Strategy and Policy Unit:
Current Activities and Future Tasks
+ new NCSS (2015 - 2020)
Daniel P. Bagge
Head of Unit
(NSA CZE/NCSC)

TOP level
Cyber Security
Council
National Security
Authority
Ministry of Defence
National Cyber
Security Centre memorandum
Governmental CERT
(GovCERT.CZ)
Strategy and Policy
Unit
National CERT
(CSIRT.CZ)
Military CERT
(CIRC Centre)
Strategy and Policy Unit + new NCSS --- 27th November 2014

o Fulfilling international obligations (ENISA,
OSCE, EU, NATO, CCDCOE , CECSP, etc.) o Presenting and promoting NCSC activities at both the national and international levels o Participating in cyber security exercises o Mapping and defining CII and IIS
Strategy and Policy Unit + new NCSS --- 27th November 2014

(cont'd) o Giving strategy advice and policy analysis on cyber security issues o Creating and updating strategic and policy documents o Supporting GovCERT activities o Etc.
Strategy and Policy Unit + new NCSS --- 27th November 2014

(NCSS 2015-2020) o Cyber security awareness / educational programmes o R&D o Deeper cooperation with CII and IIS subjects o Risks and threats analysis o Legal and other support to Police (cybercrime) o Etc.
Strategy and Policy Unit + new NCSS --- 27th November 2014

o about to expire o main goals have already been met / ongoing o 2 milestones:
1.
NCSC
2.
The Act on Cyber Security o shift from elementary to more holistic/comprehensive approach
Strategy and Policy Unit + new NCSS --- 27th November 2014

o NCSS drafted by NSA CZE and coordinated with stakeholders (legal advisors, experts, relevant ministries, police, military and intelligence agencies, etc.).
o NCSS will be submitted to the National
Security Council soon and later to the
Government for approval. o NCSS will be effective from JAN 15 and valid till 2020.
Strategy and Policy Unit + new NCSS --- 27th November 2014

o Introduction
1) Visions (long-term vision, exceeds the timeframe of the
NCSS)
2) Principles (basic principles which shall be followed by the
State IOT ensure cyber security)
3) Challenges (specific challenges both for the Czech Republic and international environment)
4) Main goals (main strategic goals facing the challenges) o Implementation of NCSS o Annex (acronyms, glossary) o + Action Plan (being drafted, definition of its implementation by the NSA CZE)
Strategy and Policy Unit + new NCSS --- 27th November 2014

o Smooth functioning of information society o Raising cyber security knowledge and capabilities to face the latest cyber security threats o Focus on security of industrial systems that are included in critical information infrastructure, IOT get strong expertise and knowledge in this area o Become a state with major position in cyber security both within its region and whole Europe o Active assistance to alliance partners, fulfillment of commitments for the collective defense and support security in other countries of the world
Strategy and Policy Unit + new NCSS --- 27th November 2014

o Protection of fundamental human rights, freedom and democratic principles o Comprehensive cyber security approach based on the principle of subsidiarity and cooperation o Confidence building and cooperation between public, private sector and civil society o Capacity development for ensuring cyber security
Strategy and Policy Unit + new NCSS --- 27th November 2014

o The Czech Republic as a test bed o Insufficient cyber security protection of small and medium enterprises o Malware is increasingly sophisticated o Botnets and DDoS/DoS attacks o Increased cyber crime o APTs o Etc…
Strategy and Policy Unit + new NCSS --- 27th November 2014

o Ensuring the efficiency and strengthening of existing structures, processes and cooperation in the area of cyber security o Effective international cooperation o National critical information infrastructure and important information systems protection o Cooperation with the private sector o Research & Development o Education support, awareness raising and development of the information society o Cybercrime: Promoting the development of capabilities of the
Czech Police to investigate and prosecute cybercrime o Cyber security legal framework creation and active participation in the European and international legislation development and implementation.
Strategy and Policy Unit + new NCSS --- 27th November 2014

Daniel P. Bagge e-mail: d.bagge@nbu.cz
www.GovCERT.CZ