Shuky peleg e_gov_cyber_presentation_information_sharing


Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Shuky peleg e_gov_cyber_presentation_information_sharing

  1. 1. Information Sharing A requirement for Cyber Defense Shuky Peleg, CISA, CISSP Head of Information Security, eGovOctober 2012 | Ministry of Finance - eGovernment
  2. 2. What is eGov?Providing citizens and businesses with betteraccess to government information.eGov simplifies and shortens bureaucraticprocesses, offers online services and implementsadvanced government technologies in order tobenefit citizens and businesses.
  3. 3. Improving Improving Raising government’s service image Saving government for money production businesses Better New service for online citizensservices Increasing efficiency Reducing bureaucracy Vision Raising productivity and Increasing Goalstransparency Managing platform for 24/7 Providing Technological inter-ministries service better, processes efficient advancements online service
  4. 4. eGovThe Internet Frontier of the Israeli Government  eGov Services for Citizens and Businesses  Secure ISP/ASP/ESB/Connectivity providers for the Ministries  IT & Cyber Security Service Providers for Ministries  Knowledge Center and coordination body for IT & Cyber Security (CERT, SIEM, Threat and Malware Research)
  5. 5. eGov Number of employees : ~250, all technology experts. The E-Government unit is built entirely from Hi-tech professionals, employed by government tenders for technology services. Part of E-Government projects are carried out using full outsourcing. E-Government is regulated by NISA. All e-Government employees have required level of security clearance
  6. 6. eGov Topology Government Offices Government Network e-Gov InternetCitizen Business Citizen Business
  7. 7. Personalization My Gov | Smart ID Doing Building Property or MASLOL businessBusiness permits registration Service Cellular |Multi-channels Web stations IVR Social media | Media and Shituf government Gov 2.0 | Customer transparency contact data gov service Gov Servie eGov Standards bus Gov X report Government Search MASE information kids engine project Online Payment Forms services service service Web hosting Information ISP BCP/DRP and Email security 7 1997/8 2000/1 2002/3 2004/5 2006 2007 2008 2009 2010 2011 2011/2
  8. 8. eGov Security Group An inherent part of eGov core activity A technology leader A knowledge center and a public sector focal point for all ICT security issues Promoting Israeli Information Security technologies
  9. 9. Main Threats Defacement of Government Sites  Bank of Israel - 2008 Denial of Service attacks  “Cast Lead” in Gaza - 2009 Theft/Corruption of Government Data Corruption / disturbance to National Critical Infrastructure Theft of services or money from the Government (E- Commerce) Identity fraud / theft (E-Forms, PKI Infrastructure) Information Leakage Using Government Infrastructure as enabler / facilitator of Cyber conflict Using Public Infrastructure as enabler / facilitator of Cyber conflict
  10. 10. Main Protection Principles Separation of duties Segregation of Networks Log Everything Pass only what we can monitor No remote administration No single point of failure - “2 mistakes” Secure Development Lifecycle Identifying Cross-application and cross-domain influences
  11. 11. Organizational Chart Head of Head of IT Information Infrastructure Security Cyber, Information Operation Centre Technology and Methodology and Security SystemsIncident Response Application (Network and Hosting Services Team Administration Security Team Officer Security) 1st Level Security Platforms and Security CERT and Analysis Pen. Testing Monitoring and Systems Implementation response Hardening (AV, FW, Mail…) 2nd Level Monitoring and Forensics Security Research
  12. 12. Regulatory Environment Industry NISA Standards Critical and Infrastructure Government Regulations: CIO ISO 27001, PCIPrivacy ILITA National Cyber Bureau Self National and Regulation Internationals and Best Laws and Practices… Regulations
  13. 13. Cooperation efforts Standards Industry Israeli and institution Peers foreign CERT of Israel organizations National Cyber Bureau Israeli Cyber Defense technology Community companiesGovernment Peersenterprises Universities and research intuitions
  14. 14. Focus on the CERT Organization
  15. 15. Member in a Global CERT Org.
  16. 16. Creation of a Nation-Wide View National CERT Procedures, Guidelines and Immediate Actions Government ) Academy ) Alerts Private Sector Financial Sector Critical Infrastructure Defense Procedures, Guidelines and Immediate Actions Transportation Government Public Sector Universities Telecomm Industries Insurance Colleges Defense Banking Military Offices Energy Watere-Gov SMBs ISPs
  17. 17. Our Legacy Our Routine Our VisionProtecting Participate in Serving as a liaisonGovernment Internet designing secured between the publicGateway and Servers systems and and cyber defense preventing malicious agencies and intents via advanced government bodies monitoring to protect our way of life in the information era. 20
  18. 18. Ministry of Finance –E-Government Division Thank you !