Upload
leslie-bishop
View
227
Download
3
Embed Size (px)
Citation preview
Working Internationally in Cyber-Security – Issues and Opportunities
Moderator – Dr Andrew Vallerand Canadian Centre for Security Science
Panelists - Mr. Josh Caplan SPAWAR
Dr. Peeter Lorents NATO CyberSecurity COE
Mr. Mitch Dembin Assistant US Attorney, San Diego Office
Important to work internationally?
•In an interdependent world, the risks faced by any one agent depend not only on its choices but also on the choice of all others.
•Failures of a weak link in an interdependent system can have devastating impacts on all parts of the system.
•Because interdependence does not require proximity, the antecedents to catastrophes can be quite distinct and distant from the actual disaster.
Cyber Security
• Like airline passenger flows, cyberspace has a large number of entry points
• No one country or carrier can independently secure the system or take effective unilateral actions
• We must work collectively and collaboratively in a variety of areas to close the gaps.
Interdependent Security
• Demands that we acknowledge others security levels
• Suggests it is in our own best interests to share – Threat analysis– Security capability enhancements– Best Practices– Network contacts with Subject Matter Experts– Trans-Border Projects and S&T-based Exercises;
Today’s Panelists
Each Panelist is a Subject Matter Expert in one of three distinct areas of international cyber security
1. Cyber Operations and Information Warfare
2. Cyber Security and Defence
3. The effective Prosecution of Cyber Crimes
• Some Canadian perspectives …
from the Centre for Security Science
Weapons EffectsVehicles
Autonomous SystemsMilitary EngineeringChem & Bio Defence
Human FactorsDecision Support
Command EffectivenessOperational Medicine
Simulation & Modelling
Radar, EWSpace Systems
Information OperationsCommunications
Synthetic Environment
Electro-opticsCombat Systems
Command & ControlInformation Management
Systems Environment
Underwater SensingMaterials
Air VehiclesMarine VehiclesSignature Mgt.
9 Defence R&D Canada Centers
Centre for Security Science
Centre for Operations Research and Analysis
DG Mil Pers R&A
ADM(S&T), DG S&T Ops
National Recognition
•Canada recognizes the importance of interdependency in cyber security as we are about to implement a “National Cyber Security Strategy”
•At the same time, we are continuing work with Allies and like minded nations to ensure that Canada cannot be used as a base for cyber attacks on our friends and neighbours.
Cyber Objectives and Outcomes
1. Secure Canadian Federal digital infrastructure;
2. Secure Canadian National digital infrastructure; and,
3. Combat cyber crime & protect Canadians online
1. Protect Canadians and Canadian interests within cyber space;
2. Ensure Canada is not a base for cyber threats to friends and allies; and,
3. Bring to Justice those who breech Intl & domestic Canadian laws regarding the use of cyber space.
S&T as a lead investment effectively
links Objectives to
Outcomes through
enhanced capabilities
Objectives & Outcomes are found in the 2004 National Security Policy, International Policy Statement, the Speech from the Throne and other sources
Crowded CyberSecurity Space
Canadian national landscape• Privy Council Office (White House in US)
– National Security Advisor to the Prime Minister• Public Safety Canada
– Government Operations Centre (GOC)– Integrated Threat Assessment Centre (ITAC) / Canadian Cyber Incident Response
Centre (CCIRC; CERT in US)– Royal Canadian Mounted Police (RCMP; FBI & US Marshall Serv in US) – Canadian Security Intelligence Service (CIA in US)– Canadian Border Services Agency (CBP in US)
• Industry Canada– Communications Research Centre (CRC)– National Research Council (NRC) – National Science and Engineering Research Council (NSERC)
• Treasury Board Secretariat– Chief Information Officer
• National Defence– Defence Research and Development Canada (DRDC; DDR&E in US)– Communications Security Establishment Canada (CSEC: NSA in US)– Assistant Deputy Minister (Information Management)
Consolidate S&T Goals & Efforts
Provide S&T support to federal & national efforts in cyber security capability development, generation and employment, specifically to :
1.Identify and understand evolving cyber threats;2.Improve existing cyber security capabilities, based on gaps;3.Lead the development of future national cyber security capabilities using new, enhanced or emerging technologies and supporting processes to prepare, prevent, respond and recover from cyber attacks including advanced forensics to enable effective threat identification, source and indication of malicious intent to aid in successful prosecutions. 4.Facilitate the rapid transfer of new technologies and supporting processes into the national digital infrastructure.
Summary of National Element
• To address threats, vulnerabilities, risks and gaps in national capabilities, Canada is building a Whole of Government Strategy for Cyber Security.
• To enable its implementation and to facilitate the linkage of Objectives to Outcomes, a Whole of Government S&T program is being initiated leveraging Govt, Industry, Academia and Allied S&T as a potent Lead Investment.
• The value proposition of such a S&T program includes the:– Delivery of trusted advice– Risk identification and mitigation– Integration of knowledge– Open innovation
Knowledgeintegrator
Trustedadvisor
Riskmitigator
Openinnovator
International Space
• Public Security Technical Program (Can-US)
• NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE); NATO RTO IST panel,
• The Technical Cooperation Panel (5 eyes); TTCP C3I panel
• Strategic Alliance Cyber Crime Working Group (5 eyes - Lead Law Enforcement Agencies)
• Europa 7th Framework Program (EU R&D on ICT)