Home > Awareness, Cybercrime, Identity theft, Scams > “Cybersecurity in Europe” Workshop-Part 3

“Cybersecurity in Europe” Workshop-Part 3

E-Crime Expert started a series of posts that is summarizing the Cybersecurity in Europe” Workshop. You could read the first blog post here, the second post here. The first presenter in the series was CERT (Computer Emergency Response Team), followed by ENISA.

Today, E-Crime Expert offers the CERT-Hungary’s presentation: “Network and Infrastructure Security Threats and Prevention”.

CERT Hungary identified the following current and potential threats:

-dependence concurrently with the evolution of dangers: organized crime, asymmetric warfare

-defacement of public websites

-intrusion into public registers

-monitoring government communications

-publishing sensitive data

-hacking critical information infrastructures (electricity exchanges, power plants, money transfer systems).

Enabling factors and circumstances:

Insufficient or lack of:

-preparedness

-early warning

-manpower

-coordination

-communication with internal partners

-media work

Responses to mitigate risks:

-Government support (national strategy, uniform regulations, responsible high level officials, financial means)

-crisis management plan

-early warning systems

-National Cyber Security Centre

-National coordination body (private sector, policy makers, law enforcement, CERTs)

-National Certification scheme (products, services, organizations)

-involvement of international community (Forum of Incident Response Team)

-communication plan, awareness raising, education

-regular exercises.

The lesson learnt from the first Pan-European exercise: the Hungarian perspective:

-communication check exercise with a complex scenario

-thorough preparation, ENISA’s pivotal role

-good teamwork of Member States

-need for a Standard Operation Procedure

-need for a EU wide “phone book”

-need for stabile national Point of Contact(s)

-involvement of more Member States and private sector

-going beyond communication check level

-integration of national exercise

-EU sectoral exercise: EU banking working group.

Role of national CERTs in the development of  a European cyber incident contingency plan:

-national CERTs as a national Point of Contacts

-co-operation with private sector players

-bottom-up scenario writing

-doing the manual work

-test beds for complex exercises

-follow-up activities (leasson learnt, refinement of Standard Organization Procedures, proposal for policy making

-involvement of European Governmental CERT Group.

To find more about CERT Hungary click here.

Any questions can be submitted to:
dan@e-crimeexpert.com

Additional information can be found at: www.e-crimeexppert.com

These types of transnational joint efforts make you feel more secure? Has your country participated in such an exercise? What do you think about CERT Hungary?

Hit the “subscribe” button in order to be notified when new videos and Articles are posted on this blog. The following posts will be part of the Cybersecurity in Europe Workshop series summarized by E-Crime Expert.

Advertisements
  1. No comments yet.
  1. September 5, 2011 at 10:41

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: