Center for Cyber and Information Security. a shared commitment to the nation s research and expertise development. Opening Conference August 15

Center for Cyber and Information Security a shared commitment to the nation s research and expertise development Opening Conference August 15 1

Welcome! We read daily about things that should worry us but we barely understand. Identity theft, industrial espionage, cybercrime, online extortion, cyberwar, cyberattack, data leak, international surveillance programs, and challenges to privacy. Our modern societies have become totally dependent on computer based information and communication technologies (ICT), and thus on their robustness and resilience against accidents and crimes. Today, computer systems control everything from traffic lights and surgical equipment in hospitals to telephone communications and electricity distribution. Further more, computer systems harbours information and knowledge that must be sheltered from unauthroized access; including engineering solutions, business secrets, information about your bank accounts, defense secrets, purchasing habits and emails. This is about you, it is about what kind of society you want to live in, it is about your company s ability to survive, and it is about our government s ability to protect us, to protect our welfare and to protect our privacy. All countries today need to develop their eduction an research capacity to meet this future. As a significant national contribution, a number of organizations have partnered to create a center for research and education in information and cyber security in Norway. By the end of 2014, the center will have a core group of 25 scientists of a total of 70-80 people, including non-permanent and adjunct positions as for instance Ph.D. students and postdocs. In addition, there will be 200-300 bachelor and master students at the Centre. Today, August 15, 2014, we officially open the center. Not everything will be in place at the start, but we found it right and important to choose a date to mark the important contribution and to celebrate. We do this in the form of a conference we think you will find very interesting. With regards, The National Police Directorate, Eidsiva, the Norwegian National Seurity Authorities, the Norwegian Cyber Defence, the Police ICT Service, the National Criminal Investigation Service Kripos, the National Authority for Investigation and Prosecution of Economic and Environmental Crime Økokrim, the Police University College, the Norwegian Defence Cyber Academy, the Norwegian Defence Research Establishment FFI, Gjøvik University College, Telenor, Statkraft, Statnett, mnemonic, IBM, PwC, Oppland County, Lillehammer University College, the Norwegian Nasjonal Identity Center, Oslo Police District, the Police Security Service, NC-Spectrum, Oppland County, the Norwegian Centre for Information Security NorSIS. ccis.no 2

08:45 Registration and coffee 09:30 Session 1 1. Morten Irgens, Chair, the Interrim Board of Directors, CCIS. 2. Laila Bokhari, State Secretary, the Office of the Prime Minister. 3. Øystein Bø, State Secretary, the Ministry of Defence. 4. Odd-Reidar Humlegård, National Police Commisioner, Director, the Norwegian Police Directorate, 5. Odd Egil Pedersen, Major General and Chief, of the Norwegian Cyber Defence, 6. Kjetil Nilsen, Director General, the Norwegian National Security Authority 10:50 Break 11:10 Session 2 7. Arvid Hallén, CEO, the Norwegian Research Council, 8. Rainer Baumgart, CEO Secunet Security Networks AG, 9. Joe Cannataci, Professor, University of Groningen, 10. Håkon Skulstad, Rector, the Norwegian Police University College, 11. Ann-Kristin Aas, Rector of the Norwegian Defence Cyber Academy, 12. Bente Ohnstad, Rector, Lillehammer University College, 13. Jørn Wroldsen, Rector, Gjøvik University College, 12:20 Lunch 13:20 Session 3 14. Tønnes Ingebrigtsen, CEO, mnemonic. 15. Troels Oerting Joergensen, Assistant Director of Europol, Head of the European Cybercrime Centre (EC3). 16. Berit Svendsen, CEO, Telenor Norway and Executive Vice President, Telenor. 17. William F. Pelgrin, CEO, Center for Internet Security 14:50 Break 15:10 Session 4 18. Melissa Hathaway, President, Hathaway Global Strategies. 19. Bjørn Erik Thon, Director, the Norwegian Data Protection Authority 20. Kimmo Ulkuniemi, Assistant Director, Interpol Global Complex for Innovation. 16:30 Session 5 Reception. Building A. Host: Jørn Wroldsen 3

Laila Bokhari is State Secretary at the Office of the Prime Minister with with a special focus on safety and emergency preparation. Bokhari is a political scientist and terrorism researcher. She has studied political science, international law and international politics in the UK and the Netherlands, and Arabic and Middle Eastern politics in Jerusalem and the West Bank. She has worked at the Defense Research Institute, Norwegian Institute of International Affairs (NUPI), the UN Security Council s al-qaeda-taliban monitoring team (the 1267 Committee ), Temporary International Presence in Hebron (TIPH), PRIO, NATO and the OSCE, and worked as a diplomat at the Norwegian embassy in Islamabad. Bokhari has been a member of the Government Security Policy Board, the July 22 Commission, a number of NATO working groups and the Advisory Board of the Pakistan Institute of Peace Studies. William Pelgrin is the CEO of the Center for Internet Security (CIS), which is a not-for-profit organization with a mission to enhance the cyber security readiness and response of public and private sector entities. CIS has responsibility for provision of cyber security services for state, local, tribal and territorial governments; and the identification and development of talent for the cyber security workforce of the future. Mr. Pelgrin is serving his third term as Chair of the National Council of ISACs, which works to advance the physical and cyber security of critical infrastructure and includes representation from the major national industry sectors. Mr. Pelgrin served as a Commission Member of the Center for Strategic and International Studies (CSIS) Commission on Cyber Security to brief the President Obama on critical cyber security issues. The Commission s reports provided findings and recommendations to secure cyberspace in Obama s Presidency and to help guide policy-making to improve cyber security in critical infrastructure. Øystein Bø is State Secretary in the Ministry of Defence. Bø has an education in law (Cand. jur.) from the University of Oslo and Officer Candidate School from the Norwegian Defence. He has earlier held positions as Head of International Department and Permanent Secretary of the Standing Committee on Foreign Affairs and Defence of the Norwegian Parliament; Minister, Deputy Permanent Representative, Permanent Delegation of Norway to NATO; Chef de Cabinet of the Minister of Foreign Affairs; Deputy Director General, Head of OSCE/CFSP Section; Assistant Director General, European Policy Department, Head of Stability Pact / OSCE Coordination Unit; Assistant Director General, Department of Policy Planning and Evaluation, Head of Stability Pact / OSCE Coordination Unit; National Coordinator, Stability Pact for South Eastern Europe; Adviser, OSCE Coordination Unit. (Responsible for Kosovo/FRY throughout the Norwegian OSCE Chairmanship 1999); First secretary, Norwegian permanent delegation to NATO; and Legal adviser, Office of the High Representative, Sarajevo (Seconded by the Norwegian MFA). Kjetil Nilsen is the Director General of the Norwegian National Security Authority (NSM), Norway s central authority for cyber security/information assurance, personnel security and physical security. Prior to joining the Norwegian National Security Authority in 2009, Mr. Nilsen spent more than 25 years with the Norwegian National police force. From 1998 Mr. Nilsen served in different positions on senior management level, amongst others as Director of the Operational Department of the Norwegian National Police Security Service (PST). He has also a background from the Norwegian Armed Forces. In between his tenures in the police force, Mr. Nilsen has practiced law in a private law firm. Mr. Nilsen holds a law degree from the University of Oslo and a master degree from the Norwegian School of Management BI. Mr. Nilsen has completed the Senior Course at NATO Defence College in Rome, Italy. Mr. Nilsen is one of CCIS key initiators and serves as member of its interim Board of Directors. 4

Odd Reidar Humlegård er Mr. Humlegård is a Norwegian lawyer, civil servant and Norway s National Police Commissioner, which make him the top chief of Norway s police force except the Police Security Services. He was appointed National Police Commisioner and put in charge of reforming the Police after the terrorist attack on July 22, 2011, and is well known for his ability to cut through bureaucracy and get things done. Mr. Humlegård is one of CCIS key initiators. Humlegård has his background both from the Norwegian Military and the Norwegian Police. He has previously served as head of the National Criminal Investigation Service, and head of the National Mobile Police Service. Executive Chairman of Telenor Research and Development. From 2005, Svendsen took up the position as Vice President and head of Telenor Nordic fixed operations with overall responsibility for the fixed operation in Norway and from 2008, she held the position of CEO of Conax. Berit Svendsen has held several directorships over the years, and is currently member of the boards of directors of DNB and of EMGS. From 2002 she was a member of the European Commission s advisory group on ICT issues. Svendsen has a master s degree in electrical engineering from NTNU (1988) and a master s degree in Technology Management from NTNU and the Massachusetts Institute of Technology, USA (1995). Odd Egil Pedersen is commanding general of the Norwegian Armed Forces Cyber Defence, charged with maintaining, developing and defending the Norwegian Armed Forces ICT and Command and Control systems. Major General Pedersen s background is from the Norwegian Army s Signal Corps, and served through his early years in positions through the Norwegian Army. The latter half of his career he has mainly served in positions tied to military intelligence, both in the Norwegian Intelligence Service and in positions in NATO. Major General Pedersen is a key supporter of CCIS and serves as member of its interim Board of Directors. Bjørn Erik Thon has been the director of the Norwegian Data Protection Authority since 2010. The Data Protection Authority facilitates protection of individuals from violation of their right to privacy through processing of their personal data. He came to the Data Protection Authority from the position as Consumer Ombudsman, which he held for ten years. Rainer Baumgart is the CEO of Secunet Security Networks AG, one of Germany s leading providers of IT security with focus on cryptography (SINA), e-government, biometrics, business security and automotive security. Baumgart has a special responsibility for the Public Sector division with the business units High Security and Government as well as for business development and communication. His career in IT security spans more than 20 years. Berit Svendsen is CEO of Telenor Norway and Executive Vice President of Telenor. Svendsen s career in Telenor startet in 1988 when she joined the corporation as a research scientist. From 2000, she held the position of Executive Vice President and Chief Technology Officer. In the same period, she also held the position of 5 Kimmo Ulkuniemi, INTERPOL Global Complex for Innovation Assistant Director for Strategy and Outreach has worked in the Finnish Police since 1992. Prior to his

appointment to INTERPOL he was Deputy Head of the Europol National Unit in Finland and was responsible for Europol coordination in Finnish law enforcement. Mr Ulkuniemi has more than 10 years experience in international police cooperation in INTERPOL, Europol and Schengen and he has experience on the investigation and international cooperation on cybercrimes. He has also worked in the Council of European Union and the United Nations. Mr Ulkuniemi and his unit are responsible for cyber security strategies, Public Private Partnerships, Internet governance, Outreach programs and National Cyber reviews in INTERPOL Tønnes Ingebrigtsen is the founder and CEO of the Norwegian company information security company mnemonic. memonic - and, yes, the company spells its name with lower case m - provides products and services in IT security and information security to large public and private sector companies in Scandinavia, including IT risk management, risk assessment and auditing, testing and securing applications and databases with regard to information security. Joeseph A. Cannataci co-founded and co-directs the Security, Technology & e-privacy Research Group (STeP) at the Faculty of Law at the University of Groningen where he holds the Chair of European Information Policy & Technology Law. He is Head of the Department of Information Policy & Governance at the Faculty of Media & Knowledge Sciences of the University of Malta and Adjunct Professor at the Security Research Institute and the School of Computer and Security Science at Edith Cowan University Australia. Furthermore, Cannataci is currently overall co-ordinator for the EU-supported SMART, RESPECT and MAPPING projects dealing with various forms of surveillance, privacy and Internet Governance. In 2002 he received the title Officier dans l ordre des palmes academiques by France, in part for his work on technology law and privacy law and his contribution to the development of European information policy. He has advised the Council of Europe (CoE) on data protection regulations and on cybercrime, and Directorate General of Human Rights and Rule of Law on police use of personal data. Morten Irgens is chairman of the interim board of CCIS, chairman of the board of the Norwegian Information Security Center NorSIS, Vice Rector of Research at Gjøvik University College, and Dean of the Faculty of Computer Science and Media Technology at Gjøvik University College, with responsibility for the Media Technology Laboratory and the Norwegian Information Security Laboratory. Dr. Irgens has founded and built a software company, and acted at the Board level for industry initiatives. He holds a PhD in Computer Science from Simon Fraser University and a Cand. Scient. in Informatics from the University of Oslo. Melissa Hathaway is President of Hathaway Global Strategies LLC and a Senior Advisor at Harvard Kennedy School s Belfer Center. She served in two Presidential administrations where she spearheaded the Cyberspace Policy Review for President Obama and led the Comprehensive National Cybersecurity Initiative for President George W. Bush. At the conclusion of her government service she received the National Intelligence Reform Medal and the National Intelligence Meritorious Unit Citation Medal in recognition of her achievements. Previously, Ms. Hathaway was a Principal with Booz Allen & Hamilton, Inc., where she led two primary business units: information operations and long range strategy and policy support, supporting key offices within the Department of Defense and Intelligence Community. Earlier in her career she worked with Evidence Based Research, Inc. and the American Foreign Service Association. Ms. Hathaway has a B.A. degree from The American University in Washington, D.C. She has completed graduate studies in international economics and technology transfer policy, and is a graduate of the US Armed Forces Staff College. 6

Arvid Hallén is the Director-General of the Research Council of Norway, a position he has held since since 2004). Previously, he has served as Director of the Norwegian Institute for Urban and Regional Research and Director for Humanities and Social Sciences in the Research Council. He holds a mag.art. (PhD) degree in sociology from the University of Oslo and is a member the Norwegian Academy of Technological Sciences. Håkon Skulstad is a trained police officer and lawyer and the Rector of the Norwegian Police University College. He has previously held positions as chief of police in Østfinnmark Police District, Head of the Police Department at the Ministry of Justice, Deputy Director of the National Criminal Investigation Service (KRIPOS), acting Attorney General and Public Prosecutor at the Norwegian National Authority for Investigation and Prosecution of Economic and Environmental Crime. Cybercrime Centre (EC3) is an organization of the European Union attached to Europol in The Hague. It was officially opened on 11 January 2013. The purpose of the centre is to coordinate cross-border law enforcement activities against cybercrime and act as a centre of technological expertise. It is tasked with assisting member states in their efforts to dismantle and disrupt cyber crime networks and will also develop tools and provide training. Ann Kristin Aas is Rector of the Norwegian Defence Cyber Academy. She has a master in electronics and telecommunications from NTNU. Her military career began in 1991 when she was studying fire control engineering at what was then called the Army Technical School in Lillehammer. She has been an instructor at the college and head of corporate governance at FK KKIS. Jørn Wroldsen is professor in physics and rector at Gjøvik University College. He has led GUC through a growth that has seen close to a doubling of its number of students and the establishing of solid research activities. Troels Oerting is Assistant Director of Europol, Head of the European Cybercrime Centre (EC3), and Head of Counter Terrorist and Financial Intelligence Centre (CTFC). Previously, he has served as Director of the Danish NCIS, Director of National Crime Squad and later as Director of the Danish Serious Organized Crime Agency (SOCA). He held positions as Head of NCB Copenhagen, Chair of the Head of Europol National Unit group (HENU), member of DK Europol Management Board delegation and Head of DK Schengen / Sirene. Later he became Director of Operations in the Danish Security Intelligence Service before he was promoted to Assistant Director in Europol in 2009. The European 7 Bente Ohnstad is is a lawyer, associate professor and Rector of Lillehammer University College (LUC), as well as an adjunct associate professor at the University of Stavanger. She was previously Dean of the Faculty of Health and Social Care at Lillehammer University studying Health and Social Affairs, and senior executive, manager, assistant director, director, and planner respectively of Social Affairs, Health Directorate, Health and Social Affairs.

8

OUR INCREASED VULNERABILITY Our increased reliance on Information and Communication Technologies (ICT) will create in the years ahead new, large, and increasingly complex security challenges; confronting these challenges will require an increased focus on higher education, more efficiency in resource development, improved research capacity, and broad crosssector collaboration among industry, infrastructure providers, the police and other government security agencies, and academia. In the last few years we have seen a number of examples of how everything from pacemakers and cars to electricity generators, public transportation, or intellectual property may be exposed to criminal activity and destroyed from a distance -even from the other side of the globe. Thousands of events have brought up information security and cyber security to the public debate, including security breaches in government computer systems, lack of protection of personal information, loss of credit card information, and espionage at high level. The virus that put 35,000 computers out of work in Saudi Aramco, the world s largest oil company; the cyber attack on Georgia, ahead of Russia s invading the country; industrial espionage against the Scandinavian telecom operator Telenor; the Americans access to communication information in other countries; the cyber attacks on the Nobel Institute and the International Monetary Fund (IMF), the nuclear enriching programmes of Iran and Estonia; a strong increase in identity theft and relentless attacks on our financial institutions; and the Swedish monitoring law (FRA) that provides the Swedish intelligence service full access to the content of communications of their neighbour countries that is transmitted across Swedish soil. It is said that what can go wrong will go wrong. ICT has opened up a whole new dimension of how things can go wrong -be it by themselves or due to malicious acts. We must be prepared. 9

1 6 EXAMPLES FROM AROUND THE WORLD While 20,000 Norwegians are exposed to pickpocketing every year, 60,000 are victim of identity thefts that result in financial loss. 2 3 4 5 6 In March 2013 the telecom operator Telenor announced that several of its senior management team had been subjected to extensive and organised cyber espionage. In the U.S. a cyber attack happens every three minutes on average. In December 2012, more than 55,000 computers at Saudi Aramco, the world s largest oil company, were incapacitated by a virus attack. 450,000 names and passwords were stolen from Yahoo in May 2012. After The New York Times investigated allegations of economic nepotism among the Chinese prime minister s family members, the newspaper s servers and a number of laptops were tapped over several months. The Washington Post, The Wall Street Journal and several other newspapers and news media have experienced similar espionage. Denial of Service attacks can be purchased online. The websites of the Nobel Committee were attacked when it awarded the Peace Price to a Chinese dissident in 2010, and later a number of organizations in Norway, including Norwegian security agencies, political parties, and businesses, experienced similar attacks. Iran s nuclear program was delayed due to a targeted attack using the Stuxnet computer worm. When Norway joined military operations in Libya in 2011, the Norwegian Armed Forces were victim of a sophisticated attack. 10

... an inadequate national focus on areas such as cyber security poses potential real threats to Norway s security. We must confront new dangers, like cyber attacks, that threaten our nation s infrastructure, businesses and people, President Barack Obama wrote in his introduction message to the 2014 budget. Our new, large and increasingly complex security challenges require efficiency in the development of resources, training and research, sophisticated and dynamically evolving study programmes and applied research, and well developed relations among stakeholders and good collaboration across sectors. However, the dramatic increase in cyber security challenges has demanded a focus on achieving operational capacity, creating a critical undercapacity in research and education. The funding for developing relevant skills and carrying out research is still limited, and collaborative relations between stakeholders and academia are poorly developed. All this is putting security stakeholders under pressure. Some countries have responded to these challenges. For instance, the U.S. state budget for 2014 allocates $500 million to the Department of Homeland Security for cyber security research. In the Nordic countries the response has been slower. For instance, an independent international committee evaluating ICT research in Norway concluded that Norway s inadequate national research strategy on cyber security poses potential real threats to security in Norway. To this concern, the Center for Cyber and Information Security (CCIS) is an answer. 11

In Norway, key national cyber security stakeholders have initiated a partnership to establish the Center for Cyber- and Information Security (CCIS), a national centre for research, training, and education in cyber- and information security. Statkraft is Europe s largest generator of renewable energy and is the leading power company in Norway. The company owns, produces and develops hydropower, wind power, gas power and district heating. Statkraft is a major player in European power trading and has 3500 employees in more than 20 countries. Statkraft works actively with cyber security issues across all business areas and geographies. Statnett is the Norwegian TSO and is responsible for Norway s national electricity grid, an infrastructure that is increasingly becoming dependent on ICT for its operations. Statnett is constantly working to maintain a long-term information security strategy, and to strengthen the ability to deal with information security threats and incidents. Eidsiva Energy is a regional power producer and supplier and the largest in the eastern part of Norway. Eidsiva has undertaken a particularly supportive role for developing competence in the Innland region. CCIS objectives and role are in line with Eidsiva s efforts to strengthen its own security strategy. The Norwegian National Security Authority (NSM) is a cross-sectoral professional and supervisory authority within the protective security services in Norway. The authority is responsible for the national cyber security, and operates the national Computer Emergency Response Team (NorCERT). NSM delivers threat analyses on a national level, working with experts on cyber security and cryptology. The Norwegian Cyber Defence (CY- FOR) is the branch of the Norwegian Armed Forces responsible for protecting and defending military CIS in Norway. The Department for the Protection of Critical Infrastructure (BKI) is a division of the Norwegian Cyber Defence with duties that include the Computer Network Defence for the Defence Information Infrastructure of the Norwegian military. This involves the detection of computer network attacks and intelligence threats against ICT infrastructure, and the analysis and comparison of indicators of network attacks. The Norwegian Defence Research Establishment (FFI) is Norway s prime institution responsible for defense-related research and development. A prioritized task is to study challenges and opportunities related to informa- 12

Center for Cyber and Information Security will become one of the largest academic environments in cyberand information security in Europa and will position itself as a national resource and the contact point for international partners. tion assurance and cyber systems. The Ministry of Justice and Public Security (JD) is responsible for societal security and preparedness, crime prevention and correctional services, immigration, courts and the legislative work for law enforcement. The National Police Directorate (POD) is responsible for Norway s police districts and special police agencies, with the exception of the Police Security Service (PST). PDO has undertaken responsibility for establishing closer contact between the police and the applied research sector in Norway. The Police ICT Service was spun off from the Police Data and Material Services (PDMT) in the fall of 2013 and is responsible for developing and facilitating the police ICT infrastructure and applications. The National Criminal Investigation Service (Kripos) is a special agency within the Norwegian Police Service with responsibility for investigating organized crime and major crime. It is Norway s contact point for Interpol and Europol and their respective competence centres for fighting cyber crime. The National Authority for Investigation and Prosecution of Economic and Environmental Crime (ØKOKRIM) is the national authority for investigation and prosecution of economic and environmental crime. Digital evidence is essential in its nvestigations, but the volume is strongly increasing. Økokrim will together with CCIS develop more advanced methodologies for information analyses to support the fight against crime. The Police Security Service (PST) is the police agency for home security in Norway. PST will contribute its insight and expertise to CCIS in order to increase national security, enhance the ability to ward off, understand and investigate incidents, and provide the Norwegian government with the best possible threat assessment and advice. Oslo Police District is that the capital police the nation s largest with nearly 2,600 employees. The Police Authority has a number of national tasks.the Police Authority has focused on using technology effectively in the solution of 13

police work, and have built up a solid unit - Digital Forensics Unit - which primary role to utilize the potential of the technology track. The Unit will collaborate closely with CCIS on developing new methods in forensics. The Norwegian ID Centre (NID) has a national responsibility for identity and document expertise. Norwegian ID Centre is a key partner to the Norwegian Biometrics Laboratory at CCIS. Norwegian ID Centre has a national responsibility for identity and document expertise. Norwegian ID Centre is a key partner to the Norwegian Biometrics Laboratory at CCIS. Telenor Group is one of the leading mobile operators in the world, with 172 million mobile subscriptions. Telenor has mobile operations in 13 markets, as well as an interest of 33 % in VimpelCom Ltd., operating in 17 markets. Telenor contributes into CCIS with its expertise in cyber security of electronic communications. mnemonic is one of the largest specialists in information security within the Nordic region. We supply products and services to some of the leading private and public sector enterprises. Our services cover all areas of information security from risk management and application security to detecting, preventing and respond to security incidents via our service Argus Managed Defence. NC Spectrum delivers consultancy services in engineering, project development, and operation of infrastructure in the public and private sectors. NC-Spectrum works closely with its customers to develop cyber security for communication networks and critical infrastructure. PriceWaterhouse Coopers (PwC) is a multinational professional services firm. It provides a range of integrated cyber security services. The International Business Machines Corporation (IBM) IBM is an American multinational technology and consulting corporation. The company has several centres of expertise in cyber security. The Oppland County (OFK) has been an early supporter of CCIS, a financing agent and a strong and enthusiastic promoter of CCIS. The 14

County Council cooperates actively in the effort to improve information security in the county s municipalities and businesses. The Norwegian Police University College (PHS) The Norwegian Police University College (PHS) offers education a three-year bachelor program in police studies, in-service training and post-graduate studies, including a master program in police science. PHS conducts research and development work in its areas. of focus. PHS has a central role in CCIS and contribute to the centre with expertise, research capacity and study programs in various aspects of cyber crime. Gjøvik University College (GUC) established its research group in information security 11 years ago and built it up to become one of Europe s largest open academic research groups in the field. Today GUC leads the National Research School in Information Security (COINS) and is offering dedicated undergraduate programmes in information security at bachelor, master and PhD level, in addition to its undergraduate programs at these three levels in Computer Science. GUC is host institution for CCIS, and provides CCIS with offices, ICT services and administrative support The Norwegian Defence Cyber Adademy (FIH) FIH s study program awards bachelor degrees in military education and develops research capacity in cyber defence. FIH cooperates closely with GUC. Lillehammer University College (LUC) established its bachelor program in law six years ago. LUC will be a cornerstone in CCIS work on developing a research group in privacy, cyber law and the connection information security and law. The Norwegian Centre for Information Security (NorSIS) NorSIS has a national mandate to increase the information security expertise of individuals and businesses through raising awareness about threats and vulnerabilities, disseminating specific measures through the news, providing advice and guidance, and trying to influence positive attitudes in information security. NorSIS participation in CCIS will enhance the centre s ability to deliver a broad dissemination of knowledge and practices on information security and to this purpose it will collaborate with the local authorities and SMEs. 15

Useful information This page should provide you with a few of the extra things you should know while at the conference. Access to the wireless internet: Connect to HiG-W. The username is wireless, and the password August2014. Please note: we will endeavor to provide access to everyone however, at times, access may be limited. An Information Desk is situated at the Eureka Auditorium (see map below). You can also contact contact: Florissa Abreu +47 40 62 17 60 Rachael McCallum +47 47 83 97 85 External contacts: Taxi... 04711 Emergency Fire. 110 Police 112 Ambulance.. 113 Doctor (hospital).. 61 13 70 00 - Kråkereiret meeting room (top floor.) parallell meetings Eureka auditorium Conference Center Entrances tp Eureka G302 Meeting room (top floor.) parallell meetings Atrium Reception 16

The Center for Cyber- and Information Security will strengthen our expertise and skills to prevent, detect, respond to, and investigate undesirable and criminal computer based activities. The centre will undertake actions towards: Building research capacity and research groups at top level internationally in disciplines that are relevant for our partners and for Norway. Providing training and study programs of high quality and with great societal relevance. Contributing to Norway s international collaboration where partners can participate and apply their knowledge and expertise. Helping to increase the recruitment of students and researchers for the Norwegian education and training in security and for research environments. Contributing to the long term competence development strategy and research and education strategy. Cooperating with and contributing to organizations whose mission is to inform and raise awareness about security. Strengthening cooperation, exchanging knowledge, and sharing of skills among sectors, among application/innovation environments, among academic institutions, and among national and international projects, centres and organizations. Becoming a knowledge and expertise node in Europe s ability to compete for international research funding. 17

BROAD POLITICAL SUPPORT The 22 July Committee presents its report to the media CCIS has received strong interdisciplinary political support, including the direct and explicit support of several parliamentary committees and parliament s documents. The White Paper 207 S, (2011-2012), from the Special Committee report to the Minister of Justice and Minister of Defence from the Parliament s meeting held on 10 November 2011, concerning the attacks 22 July, explicitly and unanimously recommends that the Centre receives support. (Chapter15, page15): The Committee welcomes the establishment of the centre and believes that the government should assess how the centre can be supported to develop its work. The White Paper 29 (2011-2012) on societal security has a separate section on the centre s initiative and describes a comprehensive task force that has been set up to consider further actions (Chapter 9, page 107). The Justice Committee decided to emphasise this in its report. Recommendation of the Justice Committee on terror preparedness (NOU 2012:14 Follow up Report of 22 July Commission) emphasises the importance of establishing Norwegian expertise in information security: Especially the work carried out at GUC is of interest, points out the Committee in White Paper 207 S. The Government supports the centre with 5 million NOK in 2014, from the Ministry of Justice and Public Security and the Ministry of Local Governments and Modernisation. 18

6 REASONS WHY THE CENTER IS IMPORTANT 1 2 3 The centre is important because an increasing amount of criminal activities are dependent on information and communication technologies (ICT). Crime, whether it takes place in cyberspace alone or not, most likely leave digital traces. At the same time it is a challenge to find, understand, assemble and secure such evidence in a way that it safeguard individual rights and forensic correctness. The centre is important because the threat landscape changes. The increased mobility and open borders, climate change, increased unemployment and social pressures in Europe, resource scarcity, terrorism, pandemics and resistant infections, and Norway s participation in international military operations all help to increase the possibility of criminal acts, attacks and terrorism against Norwegians, Norwegian infrastructure and interests. The centre is important because orivacy and security, two central citizen rights, are under pressure and need good technological, legal and societal understanding and research 4 5 The centre is important because education, skills and research in cyber- and information security will help to combat increasing threats, vulnerabilities and offence in the cyberspace. The centre is important because there is a need for extensive international cooperation and long-term research to prepare for tomorrow s challenges. 6 The centre is important because there is a need to educate and train new experts and to develop skills within the Norwegian central institutions, at the bachelor, master and PhD levels. 19

Legal aspects of information security Wireless Security Security by Design Financial Crime Investigation Data Hiding Computational Forensics Image and Video Analysis Risk Management Security Administration Authentication Cryptology Web Security Privacy-Enhancing Technologies Digital Forensics Information Warfare Protection of Critical Infrastructure Big Data Forensics yber Defense Ethical Hacking Cloud Security Biometrics Mobile Security Network Security Information Management Media Security Socio-technical Systems Security Incidence Management Malware and Botnet Detection Intrusion detection Malware and Botnet Detection and prevention Usability for Security Information Warfare Every aspect of the challenge Cyber- and Information Security is a discipline that must be understood in its full dimension, technological, psychological, social, economic, and organizational aspects interact and influence the outcome. Therefore, the centre promotes an exchange of knowledge and competence not only among academia and the applications areas, sectors, agencies and Institutions, but also among the different fields in cyber- and information security. Thus, CCIS academic degrees at bachelor, master and PhD level are specifically dedicated to information and cyber security. This is in contrast with how informations ecurity is taught most other universities, as some courses in a computer science degree. 20

The Center for Cyber- and Information Security (CCIS) is not only a research centre. It establishes competence transfer across agencies, companies and sectors. It facilitates research projects that connects industry and government agencies with international research networks. It connects research with study programmes and students to research, linking operational environments to academic study programmes and research. CCIS connects research, applications and study programmes with communication and dissemination capabilities. APPLICATIONS EDUCATION Center for Cyber and Information Security CCIS TRAINING RESEARCH DISSEMINATION 21

CCIS delivers, through its core partners, a number of Bachelor programs in information security, network management and computer science, as well as a BSc in Telematics at the Norwegian Defence Cyber Academy (FIH), also known as the education of the military s cyber warriors. PhD in Information Security PhD in Computer Science Master in Information Security CCIS also delivers a MSc program in information security with three study tracks, information security management, forensics, and security technologies. The centre is also delivering a flexible, experience-based master with a a study track in the investigation of digital evidence and cyber crime, a collaboration between the CCIS paetners the Police University College (PHS) and GUC. CCIS dedicated information security programs cover the full scope of cyber and information security. In addition, the centre has a number of associated computer science programs at all levels with security-oriented activities, including security applications of image and video processing, games and mobile computing technologies. The Centre s PhD program in cyber- and information security will have 15 PhD students at start up in 2014 and 25 students two years later. In addition, the centre will have a number of associated PhD students in computer security research. Master in Cyber Crime Investigation Master in Applied Computer Science Bachelor in Network Management Bachelor in Information Security Bachelor in Telematics Bachelor in Software Development Bachelor in Computer Engineering One year program in Information Security One year program in Software Development The centre provides flexible courses, training packages, corporate courses, and lectures. collaboration with the Norwegian Centre for Information Security (NorSIS). 22 Courses & training packages Conferences, workshops, seminars

PhD i informatikk 12 Study programmes 7 Study programmes dedicated to information security, cyber security, cyber defence and cybercrime, with: 20 PhD students 80 Master students 240 Bachelor students Center for Cyber- and Information Security CCIS Gjøvik University College Police University College Norwegian Defence Cyber Academy NorSIS 23

National Academic Network Core research partners in CCIS includes Gjøvik University College, the Police University College, the Norwegian Defence Cyber Academy, and the Norwegian Defence Research Establishment. CCIS is developing substantial collaboration between these, on research, degree programmes, research network development, and international training programs. Each academic partner has quite different international networks, giving a strog potential for innovative international collaborations and research projects.. CCIS leads the Norwegian Research School of Computer and Information Security (COINS). COINS integrates Norwegian research groups in Information Security to a larger entity by integrating the course portfolio for research school members, builds stronger relationships between doctoral students in the network, establishes more incentives to excel and increases student mobility through access to a larger network. COINS also increases Norway s international student mobility, hosts internationally recognised researchers, and offers free flow of goods and services in Information Security Research in Norway. At any time, 40 PhD students are members of COINS. COINS provides a significant added value to PhD students at CCIS, while CCIS provides COINS with a strong national and international network, including businesses, end users, and security agencies. 24

PhD i informatikk Norwegian University of Science and Technology - NTNU University of Agder University of Stavanger University of Tromsø University of Bergen COINS: National Research School of Computer and Information Security University of Oslo Gjøvik University College Police University College Norwegian Defence Cyber Academy CCIS: Center for Cyber- and Information Security Lillehammer University College 25

Research Groups The centre covers all major areas of information and cyber security. Multidisciplinary expertise is assembled in research groups and labs to address specific application areas. Testimon Forensics Research Group Mot crime today leaves digital evidence. The Testimon group develops new insight into digital evidence, computational forensics and various aspects of cyber crime. The group draws its core members from NISlab and the Electronics group at Gjøvik University College (GUC), the Police University College (PHS), the National Criminal Investigation Unti (Kripos), the National Economic Crime Unit (Økokrim), the ICT Crime Unit at the Oslo Police Department. and the National Securitya Authorities (NSM) The research group operates the forensics track of GUC s MSc in Information Security and the computer crime track of the experience-based MSc which is a collaboration between PHS and GUC. The Norwegian Biometrics Laboratory The Lab s research in physiological and behavioral biometrics includes 2D- and 3D-face recognition, fingerprint recognition, fingervein recognition, dental biometrics, ear recognition, signature recognition, gait recognition, keystroke recognition, gesture recognition and mouse dynamics. The lab also develops privacy enhancing technologies such as biometric template protection and integration in physical and logical access control. The lab has extensive biometric databases iand s an independent testing institution for biometric performance evaluations. The Biometrics lab is an active member in the European Association for Biometrics and co-organizer of the international conference BIOSIG as well as the Biometric Session of IEEE IIH-MSP. Its core members come from GUC and from the National ID Centre. The laboratory has partner organisations in nine different countries. The Information Security Management Group In a deeply digitized connected world, cyber- and information security threats cannot be seen from a technical point of view only. The Information Security Management Group develops cyber security models from socio-technical positions, which include social, legal, cultural, financial, political, and ethical aspects of security. The group has a special responsibility for the informations ecurity mangement track at the MSc in Information Security. Critical Information Infrastructure Protection Group The group is concerned with long-term research into the cyber security of industrial control systems / SCADA systems, distribution systems, monitoring systems, and real-time protocols. The group is also concerned with cyber security of the Internet of Things, which also includes cyber security of internet connected consumer objects. The core members come from GUC, Statkraft, Statnett, the National Security Authority (NSM) and Eidsiva. Norwegian Cyber Defence Research Group The research group specializes in various aspects of national cyber. It draws its members from the Norwegian Cyber Defence, GUC, the Norwegian Defence Research Establishment (FFI) and the Norwegian Defence Cyber Academy (FIH). The group contributes to the BSc, MSc and PhD programs in information security at GUC and FIH s BSc in telematics, known as the cyber warrior education. Other research groups will be established, including information security in the health sector, product and software security and cyber security Innovation. 26

Critical Information Infrastructure Protection Group The Norwegian Biometrics Laboratory Senter for cyber- og informasjonssikkerhet CCIS Information Security Management Group Norwegian Cyber Defence Research Group Testimon Forensics Resrearch Group 27

Associated Groups and Organizations The Media Technology Laboratory (MTL) CCIS shares offices with the Media Technology Lab. MTL delivers research and study programs (on BSc, MSc and PhD level) in various areas of computer science. Of particular interest to CCIS is its research in mobile security, biometric methods, user design for security and safety applications of augmented reality, mobile phones, tablets, game consoles, digital interfaces and visors (e.g. Google glasses). MTL s Colour and Vision Research Laboratory works in security with applications such as video analysis of gait recognition and the design of counterfeit-resistant bank notes. NorSIS CCIS will share offices with the Norwegian Centre for Information Security (NorSIS). NorSIS is part of the Norwegian Government s overall commitment to information security and reports to the Ministry of Justice and Public Security. NorSIS works to ensure that information security becomes a natural part of every day s life of citizens and businesses through raising awareness about threats and vulnerabilities and informing on security measures, NorSIS operates the online service slettmeg.no and the national identity theft project. With NorSIS, CCIS gets a partner highly experienced in communication, with an excellent network of SMEs, Norwegian municipalities and governmental agencies. NorSIS and CCIS will collaborate on media management, marketing resources, research dissemination, conferences and workshops. CCIS and NorSIS will in collaboration continue to deliver the Top Level Security Meeting which brings together security chief executives for discussions under Chatham House Rule. Electro Section CCIS shares campus with the Section of Electronics at GUC. In particular, the Electro Section supports CCIS in a number of security areas, including investigations of electronic equipment in criminal cases, electronic implementations of biometrics methods, combination of biometrics, Near Field Communication and mobile phones, and random number generation in programmable logic. The Electro Section has several associate professors wit PhD degrees in information security. Health Care and Nursing CCIS shares campus location at GUC with the Faculty of Health Care and Nursing, which develops expertise in patient safety and security, including information security in the health sector. FRISC CCIS works in close collaboration with the Forum for Research and Innovation in Security and Communications (FRISC), a value network supported by the Norwegian Research Council. The mission of FRISC is to create meeting places for research and innovation in information security where information sharing and the value-added utilization of results can happen with an international perspective. 28

Electro Section Critical Information Infrastructure Protection Group The Norwegian Biometrics Laboratory NorSIS Norwegian Centre for Information Security Senter for cyber- og informasjonssikkerhet CCIS Information Security Management Group Health Care Media Technology Laboratory Norwegian Cyber Defence Research Group COINS Research School Testimon Forensics Resrearch Group FRISC Forum for Research & Innovation in Security and Communications 29

CCIS Scientists who 50% presence at CCIS Developing cross-sectoral projects Developing curricula Identifying student resources Developing research networks Attracting team members Partner-funded researchers develop the collaboration between CCIS, its partners and networks and the funding partner organisation. Partner researchers have the responsibility to help recruiting talented students for partner institutions, influence the development of degree programs in a direction that best supports the partner institution s needs, and connect partner organization to the Centre s other partners and to international networks. 30

build bridges THE PARTNER INSTITUTION 50% presence at the partner institution Identifying skills and competence needs Identifying potential projects Mobilizing the partner s professional network Attracting team participants Partner researchers will support the partner institutions in their long term strategic development, and are responsible for identifying their needs for competence development and research. Partner researchers recruit resources and networks to CCIS projects. 31

A partner researcher shall draw on resources at the partner insitituion and CCIS to develop a team that will contribute to activities and projects that will further the objectives of the partner and CCIS in the particular focus areas of the partner. Team members comes from the partner institution, as well as doctoral candidates, researchers, PhD students, master students, bachelor students and experts, at CCIS and among CCIS partners and their networks. The partner researcher is expected to spend some time doing fundraising and write proposals to finance the team. Researchers wh PhD-student Guest researcher Associate professor Professor Post-Doc candidate 32

o build teams CCIS emphasizes good collaboration in an excellent research environment, where social challenges, professional dialogue, and cooperation are central. CCIS focus on eminent research and professional development that connect partner organizations, engineers, security experts, leading expertise and top scholars. It also closely connects applied research, teaching and real world informations security experience and needs. This calls for a good organization that include research groups, focus laboratories, professional groups, and a good cooperation rhytm. PhD-student Master student Domain Expert from partner organization Technician 33

MORE REASONS WHY CCIS IS IMPORTANT 7 8 9 10 11 12 13 14 15 16 CCIS is important because society as a whole and its critical infrastructure have become completely dependent on ICT, and therefore dependent on ICT security - from command and control systems, financial structures, food production, food distribution, banking, payroll and electricity distribution to hospital management, and transportation. CCIS is important because the consequences of security breaches have become very high. CCIS is important because inadequate information security costs society large amounts of financial resources. The global cost of cyber crime is estimated to be between 0.4% and 1.4% of global GDP. CCIS is important because an arena for knowledge exchange across information security actors, including defence, law enforcement, police, administration, finance, and business, is necessary for developing effective security capacity. CCIS is important because effective information security measures rely on understanding the security interdepence of technological, economical, legal and political measures. CCIS is important because information security actors, including security agencies and businesses, have much to gain from collaborating with long-term research, while research has much to gain from learning from the so-called real world. CCIS is important because security has become a necessary part of products and services. Insufficient security can drive products and firms off the market. High cyber security gives manufacturing companies higher uptimes, shorter delivery times and improved margins. CCIS is important because information security in itself is a large global market, both for products and services. CCIS is important because it will give its participants, who have significant national importance, increased cyber- and information security competence. CCIS is important because it will increase the number of students in information security at all levels. 34

The Center for Cyber- and Information Security (CCIS) works continually to obtain additional financing for projects and research groups and laboratories. Delivery 2 years CCIS will have -established a research group on cyber crime -established a research group on cyber defence -established a research group on cyber security of critical infrastructure -strengthened and integrated degree programs in information seurity -started an experiencebased master s program on cyber crime investigation -established the presence of 25 PhD students at the centre and 64 associated via COINS, two post-doctoral candidates, 40 master students and 240 undergraduates 4 years CCIS will have -become a strong support for the Norwegian authorities in their national and international work on cyber security -established a research group in privacy and cyber aspects of rule of law - establsihed anordic Centre of Expertise in Cyber Crime Prevention and Investigation -recruited 30 PhD students at the Centre and with 90 associated via COINS, and 10 postdoctoral candidates -recuited 25 partners 8 years CCIS will have -been on track to eliminate society s critical shortage of experts -led the Norwegian research in cyber security from being fragmented into being a national consolidation of meeting space for the dissemination of research and innovation -established a centre for cyber security innovation to help industry partners turn the results from CCIS into commercially successful products and services 35

2014 Center for Cyber and Information Security Contact information: Morten Irgens, Chair of the interim board morten.irgens@ccis.no, +47 46 54 19 41 Nils Kalstad Svendsen, the Norwegian Information Security Laboratory (NISlab), nils.svendsen@ccis.no, +47 454 92 425 Thank you for your interest. CCIS is a resource for its partners and collaborators. Your comments and ideas on how CCIS can be made even better will be most appreciated. CCIS invites your organisation to participate as partner. www.ccis.no 36