Post on 26-Mar-2015
Peter Burnett Head of Information Sharing
National Infrastructure Security National Infrastructure Security Co-ordination CentreCo-ordination Centre
www.niscc.gov.ukwww.niscc.gov.uk
• “…working with the private sector…to ensure adequate standards of protection for the key systems falling within the critical national infrastructure…
• raising awareness and standards of information security more generally in the private sector…
• developing a dialogue with international partners
• I have established the NISCC to act as a point of contact for those involved in this work in both government and the private sector.”
Home Secretary 1999Home Secretary 1999
What is NISCC?What is NISCC?
NISCC is an interdepartmental centre which co-ordinates activity in support of this aim across a range of organisations. Each of these contributes resources and expertise to NISCC’s programme of work according to its own remit, its own priorities, in relation to the challenge in hand, and depending on what value it can add.
Communications-Electronics Security Group (CESG)
Security Service
Cabinet Office – Civil Contingencies Secretariat (CCS)
Ministry of Defence
National Hi-Tech Crime Unit (NHTCU)
Home Office
Office of e-Envoy
CSIADSTL (ex DERA)
Department of Trade & Industry (DTI)
““an Interdepartmental Centre”an Interdepartmental Centre”
What is the CNI?What is the CNI?
Those parts of the United Kingdom’s infrastructure for which continuity is so important to national life that loss, significant interruption or degradation of service would have life-threatening, serious economic or other grave social consequences for the community, or would otherwise be of immediate concern to the Government.
NISCC’s aim is to minimise the risk to the critical national infrastructure from electronic attack.
The CNI SectorsThe CNI Sectors
• Telecommunications
• Energy
• Finance
• Central Government
• Water and Sewerage
• Health Services
• Emergency Services
• Transport
• Hazards
• Food
NISCC Functional Model
Investigating and Assessing the threat of eA
Promoting Protection and Assurance
Vulnerabilities
Exploits
Responding to incidents
Critical National Infrastructure
Research and Development/ Policy/ Mapping
INFORMATIONINFORMATION
SHARINGSHARING
Strategic ObjectivesStrategic Objectives• Increase IT Security Awareness, Education :
– Healthier e-environment (reduce Viruses, Worms, Trojans, DDoS etc)
• Provide useful and timely warnings• Gather IT security incident reports
– Crime reports (only with consent)– Statistics, Trends, Threat assessment– Attack detection
NISCC – Information Sharing
• UK CERTs forum– Encouraging new CERTs in UK
• Encouraging Information Sharing Bodies• Reporting System (NHTCU/NISCC)• National Warning System • Partnership arrangements
– Symantec, Microsoft
• Conceive & establish Information Exchanges– Finance, Telecomms, SCADA, MSPs
• Conceive & promote WARPs– WWarning, AAdvice & RReporting PPoints
Information Sharing
The WARP model
e-COMMUNITY
WARP
CERTs, WARPs, etc
Incident ReportsProblems
WarningsAdvice
Local authority, trade association, interest group, industry sector
The WARP ModelThe WARP Model - - Functions
1. Issue Warnings to its community
2. Provide Advice on Internet problems & share Good Practice amongst members
3. Gather, sanitise, and shareshare Incident Reports
NISCC – Information Sharing
LondonConnectsWARP
London Borough A London Borough C etc.London Borough B
Future ‘LA’ WARPs
CERTs
Bugtraq
UNIRAS
33 London Boroughs
NISCC
CSIRTs
SansOther
Secure systemwith fallbackcontingency
Authorised usersin each Borough
Secure links
Secure link
Supported by SOCITM, OeE & NISCC
Secure links
1 TechnicalFTE
1 Admin.FTE
WARP for London Boroughs (www.lcwarp.org)
The WARP TOOLBOXThe WARP TOOLBOXToolbox
Filtered Warning & Alerting System (FWAS)
Tick-List Software
Good Practice & Advice Brokering Service (GPABS)
Bulletin Board
Reporting and Trusted Sharing Service (RTSS)
Business Cases
Security Policy
Commercial sponsorship
Independent Study
A Shared Solution
e-COMMUNITY
WARP
WarningsAdvice
WARP
e-COMMUNITYProblems
Incident ReportsGood Practice
SolutionsSkills
Experience,Expertise, Solutions
Open Sources,CERTs
FilterPrioritise
SupplementAdd Value
Kent Gets its Own WARP
Thank You for listening patiently
Contact me onContact me on
020 7821 1330020 7821 1330ext 4508ext 4508
peterb@niscc.gov.ukpeterb@niscc.gov.uk
QUESTIONS ?QUESTIONS ?