Hannes astok policy development


Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Hannes astok policy development

  1. 1. e-Government Centre Moldova Digital security for better governance and public services Digital information security trainings 2013 ChisinauPresentation Title 12.03.2013
  2. 2. e-Government Centre Moldova Policy and legal framework development for Digital Security Hannes Astok Senior Expert eGovernmance AcademyPresentation Title 12.03.2013
  3. 3. Why policy framework? Growing threats and security concerns Vulnerability of the critical information systems Need for coordinated activities Clear roles and responsibilities between the institutions Better protection of information systems and critical infrastructure Estonian Cyber Security Strategy 2008-2013
  4. 4. Goals of the strategyEstablishment of a multilevel system of security measuresExpanding Estonia’s expertise in and awareness of information securityAdopting an appropriate regulatory framework to support the secure and extensive use of information systems
  5. 5. Goals of the strategy: more specifically1. Development and implementation of a system of security measures 1. Protection of the Critical Information Infrastructure (CII) 2. Development and Implementation of a System of Security Measures 3. Strengthening of Organisational Co-operation
  6. 6. Goals of the strategy: more specifically2. Increasing competence in information security 1. Organisation of Training in Cyber Security 2. Enhancing Research and Development3. Development of a legal framework for cybersecurity4. Development of international co-operation5. Raising awareness of cyber security
  7. 7. Relations to the other nationaldevelopment plansInformation Security Interoperability Framework (2007)Information Society Strategy 2013Knowledge-Based Estonia: R&D Development Strategy 2007-2013Criminal policy development strategyEducation and health development plans
  8. 8. Legal framework -International lawCouncil of EuropeConvention on Cybercrime 2004
  9. 9. EU legal frameworkAttacks against information systems: Council Framework Decision 222/2005/JHAProtection of personal data (95/46/EC and 2002/58/EC);Electronic communications (2002/58/EC);Retention of data (2006/24/EC);Re-use of public sector information (2003/98/EC; under revision) ;Information society services (2000/31/EC).
  10. 10. National legal frameworkPenal Code: responsibility and penalties about various types of crime and attacksElectronic Communications Act: requirements for publicly available electronic communications networks and communications services
  11. 11. National legal framework 2Personal Data Protection Act: clear legal basis for processing any kind of personal dataPublic Information Act: regulates the basis and procedures for the accessing of public information
  12. 12. National legal framework 3Information Society Services Act: limits the liability of Internet service providers for the content of their service, spam related issues and general requirements for the provision of information society services.
  13. 13. International CooperationUnited Nations: issues of cyber security are addressed by a high-level expert group of the Internet Governance Forum (IGF) and the International Telecommunication Union (ITU).
  14. 14. International Cooperation: EUEuropean CommissionThe European Network and Information Security Agency (ENISA) provides support to EU member states, institutions and entrepreneurs in the prevention and management of breaches in information security.
  15. 15. International Cooperation: EU 2European Programme for Critical Infrastructure Protection – EU reseach network realted to cyber security
  16. 16. Q&A Thank You! Hannes Astok www.ega.ee | hannes@astok.ee| +372 5091366 | hannesastok E-Governance Academy | Tõnismägi 2, 10112 Tallinn, EstoniaPresentation Title 12.03.2013