meusaccsirt: computer security & incident response team ... • the development of national...
TRANSCRIPT
MEUSAC
Consultation Session
“Strengthening Europe’s Cyber Resilience System
and Fostering a Competitive & Innovative Cybersecurity Industry”
(13 March 2017)
Venue: Fortress Builders Fortifications Interpretation Centre, Valletta
John Agius
Director (Critical Infrastructure Protection)
CIP Directorate, Cabinet Office, OPM
&National Emergency Coordination
http://maltacip.gov.mt
Outline
Terminology
The CIP Directorate (CIPD)
CSIRTMalta
ENISA
The NIS Directive
2
http://maltacip.gov.mt
CIP: Critical Infrastructure Protection
CII: Critical Information Infrastructure
CIIP: Critical Information Infrastructure Protection
CSIRT: Computer Security & Incident Response Team
CSIRTMalta: The National CSIRT in Malta
ENISA: European Union Agency for Network & Information Security
The NIS Directive: EU Directive 1148 of 2016
SPOC: Single Point of Contact
Terminology
3
http://maltacip.gov.mt
Mission Statement‘To strengthen and secure
the functioning and resilienceof Malta’s Critical Infrastructure
and National Emergency Services’
Cyber
4
http://maltacip.gov.mt
CSIRTMalta is the National CSIRT for Malta
Focus
Critical Infrastructures (CI’s)
Critical Information Infrastructure (CII’s)
Other sensitive Infrastructures
Public and Private sectors
National Single Point of Contact (SPOC)
6
http://maltacip.gov.mt
Mission statement
Supporting CI’s, CII’s and other sensitiveinfrastructures in Malta on how to protect theirinformation infrastructure assets and systems fromcyber threats and incidents.
CSIRTMalta was established as the National CSIRT for Malta on 14th November 2011
7
http://maltacip.gov.mt
Public Sector-CSIRTs
(MT-CSIRT & CSIRPs)
Private sector
(CSIRTs & CSIRPs)
National CSIRT
Stakeholders
8
http://maltacip.gov.mt
Services
• Announcements– Dissemination of information about known threats, incidents and
countermeasures needed to protect assets and systems– opm.gov.mt/en/mcip– [email protected]– @CSIRTMalta
• Alerts and warnings– Dissemination of incident reports related to cyber infections and potential
breaches targeting CSIRTMalta constituents, recommending solutions to counter such infections/breaches;
• Incident Response Coordination– Supporting constituents by coordinating response to information security
incidents, occasionally in collaboration with European and international communities of CSIRTs and other public and private bodies, as appropriate.
• CSIRTMalta Incident Response: +356 - 21221334
9
http://maltacip.gov.mt
• The European Union Agency for Network and Information Security
• Established in 2004 by EU Regulation No 460 of 2004
• A centre of expertise for cyber security in Europe
• Located in Greece with its seat in Heraklion Crete and an operational office in Athens
• Actively contributing to a high level of network and information security (NIS) within the European Union
• Developing a culture of NIS in society
• Raising awareness of NIS within European Member States
ENISA
10
http://maltacip.gov.mt
Mission statement
ENISA contributes to securing Europe’s informationsociety by raising awareness and by developing andpromoting a culture of network and informationsecurity (NIS) in society thus contributing to theproper functioning of the internal market.
ENISA Strategy 2016 - 2020
11
http://maltacip.gov.mt
ENISA – Areas of activities
• Recommendations
• Activities that support policy making and implementation
• ‘Hands On’ work, where ENISA collaborates directly with operational teams
throughout the EU
13
http://maltacip.gov.mt
• The Pan-European Cyber Security Exercises
• The development of National Cyber Security Strategies
• CSIRTs cooperation and capacity building
• Cyber related specialists training
• Studies on secure Cloud adoption
• Addressing data protection issues, privacy enhancing technologies and privacy on emerging technologies
• eIDs and trust services
• Identifying the cyber threat landscape
• ENISA also supports the development and implementation of the European Union's policy and law on matters relating to NIS.
ENISA – Activities
14
http://maltacip.gov.mt
Pan-European Cyber ExercisesCE2016: The largest Cybersecurity exercise in the World with 948 Participants
15
http://maltacip.gov.mt
Cyber Europe 2016 (CE2016)
Safeguarding Europe’s Digital Market through cyber security
Cyber Europe 2016: The pan-European exercise to protect EU Infrastructures against coordinated cyber-attack
• 13-14 October 2016• Simulation of an EU-wide crisis triggered by cyber
attacks (involving 948 participants)• Goals: [1] test EU and national-level cooperation
[2] improve technical and operational capabilities
16
http://maltacip.gov.mt
Specialist Training Workshops by the Malta-CIPD & EU-ENISAto local CYBER Specialists from the Public and Private sectors
17
http://maltacip.gov.mt19
Training Workshops by the Malta-CIPD & EU-JRC tolocal stakeholders from the Public and Private sectors
http://maltacip.gov.mt
The first EU-wide rules on cybersecurity, establishingmeasures to ensure a high common level of networkand information security across the European Union.Laying down obligations on MS’s to adopt nationalstrategies securing NIS. Creating the CooperationGroup at the strategic level and the CSIRT Network, tobuild trust and confidence, at the operational level.
Article 1 – Directive (EU) 1148 of 2016of The European Parliament and The Council of 6 July 2016
21
NIS Directive
http://maltacip.gov.mt
• The objectives of the Directive (i.e. that of achieving a high common level of security of network and information systems within the EU), will be achieved, by means of:
– Improved cybersecurity capabilities at national level
– Increased EU-level cooperation
– Risk management and incident reporting obligations for operators of essential services and digital service providers
22
NIS Directive
http://maltacip.gov.mt
About: NIS Directive
23
NIS Coop Group9-10 February 2017
MT-Pres Brussels meeting Chaired by CSIRTMalta
CSIRT Network GroupEstablished 22-23 February 2017
MT-Pres Malta meeting Hosted & Chaired by CSIRTMalta
http://maltacip.gov.mt
CSIRT Network (Article 12, NIS Directive)
The 1st Formal CSIRT Network Meeting (as defined by the NIS Directive) was held inMalta between the 22nd and 23rd February 2017. The meeting was organised andchaired by CSIRTMalta, in collaboration with the European Network andInformation Security Agency ENISA. The event was organised as part of the MaltesePresidency of the Council of the European Union (Jan – June 2017).
24
http://maltacip.gov.mt25
NIS Directive TimelineDate entry into force + … Milestone
August 2016 - Entry into force
February 2017 6 months Cooperation Group begins tasks (MT-Presidency)
February 2017 6 months
CSIRT Network Group formally established (MT-Presidency).
Adopted TORs, ROPs, the short term goals (covering the first
18 months of Work-Plan) and formed the WGs for the
execution of the short-term goals.
August 2017 12 monthsAdoption of implementing on security and notification
requirements for DSPs
February 2018 18 months Cooperation Group establishes work programme
May 2018 21 months Transposition into national law
November 2018 27 months Member States to identify operators of essential services
May 2019
33 months
(i.e. 1 year after
transposition)
Commission report assessing the consistency of Member
States' identification of operators of essential services
May 2021
57 months
(i.e. 3 years after
transposition)
Commission review of the functioning of the Directive, with
a particular focus on strategic and operational cooperation,
as well as the scope in relation to operators of essential
services and digital service providers
http://maltacip.gov.mt
Recruitment
24*7Programtesting
2016
CabinetOffice
Q3 Q4Q12017
Q2 Q3Q42017
Q12018 2018
6th July 2016
2017Today
Justice Unitfor Review
TRIS(TBD)
Admin/Technical/Financial Resources
Review byAttorney General
31st MarchLaunch
Drafting of LN for Directive (EU) 1148 of 2016
NIS Directive Transposition Timeline
26
http://maltacip.gov.mt
+356-22002000
http://maltacip.gov.mt
Contact Details:
27