International Cyber-Collaboration – Issues and Opportunities
-
Upload
brendan-austin -
Category
Documents
-
view
37 -
download
5
description
Transcript of International Cyber-Collaboration – Issues and Opportunities
International Cyber-Collaboration – Issues
and Opportunities
Moderator – Dr Andrew Vallerand Canadian Centre for Security Science
Panellists - Mr. Josh Caplan Office Assistant Sec Def for Res & Engineering
Dr. Peeter Lorents NATO CyberSecurity COE
Dr Arun Sood International Cyber Center, George Mason Unviv
2
Introduction
Cyberspace• Its use is totally pervasive across governments, economies,
and individuals.• The growing dependency on our use of cyberspace makes
it an attractive target for those who would do us harm.• We know cyber attacks are daily events, yet there is an
incredible amount of ongoing work in cyber security.
Why is it important to collaborate internationally?
3
Interdependent Security
•In an interdependent world, the risks faced by any ONE agent depend not only on its choices but also on the choice of all OTHERS.
•Failures of a weak link in an interdependent system can have devastating impacts on all parts of the system.
•Cyber Interdependence does not require proximity…
4
Cyber Security
• Like airline passenger flows, cyberspace has a large number of entry points
• No one country / carrier can independently secure the system or take effective unilateral actions
• We must work collectively and collaboratively in a variety of areas to close the gaps.
5
ALLIED Cyber Security Strategies
Canada’s Cyber Security Strategy is consistent with…
• Estonia 2008• UK 2009• US 2003 & 2010• AUS 2009
6
Interdependent Security…
• Demands that we acknowledge others security levels
• Suggests it is in our own best interests to share – Threat analysis; approach to Risk;– Security capability enhancements (Prepare, Detect,
Respond, Recover capabilities)– Best Practices against Malware to combat cyber crime– Network contacts with Subject Matter Experts– Trans-Border Experiments/ Exercises
7
Cost of Cyber Crime in UK? £ 27B/yr!
• £2B/yr: Govt systems• £3B/yr:Citizens systems• £22B/yr: Industry systems• Key domains?
– IP Theft– Industrial Espionage– Extortion– OnLine Theft– ID Theft
• Common Intl issue? – Low barrier of entry into rich field…– Anonymous Web and Investigation…– Attribution, Deterrence, Prosecution…
http://www.cabinetoffice.gov.uk/sites/default/files/resources/THE-COST-OF-CYBER-CRIME-SUMMARY-FINAL.pdf
8
Today’s Panellists
Each Panellist is a Subject Matter Expert in one of three distinct areas of international cyber security
1. Cyber Network Operations
2. Cooperative Cyber Security and Defence
3. Strategic Intl collaboration and information sharing of Cyber Security
1212
Established Productive collaborative partnerships focused on S&T for National Security Capabilities
•Agriculture & Agri-Food Canada•Atomic Energy Canada Ltd•Canada Border Services Agency•Canadian Food Inspection Agency•Canadian Nuclear Safety
Commission•Canadian Security Intelligence
Service•Communications Research Centre
Canada•Communications Security
Establishment Canada•Environment Canada
•Fisheries and Oceans Canada
•Health Canada• Industry Canada• Infrastructure Canada•National Defence •National Research
Council•Natural Resources
Canada•Privy Council Office•Public Safety Canada•Public Health Agency
Canada•RCMP•Transport Canada•Treasury Board
Secretariat
… across the Federal Government
… as well as with Provincial and Municipal first responders;… and with Canada’s Academic, Industrial and International partners
13
Landscape of Canadian Clients/ Partners in Cyber Security
• Privy Council Office (PCO or White House in US)– National Security Advisor to the Prime Minister of Canada
• Public Safety Canada– Integrated Threat Assessment Centre (ITAC) / Canadian Cyber Incident Response
Centre (CCIRC or CERT in US)– Royal Canadian Mounted Police (RCMP; FBI & US Marshall Serv in US) – Canadian Security Intelligence Service (CSIS or CIA in US)
• Industry Canada– Telecommunications & ISP Regulator; Communications Research Centre (CRC)– National Research Council (NRC), Competition Bureau, eCommerce Office– National Science & Engineering Research Council (NSERC)
• Treasury Board Secretariat– Chief Information Officer
• National Defence– Defence Research and Development Canada (DRDC; DDR&E in US)– Communications Security Establishment Canada (CSEC: NSA in US)– Assistant Deputy Minister (Information Management); Cyber Task Force
• PWGSC, Dept of Justice, Dept Foreign Affairs Intl Trade, Dept of Finance, Revenue Canada.; NCFTA Canada; Academia
• Business Associations: TELCO; ePayment Assoc., IT Assoc can.