nato advanced research workshop “best practices and innovative approaches to develop cyber...

14
NATO Advanced Research Workshop “Best Practices and Innovative Approaches to Develop Cyber Security and Resiliency Policy Framework” Scenario for Discussion Topic One Who is in Charge?

Upload: gerald-gilmore

Post on 31-Dec-2015

214 views

Category:

Documents


0 download

TRANSCRIPT

Page 1: NATO Advanced Research Workshop “Best Practices and Innovative Approaches to Develop Cyber Security and Resiliency Policy Framework” Scenario for Discussion

NATO Advanced Research Workshop

“Best Practices and Innovative Approaches to Develop Cyber Security and Resiliency Policy

Framework”

Scenario for Discussion Topic One

Who is in Charge?

Page 2: NATO Advanced Research Workshop “Best Practices and Innovative Approaches to Develop Cyber Security and Resiliency Policy Framework” Scenario for Discussion

• Who is in Charge ?: What National Agency or Private Sector Enterprise is responsible for taking the lead in response to a Cyber Attack?

• Whose laws apply?• Whose regulations apply?• Is it just a civilian problem or will militaries become involved?

•Lack of Cyber Situational Awareness: There does not appear to be an organization at national levels responsible for providing cyber situational awareness to:

• Government Agencies • Private Sector Enterprises

Page 3: NATO Advanced Research Workshop “Best Practices and Innovative Approaches to Develop Cyber Security and Resiliency Policy Framework” Scenario for Discussion

• Most stakeholders assume SA to be a Federal capability and responsibility, but Livewire challenged that assumption– It may be quite difficult to determine that seemingly disparate cyber

disruptions in different sectors constitute a coordinated, wide-spread, cyber attack.

– The indications of a sophisticated and coordinated cyber attack may not be initially visible to the cadre of technicians monitoring Internet health or assessing now familiar patterns of vulnerability exploits.

– The first visible effects may be societal effects.

• Private industry is first to recognize and address anomalies to their “normal” state of business or network health.

• Private industry is therefore an integral component in the Indications and Warning process.

Page 4: NATO Advanced Research Workshop “Best Practices and Innovative Approaches to Develop Cyber Security and Resiliency Policy Framework” Scenario for Discussion

Competing Concepts• Stimulate the Economy vs. Improve National

Security • Infrastructure Modernisation vs. Critical

Infrastructure Protection • Private Sector vs. Public Sector  • Data Protection vs. Information Sharing •  Freedom of Expression vs. Political Stability

Page 5: NATO Advanced Research Workshop “Best Practices and Innovative Approaches to Develop Cyber Security and Resiliency Policy Framework” Scenario for Discussion

Who is responsible for mitigating the following:(Assume all to be the result of cyber disruption)

Home computers are unable to connect to the Internet

• Who are the victims?• What can be done?• Who can help with mitigation? (Who would this victim call)• Should LE be informed?• Is this a government issue?

Page 6: NATO Advanced Research Workshop “Best Practices and Innovative Approaches to Develop Cyber Security and Resiliency Policy Framework” Scenario for Discussion

Cannot access files at work

• Who are the victims?• What can be done?• Who can help with mitigation? (Who would this victim call)• Should LE be informed?• Is this a government issue?

Who is responsible for mitigating the following:(Assume all to be the result of cyber disruption)

Page 7: NATO Advanced Research Workshop “Best Practices and Innovative Approaches to Develop Cyber Security and Resiliency Policy Framework” Scenario for Discussion

Someone is using your credit card to make purchases

• Who are the victims?• What can be done?• Who can help with mitigation? (Who would this victim call)• Should LE be informed?• Is this a government issue?

Who is responsible for mitigating the following:(Assume all to be the result of cyber disruption)

Page 8: NATO Advanced Research Workshop “Best Practices and Innovative Approaches to Develop Cyber Security and Resiliency Policy Framework” Scenario for Discussion

An e-commerce site is being subject to a DDOS attack and cannot transact any business

• Who are the victims?• What can be done?• Who can help with mitigation? (Who would this victim call)• Should LE be informed?• Is this a government issue?

Who is responsible for mitigating the following:(Assume all to be the result of cyber disruption)

Page 9: NATO Advanced Research Workshop “Best Practices and Innovative Approaches to Develop Cyber Security and Resiliency Policy Framework” Scenario for Discussion

Personal data has been compromised to include credit card numbers and is now published on a hacker website

• Who are the victims?• What can be done?• Who can help with mitigation? (Who would this victim call)• Should LE be informed?• Is this a government issue?

Who is responsible for mitigating the following:(Assume all to be the result of cyber disruption)

Page 10: NATO Advanced Research Workshop “Best Practices and Innovative Approaches to Develop Cyber Security and Resiliency Policy Framework” Scenario for Discussion

Electronic transfer of government pay accounts has been interrupted and employees are unable to gain access to the funds

• Who are the victims?• What can be done?• Who can help with mitigation? (Who would this victim call)• Should LE be informed?• Is this a government issue?

Who is responsible for mitigating the following:(Assume all to be the result of cyber disruption)

Page 11: NATO Advanced Research Workshop “Best Practices and Innovative Approaches to Develop Cyber Security and Resiliency Policy Framework” Scenario for Discussion

National and regional banks are reporting that networked ATM machines have been compromised

• Who are the victims?• What can be done?• Who can help with mitigation? (Who would this victim call)• Should LE be informed?• Is this a government issue?

Who is responsible for mitigating the following:(Assume all to be the result of cyber disruption)

Page 12: NATO Advanced Research Workshop “Best Practices and Innovative Approaches to Develop Cyber Security and Resiliency Policy Framework” Scenario for Discussion

Supervisory controls within the critical infrastructure have been compromised creating a widespread power outage and interruption of the distribution of drinking water

• Who are the victims?• What can be done?• Who can help with mitigation? (Who would this victim call)• Should LE be informed?• Is this a government issue?

Who is responsible for mitigating the following:(Assume all to be the result of cyber disruption)

Page 13: NATO Advanced Research Workshop “Best Practices and Innovative Approaches to Develop Cyber Security and Resiliency Policy Framework” Scenario for Discussion

There is a cyber attack that is ongoing and designed to interrupt the continuity of government in a given nation

• Who are the victims?

• What can be done?

• Who can help with mitigation? (Who would this victim call)

• Should LE be informed?

• Is this a government issue?

Who is responsible for mitigating the following:(Assume all to be the result of cyber disruption)

Page 14: NATO Advanced Research Workshop “Best Practices and Innovative Approaches to Develop Cyber Security and Resiliency Policy Framework” Scenario for Discussion

• Home computers are unable to connect to the Internet • Cannot access files at work • Someone is using your credit card to make purchases • An e-commerce site is being subject to a DDOS attack and cannot transact any

business • Personal data has been compromised to include credit card numbers and is now

published on a hacker website • Electronic transfer of government pay accounts has been interrupted and employees

are unable to gain access to the funds• National and regional banks are reporting that networked ATM machines have been

compromised• Supervisory controls within the critical infrastructure have been compromised creating

a widespread power outage and interruption of the distribution of drinking water

• There is a cyber attack that is ongoing and designed to interrupt the continuity of government in a given nation