Office of Cyber Security(OCS)
Cabinet Office
United Kingdom
Peter Burnett
International Coordination
Coordinator:
FORUM: I International CIIP Meeting
PANEL II : National Strategies
ORGANISATION:Office of Cyber Security (OCS)
SPEAKER: Peter Burnett
GOAL: Describe the Evolution of UK Cyber Strategy
DATE: 18th of February 2010
Coordinator:
· Agenda
- Introduction
- In the beginning ....
- CNI + CIP + CIIP = CPNI
- Cyber Security ... What’s next?
- Questions
Coordinator:
· In the beginning .....a potted history
- Mainframes, Minis, & Programming
- Micros, PCs, Unix & Compusec
- Malware, Y2K, and Infosec
- IA, e-crime, CIP & CIIP
- Holistic CIP, Cyber Security
1999 --- NISCC
2007 --- CPNI
2009 --- OCS & CSOC
Coordinator:
1970s
1980s
1990s
2000s
2010s
CPNI
• The Centre for the Protection of National Infrastructure
is the recognised UK government authority for protective security
advice to the National Infrastructure.
•
It protects national security through:
• Minimising risk to the National Infrastructure; by
• Delivering authoritative advice; to
• Reduce the vulnerability of the National Infrastructure to
terrorism and other threats.
The Critical National Infrastructure
•
The National Infrastructure delivers
essential
services
•
9 sectors
•
Not everything is critical
•
Each sector is different
•
CIIP is cross-sectoral
Protecting the CNI: The CPNI approach
•
•
•
Impact-driven
Threat-informed
Vulnerability-focused
• Holistic Approach
– Physical
– Personnel
– Information
International CIIP
I
www.meridianprocess.org
Ciip-dir@cpni.gsi.gov.uk
UK Cyber Security Strategy
•Cyber space: “…all
forms of networked,
digital activities.”
•Cyber is a domain
http://www.cabinetoffice.gov.uk/reports/cyber_security.aspx
UK Cyber Security Strategy
Vision
Citizens, business and government can enjoy the full benefits of a
safe, secure and resilient cyber space: working together, at home
and overseas, to understand and address the risks, to reduce the
benefits to criminals and terrorists, and to seize opportunities in
cyber space to enhance the UK’s overall security and resilience.
UK Cyber Security Strategy
Strategic Objectives
Secure the UK’s advantage in cyber space…
• by reducing risk
• and exploiting opportunities
•
by improving knowledge, capabilities and decision-making.
UK Cyber Security Strategy:
Office of Cyber Security (OCS)
Resources
Staffed from across government
Cabinet Office will initially
accommodate & support OCS.
•
•
•
•
Roles
Provides overall ownership of
the Strategy.
Delivers strategic leadership
across government for cyber
security issues.
Delivery through a crossgovernment programme with 8
workstreams.
Early priorities: Cyber
Industrial Strategy, Doctrine
and Concepts, International
Engagement.
UK Cyber Security Strategy
Cyber Security Operations Centre (CSOC)
Resources
Staffed from across government
Hosted by GCHQ in Cheltenham.
Roles
Actively monitor the health of
cyber space and co-ordinate
incident response.
Enable better understanding of
attacks against UK networks
and users.
Provide better advice and
information about the risks to
business and the public.
Conduct cyber security
exercises
International Cyber Exercises
• OCS will keep a watching brief
• CSOC will lead UK response and provide
situational awareness
• Other UK CERTs will participate and liaise
with CSOC
• Escalation process will involve OCS
International Coordination
OCS Role
• Coordinate UK departments international
engagement on cyber issues
• Engage with international partners
• Provide guidance on international issues
• Contact Point on International Cyber
Policy Matters
Thank You
Coordinator:
¡Gracias!
Coordinator:
Thank You!