Aims & Expectations of Gibraltar

Cyber Security Forum 2010

By Joseph M Torres

Gibraltar Regulatory Authority

Introduction

Putting Things into Perspective

• Gibraltar’s population <30k

• Economy– Tourism– Financial Services– Online Gambling

Small Jurisdiction but…

• World Class Online Gambling Operators

• Gambling attracts Cyber Crime– Fraud– Denial of Service– Personal Data / Identity theft

Importance of a CERT

• Government

• Organisations

• Community

• Need for robust mechanisms– Swift action– Fast response and management of threats– Minimize downtime & disruptions

Current legal Instruments

• Communications Act 2006– Protecting the infrastructure (GRA)

• Data Protection Act 2004– Protecting the privacy of the individual (GRA)

• Crimes (Computer Hacking) Act 2009– Criminalising illicit use of computers (Police)

Dealing with Cyber Threats

• Small– Home Users

• Medium– SME

• Large– Network / Service Providers

Key Players

• Network Operators• Service Providers• Law Enforcement• MoD• Government• GRA

Sharing of Information

• Between Operators– Network– Gambling

• Between Government Agencies– Ministries– Law enforcement

Need for CERT?

• Locally– Already established under other committees– Resource management – Legal framework– Self regulated

• International Coordination– No coordination with International Agencies– No central local point of contact

CERT Deliverables

• Coordination of resources– Local & International

• Monitoring of attacks

• Education i.e.– How to stop proliferation of virus

• Prevention

Who should be Responsible

• Government

• Operators

• Government Agency

Conclusions

• Need for formal resource coordination– Locally – Internationally

• Education

• Need for a CERT? – Clear cut guidelines– Committee or Independent body?

Thank you

Any Questions