croatian national cyber security initiatives and relations...
TRANSCRIPT
Office of the National Security Council Republic of Croatia
Croatian National Cyber Security Initiatives
and Relations to NIS Directive Requirements
European Commission, Directorate-General for Communications
Networks, Content and Technology
Brussels, 9 February 2017
Dr. sc. Aleksandar Klaić
2
Implementation
of Croatian
National
Information
Security
Programme
enacted in 2005: Key Threats to Public
Telecom System (2009)
Croatian Internet
Exchange (CIX) (2010)
Telecomm FW Directive
– Art. 13 / 13a (2012)
3
IP address Domain Physical Location Domain Owner
1. Croatian S/H* Providers .hr Croatia (RH) Domestic/Foreign
2. Croatian S/H* Providers .com; .net; .org; … Croatia (RH) Domestic/Foreign
3. Foreign S/H* Providers .hr Out of Croatia Domestic/Foreign
4. Foreign S/H* Providers .com; .net; .org; … Out of Croatia Domestic
National CERT Responsibilities and International Exchange
of Security Incident Information (2008-2012)
* S/H =
Service or Hosting
Red Arrows =
Notifications/Feeds
to National CERT
Blue Arrows =
Notifications from
National CERT
Early Warning
Incident Handling
Analysis and Forensics
Information Sharing
Situational Awareness
Direct Functional and
Sectoral Approach Needed
4
Security of the Virtual Dimension of Society
SECURITY TRUST
Communication
Cooperation
New Emerging
Threats
Information Sharing
e-Government
Public Electronic
Services
CIP / CIIP
Security Awareness
and Education
6
The Method
used for the
elaboration
of Croatian
Strategy and
Action Plan:
7
Strategic Level
Planning
Strategies and National Policies
Tactical Level
Implementation
Sectoral Policies
Harmonisation
Operational and Technical Level
Enforcement Information Sharing,
Incident Treatment, …
Levels for the Strategy Planning Process
8
Covered Levels In the Initial Documents
Strategy and Action Plan (10/2015)
Interdepartmental Bodies (06/2016)
Further enhancements on the basis of the
regular yearly control and 3-years period of
the Strategy revision
9
Stakeholders & Strategy Implementation Management
National Council for
Cyber Security (Representatives from 16
institutions headed by the Office
of the National Security Council,
Government Decision in the
Official Gazette 61/2016) Other Institutions –
Stakeholders in the
Strategy & Action Plan,
societal sectors in
general
Operational and Technical
Cyber Security
Coordination Group
(Representatives from 8
institutions headed by MoI)
EU NIS
Cooperation Group National Single
Point of Contact,
CSIRTs Network National Competent
Authorities
NIS Directive Impl. Coordination
Policy Issues
Operational
and
Technical
Issues
growCERT (12/2016) - National CERT - Office of the National Security Council
- Ministry of Science and Education
Smart Specialisation Strategy (04/2016) (Security/Cyber area) - Ministry of Economy
- Office of the National Security Council
- Faculty of Electrical Engineering and Computing (Start-up Hub)
10
Croatian Governments
•10/2015
•06/2016
•02/2017
National Council for Cyber Security
•Office of the National Security Council (Chair)
•Ministry of the Interior, Ministry of Foreign and European Affairs, Ministry of Public Administration, Ministry of Economy, Ministry of Science and Education, Ministry of Defence, Ministry of Justice
•Security and Intelligence Agency, Operational and Technical Centre for Lawful Interception
•Croatian Academic and Research Network – CARNET (National CERT), Information Systems Security Bureau (GovCERT)
•National Protection and Rescue Directorate (CIP)
•Croatian Regulatory Authority for Network Industries (Telecomm), Croatian National Bank
•Personal Data Protection Agency
Operational and Technical Coordination Group
•Ministry of the Interior (Coordinator)
•Croatian Academic and Research Network – CARNET (National CERT), Information Systems Security Bureau (GovCERT)
•Croatian Regulatory Authority for Network Industries (Telecomm), Croatian National Bank
•Security and Intelligence Agency, Operational and Technical Centre for Lawful Interception
•Ministry of Defence
Croatian Interdepartmental Cyber Bodies
11
Aleksandar Klaić, Ph.D. Assistant Director for Information Security
Office of the National Security Council
Croatian NSA/DSA
tel. +385.1.4681 222; fax. +385.1.4686 049
www.uvns.hr/en
Thank You !
?