html5-img
1 / 13

WG-ALPINE: Active Loss Prevention for ICT Enabled Enterprise Thematic Network Project

WG-ALPINE: Active Loss Prevention for ICT Enabled Enterprise Thematic Network Project . Richard Sitruk ETIS. “trust is essential to business - security just gets in the way”. “trust is essential to business - security just gets in the way”. WG-ALPINE Project Goal.

erwin
Download Presentation

WG-ALPINE: Active Loss Prevention for ICT Enabled Enterprise Thematic Network Project

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. WG-ALPINE: Active Loss Prevention for ICT Enabled EnterpriseThematic Network Project Richard Sitruk ETIS

  2. “trust is essential to business - security just gets in the way” • “trust is essential to business • - security just gets in the way”

  3. WG-ALPINE Project Goal The creation, operation and consolidation of an Active Loss Prevention Working Group to address common ICT Security problems faced by users (especially SMEs), achieve consensus on their solutions across multiple disciplines, and create a favourable e-Business market impact.

  4. DDSI Dependability policy support WG-ALPINE Active Loss Prevention AMSD : Overall dependability e-business embedded CIP privacy AMSD Dependable embedded systems PAMPAS Mobile privacy & security ACIP Critical infrastructure protection RAPID Privacy / Identity Mgmt BVN Biometrics RESET Smart Cards STORK crypto European Roadmap Projects

  5. The Active Loss Prevention Goal Active Loss Prevention will reduce the incidence and impact of loss that occurs as a result of unauthorized activity in information systems within and between organizations and thereby improve the protection of both industry and government from attack.

  6. Active Loss Prevention Roadmap Actuarial Data Risk Vocabulary Insurance ‘packaged products’ Certified Practices and Components Liability (standards, contract terms, model laws, model regulations) Mitigation improvement Risk Management Methods Mitigation Effectiveness Standards of Due Care

  7. Project Partners • The Open Group (UK) • Overall project coordinator, and managing 2 SIGs • Includes every major and many SME vendors of ICT • Large base of users concerned with interoperability/conformance • Launched first EU grouping addressing ALP topics • European Software Institute (Spain) • Development methods, best practices, and managing 2 SIGs • Process improvement and take-up of key technologies • Assessment skills and large SME constituency of ICT users • ETIS (Belgium) • Addressing inter-Telecom standards/procedures, and managing 1 SIG • Includes most European Telecom Operators • Strong participation from Telecom equipment vendors

  8. Project approach • Analyse the market and determine topics to be addressed • Establish framework and infrastructure for SIG activities • Recruit participants and launch 5 SIG’s addressing ALP topics • Manage SIG’s and ensure significant results are achieved • Promote and disseminate results to industry bodies and larger European audience

  9. Candidate SIG Topics • Legal issues affecting ICT Security • IPR, licensing agreements, privacy laws • Identification and management of risk • How to identify, quantify and analyse security benefits and risks • ICT Security for finance and auditing • Measuring and monitoring the financial exposure • ICT Security Standardisation • Universal plug and play of ICT Security solutions • Free Security components • Open source, public domain and shareware • Skill profile for ICT Security engineers • ICT Security quality certification • Commercial products and services, and providers

  10. Project Actions (1) • Analyse the ICT Security situation: the current offer and demand, the mechanisms, the future trends, expected growth, etc. • Identify common problems in acquisition, management and integration of ICT Security technology, services and methods, based on an assessment of current practice. • Provide and share solutions to the identified problems.

  11. Project Actions (2) • Co-ordinate the definition of requirements for ICT Security related projects at a European level. Identify open issues and research subjects as input for future research and development programmes. • Represent the interests of ICT users (especially SMEs) in standardisation organisations and professional associations addressing topics affecting the securing of ICT based assets.

  12. Working Group Launch • Market Study • Recruitment • Structure Phase 1 Start-up Phase 2 Operation Phase 3 Consolidation August 2002 November 2002 August 2003 January 2004 Timeline Working Group Exploitation • Policies • Standards • Best Practices Dissemination and Infrastructure Operation • Conferences • Reports • Discussion Forums Operation of Special Interest Groups • Mobile Transaction Liability • Security Policy Management • Trust Services Mapping • Others

  13. Questions ?

More Related