Cyber Security VTT and the Finnish Approach



Similar documents
Agile Information Security Management in Software R&D

C ETS C/ETS: CYBER INTELLIGENCE + ENTERPRISE SOLUTIONS CSCSS / ENTERPRISE TECHNOLOGY + SECURITY

How To Write A Cybersecurity Framework

CONSULTING IMAGE PLACEHOLDER

Jyväskylä Cyber Security Ecosystem

ESKISP Conduct security testing, under supervision

The Next Generation of Security Leaders

HP Cyber Security Control Cyber Insight & Defence

Cybersecurity and internal audit. August 15, 2014

Enterprise Security Tactical Plan

Cybersecurity in the Utilities Sector Best Practices and Implementation 2014 Canadian Utilities IT & Telecom Conference September 24, 2014

Unified Cyber Security Monitoring and Management Framework By Vijay Bharti Happiest Minds, Security Services Practice

Intelligence Driven Security

Internal audit of cybersecurity. Presentation to the Atlanta IIA Chapter January 2015

IoT & SCADA Cyber Security Services

MSc Cyber Security. identity. hacker. virus. network. information

Certified Identity and Access Manager (CIAM) Overview & Curriculum

The Protection Mission a constant endeavor

CGI Cyber Risk Advisory and Management Services for Insurers

Jort Kollerie SonicWALL

CYBER SECURITY TRAINING SAFE AND SECURE

CESG Certification of Cyber Security Training Courses

Unit 3 Cyber security

Introduction to Cyber Security / Information Security

Combating a new generation of cybercriminal with in-depth security monitoring. 1 st Advanced Data Analysis Security Operation Center

The Danish Cyber and Information Security Strategy

Accenture Cyber Security Transformation. October 2015

Developing a robust cyber security governance framework 16 April 2015

EC-Council Ethical Hacking and Countermeasures

i Network, Inc Technology Solutions, Products & Services Providing the right information, to the right customer, at the right time.

Bellevue University Cybersecurity Programs & Courses

On the European experience in critical infrastructure protection

FedVTE Training Catalog SUMMER advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov

Combating a new generation of cybercriminal with in-depth security monitoring

KEY STEPS FOLLOWING A DATA BREACH

CYBER SECURITY, A GROWING CIO PRIORITY

defense through discovery

Auditing After a Cyber Attack JAX IIA Chapter Meeting Cybersecurity and Law Enforcement

Big Data-ready, Secure & Sovereign Cloud

Kangas Cybersecurity strategy

Cybersecurity. Are you prepared?

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist,

Strategies for assessing cloud security

RE Think. IT & Business. Invent. IBM SmartCloud Security. Dr. Khaled Negm, SMIEEE, ACM Fellow IBM SW Global Competency Center Leader GCC

Understanding the Business Case of Network Function Virtualization

State of Vermont. Intrusion Detection and Prevention Policy. Date: Approved by: Tom Pelham Policy Number:

A HELPING HAND TO PROTECT YOUR REPUTATION

Finnish Cyber Security Strategy. Permanent Secretary, LTG Arto Räty Chairman of the Security Committee , Geneva

Impact of Cybersecurity Innovations in Key Sectors (Technical Insights)

Preventing and Defending Against Cyber Attacks November 2010

1 Introduction Product Description Strengths and Challenges Copyright... 5

Developing an Architectural Framework towards achieving Cyber Resiliency. Presented by Deepak Singh

SITUATIONAL AWARENESS MITIGATE CYBERTHREATS

FORBIDDEN - Ethical Hacking Workshop Duration

Cyber security. Ideal logo position here

Cisco Advanced Services for Network Security

Big Data, Big Risk, Big Rewards. Hussein Syed

Cybersecurity The role of Internal Audit

Preventing and Defending Against Cyber Attacks June 2011

Access FedVTE online at: fedvte.usalearning.gov

SDN Security Challenges. Anita Nikolich National Science Foundation Program Director, Advanced Cyberinfrastructure July 2015

CyberSecurity Solutions. Delivering

Security Services. A Solution for Providing BPM of Security Services within the Enterprise Environment.

Cybersecurity as a Risk Factor in doing business

Microsoft s cybersecurity commitment

Assessing the strength of your security operating model

Executive Cyber Security Training. One Day Training Course

SANS Top 20 Critical Controls for Effective Cyber Defense

How To Protect Water Utilities From Cyber Attack

Cybersecurity Awareness. Part 2

Cyber Situational Awareness for Enterprise Security

National Cyber Security Policy -2013

Protect the data that drives our customers business. Data Security. Imperva s mission is simple:

5G and intelligent infrastructure

SourceFireNext-Generation IPS

The Benefits of an Integrated Approach to Security in the Cloud

MEMORANDUM. Date: October 28, Federally Regulated Financial Institutions. Subject: Cyber Security Self-Assessment Guidance

Cyber security. Cyber Security. Digital Employee Experience. Digital Customer Experience. Digital Insight. Payments. Internet of Things

Security metrics to improve information security management

Security Services. 30 years of experience in IT business

Cryptography and Network Security Chapter 1

The fast track to top skills and top jobs in cyber. Guaranteed.

Cybersecurity Audit Why are we still Vulnerable? November 30, 2015

Including Threat Actor Capability and Motivation in Risk Assessment for Smart Grids

Transcription:

Cyber Security VTT and the Finnish Approach September 22, 2015 Reijo Savola, Principal Scientist

CHALLENGES Explosive increase in number and impact of cyber security attacks Use of Internet technologies in critical infrastructures Internet-of-Things Cloud Services 23/09/2015 2

23/09/2015 3 VTT s Position in Cyber Security The biggest research group in the topic in Finland, sites in Oulu, Espoo and Tampere. Cyberlab War Room with strong attack and monitoring capability in Oulu. Extensive co-operation in the European and Finnish activities As contract research to companies As the orchestrator and/or the Finnish country coordinator in European joint research projects Member of FISC (Finnish Information Security Cluster) Member of the Board

VTT s solutions for Cyber Security Industrial Control Systems security Network security Device security Security testing, assessment and risk-driven techniquess 23/09/2015 4

Industrial control system security Value proposition: Ensure continuous and safe operation in manufacturing and process industry. Competitive edge: R&D combined with close co-operation with industry and National Emergency Supply Agency (NESA) gives unique capability to analyze and improve security of ICS. Deep understanding of industry and communication and digital systems. IP status: Process for the best practices and tools for network monitoring and intrusion detection. Offering: Approach of four modules to ensure and improve ICS cyber security Architectural analysis Network traffic analysis Security monitoring Holistic security analysis Architecture analysis Security Monitoring Holistic security analysis Network traffic analysis «BACK 23/09/2015 5

23/09/2015 6

23/09/2015 7 VTT Cyber Security War Room What is War Room Includes a mini-internet environment that is completely isolated from all other telecommunications Devices or software can be subjected to highly realistic cyberattacks in a controlled way Wide range of attacks can be tried to test the performance of various systems Personnel with extensive experience and knowhow on cyber security Equipped with cutting edge technologies & devices War room enables Conducting of attacks aimed at seizing systems, implementation of typical hacker attack strategies and botnet attacks Identification of cyber attacks, threats and vulnerabilities Monitoring effective attacks and developing tools for cyber situational awareness In-depth cyber analyses from network traffic log information Security testing of products and services SW security auditing 23/09/2015 7

23/09/2015 8 Competitive Edge of VTT Cyber Security Strong competence in world-class applied research: from research to concrete systems. This position is often unique Strongly trusted partner and close collaboration with customers Multi-disciplinary team: New innovation emerges often from the combination of ideas from researchers from different backgrounds: telecommunications, software development, testing etc. Lab Finland : close collaboration among the Finnish cyber security stakeholders (the most important part of this is FISC)

23/09/2015 9 Current Cyber Security Research Topics at VTT Industrial control system security Network security, SDN Device security and trusted software platforms and architectures Security assurance: security analysis, testing and monitoring Security metrics and adaptive security Risk analysis and risk-driven design Cryptography Cloud service security IAM Privacy

23/09/2015 10 INCREASE MEANINGFULNESS OF SECURITY INFORMATION + 10

DECREASE SECURITY INFORMATION GAPS AND BIASES 11

FISC Finnish Information Security Cluster FISC association Joint initiative by Finnish Information Security Industry 47 member companies and the VTT Technical Research Centre of Finland Targets: Improve international business collaboration Secure the development of the business environment Expedite the implementation of the National Cyber Security Strategy Improve and align innovation programs and academia Cyberlab Ltd A non-profit company owned by FISC Cyberlab mission is to support public sector organizations and enterprises in improving their cyber resiliency Copyright 2015 FISC Confidential

10 Cyber Security Guidelines 1. Collaboration model 2. Situational awareness 3. Continuity of 4. Capacities of preparedness the police 5. Cyber defence 6. Enhanced international co-operation 7. Education and training = knowledge 8. Legislation 9. Tasks, requirements and service models 10. Monitoring the implementation 23.9.2015 www.turvallisuuskomitea.fi 13

TECHNOLOGY FOR BUSINESS

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information