked via Cloud) Lukas Grunwald

DDOS Mi'ga'on in RedIRIS. SIG- ISM. Vienna

The Evolution of the Enterprise And Enterprise Security

Building a Cyber Security Emergency Response Team for the NREN Community The case of KENET CERT

How to Keep a Cloud Environment Current, Secure and Available October 16, 2014

Growth Through Excellence

Cyber security Indian perspective & Collaboration With EU

Defensible Strategy To. Cyber Incident Response

Securing and Auditing Cloud Computing. Jason Alexander Chief Information Security Officer

next generation privilege identity management

Committees Date: Subject: Public Report of: For Information Summary

SECURITY 2.0 LUNCHEON

Information Security Management at the Olympics: Finding the Needle in the Haystack

Compliance Doesn t Mean Security Achieving Security and Compliance with the latest Regulations and Standards

How To Protect Your Cloud Computing Resources From Attack

Open Certification Framework. Vision Statement

Evolution of Cyber Security and Cyber Threats with focus on Cloud Computing

Solutions as a Service N.Konstantinidis Technical Director - MNG

Romanian National Computer Security Incident Response Team CERT-RO.

Securing business data. CNS White Paper. Cloud for Enterprise. Effective Management of Data Security

Clouds on the Horizon Cloud Security in Today s DoD Environment. Bill Musson Security Analyst

Security Intelligence

Network that Know. Rasmus Andersen Lead Security Sales Specialist North & RESE

How To Protect Your Cloud From Attack

THE SMARTEST WAY TO PROTECT WEBSITES AND WEB APPS FROM ATTACKS

Cyber Security Risk Management

Staying Ahead of the Cyber Security Game. Nigel Tan ASEAN Technical Leader IBM Security

CERT.br: Mission and Services

Emerging Approaches in a Cloud-Connected Enterprise: Containers and Microservices

SIM3 : Security Incident Management Maturity Model

Cyber security Country Experience: Establishment of Information Security Projects.

Integrated Management System Software

Cloud Security and Managing Use Risks

How To Secure Cloud Computing

Cyber Security. John Leek Chief Strategist

How to set up a CSIRT in an ITIL driven organization. Christian Proschinger Raiffeisen Informatik GmbH

Cloud Security. A Sales Guy Talks About DoD s Cautious Journey to the Public Cloud. Sean Curry Sales Executive, Aquilent

Transcription:

Security Officer: An NREN Secondee Perspective Jan Kohlrausch, DANTE TF-CSIRT Meeting 18/19 September 2014 Rome

Background About me: Senior Incident Handler and Researcher with DFN-CERT Currently member of ACDC project (Fighting Botnets) NREN Security Officer / Secondee at DANTE Position from 14 th July to 23 rd December Motivation: Win-Win situation Content: Overview of the Security Officer Role Preliminary Results Benefits for the constituency and other security teams 2

Motivation New Chances and Threats: Cloud Computing Mobile Devices New Challenges: Targeted Attacks (APT) Large-scale DDoS (Reflector attacks) Large increase of number of malware samples and attacks Increased collaboration among security teams: Incident Data Exchange IOC Trust becomes more and more important 3

Security Officer

Security Team - Proposed New Structure Head of Infrastructure & Information Security GEANT Security Co-ordinator Senior Security Engineer (Infrastructure) Security Engineer (Infrastructure) Security Officer (Information) Security Officer Role Recommendation of the NREN & ISP Security Working Group Separation into Information Security Operational Security (Infrastructure Security) Assistant Security Engineer (Infrastructure) Objectives Achievements Challenges Conclusions GN3 Overall Q&A 5

Security Officer Objectives Security Policies and Guidelines Cloud Computing BYOD AUP Review of Incident Handling Processes Prepare for TI Certification Initiate project for ISO 27001 certification Important for building trust in the CSIRT community 6

Building Trust Following Best Practice Security Controls to protect the GÈANT Network Enforcing and Auditing Security Polices Data Protection and Security Incident Handling Code of Conduct Collaboration with constituency and security teams Demonstrating responsibility Providing help and information Security Audit Following Standards (ISO 27001 Series) Trusted Introducer Accreditation/Certification NREN Security Working Group Review 7

Cloud and BYOD Policy Challenges: Benefit from Cloud Services and Mobile Devices omitting specific Risks Coping with the loss of governance Selecting the appropriate scope: Cloud Models (SaaS, PaaS, and IaaS) Eligible Mobile Devices and Operating Systems Preliminary Results: Survey of Best Practices Requirement collection for both polices Current and future requirements 8

ISO 27001 Certification Overview: Information Security Standard Used to specify a Information Security Management System 14 Groups of controls, e.g.: Information Security Policies Human Resources Information Security Incident Handling Compliance Approach: Threat Analysis Definition of scope: e.g. Focus on DANTE CSIRT Implementation of controls Further improvement 9

TI Certification Trusted Introducer: Clearing House for CSIRTs Directory of CSIRTs Supporting data exchange Levels of Trust Registration Accreditation Certification TI Certification uses the SIM3 Model to assess CSIRTs maturity Gap Analysis of required documents and TI certification process 10

Conclusion and Outlook Conclusion Separation of operational and information security as advised by the NREN & ISP Security Working Group NREN Secondee position to define Security Officer role First preliminary results on security polices and TI/ISO 27001 certification Outlook Further work on policy creation and enforcement Continuing with the ISO 27001 certification process Further involvement of the NREN community: Continuation of the Security Officer role as NREN Secondee? Collaboration with NREN CSIRTs pertaining new security services 11

Thank you Any questions?

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information