Upload
judith
View
27
Download
0
Tags:
Embed Size (px)
DESCRIPTION
Session 4.2: Creation of national ICT security infrastructure for developing countries. National IP-based Networks Security Centres for Developing Countries. National Center for Network Security. - PowerPoint PPT Presentation
Citation preview
Session 4.2: Creation of national ICT security
infrastructure for developing countries
National IP-based Networks Security Centres for Developing Countries
2Addressing security challenges on a global scale Geneva, 6-7 December 2010
National Center for Network Security
National administrations are attempting to build confidence and security in the use of information and communication technologies (ICTs). Due to convergence and mobility, telecommunications carrier networks and the associated information systems are exposed to new classes of security threats.
3Geneva, 6-7 December 2010 Addressing security challenges on a global scale
NCNSThe risks associated with globally interconnected networks require concerted responses from nations.
Member States over the past decade have repeatedly affirmed the need for international cooperation against threats in the sphere of ICT security in order to combat the criminal misuse of information technology, to create a global culture of cyber security, and to promote other essential measures that can reduce risk.
4Geneva, 6-7 December 2010 Addressing security challenges on a global scale
5Addressing security challenges on a global scale Geneva, 6-7 December 2010
NCNS services can be grouped into three categories:
Reactive services. These services are triggered by an event or request, such as a report of a compromised host, wide-spreading malicious code, software vulnerability, or something that was identified by an intrusion detection or logging system. Reactive services are the core component of NCNS work.
Proactive services. These services provide assistance and information to help prepare, protect, and secure constituent systems in anticipation of attacks, problems, or events. Performance of these services will directly reduce the number of incidents in the future.
Security quality management services. These services augment existing and well-established services that are independent of incident handling and traditionally performed by other areas of an organization such as the IT, audit, or training departments.
6Addressing security challenges on a global scale Geneva, 6-7 December 2010
Informal definition:
NCNS that acts as national point of contact (PoC) for information sharing (like incident reports, vulnerability information and other) with other national security centers the ITU Member States and worldwide.
NCNS can be considered as “center of last resort”, which is just another definition of a unique national PoC with a coordinating role.
In a lot of cases a national security network center also acts as governmental center.
7Addressing security challenges on a global scale Geneva, 6-7 December 2010
Identification of challenges that may be faced by developing countries with respect to creating these centers:
•Access to new technologies (in information security too),•High-value solution, (not based on open software),•Lack of incremental design,•Different laws (NDA),•Retraining experts (particular R&D department),
8Addressing security challenges on a global scale Geneva, 6-7 December 2010
Moreover National IP-based Public Networks security center for developing countries is under study by SG 17
RESOLUTION 130 (REV. GUADALAJARA, 2010)
Strengthening the role of ITU in building confidence
and security in the use of information and
communication technologies
9Addressing security challenges on a global scale Geneva, 6-7 December 2010
Consider the possible need for ITU Recommendations.
-Recommendation (New Standard) for cooperation and security exchange between NCNS and over security bodies ,
-Recommendation (New Standard) for architecture of NCNS,
- Guidance for organization security cooperation and coordination.
10Addressing security challenges on a global scale Geneva, 6-7 December 2010
NCNS NCNs
InternetTelco security
BCP\DRPSPAM (include SMS/MMS)
Anti-Fraud infrastructure attacks
attacks in signaling networks
hacking of exchange protocols
Network operators (mobile, fixed,conver.)
CIRT\CERT
FIINA
CFCASOC
POLICEVendor
TEM
11Addressing security challenges on a global scale Geneva, 6-7 December 2010
Dmitry Kostrov
JSC “MTS”
THANKS !