of 28
7/28/2019 4. Auke Huistra - PPP in the Netherlands and Europe
1/28
|
7/28/2019 4. Auke Huistra - PPP in the Netherlands and Europe
2/28
2 | September 16, 2011
PPP in the Netherlands and Europe
Barcelona, September 16, 2011
7/28/2019 4. Auke Huistra - PPP in the Netherlands and Europe
3/28
3|
Cybercrime IE (NL) / EuroSCSIE (EU)
7/28/2019 4. Auke Huistra - PPP in the Netherlands and Europe
4/28
4
Situation ICT is of fundamental importance for our society
Society becomes more and more vulnerable for disruption or misuse of ICT-infrastructures
Recent incidents: Stuxnet, Night Dragon, RSA, DDoS-attacks
Complications Most critical infrastructures or owned by private sector
Private sector has its own responsibility, voluntary partnerships
Not enough information exchange between public and private organisations International problem
Main question How can we raise the resilience of critical infrastructure against cyber disturbance?
Answer Build and facilitate a (inter)national Public Private network based on:
Trust and Value
Create the Cybercrime Information Exchange (with sectoral ISACs)
Use clear membership guidelines (incl TLP)
Sector is in the lead (chair of the ISAC is from industry)
Why is action needed?
| September 16, 2011
7/28/2019 4. Auke Huistra - PPP in the Netherlands and Europe
5/28
5
Cybercrime Information Exchange
Point of departure is that companies themselves will only take
effective measures if they have access to the right information
and are able to make accurate risk assessments.
By sharing information intensively about incidents, threats,
vulnerabilities and good practices , the participants can
prevent incidents themselves. This will safeguard the Dutcheconomy as a whole and the continuity of the individual
organisations at the same time.
| September 16, 2011
7/28/2019 4. Auke Huistra - PPP in the Netherlands and Europe
6/28
6
Information Sharing:Trust
Value
First the social network
(meeting face-to-face)
then a technical infra-
structure to supportthis!
| September 16, 2011
7/28/2019 4. Auke Huistra - PPP in the Netherlands and Europe
7/28
7
Information Sharingon a European and
International level
E-SCSIE
European FI-ISAC
ENISA as a facilitating
partner on a European
level
International:
Meridian (annual CIIP
conference)
MPCSIE
| September 16, 2011
7/28/2019 4. Auke Huistra - PPP in the Netherlands and Europe
8/28
8
E-SCSIE - members
| September 16, 2011
Users Government R&D
EDF (F)
CERN (CH)
Electrabel (B)
Laborolec (B)
Verbund-Austrian Power
Grid AG (A)
SwissGrid (CH)
Italian Associationof CIExperts (I)
GCSEC (I)
Shell (NL)
GOVCERT.CH
Melani (CH)
BSI (D) PET (DK)
CERT Hungary
NorCERT (N)
NoNSA (N)
GOVCERT.NL
CPNI.NL
MSB (Se)
CPNI (UK), ANSSI/COSSI (F)
CERT-FI (Fi)
ENISA (EU)
JRC (EU)
7/28/2019 4. Auke Huistra - PPP in the Netherlands and Europe
9/28
9
E-SCSIE - Terms of Reference
Started on 20 June 2005
Aim is for European industry, government, and research to
benefit from the ability to collaborate on a range of commonissues, and to focus effort and share resource where appropriate.
Main focus is Information Sharing
The outcome would be a raised level of protection adopted
across Europes SCADA and Control Systems (SCADA/CS)
| September 16, 2011
7/28/2019 4. Auke Huistra - PPP in the Netherlands and Europe
10/28
10
E-SCSIE - Information Sharing
The following are examples of what each member should share at
E-SCSIE meetings:
Report events or incidents that have affected SCADA and Control
Systems; Report warnings about vulnerabilities in SCADA and Control
System products;
Give advice as to how these vulnerabilities and, or incidents were
addressed;
Exchange experience on good practice (amongst which policies)used to mitigate SCADA and Control System security issues
| September 16, 2011
7/28/2019 4. Auke Huistra - PPP in the Netherlands and Europe
11/28
11
E-SCSIE - Topics
Sharing of incidents and good practices
Questionnaire on Control System Cyber-Security (aimed at
vendors) 2008/2009 Standards and requirements (e.g. WIB Process Control
Domain Security Requirements for Vendors)
Self Assessment tools (like the one from CPNI UK)
Smart Grids (e.g. Smart Grid Conference in Baarn - 2010)
June 21, 2011
7/28/2019 4. Auke Huistra - PPP in the Netherlands and Europe
12/28
12 |
National Roadmap to Secure
Process Control Systems
7/28/2019 4. Auke Huistra - PPP in the Netherlands and Europe
13/28
13 | September 16, 2011
National Roadmap to
Secure Process Control Systems
Phase 1 (2010 - 2014)
WP1: Awareness en knowledge dissemination
WP2: Building the network WP3: Training & education
WP4: Knowledge development
WP5: Red teaming framework
WP6: International network
WP7: Plan for Phase 2
7/28/2019 4. Auke Huistra - PPP in the Netherlands and Europe
14/28
14 | September 16, 2011
Stakeholders
Asset owners&
CI operators
Government
Responsibledepartments/inspections
KLPD
AIVD
GOVCERT.NL
-Government asPCS user- I&M, DEF, JUS..- municipalities- etc.
Commercial Entities
system vendors & integrators
component suppliers
3rd party / outsourcing
IT and Telecom providers
Industry
VNO/NCW
CIO Platform Nederland
WIB
Industry organisations
SOVI
NICC
Research & Knowledge
TNO, KEMAuniversities
Education & training
NEN
NAVI
7/28/2019 4. Auke Huistra - PPP in the Netherlands and Europe
15/28
15 | September 16, 2011
National Roadmap to
Secure Process Control SystemsDONE (amongst others):
Several PCS-events last year (different topics like risk assessment,
Stuxnet deepdive, smart grids etc.)
PCS-vendors-ISAC (with ABB, Invensys, Honeywell, Emerson and
Siemens) - 4 meetings per year
WIB Vendor Requirements and Achilles certification program - working
together with WIB and ISACs on this - becoming IEC standard soon!
Benchmark PCS Security Energy-ISAC, Water-ISAC and Nuclear-ISAC
Factsheets by GOVCERT.NL (e.g. on Stuxnet)
Sharing of open source information (dissemination through LinkedIn,
Twitter and website www.cpni.nl)
Brochure management: Process Control Security in the Cybercrime IE
http://www.cpni.nl/http://www.cpni.nl/7/28/2019 4. Auke Huistra - PPP in the Netherlands and Europe
16/28
16 | September 16, 2011
National Roadmap to
Secure Process Control SystemsPLANNED (amongst others):
White papers
- Cyber Threat landscape ICS - next month
- How to deal with legacy- How to deal with removable media in PCD
- Gap analysis Training & Education
Development of serious game
High level session CEO/CIO (together with Dept. of Security & Justice)
Standards (following ISA and IEC) / Auditing (also with big-4)
Events
Training & Education activities
7/28/2019 4. Auke Huistra - PPP in the Netherlands and Europe
17/28
van 11
17
Cyber-TECA not-for-profit European Public Private Partnership oncyber security for critical infrastructures
Initial focus: smart grids and process control, to be extended to other critical infrastructures
17
7/28/2019 4. Auke Huistra - PPP in the Netherlands and Europe
18/28
18
18
Situation Electricity and ICT are of fundamental importance for our society
Society becomes more and more vulnerable to disruption or misuse of ICT-infrastructures
The Netherlands as one of the first countries in Europe just released a Cyber Security Strategy
The Netherlands is already a respected participant in Europe on smart grids data privacy and cyber
security
Uninterrupted services and black start capabilities are required for our critical infrastructures
Complications The growing dependency of the critical infrastructures on ICT makes cyber security increasingly
important Europe is investigating how to organize cyber security competences right now
(Cyber) security awareness on CEO/CIO level is lagging behind
No testing- and training facilities in Europe available, as there are in US and Israel
No integral approach yet with focus on Personnel, Physical and Technical measures
Especially in energy infrastructures rapid increase in dependency on ICT is making cyber security
important
Message Cyber-TEC wants to take a leading role in Europe on cyber security of Critical(Information) Infrastructures by bundling knowledge and know how through one
organization
Cyber-TEC
18
7/28/2019 4. Auke Huistra - PPP in the Netherlands and Europe
19/28
19
Cyber-TEC will link a unique set of actors in the field of cyber security
Cyber-TEC will provide a trusted environment
Cyber-TECs Private Public Partnership will create new dynamics
19
7/28/2019 4. Auke Huistra - PPP in the Netherlands and Europe
20/28
20
We have a unique opportunity to connect initiatives
Between Dutch, EU and Worldwide institutes in the field of Cyber Security
Between Private and Public stakeholders
Between end-users and vendors
Between critical infrastructure, research institutions and academia
Between sectors dealing with cyber security
We have a unique opportunity to provide new input by:
research and testing cyber security
Help creating standards adding to cyber security in the NL, EU and World
By adding a program to raise cyber security awareness at management level
Due to the Private Public Partnership we are able to respond quickly to the rapiddevelopments in the field of cyber security and spread this knowledge to other organizations,but also stimulate short- and longtime research.
Cyber-TEC Opportunities
20
7/28/2019 4. Auke Huistra - PPP in the Netherlands and Europe
21/28
21
Cyber-TEC offers:
1. World class education and training (including DHS/INL in the US):
Red Team Blue Team training
Education of top management (CEO/CIO level) / process engineers / (risk)
managers / (information) security professionals
2. R&D facilities:
Innovation
Simulation
3. Test facilities:
Product testing
Product evaluation
4. Development & Sharing of information and knowledge: Cross sector open innovation
Public private partnerships
National and international coordination
European sectors to
include after energy:
Water supply
Chemicals and oil
Food
Telecom / ICT
Transport
Defense
Governments
Others
Cyber-TEC will develop into the European Cyber Security Research and Technology Centre.
Initial focus area is security (and privacy) of Smart Grids and Process Control Domain.
Cyber-TEC profile
21
7/28/2019 4. Auke Huistra - PPP in the Netherlands and Europe
22/28
22
R&D
Mitigation strategies
Input for standardisation
Fact finding Recent insightsDemonstration
Test bed
Red teaming Testlabs
Mitigation strategies
RecommendationsLatest vulnerabilities
E&T
C-level training course
Hands-on and classical training
Web-based training
Dissemination
I&KS
Open source intelligence
Information Exchange
Dissemination
(C-level) conferences
Networking
Catalyst
Trusted community
Awareness raising
Network of people and organizations
22
Cyber-TEC reinforcing activities
7/28/2019 4. Auke Huistra - PPP in the Netherlands and Europe
23/28
23
Cyber-TECs Private Public Partnership guarantees high impact
Cyber-TEC follows the seeing is believing principle
Cyber-TEC will be aleading institute based on opencollaboration
23
7/28/2019 4. Auke Huistra - PPP in the Netherlands and Europe
24/28
2424
Roadmap
Financial
conse-
quence
s
Q2
13 1412 15/16
Q3/42011
Q1/2Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q3 Q4
Value
Mainprog
rammes
orIniti
atives
Effecton
m
ain
oper
ationa
ddrivers
Perform business case Establish relationships Establish work
processes
Set cybersecuritystandards
Revenue: 5.5m
Capex 4.7m
FCF: -3.4m
FTE:
42
Revenue: 15 m Capex 2.2 m
FCF 0,2 m FTE 76
Revenue: 34m
Capex 1.9 m FCF 3.3 m FTE 83
Revenue: 40 m Capex 1.9 m
FCF 5.1/6.3mln FTE 87/91
Develop and marketproduct and services
Improve workprocesses (K&I , E&T,
R&D) Focus on Smart grids /
PCS priv./public sector
Establish workprocesses
Market development EU expansion
X-sectoral upscaling Expand portfolio
Market and productdevelopment
Establish processes fornew products /
services Industry standard
leader
Horizon 1Horizon 2
Horizon 3
Organisation in place
Test bed operational
Launch product & services
Finalize Business Plan
Obtain funding
Go/NoGo in December2011
Market Research
Program Management
Financing, marketing & communication plan
Cross sectoralupscaling
Execution of R&D-projects
Extension of R&D-portfolio
Launch new products & services
Globalizationby alliances
Cyber-TEC
profitable
Draft &
Preliminary
7/28/2019 4. Auke Huistra - PPP in the Netherlands and Europe
25/28
25
Principal considerations / questions / conclusions
Make impact in EU, with Grow as you goconcept
Private/Public division in revenues 60/40 in 2012 => 80/20 in 2016.
Note: Figures are subject to further market research and business planning
(available December 2011)
Financials
25
7/28/2019 4. Auke Huistra - PPP in the Netherlands and Europe
26/28
26
We believe in the idea and market for Cyber TEC
We have done a fair amount of work to get where we are today
Cyber-TEC will be a good practice in the EU-US working group on Cyber Security
An activity plan has been worked out, next steps needed are a.o.
Perform market research: Assess need customers and size of market
Spread the word: Find partners/members on a European level for Cyber-TEC
Finalizing the business plan (financial, legal, marketing, organisation, statues etc.)
Assess potential for (co)financing
Branding
Working towards a go/no go decision to start with Cyber-TEC in December 2011, for that we deliver
A Europeanmarket research report
A launching plan (project plan) for the start-up of work streams.
Agreements and commitments from the partners
A financial plan
26
Next Steps
7/28/2019 4. Auke Huistra - PPP in the Netherlands and Europe
27/28
27
Founding partners:
27
For more information, please contact:
Bram Reinders | Alliander and Netbeheer [email protected]
+31 6 29 58 79 42
Annemarie Zielstra | [email protected]
+31 6 12 99 28 83
7/28/2019 4. Auke Huistra - PPP in the Netherlands and Europe
28/28
| In samenwerking met
Auke Huistra
Projectmanager CPNI.NL
Cybercrime IE
Roadmap to Secure PCS
M: +31 6 21479272
I: www.cpni.nl
mailto:[email protected]://www.cpni.nl/http://www.cpni.nl/mailto:[email protected]