Protection of Critical Infrastructure

Similar documents
Personal Data Security Breach Management Policy

Plus500CY Ltd. Statement on Privacy and Cookie Policy

Systems Support - Extended

Key Steps for Organizations in Responding to Privacy Breaches

WHAT YOU NEED TO KNOW ABOUT. Protecting your Privacy

CSC 421 COURSE COMPACT

Data Protection Act Data security breach management

Turkish Colocation. The Current State of Data Centres in Turkey. Report release date: September 2014

Research Report. Abstract: Advanced Malware Detection and Protection Trends. September 2013

In addition to assisting with the disaster planning process, it is hoped this document will also::

HIPAA HITECH ACT Compliance, Review and Training Services

High Level Meeting on National Drought Policy (HMNDP) CICG, Geneva March 2013

Better Practice Guide Financial Considerations for Government use of Cloud Computing

Privacy Policy. The Central Equity Group understands how highly people value the protection of their privacy.

OBJECTIVE 10: ALERT AND NOTIFICATION OBJECTIVE 10: ALERT AND NOTIFICATION OBJECTIVE

Contact: Monique Goyens

JADU DATA PLATFORM SERVICE DEFINITION

Avaya Business Continuity Plan Overview

The Importance Advanced Data Collection System Maintenance. Berry Drijsen Global Service Business Manager. knowledge to shape your future

Remote Working (Policy & Procedure)

HIPAA Notice of Privacy Practices. Central Ohio Surgical Associates, Inc.

Research Report. Abstract: The Emerging Intersection Between Big Data and Security Analytics. November 2012

RUTGERS POLICY. Responsible Executive: Vice President for Information Technology and Chief Information Officer

ATLAS on substance use (2010) Resources for the prevention and treatment of substance use disorders

Chapter 7 Business Continuity and Risk Management

Data Protection Policy & Procedure

SOFTWARE DEVELOPER POSITION BY RIOMED LTD. SAFE. EFFICIENT. QUALITY WORLD CLASS HEALTHCARE SOLUTION

Performance Test Modeling with ANALYTICS

Internet and Policy User s Guide

Priority i 2 : Infrastructure for long distance transport. Livia Pardi, Autostrade per l Italia, IT Raphaël Steenbergen, TNO, NL

Cloud Contact Centre. Getting smart with customer contact

How Smart City solutions contribute to increased security

Session 9 : Information Security and Risk

ViPNet VPN in Cisco Environment. Supplement to ViPNet Documentation

Oracle Cloud Enterprise Hosting and Delivery Policies

Copernicus & Big Data: A Perspective from the European EO Services Industry. Geoff Sawyer: EARSC Secretary General

OECD-NEA Study Cost of Nuclear Accidents-liabilities Issues and their Impact on Electricity Costs

Mobilizing Healthcare Staff with Cloud Services

HOUSE OF REPRESENTATIVES FINAL BILL ANALYSIS SUMMARY ANALYSIS

AHLA. C. Big Data, Cloud Computing and the New World Order for Health Care Privacy

State of Wisconsin. File Server Service Service Offering Definition

Professional indemnity insurance arrangements for enrolled nurses, registered nurses and nurse practitioners

COPIES-F.Y.I., INC. Policies and Procedures Data Security Policy

To achieve these objectives we will use a combination of lectures, cases, class discussion, and exercises.

Research Report. Abstract: Security Management and Operations: Changes on the Horizon. July 2012

What is Software Risk Management? (And why should I care?)

System Business Continuity Classification

2. When logging is used, which severity level indicates that a device is unusable?

GUIDANCE FOR BUSINESS ASSOCIATES

Policy FIRST AID POLICY

POLICY 1390 Information Technology Continuity of Business Planning Issued: June 4, 2009 Revised: June 12, 2014

Cloud Services Frequently Asked Questions FAQ

FINANCIAL OPTIONS. 2. For non-insured patients, payment is due on the day of service.

HUMAN RESOURCE DEVELOPMENT FOR ADJUSTMENT AT THE ENTERPRISE LEVEL

! 1. Global Internet Geography: Table of Contents

Symantec User Authentication Service Level Agreement

Security in Business and Applications. Madison Hajeb Stefan Hurst Benjamin Von Slade

MA Social Work. When does it start? The next intake is September How long is the course? Two years (full-time)

First Global Data Corp.

Information Services Hosting Arrangements

The policy relevance of ICT statistics

Transcription:

Prtectin f Critical Infrastructure Speaker: Mindaugas Razbadauskas Cmmunicatins Regulatry Authrity f the Republic f Lithuania 4-5 th Octber Belgrad Slide 1 f 22

Critical Infrastructure Prtectin Critical Infrastructure (CI) means an asset, system r part theref lcated in Member States which is essential fr the maintenance f vital scietal functins, health, safety, security, ecnmic r scial well-being f peple, and the disruptin r destructin f which wuld have a significant impact in a Member State as a result f the failure t maintain thse functins; Slide 2 f 22

The Plicy Cntext Cmmunicatin n Critical Infrastructure Prtectin (CIP) in the Fight against Terrrism COM (2004) 702 final Green Paper n a Eurpean Prgramme fr Critical Infrastructure Prtectin (EPCIP) COM (2005) 576 final Cmmunicatin n Eurpean Prgramme fr Critical Infrastructure Prtectin (EPCIP) COM(2006) 786 Directive (2008/114/EC) n the identificatin and designatin f Eurpean critical infrastructures and the assessment f the need t imprve their prtectin Cmmunicatin n Critical Infrmatin Infrastructure Prtectin Prtecting Eurpe frm large scale cyber-attacks and disruptins: enhancing preparedness, security and resilience COM (2009) 149 Slide 3 f 22

Critical infrastructure sectr list Energy Infrmatin, Cmmunicatin Technlgies, ICT Infrmatin system and netwrk prtectin Instrumentatin autmatin and cntrl systems (SCADA etc.) Internet Prvisin f fixed telecmmunicatins Prvisin f mbile telecmmunicatins Radi cmmunicatin and navigatin Satellite cmmunicatin Bradcasting Water Fd Health Financial Public & Legal Order and Safety Civil administratin Transprt Chemical and nuclear industry Space and Research Slide 4 f 22

Critical Infrmatin Infrastructure Prtectin The ICT sectr is vital fr all segments f sciety 60 % f citizens regularly using the Internet 94 % f enterprises having access t the Internet 37 % f citizens using e-cmmercial service 30 % f citizens and 72 % f enterprises using the Internet fr interactin with public authrities 32 % f citizens using the Internet fr internet banking Accrding Eurstat statistics ICT is underpinning platfrm f ther critical infrastructures Transprt Energy Financial Etc Slide 5 f 22

Critical Infrmatin Infrastructure Prtectin Threats f critical infrmatin infrastructures: Man-made attacks (Terrrism, Cyber-Attacks (DS, DDS, Spam..) ) Natural disaster (lightning, fld, hurricane, earthquake ) Technical failures (hardware, sftware, cables damage especially transcntinental cables damage ) Sftware vulnerability (virus, wrm, trjan...) Human errr (cnfiguratin errr ) Slide 6 f 22

Lithuania Brief verview f cuntry situatin Territry: 65 200 km² Inhabitants: 3,5 mil. 1 majr fixed line peratr 3 GSM peratrs 109 ISPs 149 % mbile penetratin Highest fiber penetratin (18%) in Eurpe 59.3 % Internet Penetratin Slide 7 f 22

Lithuania s Internet infrastructure resilience survey The main pririty f the Lithuanian survey is t evaluate the resilience f the natinal Internet netwrk infrastructure. Tasks: - t set up a scheme f Lithuania s intercnnectins, t identify directins f the internatinal gateway, the ttal bandwidth and the speed rate; - t identify critical ndes in Lithuania, a vilatin f which culd affect the functinality f the Internet; Peridic cllectin f data since 2007; Slide 8 f 22

Survey methdlgy Cllected infrmatin frm ISPs: ISP autnmus system number (ASN) Intercnnectins links ISP name (ASN) Technical cnnectin type Cnnectin speed rate Cnnectin type IXP lcatins Respnsible fr IT and security emplyees cntacts Slide 9 f 22

Survey methdlgy (example) Slide 10 f 22

Survey tls Visualizatin tl (Website) SQL database Slide 11 f 22

Result f survey Lithuania s ISPs intercnnectins verview: 109 Lithuania s ISPs 34 ISP autnmus system ~590 intercnnectins ~540 natinal intercnnectins ~170 transit intercnnectins ~370 peering intercnnectins ~50 internatinal intercnnectins ~20 transit intercnnectins ~30 peering intercnnectins Lithuania s ISPs are sufficiently densely intercnnected with each ther Slide 12 f 22

Natinal transit cnnectins: Result f survey Transit is an agreement where an ISP agrees t carry traffic n behalf f anther ISP r end user. 170 transit cnnectins in Lithuania s netwrk T identify the main transit ISPs in Lithuania we use this criteria f ISP: Autnmies system number Internatinal transit (Upstream) intercnnectins Natinal transit (Dwnstream) intercnnectins Slide 13 f 22

The main transit ISPs in Lithuania Result f survey 3 biggest Lithuania s ISPs (ASN) which prvide natinal and internatinal Internet transit fr ther Lithuania s ISPs Slide 14 f 22

Internatinal transit cnnectins: Result f survey 10 ISPs has 13 intercnnects with freign ISPs 3 internatinal intercnnectins with TIER-1 grup ISPs 10 internatinal intercnnectins with TIER-2 grup ISPs Ttal cnnectin bandwidth in 2009 was ~ Gbps Slide 15 f 22

Peering cnnectins: Result f survey Peering - is an agreement between ISPs t carry traffic fr each ther and fr their respective custmers. Peering help t avid the redirectin f the natinal traffic thrugh internatinal ISPs. It prvides assumptins t reduce csts and imprves the quality and speed rate f the Internet cnnectin 70-75 % Internet traffic is initiated in the natinal netwrk ~370 peering intercnnectins in LT netwrk ~20 ASN has mre then 20 peering cnnectins ~80 % all peering cnnectin execute in IXP Slide 16 f 22

Lithuania s IXP: Result f survey One biggest and the nly fficial nt-cmmercial Lithuania s IXP. Members f IXP: 24 ISPs (27ASN) Hsting services prviders Gvernment institutins Private big cmpanies And ther netwrks Slide 17 f 22

Result f survey IXP value fr Lithuania s Internet netwrk: Peering with IXP (~ 400 (330 in IXP) peering cnnectins) Peering withut IXP (~ 70 peerinng cnnectin) Slide 18 f 22

Result f survey Critical ndes were identified: The main Lithuania s transit ISPs ISPs with external intercnnectins with Freign ISPs Internet Exchange Pint Identified ISP as critical ndes Slide 19 f 22

Request Respnse Trap Mnitring tls (Future plan) ISP ISP ISP ISP ISP Critical ndes f netwrk infrastructure are influencing well being f whle natinal Internet. ISP And its imprtant t supervise n a natinal level thse ndes and react immediately in case f incidents. Send ntificatin: e-mail We are develping a mdel f natinal SMS Internet netwrk infrastructure mnitring Instant messaging (IM) system based n SNMP prtcl ther Other Mnitring system Slide 20 f 21 Slide 20 f 22

Lithuania s Internet infrastructure resilience survey Advantage All Intercnnectin map The quantities and types f cnnectins Types f physical cnnectins Ttal internatinal Internet bandwidth Autnmus System Number (ASN) Identify IXP, biggest and imprtant ISPs Identify internatinal gateways Find critical ISPs ISP cntacts Disadvantage Nt invlves Hsting prviders, Netwrk, Telephne, IXP peratrs and ther. Unknwn whse infrastructure are use Nt defined which ISP elements are critical Different technical terms between ISPs Slide 21 f 22

Thank yu fr yur attentin! mrazbadauskas@rrt.lt Cmmunicatins Regulatry Authrity f the Republic f Lithuania Algird str. 27A LT-03219 Vilnius Slide 22 f 22

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information