Il Ruolo delle Università nelle politiche di sicurezza cibernetica e di protezione delle infrastrutture critiche per il Paese

Similar documents
Integrating Cybersecurity with Emergency Operations Plans (EOPs) for Institutions of Higher Education (IHEs)

From Perimetral Defense to Immune Systems: Protecting the National Cyber Space

The UK cyber security strategy: Landscape review. Cross-government

2 Gabi Siboni, 1 Senior Research Fellow and Director,

Integrating Cybersecurity with Emergency Operations Plans (EOPs) for K-12 Education

Homeland Security: Information Assurance Challenges and Opportunities. Building the National Cyber Security Division

Preventing and Defending Against Cyber Attacks November 2010

Cybercrime in the Automotive Industry How to improve your business cyber security

BlacKnight. Cyber Security international A BUSINESS / MARKETING PRESENTATION

Preventing and Defending Against Cyber Attacks October 2011

The Comprehensive National Cybersecurity Initiative

DHS, National Cyber Security Division Overview

Preventing and Defending Against Cyber Attacks June 2011

Middle Class Economics: Cybersecurity Updated August 7, 2015

Cyber Security Initiatives at the Federal Level & Technology Opportunities. Slide 1

Tracking the past, defending the present and predicting the future: toward a trustworthy cyber space

National Cyber Security Strategies: United States

Cyber Security Strategy of Georgia

C ETS C/ETS: CYBER INTELLIGENCE + ENTERPRISE SOLUTIONS CSCSS / ENTERPRISE TECHNOLOGY + SECURITY

Towards defining priorities for cybersecurity research in Horizon 2020's work programme Contributions from the Working Group on Secure ICT

Research Note The Fight to Define U.S. Cybersecurity and Information Sharing Policy

Business Continuity for Cyber Threat

Safety by trust: British model of cyber security. David Wallace, First Secretary, Head of of the Policy Delivery Group British Embassy in Warsaw

An Overview of Large US Military Cybersecurity Organizations

National Initiative for Cyber Security Education

Cyber Incident Annex. Cooperating Agencies: Coordinating Agencies:

US Federal Cyber Security Research Program November 15, 2012 New England Advanced Cyber Security Center Workshop Bill Newhouse (NIST)

London Business Interruption Association Technology new risks and opportunities for the Insurance industry

Department of Homeland Security

Cybersecurity in the Utilities Sector Best Practices and Implementation 2014 Canadian Utilities IT & Telecom Conference September 24, 2014

Critical Infrastructure Cybersecurity Framework. Overview and Status. Executive Order Improving Critical Infrastructure Cybersecurity

Testimony of. Before the United States House of Representatives Committee on Oversight and Government Reform And the Committee on Homeland Security

NICE and Framework Overview

Cyber Defence Capability Assessment Tool (CDCAT ) Improving cyber security preparedness through risk and vulnerability analysis

National Cyber Security Policy -2013

Presidential Summit Reveals Cybersecurity Concerns, Trends

Priority III: A National Cyberspace Security Awareness and Training Program

CYBER SECURITY FOUNDATION - OUTLINE

Critical Infrastructure Security and Resilience

The Aviation Information Sharing and Analysis Center (A-ISAC)

National Institute of Standards and Technology Smart Grid Cybersecurity

TUSKEGEE CYBER SECURITY PATH FORWARD

THE WHITE HOUSE Office of the Press Secretary. FACT SHEET: Administration Cybersecurity Efforts 2015

NATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA

THE 411 ON CYBERSECURITY, INFORMATION SHARING AND PRIVACY

Actions and Recommendations (A/R) Summary

Network Security Deployment Obligation and Expenditure Report

The UK cyber security strategy: Landscape review. Cross-government

Office of Emergency Communications (OEC) Mobile Applications for Public Safety (MAPS)

William Hery Research Professor, Computer Science and Engineering NYU-Poly

AT&T Cybersecurity Policy Overview

SECTION-BY-SECTION. Section 1. Short Title. The short title of the bill is the Cybersecurity Act of 2012.

Cyber-Intelligence and Cyber-Espionage

Managing Cyber Risks to Transportation Systems. Mike Slawski Cyber Security Awareness & Outreach

DHS. CMSI Webinar Series

Cyber Incident Annex. Federal Coordinating Agencies. Coordinating Agencies. ITS-Information Technology Systems

CLIENT UPDATE CRITICAL INFRASTRUCTURE CYBERSECURITY: U.S. GOVERNMENT RESPONSE AND IMPLICATIONS

White Paper on Financial Industry Regulatory Climate

National Cyber Security Strategies

I N T E L L I G E N C E A S S E S S M E N T

Executive Order 13636: The Healthcare Sector and the Cybersecurity Framework. September 23, 2014

Network Security Deployment (NSD)

The European Platform in Network and Information Security (NIS) Fabio Martinelli

Commonwealth Approach to Cybergovernance and Cybersecurity. By the Commonwealth Telecommunications Organisation

THE CRITICAL ROLE OF EDUCATION IN EVERY CYBER DEFENSE STRATEGY

MISSION-ESSENTIAL INTELLIGENCE AND CYBER SOLUTIONS

Cybersecurity Framework: Current Status and Next Steps

Executive Summary. Cybersecurity cannot be completely solved, and will remain a risk we must actively manage.

US Federal Cyber Security Research Program. NITRD Program

EFFECTIVE APPROACHES TO CYBERSECURITY FOR UTILITIES TERRY M. JARRETT HEALY & HEALY ATTORNEYS AT LAW, LLC OCTOBER 24, 2013

7 Homeland. ty Grant Program HOMELAND SECURITY GRANT PROGRAM. Fiscal Year 2008

For Discussion Paper No. 9/2011 on 3 November 2011 DIGITAL 21 STRATEGY ADVISORY COMMITTEE. Cyber Security

US-CERT Year in Review. United States Computer Emergency Readiness Team

Cybersecurity: A Shared Responsibility and Department of Homeland Security Priority

National Cyber Security Framework and Protocol. for securing digital information in networked critical infrastructures and communications

Research and Educational Networking Information Analysis and Sharing Center (REN-ISAC)

Achieving Cybersecurity Excellence Through Evolution of the Nation's Cyber Workforce

The main object of my research is :

Testimony of. Mr. Anish Bhimani. On behalf of the. Financial Services Information Sharing and Analysis Center (FS-ISAC) before the

2015 Michigan NASCIO Award Nomination. Cyber Security Initiatives: Michigan Cyber Disruption Response Strategy

CYBER SECURITY GUIDANCE

National Cyber Threat Information Sharing. System Strengthening Study

CBEST FAQ February 2015

Cyber Security Strategy

Confrontation or Collaboration?

Data Security Concerns for the Electric Grid

Written Testimony. Dr. Andy Ozment. Assistant Secretary for Cybersecurity and Communications. U.S. Department of Homeland Security.

CYBER ZONE INTRODUCING THE 10% CALL FOR EXHIBITORS

CENTRE FOR STRATEGIC CYBERSPACE + SECURITY SCIENCE LEADERSHIP. RESEARCH. DEFENCE.

(U) Appendix D: Evaluation of the Comprehensive National Cybersecurity Initiative

Cyberspace Situational Awarness in National Security System

How To Write A Cybersecurity Framework

Emerging SCADA and Security Solutions Presented by; Michael F. Graves, P.E. Chris Murphy, CISSP

Panel on Emerging Cyber Security Technologies. Robert F. Brammer, Ph.D., VP and CTO. Northrop Grumman Information Systems.

Written Testimony of. Dean C. Garfield President & CEO, Information Technology Industry Council (ITI) Before the

Cyber Security Operations Centre Reveal Their Secrets - Protect Our Own Defence Signals Directorate

Lessons from Defending Cyberspace

FFIEC Cybersecurity Assessment Tool Overview for Chief Executive Officers and Boards of Directors

How do you give cybersecurity the highest priority in your organization? Cyber Protection & Resilience Solutions from CGI

Transcription:

Il Ruolo delle Università nelle politiche di sicurezza cibernetica e di protezione delle infrastrutture critiche per il Paese Roberto Baldoni (baldoni@dis.uniroma1.it) www.cis.uniroma1.it 4th Conference on Information Warfare Protezione delle Infrastrutture Critiche Nazionali Roma 19 Giugno 2013

«Security and development are an inseparable binomial» «New threats are emerging to the economy to the finance, to the energy market» 6 March 2013 We know foreign countries and companies swipe our corporate secrets. Now our enemies are also seeking the ability to sabotage our power grid, our financial institutions, and our air traffic control systems We cannot look back years from now and wonder why we did nothing in the face of real threats to our security and our economy 2 February 2013

Medium/Large Multi-Utility experiences thousands of inout anomaluos connections per day (private communication)

WHAT GOVERNMENTS ARE DOING

Implementing CyberSecurity Strategy To tackle cybercrime and make the Nation one of the most secure places in the world to do business To make the Nation more resilient to cyber attack protecting economic, scientific and industrial interests To help shape an open, stable and vibrant cyberspace which the citizens of the Nation can use safely and that supports open societies To build the Nation s cross-cutting knowledge, skills and capability to underpin all cyber security objectives UK objectives

Shared objectives and Actors Involvment of several Ministries and Government Organizations

CyberSecurity Strategy standpoints US (Obama s Executive Order Feb 12th 2013) information warfare is a priority for the Nation, it represents a current and future threat. Cybersecurity framework from NIST in 6 mounths UK (cyber security strategy implementation 2011-1015) Canada (action plan 2010-2015)

2013 Cybersecurity Funding Breakdown (source DHS) $345 million: The National Cybersecurity Protection System (NCPS) is an integrated intrusion detection, analytics, information-sharing and intrusionprevention system that supports DHS responsibilities $236 million: The Federal Network Security Branch manages activities designed to enable federal agencies to secure their IT networks. $93 million: The US-Computer Emergency Readiness Team (US-CERT Operations) $64.5 million: to support cyber investigations conducted through the Secret Service and Immigration and Customs Enforcement. $12.9 million: to support high-quality, cost-effective virtual education and training Definition of Research challenges funded by NSF, DHS and DARPA

UK Cybersecurity Funding

Italy standpoint Jan 2013 DPCM on cyber security Strategy Implementation Major involvment of telco companies Creation of a Scientific Committee no funding!

THE ROLE OF ACADEMICS

Threats are continuously evolving Cyber security strategy needs Continuous Research Continuous Education This is THE University mission!

Let s look at CERTs: Best Practices US-CERT has been created through an agreement between DHS and CMU in 2013. US-CERT partners Private sector critical infrastructure owners and operators Academia (CMU, PURDUE, ) Federal agencies Information Sharing and Analysis Centers (ISACs) State and Local partners

Let s look at CERTs: Best Practices Edith Cowan University is partner of Cert-Australia on vulnerability and mitigation research programs looking at initiatives such as smartgrids and smart metering technologies and their security implications

Looking at UK GCHQ launched a programme to develop cyber security talent in schools and universities. GCHQ, in partnership with the Research Councils global uncertainties programme and the Department for Business, Innovation and Skills awarded academic centre of excellence in cyber security research status to eight UK universities GCHQ launched a research institute for the science of cyber security

Other experiences: (public-privateacademic partnerships) Japan India Estonia Germany

Italy standpoint Jan 2013 definition of the DPCM on «cyber security» Strategy Implementation Major involvment of telco companies Presence of a scientific committee

Concluding Remark #1 A National Cyber Security Scenario cannot prescind of the Academia contribution Continuous research and education needed Public-private partnership Selecting centers of excellence in Italy where finding competences and critical mass

Concluding Remark #2 We have to ACT now! A today story: accountant in Fiumicino Using a windows 7 s vulnerability, someone got into its private network All his own files have been encrypted Nice email explaining how to do a special bank transfer in order to decrypt files The problem is vital for the economy at every level (everyone is under attack from individuals to large industries to organizations)

Concluding Remark #3 Security is a nationwide shared objective (not only related to military sector) Information flow within a PA information system has to be fully mastered (no leak) Secure supply chain

Concluding Remark #3 Security is a nationwide shared objective (not only related to military sector) Information flow within a PA information system has to be fully mastered (no leak) Secure supply chain

Concluding Remark #4 Italian DPCM on Cyber security is an important step Still the command chain is overly complex wrt the velocity of the deployment of an attack First thing to do: IMPLEMENTING A CERT!

Concluding Remark #5 Less events more implementation!

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information