“Cybersecurity in Europe” Workshop-Part 3
E-Crime Expert started a series of posts that is summarizing the “Cybersecurity in Europe” Workshop. You could read the first blog post here, the second post here. The first presenter in the series was CERT (Computer Emergency Response Team), followed by ENISA.
Today, E-Crime Expert offers the CERT-Hungary’s presentation: “Network and Infrastructure Security Threats and Prevention”.
CERT Hungary identified the following current and potential threats:
-dependence concurrently with the evolution of dangers: organized crime, asymmetric warfare
-defacement of public websites
-intrusion into public registers
-monitoring government communications
-publishing sensitive data
-hacking critical information infrastructures (electricity exchanges, power plants, money transfer systems).
Enabling factors and circumstances:
Insufficient or lack of:
-communication with internal partners
Responses to mitigate risks:
-Government support (national strategy, uniform regulations, responsible high level officials, financial means)
-crisis management plan
-early warning systems
-National Cyber Security Centre
-National coordination body (private sector, policy makers, law enforcement, CERTs)
-National Certification scheme (products, services, organizations)
-involvement of international community (Forum of Incident Response Team)
-communication plan, awareness raising, education
The lesson learnt from the first Pan-European exercise: the Hungarian perspective:
-communication check exercise with a complex scenario
-thorough preparation, ENISA’s pivotal role
-good teamwork of Member States
-need for a Standard Operation Procedure
-need for a EU wide “phone book”
-need for stabile national Point of Contact(s)
-involvement of more Member States and private sector
-going beyond communication check level
-integration of national exercise
-EU sectoral exercise: EU banking working group.
Role of national CERTs in the development of a European cyber incident contingency plan:
-national CERTs as a national Point of Contacts
-co-operation with private sector players
-bottom-up scenario writing
-doing the manual work
-test beds for complex exercises
-follow-up activities (leasson learnt, refinement of Standard Organization Procedures, proposal for policy making
-involvement of European Governmental CERT Group.
To find more about CERT Hungary click here.
Any questions can be submitted to: email@example.com
Additional information can be found at: www.e-crimeexppert.com
These types of transnational joint efforts make you feel more secure? Has your country participated in such an exercise? What do you think about CERT Hungary?
Hit the “subscribe” button in order to be notified when new videos and Articles are posted on this blog. The following posts will be part of the Cybersecurity in Europe Workshop series summarized by E-Crime Expert.