MINISTRY OF NATIONAL DEFENCE REPUBLIC OF POLANDCLASSIFIED INFORMATION PROTECTION DEPARTMENT

UNCLASSIFIED 1

POLISH NATIONAL SYSTEM FOR CYBER DEFENCE

COL. PIOTR GRZYBOWSKI, Director,

Classified InformationProtection Department

MINISTRY OF NATIONAL DEFENCE REPUBLIC OF POLANDCLASSIFIED INFORMATION PROTECTION DEPARTMENT

UNCLASSIFIED 2

Agenda

• Polish National System of the Cyber Defence - structures and operation,

• Policy, doctrine, resource and armaments related issues of the development and operation of the Cyber Defence System of the POL MoND.

MINISTRY OF NATIONAL DEFENCE REPUBLIC OF POLANDCLASSIFIED INFORMATION PROTECTION DEPARTMENT

UNCLASSIFIED 3

Cyber Security capabilities - how to get?

Legal framework• Military regulations• National regulations• International regulations

Organizational structures

• MIL-CERT• GOV-CERT

Technical enhancement• IT security measures

CYBERSECURITY

MINISTRY OF NATIONAL DEFENCE REPUBLIC OF POLANDCLASSIFIED INFORMATION PROTECTION DEPARTMENT

UNCLASSIFIED 4

Land Sea

Air Space

Cyber Space

Cyber Defence in Military Sphere

Land Sea

Air Space

Cyber Space Critical

Infrastructure

CyberSpace

IT CI

MINISTRY OF NATIONAL DEFENCE REPUBLIC OF POLANDCLASSIFIED INFORMATION PROTECTION DEPARTMENT

UNCLASSIFIED 5

MoN

D

Resp

onse

for

co

mpu

ter a

nd I

T sy

stem

s i

ncid

ents

CyberCrime

CyberTerrorism, CyberWar

National Cyber Defence SystemGovernmental Coordination Centre

Security Policy for Cyber Defence

MCISInternal Security

AgencyFOCUS POINT OF CONTACT

MILITARY POLICE POLICE

CERT GOV

CERT Teams(eg. ABUSE Forum)CERT PL

MIL CERT

MINISTRY OF NATIONAL DEFENCE REPUBLIC OF POLANDCLASSIFIED INFORMATION PROTECTION DEPARTMENT

UNCLASSIFIED 6

Legal basis of POL Military CIRC

• MoND Decision No 357/MON dated 29 Jul 2008 about organization and functioning Computer Incident Response System in MoND.

• MoND Decision No 38/MON dated 16 Jan 2012 – which establishedthe role of Representative of the Minister of National Defence for Cyber Security

• Guidelines and Directions of Military Counter-Intelligence Service.• Computer Incident Response Capability Handbook – in co-ordination with

Military Counter-Intelligence Service.• CIRC Standard Operational Procedures in MoND.• Strategy of IT development within Ministry of National Defence Republic

of Poland.• Vision of Polish Armed Forces 2030.

MINISTRY OF NATIONAL DEFENCE REPUBLIC OF POLANDCLASSIFIED INFORMATION PROTECTION DEPARTMENT

UNCLASSIFIED 7

Responsibilities

PolishMilitary Contingent

MIL-CERTmilitary sphere

CERT.gov.plInternal Security Agency

CERT PolskaResearch and Academic

Network in Poland(NASK)

NCIRC TCNATO

MILITARY POLICE

Military Counter-Intelligence Service

MOU between NATO CDMA and POL NSA

concerning cooperation on Cyber Defence

POC for military network is MCISA

Agreement between DoD of US

and MoND the Republic of Poland

concerning cooperation on IA and CND

MILREP

MINISTRY OF NATIONAL DEFENCE REPUBLIC OF POLANDCLASSIFIED INFORMATION PROTECTION DEPARTMENT

UNCLASSIFIED 8

Cyber Defence Structure in POL MoND

UNCLASSIFIED

Coordination Centre

=======================

IT&T DEPARTMENT

Technical Support Centredivision of MCISA

IT Systems Administratorsmilitary units (Div, Brig) and organizational cells of MoND

three-layered organisational structure

RAPID REACTION TEAM

The

Polish

com

pute

r inc

iden

t res

pons

e

syst

em h

as b

een

crea

ted

as N

ATO

initia

tive

MINISTRY OF NATIONAL DEFENCE REPUBLIC OF POLANDCLASSIFIED INFORMATION PROTECTION DEPARTMENT

UNCLASSIFIED 9

Information sharing of military CERT related to Cyber Defence

Governmental entities

POLICE HQ

MILITARY POLICEHEADQUARERS

International bodies

NATO CIRC Coordination Centre and Technical

Support Centre

Non - governmental organisations

CERT PLNASK

NATO agencies

Internal Security AgencyCERT GOV PL

Service of military counter intelligence ABUSE Forum

Other CSIRT (CERT Team)

US agencies

….but not only.

Other CSIRT

MINISTRY OF NATIONAL DEFENCE REPUBLIC OF POLANDCLASSIFIED INFORMATION PROTECTION DEPARTMENT

UNCLASSIFIED 10

Cyber Security activities• International cooperation:

– Information Assurance/Computer Network Defence MoU (signed in June 2010) with DoD US - forms basis for cyber defence cooperation

– sharing information with NATO CIRC TC;– Cooperative Cyber Defence Centre of Excellence - planned.

• Exercises:– International Cyber Defence Workshops; – Cyber Endeavor;– NATO Cyber Defence workshops ; – EU Cyber Defence workshops; – National Cyber Defence workshops.

• Courses, symposia, conferences, and other form.

MINISTRY OF NATIONAL DEFENCE REPUBLIC OF POLANDCLASSIFIED INFORMATION PROTECTION DEPARTMENT

UNCLASSIFIED 11

Nearest future…

Development of „National Policy for Cyberspace Security ” and „Security Policy for Cyber Defence”;

Reorganization and extending MIL CERT Poland; Introducing Early Warning System; Implementation of (dynamic modification)

Incident Handling Manual with Standard Operational Procedures.

MINISTRY OF NATIONAL DEFENCE REPUBLIC OF POLANDCLASSIFIED INFORMATION PROTECTION DEPARTMENT

UNCLASSIFIED 12

Final remarks on POL CIRC activities

• Close cooperation among governmental and non-governmental organizations (corporations and ISP’s);

• Synergy of technical, legal and organizational actions is the key issue;

• Necessity of fast adaptation to new threats and conditions;

• Users’ awareness enhancement in the field of current threats and ways of protection;

• Critical infrastructure protection – essential to assure security of the country.

MINISTRY OF NATIONAL DEFENCE REPUBLIC OF POLANDCLASSIFIED INFORMATION PROTECTION DEPARTMENT

UNCLASSIFIED 13

THANK YOU FOR YOUR ATTENTION