National Infrastructure Security
Download
1 / 17

PowerPoint Presentation - PowerPoint PPT Presentation


  • 86 Views
  • Uploaded on

National Infrastructure Security Co-ordination Centre. Peter Burnett Head of Information Sharing. www.niscc.gov.uk. Home Secretary 1999. “…working with the private sector…to ensure adequate standards of protection for the key systems falling within the critical national infrastructure…

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'PowerPoint Presentation' - bree


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

National Infrastructure Security Co-ordination Centre

Peter Burnett

Head of Information Sharing

www.niscc.gov.uk


Home Secretary 1999

  • “…working with the private sector…to ensure adequate standards of protection for the key systems falling within the critical national infrastructure…

  • raising awareness and standards of information security more generally in the private sector…

  • developing a dialogue with international partners

  • I have established the NISCC to act as a point of contact for those involved in this work in both government and the private sector.”


What is niscc
What is NISCC?

NISCC is an interdepartmental centre which co-ordinates activity in support of this aim across a range of organisations. Each of these contributes resources and expertise to NISCC’s programme of work according to its own remit, its own priorities, in relation to the challenge in hand, and depending on what value it can add.


Security Service

Communications-Electronics Security Group (CESG)

Cabinet Office – Civil Contingencies Secretariat (CCS)

Office of e-Envoy

CSIA

DSTL (ex DERA)

Department of Trade & Industry (DTI)

National Hi-Tech Crime Unit (NHTCU)

Home Office

Ministry of Defence

“an Interdepartmental Centre”


What is the cni
What is the CNI?

Those parts of the United Kingdom’s infrastructure for which continuity is so important to national life that loss, significant interruption or degradation of service would have life-threatening, serious economic or other grave social consequences for the community, or would otherwise be of immediate concern to the Government.

NISCC’s aim is to minimise the risk to the critical national infrastructure from electronic attack.


The cni sectors
The CNI Sectors

  • Telecommunications

  • Energy

  • Finance

  • Central Government

  • Water and Sewerage

  • Health Services

  • Emergency Services

  • Transport

  • Hazards

  • Food


NISCC Functional Model

Critical National Infrastructure

Investigating

Promoting

Vulnerabilities

and Assessing

Protection and

Exploits

the threat of

eA

Assurance

Responding to

incidents

Research and Development/ Policy/ Mapping

INFORMATION

SHARING


Strategic objectives

NISCC – Information Sharing

Strategic Objectives

  • Increase IT Security Awareness, Education :

    • Healthier e-environment (reduce Viruses, Worms, Trojans, DDoS etc)

  • Provide useful and timely warnings

  • Gather IT security incident reports

    • Crime reports (only with consent)

    • Statistics, Trends, Threat assessment

    • Attack detection


Information Sharing

  • UK CERTs forum

    • Encouraging new CERTs in UK

  • Encouraging Information Sharing Bodies

  • Reporting System (NHTCU/NISCC)

  • National Warning System

  • Partnership arrangements

    • Symantec, Microsoft

  • Conceive & establish Information Exchanges

    • Finance, Telecomms, SCADA, MSPs

  • Conceive & promote WARPs

    • Warning, Advice & Reporting Points


CERTs, WARPs, etc

Warnings

Advice

Incident Reports

Problems

The WARP model

WARP

e-COMMUNITY

Local authority, trade association,

interest group, industry sector


The warp model functions

NISCC – Information Sharing

The WARP Model - Functions

  • Issue Warnings to its community

  • Provide Advice on Internet problems & share Good Practice amongst members

  • Gather, sanitise, and share Incident Reports


Warp for london boroughs www lcwarp org

London Borough B

London Borough C etc.

London Borough A

Secure links

Secure links

Authorised users

in each Borough

Supported by SOCITM, OeE & NISCC

Future ‘LA’ WARPs

33 London Boroughs

LondonConnects

WARP

Secure system

with fallback

contingency

CERTs

NISCC

1 Admin.

FTE

Bugtraq

Secure link

1 Technical

FTE

CSIRTs

UNIRAS

Sans

Other

WARP for London Boroughs (www.lcwarp.org)


The warp toolbox
The WARP TOOLBOX

  • Toolbox

    • Filtered Warning & Alerting System (FWAS)

      • Tick-List Software

    • Good Practice & Advice Brokering Service (GPABS)

      • Bulletin Board

    • Reporting and Trusted Sharing Service (RTSS)

    • Business Cases

    • Security Policy

    • Commercial sponsorship

  • Independent Study


Open Sources,

CERTs

Warnings

Advice

Filter

Prioritise

Supplement

Add Value

Problems

A Shared Solution

WARP

WARP

Incident Reports

Good Practice

Solutions

Skills

e-COMMUNITY

e-COMMUNITY

Experience,

Expertise, Solutions




Contact me on 020 7821 1330 ext 4508 peterb@niscc gov uk

QUESTIONS ?

Contact me on020 7821 1330ext [email protected]


ad