Master’s Thesis Presentation

Haneef Awan

October 6, 2006

Haneef Awan Master’s Thesis Presentation

Outline

1 Background

2 Research Questions

3 Theoretical Framework

4 Methodology

5 Findings and Conclusions

6 Further Work

Haneef Awan Master’s Thesis Presentation

Background

Master’s Thesis - An Exploration Journey

Figure: Theodor Kittelsen (1857-1914)

Haneef Awan Master’s Thesis Presentation

Master’s Thesis Title

A Comparative Study of Proactive National Strategies forInformation Security

Under the supervision of:

Professor dr. techn., dr. rer. nat.Jose J. Gonzalez

Haneef Awan Master’s Thesis Presentation

Some definitions

According to answers.com, proactive measures are:

(DOD) In antiterrorism, measures taken in the preventive stage ofantiterrorism designed to harden targets and detect actions before

they occur.

Haneef Awan Master’s Thesis Presentation

Some definitions

In our framework, this would mean:

Strategies and measures applied in the preventive stage to hardentargets and detect cyber attacks before they occur.

Haneef Awan Master’s Thesis Presentation

Some definitions

CERT Computer Emergency Response Team1

CSIRT Computer Security Incident Response TeamIRT Incident Response Team

1CERT and CERT Coordination Center are registered in the U.S. Patentand Trademark Office.

Haneef Awan Master’s Thesis Presentation

Research Questions

1 What kinds of strategies are used in other countries to ensureproactive defensive measures?

2 Are there any indicators that sustain these proactivemeasures?

3 Do these proactive measures lead to continuous improvementprocess?

Haneef Awan Master’s Thesis Presentation

Countries included in this comparative study

The work of the following countries is evaluated:

1 Norway

2 Finland

3 Denmark

4 Sweden

5 United Kingdom

6 Canada

7 USA

8 Australia

9 New Zealand

Haneef Awan Master’s Thesis Presentation

Methodology

Literature Review

Interviews

Questionnaire

Haneef Awan Master’s Thesis Presentation

Literature Review

Tone Hoddø Bakas. God praksis for maling avinformasjonssikkerhetsniva. Master Thesis, Gjøvik UniversityCollege, 2005.

Tore Larsen Orderløkken. Security Incident handling andreporting. Master Thesis, Gjøvik University College, 2005.

Ivar Kjærem. Benchmarking CSIRT work processes. MasterThesis, Gjøvik University College, 2005.

Haneef Awan Master’s Thesis Presentation

Interviews

High ranking officials from the following organisations areconsulted for their expert views and other relevant issues.

Norwegian Centre for Information Security (NorSIS)

Norwegian Computer Emergency Response Team (NorCERT)

Haneef Awan Master’s Thesis Presentation

Interviews

Sofie Nystrøm, head of the NorCERT

Tore Larsen Orderløkken, head of the NorSIS

Tone Hoddø Bakas, Senior advisor, NorSIS

Espen Torseth2, Senior advisor, NorSIS

2Also my teacher in two elective courses:IMT4711 Incident response and computer forensicsIMT4731 Perimeter Security

Haneef Awan Master’s Thesis Presentation

Questionnaire

Countries that answered the questionnaire

Haneef Awan Master’s Thesis Presentation

Questionnaire

Is your organisation a part of overall National Strategy forInformation Security?

Haneef Awan Master’s Thesis Presentation

Questionnaire

What proactive services does your organisation provide?

Haneef Awan Master’s Thesis Presentation

Questionnaire

Does your organisation measure effectiveness of services itprovides?

Haneef Awan Master’s Thesis Presentation

Questionnaire

Does measuring lead to continuous improvement process?

Haneef Awan Master’s Thesis Presentation

Conclusions

Sadly, there is a big question mark to the conclusions arrivedon this study

Lack of participation;

Lack of public information about National Strategies.

Haneef Awan Master’s Thesis Presentation

Conclusions

What kinds of strategies are used in other countries to ensureproactive defensive measures?

A clear framework in strategic agenda;

An underlying supportive culture;

Organisational structure promoting efficient communication indecision-making process;

A range of supporting techniques that includesproblem-solving tools and training in their application.

Haneef Awan Master’s Thesis Presentation

Conclusions

Are there any indicators that sustain these proactive measures?

There are some indications but I am not in a position to firmlyanswer a yes.

Do these proactive measures lead to continuous improvementprocess?

The nature of proactive measures is to be beforehand prepared forany eventuality. Therefore, one can say that yes proactivemeasures lead to continuous improvement process.

Haneef Awan Master’s Thesis Presentation

Further Work

1 Better questionnaire with balanced open and close-endedquestions;

2 Questionnaire sent in partnership with NorCERT or NorSIS;

3 Selection of countries for comparison selected systematicallyand based on concrete criterion.

Haneef Awan Master’s Thesis Presentation

One look is worth a thousand words

Figure: Edvard Munch (1863-1944)

Haneef Awan Master’s Thesis Presentation