Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

Who is doing What in Cybersecurity ? the Tunisian experience Belhassen ZOUARI,

advertisement 
Who is doing What in Cybersecurity ?
the Tunisian experience
Belhassen ZOUARI,
CEO, National Agency for Computer Security, Head of Cert-Tcc,
E-mail : b.zouari@ansi.tn
CERT -TCC
3 Pillars of Cybersecurity
The keys to success in a Cybersecurity project rely on 3 pillars :
ƒ Technology
ICT/Security tools, etc.
ƒ Methodology
Policy, procedures, regulation, etc.
ƒ Social behaviour
Culture of Cybersecurity
CERT -TCC
Technology Pillar
Computer & network tools
Antivirus
Physical security tools
Physical access control
Firewall
Building Security
IDS
IPS
Actors : Security professionals (Private sector )
Users, (Private/Public companies, individuals)
Data tools
Availability & applications
Storage Media
Redundant Server
Cryptography
PKI
e-services
CERT -TCC
Methodology Pillar
Managerial level
Security Policy
Legislation level
Laws & regulation texts
Management procedures
Law enforcement
Capacity building
Auditing
Operational
Actors : Government
Security professionals (Private sector )
Users, (Private/Public companies, individuals)
Access Control rules
Continuity of services
Implementation plans
Business Continuity Plan
Crisis Management
Drill Exercises
Monitoring, Watching &
Incident handling
CERT -TCC
Social behaviour Pillar
Cultivating the Culture of Cybersecurity
- Continuous action
- Diversifying media/channel materials
Raising Awareness
Target public :
- Managers / Decision makers
- Security Responsibles/Managers
- Children
- Parent
- Teachers
- Simple ICT users
- Communities
(NGOs)
CERT -TCC
Legislative Framework
January 2003 :
‰ The creation of a National Agency, specialized in IT Security
(The Tool for the execution of the national strategy and plan)
‰ The Introduction of Mandatory and Periodic Security audits
(Pillar of our strategy)
‰ The creation of a “body of certified Auditors” in IT Security
+ some accompanying measures (launch of masters in IT security, …)
In addition to previous Laws :
• Law on Electronic Signature and e-commerce (Law N° 2000-83 )
• Law Against Cyber-Crimes (Law N° 1999-89, Art 199)
• Law on consumer protection and respect of Intellectual property (Law N°1994-36)
• Law on protection of Privacy and Personal data (Law n° 2004-63)
9 September 2005 : launch of Cert-Tcc
(Computer Emergency Response Team / Tunisian Coordination Center)
9 May 2007: Full Member of FIRST (Forum of Incident Response Teams)
CERT -TCC
How are organized the Tunisian structures
How is organized the Security Audit process
Auditing
Certified
Auditors
Certifying
NACS
Training
Centers
Reporting
Target
Compagnies
Following up
Encouraging
CERT -TCC
Watch
Warning/
Alert
Awareness
Training
Cert-Tcc
Coordination
Response
Incident
Analysis
Incident
Handling
CERT -TCC
Watch
Publication of vulnerabilities,
exploits, 0days
Antivirus suppliers
Collaboration network
Collaboration
program
Watch professionals
Collect
information
Trend
indicators
Professional
community
Equipments constructors
CERT -TCC
Information, Warning & Alert
Professional
community
Antivirus
suppliers
Vulnerabilities,
Internet Services Providers
Managers, Decision makers
exploits, 0days
Web masters, Security
Admin., Programmers
Collaboration network
Internet Community
SCP
Mailing List, Web Site, Call Center, Media (TV, Radio, Press)
CERT -TCC
Awareness
Oriented campaigns
+
+
+
+
+
+
+
Decision makers
Professionals
Teachers
Students
Users
Journalists
Lawyers
Diversified contents
Prospectus
Posters
Radio Emission
Attack Simulation
Emails
Cartoon
Video Spot
Guide
CERT -TCC
Incident Handling (CSIRT)
CSIRT team
Collaboration network
•Trained Team
•Technical means (Investigation)
•Procedural means
•Platform of incident management
•Information exchange
•Attack Tracking
•Assistance
Reporting incident System 24/7
Watch
CSIRT
•Email : cert-tcc@ansi.tn
•Call center: 71 843200
•N° Vert : 80 100 267
•Email : incident@ansi.tn
•Web : on line forms
•Tel: : 71 846020
ISAC
•Massive attack Detection
•Critical failure Detection
•Web site attack Detection
Incident Analysis and handling
CERT -TCC
Coordination
other
CERTs
National Reaction
Plan against
massive attacks
regional
CERTs
FIRST
Incident
Coordination
procedures
Cert-Tcc
Vendors
Integrators
ISPs &
operators
National
Authority
CERT -TCC
“Know-How” In IT security
Reaching a relative technological autonomy :
- Supporting Training & Capacity building
- Encouraging the development of national Solutions and Tools,.
based on Open-source components
- Improving R&D capabilities and making it more responsive to urgent
needs.
- Encouraging Academic Research in the Important topics of Security
(cryptography, methodologies, …)
CERT -TCC
Thank you for your attention
CERT -TCC
Related documents
Survey of Designing Web and Tools
Survey of Designing Web and Tools
Assessment Thursday Notes December 6 , 2012
Assessment Thursday Notes December 6 , 2012
Business License Change Request
Business License Change Request
Implementing a National Strategy : the case of the Tunisian CERT
Implementing a National Strategy : the case of the Tunisian CERT
How we raised awareness on information security in Slovenia
How we raised awareness on information security in Slovenia
综合(2)
综合(2)
Download
advertisement