Protection Structures - Computer emergency response teams (CERTs) and Network Security

Day one

Workshop Abstract

There is a proliferation of critical Systems in utility services, e.g. power distribution, telecommunications, water and others. Critical systems also are used to drive the economic activity, for example, Banks and Financial Institutions, stock markets, Tax systems and others. Furthermore business in general is now increasingly done online through e-commerce so are other services through e-Services.
Increasingly also, most governments have developed eGovernment strategies that highlight strategic aims like improving service and content delivery through the development of a core set critical infrastructures. Governments are investing heavily in the undersea cables, development of national telecommunications infrastructure, backbone networks and increased bandwidth and connectivity. These developments coupled with the diffusion of devices, deregulation and falling bandwidth prices, has led to an increase in the roll out and consumption of government public service offerings and information. These developments are also employed to use technology as leveller for social equality by homogenising quality of service across societies  in areas like health, education and agriculture, through for example eHealth and telemedicine, Tele-education and Distance learning. Governments are also engaged in open government initiatives and are opening up datasets and statistics to facilitate business and innovation.

As a result, most countries as a matter of strategic security imperative and as part of Critical information infrastructure protection in relation to this proliferation of critical systems, critical infrastructure and services,  are now developing or have developed Computer emergency response teams (CERTs) and security incident response team (SIRTs)  to handle cybersecurity incidents.

This workshop aims to engage stakeholders to identify these critical systems by sector , consider analysis of vulnerabilities to these critical infrastructures, and discuss and engage around envisaged roles of protection structures, various types of protection structures, experiences and challenges from around the world, stakeholder matrix and work towards development of a template framework for consideration for adoption as a model, a model that brings together stakeholders also involves for example cross border sharing of incident data for Law enforcement.

 

Outcomes

Programme

Chairs                         Software Engineering Institute, Carnegie Mellon University (SEI)

Facilitator                  SEI

Contact                      SEI

Rapporteur                Strategy task Team Member– Ministry Of Transport & Communications

 

                       

Day One

13:30 – 14:15 Ms. Tracy Bills, CERT Division of the Carnegie Mellon University Software Engineering

Introduction to CSIRTs and the Current Cyber Landscape

  • Types of CSIRTs; challenges for National CSIRTs
  • Aligning National CSIRT with National Strategy
  • Considerations for CSIRTs in Developing Countries
  • Information sharing lessons learned

14:15 – 14:45 Thomas Sterling, Indiana University

Introduction to Computer Emergency Response Teams (CERT)- Academic & Research Perspective

  • Models, Data sharing, Processes and Strategic considerations
  • Critical Information Infrastructure Protection Framework

14:45 – 15:15 Ignace Ertilus - Representative of the U.S Law enforcement

Collaboration between law enforcement and CSIRTS

  • Discussion on methods and strategies for collaboration between CSIRT- investigation and law enforcement entities

15:15 – 16:00 Panel SEI – CERT-CC Moderated Panel on Regional Perspectives featuring CERT-MU, other regional representatives

A Regional Perspective on CERT Operation

  • Regional Experiences on CSIRT Formation
  • Protecting Key Infrastructure (PKI) and best practices
  • Products in the market- Experiences of commercial and open source solutions
  • Regional Economic Community Perspectives
  • International Collaboration
  • Current challenges

 

Speakers

 

Tracy Bills

Ms. Tracy Bills, CERT Division of the Carnegie Mellon University Software Engineering Institute (SEI). Tracy A. Bills is a Senior Computer Security Information Analyst in the CERT® Coordination Center of Carnegie Mellon University’s Software Engineering Institute (SEI). She has 20 years of combined experience in cybersecurity and intelligence analysis. She has helped build and mature national-level cybersecurity information sharing programs. Tracy has worked extensively to assist both public and private computer security incident response teams (CSIRTs) and security operations centers (SOCs) to develop, implement, and refine effective processes. Currently, her focus is on helping national-level CSIRTs build capabilities and capacity.

Her previous professional experience includes being the Multi-State Information Sharing and Analysis Center’s (MS-ISAC) liaison to the Department of Homeland Security where she served as the link between Federal Government and State, Local, Territorial, and Tribal (SLTT) Governments for cybersecurity awareness. Prior to that, Tracy was a Senior Cyber Threat Analyst in the Department of Defense (DoD) supervising over 40 staff and providing situational awareness and understanding of cyber threats impacting DoD networks

Professor Thomas Sterling, Indiana University – Conference Key Note Speaker

Representatives from SADC member states

Ignace Ertilus - Representative of U.S. law enforcement

Conference Starts in

Contacts

For information about the conference, including registration, please contact us at:

  • ubcsconferences(@) mopipi.ub.bw
  • +267 3554975
  • Block 247, Office 269, University of Botswana