Cooperation between i nstitutional and private sectors in the field of electronic information security. approach of Lithuania. Abstract.
approach of Lithuania
The presentation will cover a short survey of practical cooperation between institutional and private sectors in the field of electronic information (EI) security in Republic of Lithuania.
Large private companies, such as JSC „Microsoft Lietuva”, JSC „Bite Lietuva”, „SEB Bankas” showed interest in these EI security training programs for their staff training purposes.
Main State institutions, like Lithuania Customs, State Tax Inspectorate successfully adopted these distance training programs.
Ministry of Interior, together with private companiesprepared EI security training materials (on-line andCD-ROM versions) for face-to-face and distance learning options:
On February, 2008 at world’s famous internet video portal„YouTube“ (www.youtube.com/Infosauga)10 shorteducational films about EI security were upladed by MoI.
Those films were created by order of Ministry of Interior, implementing PHARE funded project and in funny and visual way attracts every computer user attention to EI security threats.
During this month, IT security training films link was visited more than 27.000 times.
Ministry of Interior together with private companies periodically organizes practical seminars of use of EI legal acts and EI security organization and comments of EI and IT security legal acts changes.
These seminars are attended by staff from:
IT security specialists of Ministry of Interior periodically take part on IT security seminars, organized by private sector.
Ministry of Interior of Lithuania as contracting authority, in cooperation with private sector (JSC „Blue Bridge“) prepared and published „Risk Assessment Manual“(author Robertas Vageris, CISM) as part of PHARE funded project in 2005.
This Manual covers the popular risk analysis methods, provides examples and advices for practical application. „Risk Assessment Manual“ is suitable for application in public institutions in Lithuania, managing IT resources and dealing with data of different level of importance in the electronic form.
PDF version of „Risk Assessment Manual“ is available for download from Ministry of Interior of the Republic of Lithuania home site www.vrm.lt.
Starting from 2007,Risk assessment in all State IT systems was performed. Many IT system owners contracted private companies for risk assesment.
By National EI security coordination commission approvement, summarized Risk assessment report is available at MoI site www.vrm.lt
As part of Government strategy for ElectronicInformation Security, ISO 17799evaluation of six State Registries in 2007 was performed.
Compliance to ISO 17799 was found 78 %.
State Registries owners prepared plans of dealing with incompliances and according to these plans strengthening EI security.
Site www.esaugumas.lt (esecurity) was launched in Ferbruary, 2006. It is joint product of State institutions and EI security private sectorcompanies.
This project main partners are MoI,Communications Regulatory Authority (RRT),JSC „Microsoft Lietuva“, JSC „Blue Bridge”,
SC „TEO.LT“, JSC „Pandasoftware“ and others).
This site was visited more than 167.000 times, since it was created.
Lithuania’s State institutions (MoI, Communications Regulatory Authority and Ministry of Transport and Communications) along with ENISA (European Network and Information Security Agency) and private companies organizes international conference „European Network and Information Security“.
These conferences are regularly held in Vilnius (2005, 2006, 2007, coming in 2008).
MoI, Communications Regulatory Authority (RRT), banks of Lithuania and IT security companies, working together, prepared and freely distributed through the Lithuania about 100.000 CD’s with antivirus, antispam and antispyware programs and leaflets with information about EI security, security threats and security measures.
All these e-Government electronic services use identification and authentication provided by Internet banking systems of Lithuania.
„State institutions IS security“ project.
Will be implemented in critical IT systems owned by:
During this project will be implemented these ITsecurity measures: