Post on 12-Jan-2016
www.bmi.bund.de
International Cyber Warfare and Security Conference
Cyber Defence
Germany's Analysis of Global Threats
19th November 2013,
Ankara
www.bmi.bund.de
Motivation for the new german cyber security strategy: Changed Security Situation
2
Cyber SecurityCrime
Underground Economy
Hacker, Cracker
CompetitionEspionage
Military
Intelligence
Services
Interconnection
Complexity of IT
Systems
Short Innovation
Cycles
Convergency of Networks
IP
Busisness Processes on the
Internet
www.bmi.bund.de
Industry
Fed. Gov.
Local Authorities
Shared ResponsibilityJoined Action
3
Citizens
Fed. States
Operators of CII
www.bmi.bund.de
Framework ConditionsIssues and Action Lines
Cyberspace Security
Resilience of Infrastructure
Integrity and Availability (failure safety) of Systems and Data
Security in Cyberspace
Secure Action in Cyberspace
Authenticity, Integrity, Confidentiality of Data and Networks
Legal Security Legal Obligation
Security against Crime
Security against Malicious Activities
Internet as a Public SpaceInternet as a Public Good
4
www.bmi.bund.de
Cyber-security-strategygoals and measures
5
National Cyber Security CouncilNational Cyber Security Council
National Cyber Response CenterNational Cyber Response Center
Critical IT Infrastructure
Critical IT Infrastructure
IT of CitizensIT of Citizens IT in the Public AdministrationIT in the Public Administration
Effective Crime ControlEffective Crime Control
International Cooperation (EU, worldwide) International Cooperation (EU, worldwide)
Personnel development Fed. Gov.Personnel development Fed. Gov.
Use of Reliable and Trustworthy Information
Technology
Use of Reliable and Trustworthy Information
Technology
Response to Cyber- AttcksResponse to Cyber- Attcks
www.bmi.bund.de
Participants in the National Cyber Response Center
6
BSI, BfV, BBk
BKABw
BND
BPol
ZK
A
BAFin
BNetzA
LBAEBA
DW
D
Supervision CIIP
…
Federal States
www.bmi.bund.de
National Cyber Response Center
Information is supplied by …
7
Cyber Response
CenterBSI CERT, Command centre int. CERT Association (monitoring/reports)
BKA(modus operandi, crime trends)
Implementation Plan Federation/Federal Gov(incidents, counter-measures)
Implementation Plan KRITIS(incidents, counter-measures)
Federal Armed Forces(intelligence; own experience/ findings)
.:
.:
.:
.:
.:
.:
.:
Supervisory authorities(routine and incident-related)
Hard- and software suppliers(vulnerabilities, counter-measures)
.:
Federal Intelligence Service(intelligence; own experience/ findings)
www.bmi.bund.de
National Cyber Response Centre
Information is supplied to …
8
Nat. Cyber Response
Centre BKA, ZKA, Bundeswehr, BND(all types of intelligence)
National Cyber Security Council(periodic reports, recommendations)
Hard- and software suppliers(vulnerabilities and recommendations)
BSI-CERT and Command Centre(coordinated evaluations/recommendations)
Crisis management staff(support in times of crisis)
IP KRITIS / IP Federation/Fed. Gov.(vulnerabilities, alerts, reecommendations)
Industry in general(alerts, recommendations)
Federal states depending on structure
General public (alerts)
www.bmi.bund.de
Communication Architecture in the Implementation Plan kritis
Cyber ResponseCenter
SPOCSector 1
SPOCSector n
Single Pointsof Contact
companies
Company 1
Company 2
Company 3
Company x
CERTSIndustry
...
...
www.bmi.bund.de
Federal Office for Information Security (BSI) &National Cyber Response Centre
Findings after the first year
More than 900 incidents analysed
80/20 rule confirmed:
About 80% of cyber attacks could be prevented if the basic 20% of known counter-measures were consistently applied!
Among the remaining 20% there is a growing number of very sophisticated attacks – for all we know by special forces
10
www.bmi.bund.de
National Cyber Security Council - Tasks
11
www.bmi.bund.de
The National Cyber-Security CouncilCoordinates Instruments andOverlapping Policy Making
12
Goals and Tasks
Coordination of Cyber Security Policy Stances
Identification und Correction of Structural Trouble Spots
Discussion of Cyber Security Issues, new technologies
Transparency in Collaboration
Recommendations to the Cyber Response Center
www.bmi.bund.de
Next steps – key questions
Ongoing implementation of strategy
This includes, e.g.:
Enhancing and extending cooperation on critical infrastructure protection
Creating more PC security by increasing provider responsibility
Intensifying cooperation both at home and abroad
Establishing norms of state behaviour in Cyberspace in international fora (G8, United Nations)
13
www.bmi.bund.de
Draft IT Security Act- Draft provisions to improve the protection of
Critical National Infrastructure (CNI) -
Legal obligation to meet minimum organizational and technical IT security standards in the field of CNI; state of the art.
Industries to work out standards. Federal Office for Information Security (BSI) to recognize suitable standards, after consultation with supervisory authorities.
Security audits to be conducted every two years; list of audits and identified deficiencies to be forwarded to BSI; BSI may require operators to remedy problems immediately.
Major IT incidents to be reported to BSI directly.
Purpose of reports: BSI to compile situation reports and to inform CNI operators when necessary.
www.bmi.bund.de
Draft IT Security Act- Draft provisions governing ICT providers/operators -
ICT industry: Key role in cyber security
Telecommunications network operators and providers of telecommunications services for the general public should always take into account the state of the art when
seeking to guarantee IT security. should report IT security incidents, even if they have not
caused direct disruptions of telecommunications networks/services.
should inform users about failures caused by their systems and point out technical remedies for such problems.
Telemedia service providers (acting on a commercial basis and, as a general rule, for payment) should safeguard state-of-the-art IT security to the extent technically possible and reasonable.
www.bmi.bund.de
Thank you
http://www.bmi.bund.de
16