There is a proliferation of critical Systems in utility services, e.g. power distribution, telecommunications, water and others. Critical systems also are used to drive the economic activity, for example, Banks and Financial Institutions, stock markets, Tax systems and others. Furthermore business in general is now increasingly done online through e-commerce so are other services through e-Services.
Increasingly also, most governments have developed eGovernment strategies that highlight strategic aims like improving service and content delivery through the development of a core set critical infrastructures. Governments are investing heavily in the undersea cables, development of national telecommunications infrastructure, backbone networks and increased bandwidth and connectivity. These developments coupled with the diffusion of devices, deregulation and falling bandwidth prices, has led to an increase in the roll out and consumption of government public service offerings and information. These developments are also employed to use technology as leveller for social equality by homogenising quality of service across societies in areas like health, education and agriculture, through for example eHealth and telemedicine, Tele-education and Distance learning. Governments are also engaged in open government initiatives and are opening up datasets and statistics to facilitate business and innovation.
As a result, most countries as a matter of strategic security imperative and as part of Critical information infrastructure protection in relation to this proliferation of critical systems, critical infrastructure and services, are now developing or have developed Computer emergency response teams (CERTs) and security incident response team (SIRTs) to handle cybersecurity incidents.
This workshop aims to engage stakeholders to identify these critical systems by sector , consider analysis of vulnerabilities to these critical infrastructures, and discuss and engage around envisaged roles of protection structures, various types of protection structures, experiences and challenges from around the world, stakeholder matrix and work towards development of a template framework for consideration for adoption as a model, a model that brings together stakeholders also involves for example cross border sharing of incident data for Law enforcement.
Chairs Software Engineering Institute, Carnegie Mellon University (SEI)
13:30 – 14:15 Ms. Tracy Bills, CERT Division of the Carnegie Mellon University Software Engineering
Introduction to CSIRTs and the Current Cyber Landscape
14:15 – 14:45 Thomas Sterling, Indiana University
Introduction to Computer Emergency Response Teams (CERT)- Academic & Research Perspective
14:45 – 15:15 Ignace Ertilus - Representative of the U.S Law enforcement
Collaboration between law enforcement and CSIRTS
15:15 – 16:00 Panel SEI – CERT-CC Moderated Panel on Regional Perspectives featuring CERT-MU, other regional representatives
A Regional Perspective on CERT Operation
Ms. Tracy Bills, CERT Division of the Carnegie Mellon University Software Engineering Institute (SEI). Tracy A. Bills is a Senior Computer Security Information Analyst in the CERT® Coordination Center of Carnegie Mellon University’s Software Engineering Institute (SEI). She has 20 years of combined experience in cybersecurity and intelligence analysis. She has helped build and mature national-level cybersecurity information sharing programs. Tracy has worked extensively to assist both public and private computer security incident response teams (CSIRTs) and security operations centers (SOCs) to develop, implement, and refine effective processes. Currently, her focus is on helping national-level CSIRTs build capabilities and capacity.
Her previous professional experience includes being the Multi-State Information Sharing and Analysis Center’s (MS-ISAC) liaison to the Department of Homeland Security where she served as the link between Federal Government and State, Local, Territorial, and Tribal (SLTT) Governments for cybersecurity awareness. Prior to that, Tracy was a Senior Cyber Threat Analyst in the Department of Defense (DoD) supervising over 40 staff and providing situational awareness and understanding of cyber threats impacting DoD networks
Professor Thomas Sterling, Indiana University – Conference Key Note Speaker
Representatives from SADC member states
Ignace Ertilus - Representative of U.S. law enforcement