Poste Italiane CERT: Strategy, Mission, and Services. 40 TF-CSIRT Meeting London, 27h September 2013

Similar documents
How To Protect Poste Italiane From Cyber Crime

How To Write An Article On The European Cyberspace Policy And Security Strategy

OUTCOME OF PROCEEDINGS

Presidency of the Council of Ministers THE NATIONAL PLAN FOR CYBERSPACE PROTECTION AND ICT SECURITY

National Cyber Security Policy -2013

Romanian National Computer Security Incident Response Team CERT-RO.

Government Decision No. 1139/2013 (21 March) on the National Cyber Security Strategy of Hungary

How To Understand And Understand The European Priorities In Information Security

EU Priorities in Cybersecurity. Steve Purser Head of Core Operations Department June 2013

Towards defining priorities for cybersecurity research in Horizon 2020's work programme Contributions from the Working Group on Secure ICT

S. ll IN THE SENATE OF THE UNITED STATES

Cyberspace Situational Awarness in National Security System

NATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA

GOVERNMENT OF THE REPUBLIC OF LITHUANIA

Cybersecurity and the Romanian business environment in the regional and European context

2 Gabi Siboni, 1 Senior Research Fellow and Director,

Towards closer EU-ASEAN collaboration in cybersecurity

C ETS C/ETS: CYBER INTELLIGENCE + ENTERPRISE SOLUTIONS CSCSS / ENTERPRISE TECHNOLOGY + SECURITY

Establishing and supporting CERTs for Internet security

TUSKEGEE CYBER SECURITY PATH FORWARD

Germany: Report on Developments in the Field of Information and Telecommunications in the Context of International Security (RES 69/28),

The internet and digital technologies play an integral part

Enhancing Cyber Security in Europe Dr. Cédric LÉVY-BENCHETON NIS Expert Cyber Security Summit 2015 Milan 16 April 2015

THE WORLD IS MOVING FAST, SECURITY FASTER.

Legislative Language

JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015

CERT/CC Overview & CSIRT Development Team Activities

DHS, National Cyber Security Division Overview

Having regard to the Treaty on the Functioning of the European Union, and in particular Article 16 thereof,

Making our Cyber Space Safe

The EU s approach to Cyber Security and Defence

CYBERSECURITY IN FINANCIAL SERVICES POINT OF VIEW CHALLENGE 1 REGULATORY COMPLIANCE ACROSS GEOGRAPHIES

Today s Global Cyber Security Status and Trustworthy Systems That Leverage Distrust Amongst Sovereigns

Research Topics in the National Cyber Security Research Agenda

Qatar Computer Emergency Team

Achieving Global Cyber Security Through Collaboration

CYBER SECURITY STRATEGY OF THE CZECH REPUBLIC FOR THE PERIOD

Services. Cybersecurity. Capgemini & Sogeti. Guiding enterprises and government through digital transformation while keeping them secure

Supporting CSIRTs in the EU Marco Thorbruegge Head of Unit Operational Security European Union Agency for Network and Information Security

ESCoRTS A European network for the Security of Control & Real Time Systems

Cybersecurity Strategy of the Republic of Cyprus

Government Decision No. 1139/2013 (21 March) on the National Cyber Security Strategy of Hungary

National Cyber Security Strategy of Afghanistan (NCSA)

National Cyber Security Strategy

Roadmap for new Cyber security education in ME

ENISA What s On? ENISA as facilitator for enhanced Network and Information Security in Europe. CENTR General Assembly, Brussels October 4, 2012

BSA GLOBAL CYBERSECURITY FRAMEWORK

ENISA s Study on the Evolving Threat Landscape. European Network and Information Security Agency

Developing a National Strategy for Cybersecurity FOUNDATIONS FOR SECURITY, GROWTH, AND INNOVATION. Cristin Flynn Goodwin J.

Microsoft s cybersecurity commitment

EFFECTS+ Clustering of Trust and Security Research Projects, Identifying Results, Impact and Future Research Roadmap Topics

Cyber Security Strategy for Germany

JOINT COMMUNICATION TO THE EUROPEAN PARLIAMENT, THE COUNCIL, THE EUROPEAN ECONOMIC AND SOCIAL COMMITTEE AND THE COMMITTEE OF THE REGIONS

Building Blocks of a Cyber Resilience Program. Monika Josi monika.josi@safis.ch

White Paper on Financial Industry Regulatory Climate

Research and Educational Networking Information Analysis and Sharing Center (REN-ISAC)

What legal aspects are needed to address specific ICT related issues?

Commonwealth Approach to Cybergovernance and Cybersecurity. By the Commonwealth Telecommunications Organisation

Cyber Security solutions

Future cybersecurity threats and research needs.

Panel on Emerging Cyber Security Technologies. Robert F. Brammer, Ph.D., VP and CTO. Northrop Grumman Information Systems.

As global mobile internet penetration increases the cybercrime and cyberterrorism vector is extended

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist,

aecert Roadmap Eng. Mohammed Gheyath Director, Technical Affairs TRA

Cyber Incident Annex. Cooperating Agencies: Coordinating Agencies:

Cyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.

CYBERSECURITY INDEX OF INDICES

CYBER SECURITY INFORMATION SHARING & COLLABORATION

The Comprehensive National Cybersecurity Initiative

U.S. Cyber Security Readiness

The European Response to the rising Cyber Threat

Cyber-Security. FAS Annual Conference September 12, 2014

Lessons from Defending Cyberspace

Computer Network Security & Privacy Protection

4/21/2015. Jim Reavis CEO, Cloud Security Alliance. Cloud Security Alliance, Agenda

2016 Outlook of the Global Security Industry

Cyber security initiatives in European Union and Greece The role of the Regulators

Cyber Security Strategy

National Cyber Threat Information Sharing. System Strengthening Study

CYBER SECURITY AND CYBER DEFENCE IN THE EUROPEAN UNION OPPORTUNITIES, SYNERGIES AND CHALLENGES

CYBER SECURITY. Marcin Olender Head of Unit Information Society Department

Cybersecurity and Incident Response Initiatives: Brazil and Americas

HOMELAND SECURITY INTERNET SOURCES

Written Statement of Richard Dewey Executive Vice President New York Independent System Operator

Cloud and Critical Information Infrastructures

REPUBLIC OF MAURITIUS NATIONAL CYBER SECURITY STRATEGY

Securing Internet Payments across Europe. Guidelines for Detecting and Preventing Fraud

ITU National Cybersecurity/CIIP Self-Assessment Tool

CONSULTING IMAGE PLACEHOLDER

1 FOCUS Foresight Security Scenarios

Critical Infrastructure Protection in Germany

POLICIES TO MITIGATE CYBER RISK

Presidential Summit Reveals Cybersecurity Concerns, Trends

Cyber security Country Experience: Establishment of Information Security Projects.

(U) Appendix E: Case for Developing an International Cybersecurity Policy Framework

Preventing and Defending Against Cyber Attacks November 2010

Enterprise Security Tactical Plan

Developing and Enhancing Cyber Security Capabilities in the Region. Khaled Gamo Technology Advisor Ministry of communication and informatics

CONNECTING WITH CONFIDENCE: OPTIMISING AUSTRALIA S DIGITAL FUTURE. AIIA Response

EU CIP Project DENSEK. Joining forces against cyber threats on European level

Transcription:

Poste Italiane CERT: Strategy, Mission, and Services 40 TF-CSIRT Meeting London, 27h September 2013

Agenda 2 SCENARIO Poste Italiane and Digital Services Cyber Security Scenario STRATEGY Poste Italiane Leadership in Cyber Security Integrated Approach to Cyber Security: CERT SERVICES CERT Poste Italiane Activities CERT Services and Cooperation Networks

Poste Italiane: national leader in digital services SCENARIO 3 Poste Italiane is one of the main Italian organization with 144,000 employees, 13 Mln of online customers and a widespread presence in Italy with 12,000 post offices. It provides financial, logistics, postal, insurance, digital communication, mobile and TLC services. Finance and Insurance 5.8 Mln banking account 18 Mln payment cards 10 Mln prepaid card With 144,000 employees, Poste Italiane is the largest Italian company and State owned enterprise POSTE ITALIANE NEEDS Protecting customers is a top Logistics and Postal 12,000 postal offices Ecommerce services 38,000 vehicles Poste Italiane s customers are citizens, Public administrations and private enterprises priority in Poste Italiane business strategy Providing secure and continuous services is Digital communication Mobile and TLC Web channel more than 70 Mln page/month viewed Certified email >3 Mln SIM cards 23,500 postman with mobile terminal for mobile services Poste Italiane provides traditional and new services through internet and mobile channels Poste provides e-finance, e- government, e-commerce, e- post digital communication services essential to guarantee customer satisfaction More and more sophisticated cyber attacks working on a global scale call for a deeper cooperation at international level

The evolution of the Cyber Security scenario calls to define a strategic approach World increasingly interconnected SCENARIO 4 The technology pushes toward never ending interconnections People, machines, things Big data New threats scenarios The Society has never been so open and connected PA and Institutions Companies & People New criminal actors (governments, enterprises, cyber-criminals, ) Globalization of attacks vs. local defense Industrialized attack processes (ex. hackers for rent ) Advanced threats attacks (mobile devices, cloud, WiFi, big data, IoT) Increase target to be protected Public sector Private sector Citizens Critical civil and military infrastructures New strategic challenges Legislation evolution EU CYBER SECURITY STRATEGY The proposed NIS directive (February 7, 2013) would require all Member States to: Achieving cyber resilience Drastically reduce cybercrime Developing cyberdefence policy and capabilities related to the Common Security and Defence Policy (CSDP) Develop the industrial and technological resources for cybersecurity Establish a coherent international cyberspace policy for the European Union and promote core EU values ITALIAN GOVERNMENT A decree of the President of the Council of Ministers (January 24, 2013) sets forth the new government architecture that is entrusted with the task of facing potential cyber security threats in Italy Italy has a new cyber security governance, pursuant a more precise accountability among governmental bodies and also opening to non public actors Italy has to develop a national cyber security plan: the Prime Minister is in charge of adopting the plan. Operators who manage critical infrastructure at national and European levels: send communication of each and every security or integrity breach use the best practices as well as cybersecurity measures; supply information to security information bodies grant access to the database for the purposes of cybersecurity assist in managing the cybernetic crisis.

SERVICES GOALS The evolution of the Cyber Security scenario calls to define a strategic approach New strategic challenges SCENARIO 5 The Cyber Security must be a strategic priority at Country level, under a European / international common framework: Governance and well established role system Real time monitoring and sharing critical incident response through information to key stakeholders Increase people awareness (culture, competences, behaviors) Promote advanced Cyber Security capabilities through stimulating innovation industrial clusters on prevention, even through PPP POSTE ITALIANE CYBER SECURITY STRATEGY Has focused on cyber security as a strategic leverage to provide secure services and protect customers, on-line services and transaction, acquiring an acknowledged leadership at national level TO PROTECT company s network and infrastructures, while preserving customers privacy, on line services and service usability TO STRENGTHEN collaboration between public and private stakeholders to contrast cyber crime TO INCREASE cyber security capabilities through research, education and awareness TO INTEGRATE and coordinate prevention, analysis and response capabilities through a unique interface POSTE ITALIANE NEW OPPORTUNITIES As one of the most advanced player in the cyber security field, Poste is in a great position to deliver cyber security services to the market Prevention and protection services, specifically addressed to SMEs National / local cyber security services might be delegated from PA bodies to market operators Educational formats, deliverable through physical or virtual channels Existing or new offering (ex. Cloud) integrated with high level security standards

GOALS Poste Italiane: a history of leadership in Cyber Security STRATEGY 6 To integrate and coordinate prevention, analysis and response capabilities through a unique interface To increase cyber security capabilities through research, education and awareness To strengthen collaboration between public and private stakeholders to contrast cyber crime To protect company s network and infrastructures, while preserving customers privacy and service usability SECURITY ROOM, FRAUD MANAGEMENT & SERVICE CONTROL ROOM EUROPEAN ELECTRONIC CRIME TASK FORCE CYBER SECURITY CENTER COMPUTER EMERGENCY RESPONSE TEAM 2006 2009 2010 2013 STRATEGIES ASSET PROTECTION INFORMATION SHARING & PPP POLICIES & EDUCATION INTEGRATED SECURITY SERVICES Goals Monitoring capability to intercept ongoing attacks and react to IT incidents Enhance security through cooperation and Information Sharing Contribute to international policies Education and awareness Aggregate competencies, integrate information flows, share intelligence on ongoing attacks Achievements Continuous monitoring Anti-Fraud Anti-phishing Anomalous behavior PPP Public-Private Partnership between law enforcement, academia, legal, and private sector Cooperation on cyber security with ISO, ICANN, NATO MSc in Cyber Security Standardization of security services to support internal constituency and third parties

The experience acquired has led to a new concept of integrated defense: CERT Computer Emergency Response Team STRATEGY Organization whose aim is to analyse the security of system and networks in order to provide response services to incidents, share early warning bulletins on vulnerabilities and threats and offers support for improving network and system security 7 Mission to provide a unique point of coordination of all the activities related to prevention and handling of cyber threats impacting the information assets of Poste Italiane, by an integrated management of all the relevant flows coming from each of the already active operation centers, and to represent, at the same time, a unique interface towards the outer world with reference to all the operative information exchange activities Constituency refers to the Poste Italiane Group, the relevant online services and its Customers, including the holding and the affiliates: Poste Italiane SpA, Postecom, PosteMobile, Postel, PosteShop, PosteTutela. This initial constituency is planned to grow, in order to include all of the other entities belonging to the Group. The 1 st Computer Emergency Response Team (CERT) was created by Carnegie Mellon in 1988 at DARPA s direction in response to the Morris Worm European Agency on Network and Information Security, whose mission is to support the creation of CERTs in Europe and to foster networking Trusted Introducer is the European CERT network, a service infrastructure whose mission is to provide support for all security and incident response teams. FIRST is the recognized global leader in incident response teams worldwide coordination and is the reference global network for CERT cooperation

CERT Poste Italiane activities: Monitoring, Analysis and Simulation SERVICES 8 Security Monitoring Real-time continuous monitoring of security status of systems and vulnerabilities in the wild, with the aim of detecting new potential attacks or security criticalities and give the start to effective response activities Analysis & Prevention Analysis and correlation of collected evidences and alerts coming from the monitoring activities, with the aim of preventing security incidents that may occur on IT systems and services, assessing their potential impact on business Modeling & Simulation Definition of mathematical models and algorithms to evaluate potential IT impacts of cyber security threats, by simulating their spread over the company s network and delivering worstcase scenario analyses

CERT Poste Italiane Service Offering SERVICES 9 INFORMATION EARLY WARNING INFORMATION SHARING Alerting services on cyber security issues and information exchange within all the relevant international communities of peers OPERATIONS GOVERNANCE CYBER CRIME CYBER LAB INCIDENT HANDLING THREAT AND VULNERABILITY MNGT INFORMATION SECURITY RISK MNGT PRIVACY COMPLIANCE ANTI MALWARE-PHISHING-SPAM SECURE DIGITAL IDENTITIES CYBER SECURITY TECHNOLOGY LAB TECH. COMPLIANCE & SEC. CERTIFICATION Operational security activities such as incident handling and analysis of actual protection of IT infrastructures and digital services Business Impact Analyses, realization of Risk Assessment and verification of process compliance to Data Protection legislation Monitoring and prevention of threats and ongoing attacks, to also support the repression of crimes against customers digital identities Laboratory activities aimed at scouting innovative security technologies and assess technical compliance to international standards COMMUNICATION TRAINING AND AWARENESS ABUSE DESK Awareness and training on information security topics towards both customers and CERT s constituency

The Early Warning service aims at providing alerts to the PI CERT constituency SERVICES Main Goal Early Warning aims at identifying, analyzing and promptly reporting emerging vulnerabilities and threats that may impact CERT constituency, also providing countermeasures for their mitigation 10 Information Gathering Analysis Vulnerability Alert Information collection: Vulnerability information are collected from various sources, such as: Vendor vulnerability product information Websites Public and closed mailing lists Analysis of information collcted: Trustworthy of the source is evaluated and further and deeper analysis are performed Information are filtered and classified basing on the criticality of the vulnerability reported Distribution of information: Bulletins templates are filled with the Information processed Vulnerability alerts s are distributed to the constituents Early Warning alerts will be available on the PI CERT web portal

The Information Sharing service is designed to collect and exchange information on strategies, best practices and cyber crime trends SERVICES 11 It is structured in three main services: 1 Threat Intelligence Threat analysis, including implications and actionable advices, about an existing or emerging techniques by means of direct involvement of internal and external security research centers. Threat Analysis Report Technology Watch Report Flash Report Deliverables 2 Incident Investigation Investigation of security incidents with an impact on networks under monitoring, through correlation of information from public and private sources, aimed at threat identification, quick response and mitigation. Incident Report Sharing Flash Report 3 Communication Center Collection, analysis and dissemination of IT security related topics within all constituency and the relevant world communities of peers. Early Warning Bulletins Actionable Intelligence IS Knowledge Base EECTF Newsletter Trusted Networking Hub

PI-CERT strategies in the short-medium term 12 INTERNATIONAL ACKNOWLEDGEMENT OPERATIONAL CONSOLIDATION As a newborn organization supporting a large Group we have been investing to consolidate our internal processes and to formalize interactions within our constituency, in order to also properly design the relevant services and the underlying infrastructure GLOBAL COOPERATION We have joined several international communities to foster information sharing of operational data and co-operate on incidents involving Italian critical information infrastructures We are ready and willing to cooperate with TF-CSIRT community, sharing information, providing capabilities and developing joint analyses We have a roadmap to become FIRST affiliate and accredited TI Members by the end of 2013 CONTINUOUS IMPROVEMENT OF COMPETENCIES AND SKILLS TERENA training sessions and other international events

Thanks for your attention 13 THANKS A LOT FOR YOUR ATTENTION ANY FURTHER INQUIRY CAN BE SUBMITTED TO cert@posteitaliane.it

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information