A Network of Networks
Connections <ul><li>Making connections </li></ul><ul><li>Body of knowledge </li></ul><ul><li>Network to Protect a Network ...
Learning objectives <ul><li>Principle CI sectors in Canada </li></ul><ul><li>Strategic approach </li></ul>
The main question <ul><li>As a nation what do we need to do to prevent attacks on our CI? </li></ul>
The main challenge <ul><li>“ What’s Best?” </li></ul>
Strategy   <ul><li>Vital CI Protection  </li></ul><ul><li>National Security/Public Safety </li></ul><ul><li>Federal/munici...
Strategic principles <ul><li>Network vs. network </li></ul><ul><li>Hubs not spokes </li></ul><ul><li>80% on 20% spending <...
Current trends in Risk Assessment <ul><li>Rising level </li></ul><ul><li>Efficiency and simplicity </li></ul><ul><li>Effec...
Sectors & responsible Federal Department Energy and utilities  Natural Resources Canada Communications & IT Industry Canad...
Action plan Actor Roles Responsibilities Federal Lead national <ul><li>Advance collective national approach to protecting ...
Reality
Critical Infrastructure (CI) “Club” <ul><li>Interdependence </li></ul><ul><li>Mutual interests </li></ul><ul><li>National ...
Linkages in CI sectors Communications & IT Healthcare Food Manufacturing Water Government Level 1 Level 2 Level 3 Transpor...
Communications & IT Safety Healthcare Finance Level 1 Level 2 Level 3 Example: Interdependencies on 911 Transportation Ene...
Why is telecommunications a CI? <ul><li>What was the  first critical infrastructure  to be recognized as such by the Feder...
Challenges in CI assurance <ul><li>Vastness </li></ul><ul><li>Command </li></ul><ul><li>Information sharing </li></ul><ul>...
Critical Infrastructure #11: the Internet <ul><li>Beyond control </li></ul><ul><li>Largest business </li></ul><ul><li>No C...
Internet epidemics <ul><li>Social network </li></ul><ul><li>Cascade model  </li></ul><ul><li>“ Susceptible, infected, susc...
Cyber crime: Numbers speak volumes <ul><li>#1 crime in North America </li></ul><ul><li>70% of victims do not report </li><...
SCADA - Critical Infrastructure #12 <ul><li>Power generation </li></ul><ul><li>Power distribution </li></ul><ul><li>Automa...
Telecommunications sector vulnerabilities <ul><li>Clustered Critical nodes </li></ul><ul><ul><ul><li>telecom hotels </li><...
Hardening the Internet <ul><li>13 root servers </li></ul><ul><li>13 gTLD servers </li></ul><ul><li>26 NAPs  </li></ul><ul>...
Unified Communications <ul><li>Video & other sensor data collection & analysis </li></ul><ul><li>Event monitoring </li></u...
<ul><li>Redundancy </li></ul><ul><li>Layering </li></ul><ul><li>Geographical separation </li></ul><ul><li>Growth/enhanceme...
Olympic winter games
Para-Olympic Winter Games
User Groups From Around The World VANOC IOC / IPC International Sport Federations Accredited Media National Committees Bro...
Vancouver 2010 <ul><li>Connectivity </li></ul><ul><li>Voice, Internet, Data </li></ul><ul><li>Cable TV </li></ul><ul><li>B...
Bell’s role
The games in numbers 34,000 8 2 130 19
What’s at play? <ul><li>H.323, XML, SOAP, T1, DS3, VoIP, SONET, EvDO, </li></ul><ul><li>802.11g, 802.1q, E10, E100, PSTN, ...
Coverage
Conclusions <ul><li>Core based Security </li></ul><ul><li>Public/Private partnership </li></ul><ul><li>Security Culture </...
Brian Phillips [email_address] 403 831-2434 Thank you
Upcoming SlideShare
Loading in...5
×

A Network of Networks

362

Published on

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
362
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
7
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

A Network of Networks

  1. 1. A Network of Networks
  2. 2. Connections <ul><li>Making connections </li></ul><ul><li>Body of knowledge </li></ul><ul><li>Network to Protect a Network </li></ul>
  3. 3. Learning objectives <ul><li>Principle CI sectors in Canada </li></ul><ul><li>Strategic approach </li></ul>
  4. 4. The main question <ul><li>As a nation what do we need to do to prevent attacks on our CI? </li></ul>
  5. 5. The main challenge <ul><li>“ What’s Best?” </li></ul>
  6. 6. Strategy <ul><li>Vital CI Protection </li></ul><ul><li>National Security/Public Safety </li></ul><ul><li>Federal/municipal </li></ul>
  7. 7. Strategic principles <ul><li>Network vs. network </li></ul><ul><li>Hubs not spokes </li></ul><ul><li>80% on 20% spending </li></ul><ul><li>Dual purpose </li></ul><ul><li>Asymmetric </li></ul>
  8. 8. Current trends in Risk Assessment <ul><li>Rising level </li></ul><ul><li>Efficiency and simplicity </li></ul><ul><li>Effectiveness </li></ul><ul><li>Preparedness </li></ul>
  9. 9. Sectors & responsible Federal Department Energy and utilities Natural Resources Canada Communications & IT Industry Canada Finance Finance Canada Health care Public Health Agency of Canada Food Agriculture and Agri-Food Canada Water Environment Canada Transportation Transport Canada Safety Public Safety Canada Government Public Safety Canada Manufacturing Industry Canada, Department of National Defence
  10. 10. Action plan Actor Roles Responsibilities Federal Lead national <ul><li>Advance collective national approach to protecting activities CI </li></ul><ul><li>Collaborate with national associations </li></ul><ul><li>Collaborate with CI owners and operators within </li></ul><ul><li>federal mandate in consultation with provinces </li></ul><ul><li>and territories </li></ul>Provincial/Territorial Lead provincial <ul><li>Collaborate with FTP activities to achieve the objectives of the National Strategy </li></ul><ul><li>Coordinate activities with other levels of </li></ul><ul><li>government, including local governments, </li></ul><ul><li>associations and CI owners and operators </li></ul>Critical Infrastructure Owner/Operator Collaboratively manage risks related to their critical infrastructure <ul><li>Responsible for risk management </li></ul><ul><li>Participate in CI identification, assessment, </li></ul><ul><li>prevention/mitigation, preparedness, response </li></ul><ul><li>and recovery activities </li></ul>
  11. 11. Reality
  12. 12. Critical Infrastructure (CI) “Club” <ul><li>Interdependence </li></ul><ul><li>Mutual interests </li></ul><ul><li>National Emergency Strategy </li></ul><ul><li>90% of events local </li></ul><ul><li>“ Family” response </li></ul>
  13. 13. Linkages in CI sectors Communications & IT Healthcare Food Manufacturing Water Government Level 1 Level 2 Level 3 Transportation Safety Finance Energy Utilities
  14. 14. Communications & IT Safety Healthcare Finance Level 1 Level 2 Level 3 Example: Interdependencies on 911 Transportation Energy Utilities
  15. 15. Why is telecommunications a CI? <ul><li>What was the first critical infrastructure to be recognized as such by the Federal Government? </li></ul><ul><li>Cuban Missile crisis </li></ul><ul><li>Kennedy - Khrushchev </li></ul><ul><li>Hotline link </li></ul><ul><li>NCS (National Communications System) </li></ul>
  16. 16. Challenges in CI assurance <ul><li>Vastness </li></ul><ul><li>Command </li></ul><ul><li>Information sharing </li></ul><ul><li>Knowledge </li></ul><ul><li>Interdependencies </li></ul><ul><li>Inadequate tools </li></ul><ul><li>Asymmetric conflict </li></ul>
  17. 17. Critical Infrastructure #11: the Internet <ul><li>Beyond control </li></ul><ul><li>Largest business </li></ul><ul><li>No CEO, governance, oversight </li></ul><ul><li>Potential for abuse </li></ul><ul><li>Cyber war </li></ul>
  18. 18. Internet epidemics <ul><li>Social network </li></ul><ul><li>Cascade model </li></ul><ul><li>“ Susceptible, infected, susceptible” cycles </li></ul>
  19. 19. Cyber crime: Numbers speak volumes <ul><li>#1 crime in North America </li></ul><ul><li>70% of victims do not report </li></ul><ul><li>Only 245 cyber crime police </li></ul><ul><li>18M Canadians - $50B of commerce </li></ul>
  20. 20. SCADA - Critical Infrastructure #12 <ul><li>Power generation </li></ul><ul><li>Power distribution </li></ul><ul><li>Automatic metering </li></ul><ul><li>Gas production </li></ul><ul><li>Gas distribution </li></ul><ul><li>Gas supply management </li></ul><ul><li>Telecommunications </li></ul><ul><li>Oil refinery control </li></ul><ul><li>Oil pipeline management </li></ul>
  21. 21. Telecommunications sector vulnerabilities <ul><li>Clustered Critical nodes </li></ul><ul><ul><ul><li>telecom hotels </li></ul></ul></ul><ul><ul><ul><li>IEC POPS and gateways </li></ul></ul></ul><ul><ul><ul><li>land earth stations (LES) that link communication satellites to terrestrial communication </li></ul></ul></ul><ul><li>Gateway connections </li></ul><ul><li>Cyber attacks, and HPM attacks </li></ul>
  22. 22. Hardening the Internet <ul><li>13 root servers </li></ul><ul><li>13 gTLD servers </li></ul><ul><li>26 NAPs </li></ul><ul><li>50+ top e-commerce sites </li></ul>
  23. 23. Unified Communications <ul><li>Video & other sensor data collection & analysis </li></ul><ul><li>Event monitoring </li></ul><ul><li>Situational management </li></ul><ul><li>First responder alerting </li></ul><ul><li>Field based identity verification </li></ul>
  24. 24. <ul><li>Redundancy </li></ul><ul><li>Layering </li></ul><ul><li>Geographical separation </li></ul><ul><li>Growth/enhancement </li></ul><ul><li>Situational awareness </li></ul>Control Centre security principals
  25. 25. Olympic winter games
  26. 26. Para-Olympic Winter Games
  27. 27. User Groups From Around The World VANOC IOC / IPC International Sport Federations Accredited Media National Committees Broadcasters Sponsors
  28. 28. Vancouver 2010 <ul><li>Connectivity </li></ul><ul><li>Voice, Internet, Data </li></ul><ul><li>Cable TV </li></ul><ul><li>Broadcast </li></ul><ul><li>PCS Wireless </li></ul><ul><li>Private Radio </li></ul><ul><li>Wireless Networking </li></ul><ul><li>Business Office </li></ul><ul><li>Portal </li></ul><ul><li>Staffing </li></ul><ul><li>2010 Innovation Centre </li></ul>
  29. 29. Bell’s role
  30. 30. The games in numbers 34,000 8 2 130 19
  31. 31. What’s at play? <ul><li>H.323, XML, SOAP, T1, DS3, VoIP, SONET, EvDO, </li></ul><ul><li>802.11g, 802.1q, E10, E100, PSTN, PTT, SDI, HD, </li></ul><ul><li>ISDN, SS7, HTML, SSL, BGP, OC3, OC12 </li></ul>
  32. 32. Coverage
  33. 33. Conclusions <ul><li>Core based Security </li></ul><ul><li>Public/Private partnership </li></ul><ul><li>Security Culture </li></ul><ul><li>Technology as tool </li></ul><ul><li>External audit </li></ul>
  34. 34. Brian Phillips [email_address] 403 831-2434 Thank you
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×