From CERT-Hungary
to National Cybersecurity Centre


                Ferenc Suba LLM, MA
                Chairman of the B...
CERT-Hungary
- Started as a project by the Ministry of IT and
Communications, now under Prime Minister’s Office
- Partners...
Government Foundation

- Theodore Puskás Government Foundation
- Founded in 1993 by the Government of Hungary, academia,
b...
e-Commerce Act
- Only tool to motivate the ISPs
- Liability clauses: indirect liability for ISPs = ISP is liable for
any w...
Ministerial Decree on National Alert Service
                      for Communications

- Regulates CIIP in communications ...
Government Decree No 223/2009.
         on the security of public electronic services



- Sections 8-10: National Cyberse...
The Hungarian model
- Bottom-up approach, 5 years of evolution
- Establish a flexible organisation
- Be close to central g...
Thank you for your attention and patience!

         PTA CERT-Hungary
         www.cert-hungary.hu
         Puskás Tivadar...
Day 1   From CERT To NCSC
Upcoming SlideShare
Loading in...5
×

Day 1 From CERT To NCSC

358

Published on

Presentation by CERT-Hungary

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
358
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
8
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Day 1 From CERT To NCSC

  1. 1. From CERT-Hungary to National Cybersecurity Centre Ferenc Suba LLM, MA Chairman of the Board PTA CERT-Hungary Vice-chair of the MB ENISA
  2. 2. CERT-Hungary - Started as a project by the Ministry of IT and Communications, now under Prime Minister’s Office - Partnership Agreements with: National Communications Authority, Financial Regulatory Authority, Prime Minister’s Office, National Bureau of Investigation - Accredited member of FIRST, TI, EGC - Operator of the National Alert Service of Communications as contractor - Responsible for information security of the e-gov backbone network - Trusted partner of the banking and energy sector (WGs) in CIIP, regular exercises -- International co-operations: FI-ISAC, Meridian, IWWN -- CERT capacity building: Bulgaria, South Africa
  3. 3. Government Foundation - Theodore Puskás Government Foundation - Founded in 1993 by the Government of Hungary, academia, business companies - Governed by the Civil Code, Act on Public Benefit Organisations - Part of the yearly state budget - Supervised by the Prime Minister’s Office - Engaged in technology transfer, information security - Entitled to have business activities (max. 20% of the yearly income) - Flexible organisation, staff motivation, survives government changes - Think tank, preparation of regulation, project management, technical service
  4. 4. e-Commerce Act - Only tool to motivate the ISPs - Liability clauses: indirect liability for ISPs = ISP is liable for any wrongdoing committed through its system if ISP does not co-operate to make the wrongdoing impossible - Reason: criminals are anonymous + attacks come through the ISPs + only ISPs can effectively take measures against them - Liability forms vary according to the function: content provider, storage provider, access provider, cache provider, information location tool provider - Principle: ISPs liability stands as of an e-mail about the wrongdoing committed through its system has been received
  5. 5. Ministerial Decree on National Alert Service for Communications - Regulates CIIP in communications sector - Defines critical infrastructures legally - Defines incidents flexbily (list updated by the National Communications Authority) - Designates 8 communications providers (biggest ones) - Reporting obligation of the designated providers - Reports on incidents affecting at least 1000 users - Reports received and distributed by the Alert Service Centre - Distribution list: Ministries, Centre for Crisis Management, Services - Alert Service Centre outsourced to CERT-Hungary, under the supervision of the National Communications Authority
  6. 6. Government Decree No 223/2009. on the security of public electronic services - Sections 8-10: National Cybersecurity Centre - Tasks: crisis management, central governmental system, National Alert Service for Communications, awareness raising, preparation of policy, CIIP collaboration, international representation - Control: Prime Minister’s Office, IT Security Supervisor - Framework: Theodore Puskás Government Foundation, by a public service agreement - Basic services free for the government, value-added services for payment
  7. 7. The Hungarian model - Bottom-up approach, 5 years of evolution - Establish a flexible organisation - Be close to central government -- Use ENISA and partner MSs as leverage -- Have very strong international background -- Build up PPPs with interested private sectors -- Be not only technical (crisis management, awareness raising, policy making, national and international collaboration) -- Distribute your financial resources (state budget, state project contracts, service contracts, EU and national research projects)
  8. 8. Thank you for your attention and patience! PTA CERT-Hungary www.cert-hungary.hu Puskás Tivadar Közalapítvány www.neti.hu ENISA www.enisa.europa.eu
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×