E-Estonia: the ID Card Arvo Ott & Hannes Astok e-Governance Academy, Estonia.
Hannes astok policy development
-
Upload
e-government-center-moldova -
Category
Documents
-
view
235 -
download
1
Transcript of Hannes astok policy development
Digital information security trainings
2013
Chisinau
Digital security for better governance and public services
12.03.2013 Presentation Title
e-Government Centre Moldova
Hannes Astok
Senior Expert
eGovernmance Academy
Policy and legal framework development for Digital Security
12.03.2013 Presentation Title
e-Government Centre Moldova
Why policy framework?
Growing threats and security concerns
Vulnerability of the critical information systems
Need for coordinated activities
Clear roles and responsibilities between the
institutions
Better protection of information systems and critical
infrastructure
Estonian Cyber Security Strategy 2008-2013
Goals of the strategy
Establishment of a multilevel system of security measures
Expanding Estonia’s expertise in and awareness of information security
Adopting an appropriate regulatory framework to support the secure and extensive use of information systems
Goals of the strategy: more specifically
1. Development and implementation of a system of security measures
1. Protection of the Critical Information Infrastructure (CII)
2. Development and Implementation of a System of Security Measures
3. Strengthening of Organisational Co-operation
Goals of the strategy: more specifically
2. Increasing competence in information security
1. Organisation of Training in Cyber Security
2. Enhancing Research and Development
3. Development of a legal framework for cyber security
4. Development of international co-operation
5. Raising awareness of cyber security
Relations to the other national development plans
Information Security Interoperability Framework (2007)
Information Society Strategy 2013
Knowledge-Based Estonia: R&D Development Strategy 2007-2013
Criminal policy development strategy
Education and health development plans
Legal framework -International law
Council of Europe
Convention on Cybercrime 2004
EU legal framework
Attacks against information systems: Council Framework Decision 222/2005/JHA
Protection of personal data (95/46/EC and 2002/58/EC);
Electronic communications (2002/58/EC);
Retention of data (2006/24/EC);
Re-use of public sector information (2003/98/EC; under revision) ;
Information society services (2000/31/EC).
National legal framework
Penal Code: responsibility and penalties about various types of crime and attacks
Electronic Communications Act: requirements for publicly available electronic communications networks and communications services
National legal framework 2
Personal Data Protection Act: clear legal basis for processing any kind of personal data
Public Information Act: regulates the basis and procedures for the accessing of public information
National legal framework 3
Information Society Services Act: limits the liability of Internet service providers for the content of their service, spam related issues and general requirements for the provision of information society services.
International Cooperation
United Nations: issues of cyber security are
addressed by a high-level expert group of the
Internet Governance Forum (IGF) and the
International Telecommunication Union (ITU).
International Cooperation: EU
European Commission
The European Network and Information
Security Agency (ENISA) provides support to
EU member states, institutions and
entrepreneurs in the prevention and
management of breaches in information security.
International Cooperation: EU 2
European Programme for Critical
Infrastructure Protection – EU reseach
network realted to cyber security
Q & A
Thank You!
Hannes Astok www.ega.ee | [email protected]| +372 5091366 | hannesastok
E-Governance Academy | Tõnismägi 2, 10112 Tallinn, Estonia
12.03.2013 Presentation Title