Peter Burnett Head of Information Sharing

National Infrastructure Security National Infrastructure Security Co-ordination CentreCo-ordination Centre

www.niscc.gov.ukwww.niscc.gov.uk

• “…working with the private sector…to ensure adequate standards of protection for the key systems falling within the critical national infrastructure…

• raising awareness and standards of information security more generally in the private sector…

• developing a dialogue with international partners

• I have established the NISCC to act as a point of contact for those involved in this work in both government and the private sector.”

Home Secretary 1999Home Secretary 1999

What is NISCC?What is NISCC?

NISCC is an interdepartmental centre which co-ordinates activity in support of this aim across a range of organisations. Each of these contributes resources and expertise to NISCC’s programme of work according to its own remit, its own priorities, in relation to the challenge in hand, and depending on what value it can add.

Communications-Electronics Security Group (CESG)

Security Service

Cabinet Office – Civil Contingencies Secretariat (CCS)

Ministry of Defence

National Hi-Tech Crime Unit (NHTCU)

Home Office

Office of e-Envoy

CSIADSTL (ex DERA)

Department of Trade & Industry (DTI)

““an Interdepartmental Centre”an Interdepartmental Centre”

What is the CNI?What is the CNI?

Those parts of the United Kingdom’s infrastructure for which continuity is so important to national life that loss, significant interruption or degradation of service would have life-threatening, serious economic or other grave social consequences for the community, or would otherwise be of immediate concern to the Government.

NISCC’s aim is to minimise the risk to the critical national infrastructure from electronic attack.

The CNI SectorsThe CNI Sectors

• Telecommunications

• Energy

• Finance

• Central Government

• Water and Sewerage

• Health Services

• Emergency Services

• Transport

• Hazards

• Food

NISCC Functional Model

Investigating and Assessing the threat of eA

Promoting Protection and Assurance

Vulnerabilities

Exploits

Responding to incidents

Critical National Infrastructure

Research and Development/ Policy/ Mapping

INFORMATIONINFORMATION

SHARINGSHARING

Strategic ObjectivesStrategic Objectives• Increase IT Security Awareness, Education :

– Healthier e-environment (reduce Viruses, Worms, Trojans, DDoS etc)

• Provide useful and timely warnings• Gather IT security incident reports

– Crime reports (only with consent)– Statistics, Trends, Threat assessment– Attack detection

NISCC – Information Sharing

• UK CERTs forum– Encouraging new CERTs in UK

• Encouraging Information Sharing Bodies• Reporting System (NHTCU/NISCC)• National Warning System • Partnership arrangements

– Symantec, Microsoft

• Conceive & establish Information Exchanges– Finance, Telecomms, SCADA, MSPs

• Conceive & promote WARPs– WWarning, AAdvice & RReporting PPoints

Information Sharing

The WARP model

e-COMMUNITY

WARP

CERTs, WARPs, etc

Incident ReportsProblems

WarningsAdvice

Local authority, trade association, interest group, industry sector

The WARP ModelThe WARP Model - - Functions

1. Issue Warnings to its community

2. Provide Advice on Internet problems & share Good Practice amongst members

3. Gather, sanitise, and shareshare Incident Reports

NISCC – Information Sharing

LondonConnectsWARP

London Borough A London Borough C etc.London Borough B

Future ‘LA’ WARPs

CERTs

Bugtraq

UNIRAS

33 London Boroughs

NISCC

CSIRTs

SansOther

Secure systemwith fallbackcontingency

Authorised usersin each Borough

Secure links

Secure link

Supported by SOCITM, OeE & NISCC

Secure links

1 TechnicalFTE

1 Admin.FTE

WARP for London Boroughs (www.lcwarp.org)

The WARP TOOLBOXThe WARP TOOLBOXToolbox

Filtered Warning & Alerting System (FWAS)

Tick-List Software

Good Practice & Advice Brokering Service (GPABS)

Bulletin Board

Reporting and Trusted Sharing Service (RTSS)

Business Cases

Security Policy

Commercial sponsorship

Independent Study

A Shared Solution

e-COMMUNITY

WARP

WarningsAdvice

WARP

e-COMMUNITYProblems

Incident ReportsGood Practice

SolutionsSkills

Experience,Expertise, Solutions

Open Sources,CERTs

FilterPrioritise

SupplementAdd Value

Kent Gets its Own WARP

Thank You for listening patiently

Contact me onContact me on

020 7821 1330020 7821 1330ext 4508ext 4508

peterb@niscc.gov.ukpeterb@niscc.gov.uk

QUESTIONS ?QUESTIONS ?