4. Auke Huistra - PPP in the Netherlands and Europe

7/28/2019 4. Auke Huistra - PPP in the Netherlands and Europe

1/28

|


2/28

2 | September 16, 2011

PPP in the Netherlands and Europe

Barcelona, September 16, 2011


3/28

3|

Cybercrime IE (NL) / EuroSCSIE (EU)


4/28

4

Situation ICT is of fundamental importance for our society

Society becomes more and more vulnerable for disruption or misuse of ICT-infrastructures

Recent incidents: Stuxnet, Night Dragon, RSA, DDoS-attacks

Complications Most critical infrastructures or owned by private sector

Private sector has its own responsibility, voluntary partnerships

Not enough information exchange between public and private organisations International problem

Main question How can we raise the resilience of critical infrastructure against cyber disturbance?

Answer Build and facilitate a (inter)national Public Private network based on:

Trust and Value

Create the Cybercrime Information Exchange (with sectoral ISACs)

Use clear membership guidelines (incl TLP)

Sector is in the lead (chair of the ISAC is from industry)

Why is action needed?

| September 16, 2011


5/28

5

Cybercrime Information Exchange

Point of departure is that companies themselves will only take

effective measures if they have access to the right information

and are able to make accurate risk assessments.

By sharing information intensively about incidents, threats,

vulnerabilities and good practices , the participants can

prevent incidents themselves. This will safeguard the Dutcheconomy as a whole and the continuity of the individual

organisations at the same time.



6/28

6

Information Sharing:Trust

Value

First the social network

(meeting face-to-face)

then a technical infra-

structure to supportthis!



7/28

7

Information Sharingon a European and

International level

E-SCSIE

European FI-ISAC

ENISA as a facilitating

partner on a European

level

International:

Meridian (annual CIIP

conference)

MPCSIE



8/28

8

E-SCSIE - members


Users Government R&D

EDF (F)

CERN (CH)

Electrabel (B)

Laborolec (B)

Verbund-Austrian Power

Grid AG (A)

SwissGrid (CH)

Italian Associationof CIExperts (I)

GCSEC (I)

Shell (NL)

GOVCERT.CH

Melani (CH)

BSI (D) PET (DK)

CERT Hungary

NorCERT (N)

NoNSA (N)

GOVCERT.NL

CPNI.NL

MSB (Se)

CPNI (UK), ANSSI/COSSI (F)

CERT-FI (Fi)

ENISA (EU)

JRC (EU)


9/28

9

E-SCSIE - Terms of Reference

Started on 20 June 2005

Aim is for European industry, government, and research to

benefit from the ability to collaborate on a range of commonissues, and to focus effort and share resource where appropriate.

Main focus is Information Sharing

The outcome would be a raised level of protection adopted

across Europes SCADA and Control Systems (SCADA/CS)



10/28

10

E-SCSIE - Information Sharing

The following are examples of what each member should share at

E-SCSIE meetings:

Report events or incidents that have affected SCADA and Control

Systems; Report warnings about vulnerabilities in SCADA and Control

System products;

Give advice as to how these vulnerabilities and, or incidents were

addressed;

Exchange experience on good practice (amongst which policies)used to mitigate SCADA and Control System security issues



11/28

11

E-SCSIE - Topics

Sharing of incidents and good practices

Questionnaire on Control System Cyber-Security (aimed at

vendors) 2008/2009 Standards and requirements (e.g. WIB Process Control

Domain Security Requirements for Vendors)

Self Assessment tools (like the one from CPNI UK)

Smart Grids (e.g. Smart Grid Conference in Baarn - 2010)

June 21, 2011


12/28

12 |

National Roadmap to Secure

Process Control Systems


13/28

13 | September 16, 2011

National Roadmap to

Secure Process Control Systems

Phase 1 (2010 - 2014)

WP1: Awareness en knowledge dissemination

WP2: Building the network WP3: Training & education

WP4: Knowledge development

WP5: Red teaming framework

WP6: International network

WP7: Plan for Phase 2


14/28

14 | September 16, 2011

Stakeholders

Asset owners&

CI operators

Government

Responsibledepartments/inspections

KLPD

AIVD

GOVCERT.NL

-Government asPCS user- I&M, DEF, JUS..- municipalities- etc.

Commercial Entities

system vendors & integrators

component suppliers

3rd party / outsourcing

IT and Telecom providers

Industry

VNO/NCW

CIO Platform Nederland

WIB

Industry organisations

SOVI

NICC

Research & Knowledge

TNO, KEMAuniversities

Education & training

NEN

NAVI


15/28

15 | September 16, 2011

National Roadmap to

Secure Process Control SystemsDONE (amongst others):

Several PCS-events last year (different topics like risk assessment,

Stuxnet deepdive, smart grids etc.)

PCS-vendors-ISAC (with ABB, Invensys, Honeywell, Emerson and

Siemens) - 4 meetings per year

WIB Vendor Requirements and Achilles certification program - working

together with WIB and ISACs on this - becoming IEC standard soon!

Benchmark PCS Security Energy-ISAC, Water-ISAC and Nuclear-ISAC

Factsheets by GOVCERT.NL (e.g. on Stuxnet)

Sharing of open source information (dissemination through LinkedIn,

Twitter and website www.cpni.nl)

Brochure management: Process Control Security in the Cybercrime IE
http://www.cpni.nl/http://www.cpni.nl/


16/28

16 | September 16, 2011

National Roadmap to

Secure Process Control SystemsPLANNED (amongst others):

White papers

- Cyber Threat landscape ICS - next month

- How to deal with legacy- How to deal with removable media in PCD

- Gap analysis Training & Education

Development of serious game

High level session CEO/CIO (together with Dept. of Security & Justice)

Standards (following ISA and IEC) / Auditing (also with big-4)

Events

Training & Education activities


17/28

van 11

17

Cyber-TECA not-for-profit European Public Private Partnership oncyber security for critical infrastructures

Initial focus: smart grids and process control, to be extended to other critical infrastructures

17


18/28

18

18

Situation Electricity and ICT are of fundamental importance for our society

Society becomes more and more vulnerable to disruption or misuse of ICT-infrastructures

The Netherlands as one of the first countries in Europe just released a Cyber Security Strategy

The Netherlands is already a respected participant in Europe on smart grids data privacy and cyber

security

Uninterrupted services and black start capabilities are required for our critical infrastructures

Complications The growing dependency of the critical infrastructures on ICT makes cyber security increasingly

important Europe is investigating how to organize cyber security competences right now

(Cyber) security awareness on CEO/CIO level is lagging behind

No testing- and training facilities in Europe available, as there are in US and Israel

No integral approach yet with focus on Personnel, Physical and Technical measures

Especially in energy infrastructures rapid increase in dependency on ICT is making cyber security

important

Message Cyber-TEC wants to take a leading role in Europe on cyber security of Critical(Information) Infrastructures by bundling knowledge and know how through one

organization

Cyber-TEC

18


19/28

19

Cyber-TEC will link a unique set of actors in the field of cyber security

Cyber-TEC will provide a trusted environment

Cyber-TECs Private Public Partnership will create new dynamics

19


20/28

20

We have a unique opportunity to connect initiatives

Between Dutch, EU and Worldwide institutes in the field of Cyber Security

Between Private and Public stakeholders

Between end-users and vendors

Between critical infrastructure, research institutions and academia

Between sectors dealing with cyber security

We have a unique opportunity to provide new input by:

research and testing cyber security

Help creating standards adding to cyber security in the NL, EU and World

By adding a program to raise cyber security awareness at management level

Due to the Private Public Partnership we are able to respond quickly to the rapiddevelopments in the field of cyber security and spread this knowledge to other organizations,but also stimulate short- and longtime research.

Cyber-TEC Opportunities

20


21/28

21

Cyber-TEC offers:

1. World class education and training (including DHS/INL in the US):

Red Team Blue Team training

Education of top management (CEO/CIO level) / process engineers / (risk)

managers / (information) security professionals

2. R&D facilities:

Innovation

Simulation

3. Test facilities:

Product testing

Product evaluation

4. Development & Sharing of information and knowledge: Cross sector open innovation

Public private partnerships

National and international coordination

European sectors to

include after energy:

Water supply

Chemicals and oil

Food

Telecom / ICT

Transport

Defense

Governments

Others

Cyber-TEC will develop into the European Cyber Security Research and Technology Centre.

Initial focus area is security (and privacy) of Smart Grids and Process Control Domain.

Cyber-TEC profile

21


22/28

22

R&D

Mitigation strategies

Input for standardisation

Fact finding Recent insightsDemonstration

Test bed

Red teaming Testlabs

Mitigation strategies

RecommendationsLatest vulnerabilities

E&T

C-level training course

Hands-on and classical training

Web-based training

Dissemination

I&KS

Open source intelligence

Information Exchange

Dissemination

(C-level) conferences

Networking

Catalyst

Trusted community

Awareness raising

Network of people and organizations

22

Cyber-TEC reinforcing activities


23/28

23

Cyber-TECs Private Public Partnership guarantees high impact

Cyber-TEC follows the seeing is believing principle

Cyber-TEC will be aleading institute based on opencollaboration

23


24/28

2424

Roadmap

Financial

conse-

quence

s

Q2

13 1412 15/16

Q3/42011

Q1/2Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q3 Q4

Value

Mainprog

rammes

orIniti

atives

Effecton

m

ain

oper

ationa

ddrivers

Perform business case Establish relationships Establish work

processes

Set cybersecuritystandards

Revenue: 5.5m

Capex 4.7m

FCF: -3.4m

FTE:

42

Revenue: 15 m Capex 2.2 m

FCF 0,2 m FTE 76

Revenue: 34m

Capex 1.9 m FCF 3.3 m FTE 83

Revenue: 40 m Capex 1.9 m

FCF 5.1/6.3mln FTE 87/91

Develop and marketproduct and services

Improve workprocesses (K&I , E&T,

R&D) Focus on Smart grids /

PCS priv./public sector

Establish workprocesses

Market development EU expansion

X-sectoral upscaling Expand portfolio

Market and productdevelopment

Establish processes fornew products /

services Industry standard

leader

Horizon 1Horizon 2

Horizon 3

Organisation in place

Test bed operational

Launch product & services

Finalize Business Plan

Obtain funding

Go/NoGo in December2011

Market Research

Program Management

Financing, marketing & communication plan

Cross sectoralupscaling

Execution of R&D-projects

Extension of R&D-portfolio

Launch new products & services

Globalizationby alliances

Cyber-TEC

profitable

Draft &

Preliminary


25/28

25

Principal considerations / questions / conclusions

Make impact in EU, with Grow as you goconcept

Private/Public division in revenues 60/40 in 2012 => 80/20 in 2016.

Note: Figures are subject to further market research and business planning

(available December 2011)

Financials

25


26/28

26

We believe in the idea and market for Cyber TEC

We have done a fair amount of work to get where we are today

Cyber-TEC will be a good practice in the EU-US working group on Cyber Security

An activity plan has been worked out, next steps needed are a.o.

Perform market research: Assess need customers and size of market

Spread the word: Find partners/members on a European level for Cyber-TEC

Finalizing the business plan (financial, legal, marketing, organisation, statues etc.)

Assess potential for (co)financing

Branding

Working towards a go/no go decision to start with Cyber-TEC in December 2011, for that we deliver

A Europeanmarket research report

A launching plan (project plan) for the start-up of work streams.

Agreements and commitments from the partners

A financial plan

26

Next Steps


27/28

27

Founding partners:

27

For more information, please contact:

Bram Reinders | Alliander and Netbeheer [email protected]

+31 6 29 58 79 42

Annemarie Zielstra | [email protected]

+31 6 12 99 28 83


28/28

| In samenwerking met

Auke Huistra

Projectmanager CPNI.NL

Cybercrime IE

Roadmap to Secure PCS

M: +31 6 21479272

E: [email protected]

I: www.cpni.nl
mailto:[email protected]://www.cpni.nl/http://www.cpni.nl/mailto:[email protected]

Date post:	03-Apr-2018
Category:	Documents
Upload:	nicanorcu
View:	220 times
Download:	0 times

4. Auke Huistra - PPP in the Netherlands and Europe

Documents