Date post: | 17-Dec-2015 |
Category: |
Documents |
Upload: | barnard-darren-hopkins |
View: | 234 times |
Download: | 0 times |
MINISTRY OF NATIONAL DEFENCE REPUBLIC OF POLANDCLASSIFIED INFORMATION PROTECTION DEPARTMENT
UNCLASSIFIED 1
POLISH NATIONAL SYSTEM FOR CYBER DEFENCE
COL. PIOTR GRZYBOWSKI, Director,
Classified InformationProtection Department
MINISTRY OF NATIONAL DEFENCE REPUBLIC OF POLANDCLASSIFIED INFORMATION PROTECTION DEPARTMENT
UNCLASSIFIED 2
Agenda
• Polish National System of the Cyber Defence - structures and operation,
• Policy, doctrine, resource and armaments related issues of the development and operation of the Cyber Defence System of the POL MoND.
MINISTRY OF NATIONAL DEFENCE REPUBLIC OF POLANDCLASSIFIED INFORMATION PROTECTION DEPARTMENT
UNCLASSIFIED 3
Cyber Security capabilities - how to get?
Legal framework• Military regulations• National regulations• International regulations
Organizational structures
• MIL-CERT• GOV-CERT
Technical enhancement• IT security measures
CYBERSECURITY
MINISTRY OF NATIONAL DEFENCE REPUBLIC OF POLANDCLASSIFIED INFORMATION PROTECTION DEPARTMENT
UNCLASSIFIED 4
Land Sea
Air Space
Cyber Space
Cyber Defence in Military Sphere
Land Sea
Air Space
Cyber Space Critical
Infrastructure
CyberSpace
IT CI
MINISTRY OF NATIONAL DEFENCE REPUBLIC OF POLANDCLASSIFIED INFORMATION PROTECTION DEPARTMENT
UNCLASSIFIED 5
MoN
D
Resp
onse
for
co
mpu
ter a
nd I
T sy
stem
s i
ncid
ents
CyberCrime
CyberTerrorism, CyberWar
National Cyber Defence SystemGovernmental Coordination Centre
Security Policy for Cyber Defence
MCISInternal Security
AgencyFOCUS POINT OF CONTACT
MILITARY POLICE POLICE
CERT GOV
CERT Teams(eg. ABUSE Forum)CERT PL
MIL CERT
MINISTRY OF NATIONAL DEFENCE REPUBLIC OF POLANDCLASSIFIED INFORMATION PROTECTION DEPARTMENT
UNCLASSIFIED 6
Legal basis of POL Military CIRC
• MoND Decision No 357/MON dated 29 Jul 2008 about organization and functioning Computer Incident Response System in MoND.
• MoND Decision No 38/MON dated 16 Jan 2012 – which establishedthe role of Representative of the Minister of National Defence for Cyber Security
• Guidelines and Directions of Military Counter-Intelligence Service.• Computer Incident Response Capability Handbook – in co-ordination with
Military Counter-Intelligence Service.• CIRC Standard Operational Procedures in MoND.• Strategy of IT development within Ministry of National Defence Republic
of Poland.• Vision of Polish Armed Forces 2030.
MINISTRY OF NATIONAL DEFENCE REPUBLIC OF POLANDCLASSIFIED INFORMATION PROTECTION DEPARTMENT
UNCLASSIFIED 7
Responsibilities
PolishMilitary Contingent
MIL-CERTmilitary sphere
CERT.gov.plInternal Security Agency
CERT PolskaResearch and Academic
Network in Poland(NASK)
NCIRC TCNATO
MILITARY POLICE
Military Counter-Intelligence Service
MOU between NATO CDMA and POL NSA
concerning cooperation on Cyber Defence
POC for military network is MCISA
Agreement between DoD of US
and MoND the Republic of Poland
concerning cooperation on IA and CND
MILREP
MINISTRY OF NATIONAL DEFENCE REPUBLIC OF POLANDCLASSIFIED INFORMATION PROTECTION DEPARTMENT
UNCLASSIFIED 8
Cyber Defence Structure in POL MoND
UNCLASSIFIED
Coordination Centre
=======================
IT&T DEPARTMENT
Technical Support Centredivision of MCISA
IT Systems Administratorsmilitary units (Div, Brig) and organizational cells of MoND
three-layered organisational structure
RAPID REACTION TEAM
The
Polish
com
pute
r inc
iden
t res
pons
e
syst
em h
as b
een
crea
ted
as N
ATO
initia
tive
MINISTRY OF NATIONAL DEFENCE REPUBLIC OF POLANDCLASSIFIED INFORMATION PROTECTION DEPARTMENT
UNCLASSIFIED 9
Information sharing of military CERT related to Cyber Defence
Governmental entities
POLICE HQ
MILITARY POLICEHEADQUARERS
International bodies
NATO CIRC Coordination Centre and Technical
Support Centre
Non - governmental organisations
CERT PLNASK
NATO agencies
Internal Security AgencyCERT GOV PL
Service of military counter intelligence ABUSE Forum
Other CSIRT (CERT Team)
US agencies
….but not only.
Other CSIRT
MINISTRY OF NATIONAL DEFENCE REPUBLIC OF POLANDCLASSIFIED INFORMATION PROTECTION DEPARTMENT
UNCLASSIFIED 10
Cyber Security activities• International cooperation:
– Information Assurance/Computer Network Defence MoU (signed in June 2010) with DoD US - forms basis for cyber defence cooperation
– sharing information with NATO CIRC TC;– Cooperative Cyber Defence Centre of Excellence - planned.
• Exercises:– International Cyber Defence Workshops; – Cyber Endeavor;– NATO Cyber Defence workshops ; – EU Cyber Defence workshops; – National Cyber Defence workshops.
• Courses, symposia, conferences, and other form.
MINISTRY OF NATIONAL DEFENCE REPUBLIC OF POLANDCLASSIFIED INFORMATION PROTECTION DEPARTMENT
UNCLASSIFIED 11
Nearest future…
Development of „National Policy for Cyberspace Security ” and „Security Policy for Cyber Defence”;
Reorganization and extending MIL CERT Poland; Introducing Early Warning System; Implementation of (dynamic modification)
Incident Handling Manual with Standard Operational Procedures.
MINISTRY OF NATIONAL DEFENCE REPUBLIC OF POLANDCLASSIFIED INFORMATION PROTECTION DEPARTMENT
UNCLASSIFIED 12
Final remarks on POL CIRC activities
• Close cooperation among governmental and non-governmental organizations (corporations and ISP’s);
• Synergy of technical, legal and organizational actions is the key issue;
• Necessity of fast adaptation to new threats and conditions;
• Users’ awareness enhancement in the field of current threats and ways of protection;
• Critical infrastructure protection – essential to assure security of the country.