SlideShare a Scribd company logo

EGI Operational Security

Download as PPTX, PDF
E
EOSC-hub project

EGI Operational Security (EOSC hub week, Malaga, 16 - 20 April 2018)

Technology
1 of 12
www.egi.eu EGI-Engage is co-funded by the Horizon 2020 Framework Programme of the European Union under grant number 654142 EGI Security Coordinator UK Research and Innovation STFC EGI Operational Security (at EOSC-hub, Malaga, 17 April 2018) David Kelsey
217/04/2018 Why “Security”? • EGI Operational Security – aims include – Prevention, Response, Training – Maintain Confidentiality, Integrity, Availability • of services & data – Manage Security Risks • assessment & mitigation • Threats are constantly changing – Ongoing process of risk analysis – Constant evolution of policies, procedures & best practices EGI Operational Security
317/04/2018 More details published in https://www.egi.eu/wp-content/uploads/2017/07/EGI-CSIRT-report-July- 2017.pdf EGI Operational Security
417/04/2018 Trusted Introducer EGI Operational Security
517/04/2018 EGI CSIRT Activities • Prevention of security incidents – Risk assessment & mitigation – Security Monitoring – Vulnerability Handling • Incident Response – Support NGI, Community & service security teams – Digital forensics – Mitigation • Security Drills • Training and Dissemination • Also – Security Policy Group EGI Operational Security
617/04/2018 Collaboration with other Infrastructures - WISE • Wise Information Security for e-Infrastructures – SCI & GEANT SIG-ISM together – first meeting Oct 2015 – Excellent way of collaborating with other Infrastructures • EGI, EUDAT, PRACE, GEANT, NRENs, WLCG, XSEDE, OSG, HBP, … – EGI people on WISE steering committee – Leading, for example, the SCI working group • Security for Collaborating Infrastructures • SCI version 2 was endorsed at TNC17 Linz (1 June) EGI Operational Security
717/04/2018 Impact EGI Operational Security
817/04/2018 New or improved policies • Security policies and procedures were completely updated to address new technologies and AAI scenarios • These support the operation of diverse distributed infrastructures supporting multiple international collaborations • Other Infrastructures can use (and modify) and do – WLCG, EUDAT, PRACE, ELIXIR – Input to WISE SCI group EGI Operational Security
917/04/2018 The future – already started of course EGI Operational Security
1017/04/2018 EOSC-hub • WP4 Task 4.4 responsible for Operational Security • During Year 1, we will review, sharpen and harmonise, including • EGI/EUDAT Incident Response procedures • EGI/EUDAT other security policies and procedures • Evolution of vulnerability handling • Develop/streamline all communication processes • Coordinate with many external bodies (WISE etc) • Develop new training and certification • Security Risk Assessment of EOSC-hub service catalogue • Define security requirements, controls and procedures for services in the catalogue • Evolution of our monitoring infrastructure EGI Operational Security
1117/04/2018 More Information EGI Operational Security
1217/04/2018 Thank you EGI Operational Security

Recommended

Cyberwatching.eu - The European Watch on Cybersecurity & privacy
Cyberwatching.eu - The European Watch on Cybersecurity & privacyCyberwatching.eu - The European Watch on Cybersecurity & privacy
Cyberwatching.eu - The European Watch on Cybersecurity & privacyCyber Watching
 
Introduction to the Centre for Defence Enterprise and introducing the Defence...
Introduction to the Centre for Defence Enterprise and introducing the Defence...Introduction to the Centre for Defence Enterprise and introducing the Defence...
Introduction to the Centre for Defence Enterprise and introducing the Defence...Defence and Security Accelerator
 
Communication and collaboration solutions from Safeguard IT Ltd
Communication and collaboration solutions from Safeguard IT LtdCommunication and collaboration solutions from Safeguard IT Ltd
Communication and collaboration solutions from Safeguard IT LtdRussell Pearson
 
FiPPP: Case Study of EU Funding Sinead Quealy , Senior Project Manager, DM&SC...
FiPPP: Case Study of EU Funding Sinead Quealy , Senior Project Manager, DM&SC...FiPPP: Case Study of EU Funding Sinead Quealy , Senior Project Manager, DM&SC...
FiPPP: Case Study of EU Funding Sinead Quealy , Senior Project Manager, DM&SC...Walton Institute
 
CDE competition: Future Aviation Security Solutions challenge
CDE competition: Future Aviation Security Solutions challengeCDE competition: Future Aviation Security Solutions challenge
CDE competition: Future Aviation Security Solutions challengeDefence and Security Accelerator
 
Building a sustainable open cloud business ecosystem in Europe and Japan with...
Building a sustainable open cloud business ecosystem in Europe and Japan with...Building a sustainable open cloud business ecosystem in Europe and Japan with...
Building a sustainable open cloud business ecosystem in Europe and Japan with...Ocean Project
 
EGI Engagement Plan (Gergely Sipos)
EGI Engagement Plan (Gergely Sipos)EGI Engagement Plan (Gergely Sipos)
EGI Engagement Plan (Gergely Sipos)EOSC-hub project
 
Barbara Sierman: Policy levels in SCAPE
Barbara Sierman: Policy levels in SCAPEBarbara Sierman: Policy levels in SCAPE
Barbara Sierman: Policy levels in SCAPEBarbara Sierman
 

Recommended

Cyberwatching.eu - The European Watch on Cybersecurity & privacy
Cyberwatching.eu - The European Watch on Cybersecurity & privacyCyberwatching.eu - The European Watch on Cybersecurity & privacy
Cyberwatching.eu - The European Watch on Cybersecurity & privacyCyber Watching
 
Introduction to the Centre for Defence Enterprise and introducing the Defence...
Introduction to the Centre for Defence Enterprise and introducing the Defence...Introduction to the Centre for Defence Enterprise and introducing the Defence...
Introduction to the Centre for Defence Enterprise and introducing the Defence...Defence and Security Accelerator
 
Communication and collaboration solutions from Safeguard IT Ltd
Communication and collaboration solutions from Safeguard IT LtdCommunication and collaboration solutions from Safeguard IT Ltd
Communication and collaboration solutions from Safeguard IT LtdRussell Pearson
 
FiPPP: Case Study of EU Funding Sinead Quealy , Senior Project Manager, DM&SC...
FiPPP: Case Study of EU Funding Sinead Quealy , Senior Project Manager, DM&SC...FiPPP: Case Study of EU Funding Sinead Quealy , Senior Project Manager, DM&SC...
FiPPP: Case Study of EU Funding Sinead Quealy , Senior Project Manager, DM&SC...Walton Institute
 
CDE competition: Future Aviation Security Solutions challenge
CDE competition: Future Aviation Security Solutions challengeCDE competition: Future Aviation Security Solutions challenge
CDE competition: Future Aviation Security Solutions challengeDefence and Security Accelerator
 
Building a sustainable open cloud business ecosystem in Europe and Japan with...
Building a sustainable open cloud business ecosystem in Europe and Japan with...Building a sustainable open cloud business ecosystem in Europe and Japan with...
Building a sustainable open cloud business ecosystem in Europe and Japan with...Ocean Project
 
EGI Engagement Plan (Gergely Sipos)
EGI Engagement Plan (Gergely Sipos)EGI Engagement Plan (Gergely Sipos)
EGI Engagement Plan (Gergely Sipos)EOSC-hub project
 
Barbara Sierman: Policy levels in SCAPE
Barbara Sierman: Policy levels in SCAPEBarbara Sierman: Policy levels in SCAPE
Barbara Sierman: Policy levels in SCAPEBarbara Sierman
 
InLife Project overview
InLife Project overviewInLife Project overview
InLife Project overviewinlifeproject
 
Euralarm - Glen Dale on security industry perspective on certification of sec...
Euralarm - Glen Dale on security industry perspective on certification of sec...Euralarm - Glen Dale on security industry perspective on certification of sec...
Euralarm - Glen Dale on security industry perspective on certification of sec...CRISP Project
 
Training and Simulation in support of the SMEs - The CYBERWISER.eu project
Training and Simulation in support of the SMEs - The CYBERWISER.eu projectTraining and Simulation in support of the SMEs - The CYBERWISER.eu project
Training and Simulation in support of the SMEs - The CYBERWISER.eu projectCyber Watching
 
Policy and Standardisation perspective - CRISP Final Conference
Policy and Standardisation perspective - CRISP Final ConferencePolicy and Standardisation perspective - CRISP Final Conference
Policy and Standardisation perspective - CRISP Final ConferenceCRISP Project
 
CRISP - Overview and results
CRISP - Overview and results CRISP - Overview and results
CRISP - Overview and results CRISP Project
 
CRISP and HECTOS projects - key findings
CRISP and HECTOS projects - key findings CRISP and HECTOS projects - key findings
CRISP and HECTOS projects - key findings CRISP Project
 
Introduction to CDE 22 September 2016
Introduction to CDE 22 September 2016Introduction to CDE 22 September 2016
Introduction to CDE 22 September 2016Defence and Security Accelerator
 
ICTFOOTPRINT.eu Working Group Session
ICTFOOTPRINT.eu Working Group SessionICTFOOTPRINT.eu Working Group Session
ICTFOOTPRINT.eu Working Group SessionICT FOOTPRINT .eu
 
SC7 Workshop 3: Enhancing cyber defence of cyber space systems
SC7 Workshop 3: Enhancing cyber defence of cyber space systemsSC7 Workshop 3: Enhancing cyber defence of cyber space systems
SC7 Workshop 3: Enhancing cyber defence of cyber space systemsBigData_Europe
 
Introduction to the CWA process - CRISP Final Conference
Introduction to the CWA process - CRISP Final Conference Introduction to the CWA process - CRISP Final Conference
Introduction to the CWA process - CRISP Final Conference CRISP Project
 
EU Data Protection, Legislation and Certification
EU Data Protection, Legislation and Certification EU Data Protection, Legislation and Certification
EU Data Protection, Legislation and Certification CRISP Project
 
1 archiver omc project_overview
1 archiver omc project_overview1 archiver omc project_overview
1 archiver omc project_overviewArchiver
 
The Big Policy Canvas project: Transforming policy making through Big Data an...
The Big Policy Canvas project: Transforming policy making through Big Data an...The Big Policy Canvas project: Transforming policy making through Big Data an...
The Big Policy Canvas project: Transforming policy making through Big Data an...samossummit
 
Standardisation and certification basics
Standardisation and certification basicsStandardisation and certification basics
Standardisation and certification basicsCRISP Project
 
OpenAIRE services and tools, Pedro Príncipe (OpenAIRE workshop, Ghent, Nov.20...
OpenAIRE services and tools, Pedro Príncipe (OpenAIRE workshop, Ghent, Nov.20...OpenAIRE services and tools, Pedro Príncipe (OpenAIRE workshop, Ghent, Nov.20...
OpenAIRE services and tools, Pedro Príncipe (OpenAIRE workshop, Ghent, Nov.20...OpenAIRE
 
EGI Integrated Management System
EGI Integrated Management SystemEGI Integrated Management System
EGI Integrated Management SystemEOSC-hub project
 
EGI Integrated Management System
EGI Integrated Management SystemEGI Integrated Management System
EGI Integrated Management SystemEOSC-hub project
 
AARC Assurance Profiles for Kantara Initiative
AARC Assurance Profiles for Kantara InitiativeAARC Assurance Profiles for Kantara Initiative
AARC Assurance Profiles for Kantara Initiativekantarainitiative
 
User community engagement
User community engagement User community engagement
User community engagement EOSC-hub project
 
IGNITE Company Profile v5 Light.pdf
IGNITE Company Profile v5 Light.pdfIGNITE Company Profile v5 Light.pdf
IGNITE Company Profile v5 Light.pdfFetri Miftach
 
EOSC-hub and the NGIs
EOSC-hub and the NGIsEOSC-hub and the NGIs
EOSC-hub and the NGIsOpenAIRE
 
EOSC-hub contribution to the EOSC implementation, the Hub concept and engagem...
EOSC-hub contribution to the EOSC implementation, the Hub concept and engagem...EOSC-hub contribution to the EOSC implementation, the Hub concept and engagem...
EOSC-hub contribution to the EOSC implementation, the Hub concept and engagem...EOSC-hub project
 

More Related Content

What's hot

InLife Project overview
InLife Project overviewInLife Project overview
InLife Project overviewinlifeproject
 
Euralarm - Glen Dale on security industry perspective on certification of sec...
Euralarm - Glen Dale on security industry perspective on certification of sec...Euralarm - Glen Dale on security industry perspective on certification of sec...
Euralarm - Glen Dale on security industry perspective on certification of sec...CRISP Project
 
Training and Simulation in support of the SMEs - The CYBERWISER.eu project
Training and Simulation in support of the SMEs - The CYBERWISER.eu projectTraining and Simulation in support of the SMEs - The CYBERWISER.eu project
Training and Simulation in support of the SMEs - The CYBERWISER.eu projectCyber Watching
 
Policy and Standardisation perspective - CRISP Final Conference
Policy and Standardisation perspective - CRISP Final ConferencePolicy and Standardisation perspective - CRISP Final Conference
Policy and Standardisation perspective - CRISP Final ConferenceCRISP Project
 
CRISP - Overview and results
CRISP - Overview and results CRISP - Overview and results
CRISP - Overview and results CRISP Project
 
CRISP and HECTOS projects - key findings
CRISP and HECTOS projects - key findings CRISP and HECTOS projects - key findings
CRISP and HECTOS projects - key findings CRISP Project
 
ICTFOOTPRINT.eu Working Group Session
ICTFOOTPRINT.eu Working Group SessionICTFOOTPRINT.eu Working Group Session
ICTFOOTPRINT.eu Working Group SessionICT FOOTPRINT .eu
 
SC7 Workshop 3: Enhancing cyber defence of cyber space systems
SC7 Workshop 3: Enhancing cyber defence of cyber space systemsSC7 Workshop 3: Enhancing cyber defence of cyber space systems
SC7 Workshop 3: Enhancing cyber defence of cyber space systemsBigData_Europe
 
Introduction to the CWA process - CRISP Final Conference
Introduction to the CWA process - CRISP Final Conference Introduction to the CWA process - CRISP Final Conference
Introduction to the CWA process - CRISP Final Conference CRISP Project
 
EU Data Protection, Legislation and Certification
EU Data Protection, Legislation and Certification EU Data Protection, Legislation and Certification
EU Data Protection, Legislation and Certification CRISP Project
 
1 archiver omc project_overview
1 archiver omc project_overview1 archiver omc project_overview
1 archiver omc project_overviewArchiver
 
The Big Policy Canvas project: Transforming policy making through Big Data an...
The Big Policy Canvas project: Transforming policy making through Big Data an...The Big Policy Canvas project: Transforming policy making through Big Data an...
The Big Policy Canvas project: Transforming policy making through Big Data an...samossummit
 
Standardisation and certification basics
Standardisation and certification basicsStandardisation and certification basics
Standardisation and certification basicsCRISP Project
 
OpenAIRE services and tools, Pedro Príncipe (OpenAIRE workshop, Ghent, Nov.20...
OpenAIRE services and tools, Pedro Príncipe (OpenAIRE workshop, Ghent, Nov.20...OpenAIRE services and tools, Pedro Príncipe (OpenAIRE workshop, Ghent, Nov.20...
OpenAIRE services and tools, Pedro Príncipe (OpenAIRE workshop, Ghent, Nov.20...OpenAIRE
 

What's hot (15)

InLife Project overview
InLife Project overviewInLife Project overview
InLife Project overview
 
Euralarm - Glen Dale on security industry perspective on certification of sec...
Euralarm - Glen Dale on security industry perspective on certification of sec...Euralarm - Glen Dale on security industry perspective on certification of sec...
Euralarm - Glen Dale on security industry perspective on certification of sec...
 
Training and Simulation in support of the SMEs - The CYBERWISER.eu project
Training and Simulation in support of the SMEs - The CYBERWISER.eu projectTraining and Simulation in support of the SMEs - The CYBERWISER.eu project
Training and Simulation in support of the SMEs - The CYBERWISER.eu project
 
Policy and Standardisation perspective - CRISP Final Conference
Policy and Standardisation perspective - CRISP Final ConferencePolicy and Standardisation perspective - CRISP Final Conference
Policy and Standardisation perspective - CRISP Final Conference
 
CRISP - Overview and results
CRISP - Overview and results CRISP - Overview and results
CRISP - Overview and results
 
CRISP and HECTOS projects - key findings
CRISP and HECTOS projects - key findings CRISP and HECTOS projects - key findings
CRISP and HECTOS projects - key findings
 
Introduction to CDE 22 September 2016
Introduction to CDE 22 September 2016Introduction to CDE 22 September 2016
Introduction to CDE 22 September 2016
 
ICTFOOTPRINT.eu Working Group Session
ICTFOOTPRINT.eu Working Group SessionICTFOOTPRINT.eu Working Group Session
ICTFOOTPRINT.eu Working Group Session
 
SC7 Workshop 3: Enhancing cyber defence of cyber space systems
SC7 Workshop 3: Enhancing cyber defence of cyber space systemsSC7 Workshop 3: Enhancing cyber defence of cyber space systems
SC7 Workshop 3: Enhancing cyber defence of cyber space systems
 
Introduction to the CWA process - CRISP Final Conference
Introduction to the CWA process - CRISP Final Conference Introduction to the CWA process - CRISP Final Conference
Introduction to the CWA process - CRISP Final Conference
 
EU Data Protection, Legislation and Certification
EU Data Protection, Legislation and Certification EU Data Protection, Legislation and Certification
EU Data Protection, Legislation and Certification
 
1 archiver omc project_overview
1 archiver omc project_overview1 archiver omc project_overview
1 archiver omc project_overview
 
The Big Policy Canvas project: Transforming policy making through Big Data an...
The Big Policy Canvas project: Transforming policy making through Big Data an...The Big Policy Canvas project: Transforming policy making through Big Data an...
The Big Policy Canvas project: Transforming policy making through Big Data an...
 
Standardisation and certification basics
Standardisation and certification basicsStandardisation and certification basics
Standardisation and certification basics
 
OpenAIRE services and tools, Pedro Príncipe (OpenAIRE workshop, Ghent, Nov.20...
OpenAIRE services and tools, Pedro Príncipe (OpenAIRE workshop, Ghent, Nov.20...OpenAIRE services and tools, Pedro Príncipe (OpenAIRE workshop, Ghent, Nov.20...
OpenAIRE services and tools, Pedro Príncipe (OpenAIRE workshop, Ghent, Nov.20...
 

Similar to EGI Operational Security

EGI Integrated Management System
EGI Integrated Management SystemEGI Integrated Management System
EGI Integrated Management SystemEOSC-hub project
 
EGI Integrated Management System
EGI Integrated Management SystemEGI Integrated Management System
EGI Integrated Management SystemEOSC-hub project
 
AARC Assurance Profiles for Kantara Initiative
AARC Assurance Profiles for Kantara InitiativeAARC Assurance Profiles for Kantara Initiative
AARC Assurance Profiles for Kantara Initiativekantarainitiative
 
User community engagement
User community engagement User community engagement
User community engagement EOSC-hub project
 
IGNITE Company Profile v5 Light.pdf
IGNITE Company Profile v5 Light.pdfIGNITE Company Profile v5 Light.pdf
IGNITE Company Profile v5 Light.pdfFetri Miftach
 
EOSC-hub and the NGIs
EOSC-hub and the NGIsEOSC-hub and the NGIs
EOSC-hub and the NGIsOpenAIRE
 
EOSC-hub contribution to the EOSC implementation, the Hub concept and engagem...
EOSC-hub contribution to the EOSC implementation, the Hub concept and engagem...EOSC-hub contribution to the EOSC implementation, the Hub concept and engagem...
EOSC-hub contribution to the EOSC implementation, the Hub concept and engagem...EOSC-hub project
 
102 Information security standards and specifications
102 Information security standards and specifications102 Information security standards and specifications
102 Information security standards and specificationsSsendiSamuel
 
CNCERT Conference 2017: Capacity development in the Asia Pacific
CNCERT Conference 2017: Capacity development in the Asia PacificCNCERT Conference 2017: Capacity development in the Asia Pacific
CNCERT Conference 2017: Capacity development in the Asia PacificAPNIC
 
EOSC-DIH: Bringing industry into the EOSC
EOSC-DIH: Bringing industry into the EOSCEOSC-DIH: Bringing industry into the EOSC
EOSC-DIH: Bringing industry into the EOSCEOSC-hub project
 
CircleCity Con 2017 - Dwight Koop's talk Cybersecurity for real life: Using t...
CircleCity Con 2017 - Dwight Koop's talk Cybersecurity for real life: Using t...CircleCity Con 2017 - Dwight Koop's talk Cybersecurity for real life: Using t...
CircleCity Con 2017 - Dwight Koop's talk Cybersecurity for real life: Using t...Cohesive Networks
 
Patent protection for digital solutions according to DIN77006
Patent protection for digital solutions according to DIN77006Patent protection for digital solutions according to DIN77006
Patent protection for digital solutions according to DIN77006MIPLM
 
The risk analysis as a unified approach to satisfy GDPR, NIS Directive and IS...
The risk analysis as a unified approach to satisfy GDPR, NIS Directive and IS...The risk analysis as a unified approach to satisfy GDPR, NIS Directive and IS...
The risk analysis as a unified approach to satisfy GDPR, NIS Directive and IS...Francesco Ciclosi
 
Mapping and building an education body of knowledge
Mapping and building an education body of knowledgeMapping and building an education body of knowledge
Mapping and building an education body of knowledgeGeorges Ataya
 
english_bok_ismp_202306.pptx
english_bok_ismp_202306.pptxenglish_bok_ismp_202306.pptx
english_bok_ismp_202306.pptxssuser00d6eb
 
I-TShape LLL LdV project - Newsletter 2. issue
I-TShape LLL LdV project - Newsletter 2. issueI-TShape LLL LdV project - Newsletter 2. issue
I-TShape LLL LdV project - Newsletter 2. issueITStudy Ltd.
 
IT-Shape 2nd Newsletter
IT-Shape 2nd NewsletterIT-Shape 2nd Newsletter
IT-Shape 2nd NewsletterIT Shape
 

Similar to EGI Operational Security (20)

EGI Integrated Management System
EGI Integrated Management SystemEGI Integrated Management System
EGI Integrated Management System
 
EGI Integrated Management System
EGI Integrated Management SystemEGI Integrated Management System
EGI Integrated Management System
 
AARC Assurance Profiles for Kantara Initiative
AARC Assurance Profiles for Kantara InitiativeAARC Assurance Profiles for Kantara Initiative
AARC Assurance Profiles for Kantara Initiative
 
User community engagement
User community engagement User community engagement
User community engagement
 
IGNITE Company Profile v5 Light.pdf
IGNITE Company Profile v5 Light.pdfIGNITE Company Profile v5 Light.pdf
IGNITE Company Profile v5 Light.pdf
 
EOSC-hub and the NGIs
EOSC-hub and the NGIsEOSC-hub and the NGIs
EOSC-hub and the NGIs
 
EOSC-hub contribution to the EOSC implementation, the Hub concept and engagem...
EOSC-hub contribution to the EOSC implementation, the Hub concept and engagem...EOSC-hub contribution to the EOSC implementation, the Hub concept and engagem...
EOSC-hub contribution to the EOSC implementation, the Hub concept and engagem...
 
102 Information security standards and specifications
102 Information security standards and specifications102 Information security standards and specifications
102 Information security standards and specifications
 
CNCERT Conference 2017: Capacity development in the Asia Pacific
CNCERT Conference 2017: Capacity development in the Asia PacificCNCERT Conference 2017: Capacity development in the Asia Pacific
CNCERT Conference 2017: Capacity development in the Asia Pacific
 
EOSC-DIH: Bringing industry into the EOSC
EOSC-DIH: Bringing industry into the EOSCEOSC-DIH: Bringing industry into the EOSC
EOSC-DIH: Bringing industry into the EOSC
 
CircleCity Con 2017 - Dwight Koop's talk Cybersecurity for real life: Using t...
CircleCity Con 2017 - Dwight Koop's talk Cybersecurity for real life: Using t...CircleCity Con 2017 - Dwight Koop's talk Cybersecurity for real life: Using t...
CircleCity Con 2017 - Dwight Koop's talk Cybersecurity for real life: Using t...
 
IMG_20160618_0001
IMG_20160618_0001IMG_20160618_0001
IMG_20160618_0001
 
Patent protection for digital solutions according to DIN77006
Patent protection for digital solutions according to DIN77006Patent protection for digital solutions according to DIN77006
Patent protection for digital solutions according to DIN77006
 
Khas bank isms 3 s
Khas bank isms 3 sKhas bank isms 3 s
Khas bank isms 3 s
 
The risk analysis as a unified approach to satisfy GDPR, NIS Directive and IS...
The risk analysis as a unified approach to satisfy GDPR, NIS Directive and IS...The risk analysis as a unified approach to satisfy GDPR, NIS Directive and IS...
The risk analysis as a unified approach to satisfy GDPR, NIS Directive and IS...
 
Mapping and building an education body of knowledge
Mapping and building an education body of knowledgeMapping and building an education body of knowledge
Mapping and building an education body of knowledge
 
Sarwono sutikno forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...
Sarwono sutikno forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...Sarwono sutikno forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...
Sarwono sutikno forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...
 
english_bok_ismp_202306.pptx
english_bok_ismp_202306.pptxenglish_bok_ismp_202306.pptx
english_bok_ismp_202306.pptx
 
I-TShape LLL LdV project - Newsletter 2. issue
I-TShape LLL LdV project - Newsletter 2. issueI-TShape LLL LdV project - Newsletter 2. issue
I-TShape LLL LdV project - Newsletter 2. issue
 
IT-Shape 2nd Newsletter
IT-Shape 2nd NewsletterIT-Shape 2nd Newsletter
IT-Shape 2nd Newsletter
 

More from EOSC-hub project

EOSC-hub Early Adopter Programme
EOSC-hub Early Adopter ProgrammeEOSC-hub Early Adopter Programme
EOSC-hub Early Adopter ProgrammeEOSC-hub project
 
2019 05-21 egi and eosc - final
2019 05-21 egi and eosc - final2019 05-21 egi and eosc - final
2019 05-21 egi and eosc - finalEOSC-hub project
 
Introduction to service management and FitSM
Introduction to service management and FitSMIntroduction to service management and FitSM
Introduction to service management and FitSMEOSC-hub project
 
Service management board (SMB), Service providers’ forum (SPF)
Service management board (SMB), Service providers’ forum (SPF)Service management board (SMB), Service providers’ forum (SPF)
Service management board (SMB), Service providers’ forum (SPF)EOSC-hub project
 
Joining the EOSC-hub as a Service Provider
Joining the EOSC-hub as a Service ProviderJoining the EOSC-hub as a Service Provider
Joining the EOSC-hub as a Service ProviderEOSC-hub project
 
PID services - understandability and findability of data
PID services - understandability and findability of dataPID services - understandability and findability of data
PID services - understandability and findability of dataEOSC-hub project
 
Software for data management and exploitation
Software for data management and exploitationSoftware for data management and exploitation
Software for data management and exploitationEOSC-hub project
 
Repositories for long-term preservation - certification
Repositories for long-term preservation - certificationRepositories for long-term preservation - certification
Repositories for long-term preservation - certificationEOSC-hub project
 
EOSC working group on FAIR
EOSC working group on FAIREOSC working group on FAIR
EOSC working group on FAIREOSC-hub project
 
Updates on the FAIR Data Maturity Model RDA Working Group & the DG RTD FAIR i...
Updates on the FAIR Data Maturity Model RDA Working Group & the DG RTD FAIR i...Updates on the FAIR Data Maturity Model RDA Working Group & the DG RTD FAIR i...
Updates on the FAIR Data Maturity Model RDA Working Group & the DG RTD FAIR i...EOSC-hub project
 
Services to support FAIR data - Introduction
Services to support FAIR data - IntroductionServices to support FAIR data - Introduction
Services to support FAIR data - IntroductionEOSC-hub project
 
Pathways for EOSC-hub and MaX collaboration
Pathways for EOSC-hub and MaX collaborationPathways for EOSC-hub and MaX collaboration
Pathways for EOSC-hub and MaX collaborationEOSC-hub project
 
Overview on the HPC CoEs panorama
Overview on the HPC CoEs panoramaOverview on the HPC CoEs panorama
Overview on the HPC CoEs panoramaEOSC-hub project
 
Overview of the Onboarding and validation process and the Rules of Participat...
Overview of the Onboarding and validation process and the Rules of Participat...Overview of the Onboarding and validation process and the Rules of Participat...
Overview of the Onboarding and validation process and the Rules of Participat...EOSC-hub project
 
ELIXIR Competence Centre in EOSC-hub
ELIXIR Competence Centre in EOSC-hubELIXIR Competence Centre in EOSC-hub
ELIXIR Competence Centre in EOSC-hubEOSC-hub project
 

More from EOSC-hub project (20)

EOSC-hub Early Adopter Programme
EOSC-hub Early Adopter ProgrammeEOSC-hub Early Adopter Programme
EOSC-hub Early Adopter Programme
 
2019 05-21 egi and eosc - final
2019 05-21 egi and eosc - final2019 05-21 egi and eosc - final
2019 05-21 egi and eosc - final
 
Introduction to service management and FitSM
Introduction to service management and FitSMIntroduction to service management and FitSM
Introduction to service management and FitSM
 
Service management board (SMB), Service providers’ forum (SPF)
Service management board (SMB), Service providers’ forum (SPF)Service management board (SMB), Service providers’ forum (SPF)
Service management board (SMB), Service providers’ forum (SPF)
 
Joining the EOSC-hub as a Service Provider
Joining the EOSC-hub as a Service ProviderJoining the EOSC-hub as a Service Provider
Joining the EOSC-hub as a Service Provider
 
PID services - understandability and findability of data
PID services - understandability and findability of dataPID services - understandability and findability of data
PID services - understandability and findability of data
 
Software for data management and exploitation
Software for data management and exploitationSoftware for data management and exploitation
Software for data management and exploitation
 
Repositories for long-term preservation - certification
Repositories for long-term preservation - certificationRepositories for long-term preservation - certification
Repositories for long-term preservation - certification
 
EOSC working group on FAIR
EOSC working group on FAIREOSC working group on FAIR
EOSC working group on FAIR
 
Updates on the FAIR Data Maturity Model RDA Working Group & the DG RTD FAIR i...
Updates on the FAIR Data Maturity Model RDA Working Group & the DG RTD FAIR i...Updates on the FAIR Data Maturity Model RDA Working Group & the DG RTD FAIR i...
Updates on the FAIR Data Maturity Model RDA Working Group & the DG RTD FAIR i...
 
Services to support FAIR data - Introduction
Services to support FAIR data - IntroductionServices to support FAIR data - Introduction
Services to support FAIR data - Introduction
 
EOSC-synergy
EOSC-synergyEOSC-synergy
EOSC-synergy
 
ExPaNDS
ExPaNDSExPaNDS
ExPaNDS
 
EOSC-Pillar
EOSC-PillarEOSC-Pillar
EOSC-Pillar
 
NI4OS-Europe
NI4OS-EuropeNI4OS-Europe
NI4OS-Europe
 
Excellerat CoE
Excellerat CoEExcellerat CoE
Excellerat CoE
 
Pathways for EOSC-hub and MaX collaboration
Pathways for EOSC-hub and MaX collaborationPathways for EOSC-hub and MaX collaboration
Pathways for EOSC-hub and MaX collaboration
 
Overview on the HPC CoEs panorama
Overview on the HPC CoEs panoramaOverview on the HPC CoEs panorama
Overview on the HPC CoEs panorama
 
Overview of the Onboarding and validation process and the Rules of Participat...
Overview of the Onboarding and validation process and the Rules of Participat...Overview of the Onboarding and validation process and the Rules of Participat...
Overview of the Onboarding and validation process and the Rules of Participat...
 
ELIXIR Competence Centre in EOSC-hub
ELIXIR Competence Centre in EOSC-hubELIXIR Competence Centre in EOSC-hub
ELIXIR Competence Centre in EOSC-hub
 

Recently uploaded

My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfngoud9212
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsPrecisely
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsAndrey Dotsenko
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 

Recently uploaded (20)

My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
The transition to renewables in India.pdf
The transition to renewables in India.pdfThe transition to renewables in India.pdf
The transition to renewables in India.pdf
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdf
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power Systems
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 

EGI Operational Security

  • 1. www.egi.eu EGI-Engage is co-funded by the Horizon 2020 Framework Programme of the European Union under grant number 654142 EGI Security Coordinator UK Research and Innovation STFC EGI Operational Security (at EOSC-hub, Malaga, 17 April 2018) David Kelsey
  • 2. 217/04/2018 Why “Security”? • EGI Operational Security – aims include – Prevention, Response, Training – Maintain Confidentiality, Integrity, Availability • of services & data – Manage Security Risks • assessment & mitigation • Threats are constantly changing – Ongoing process of risk analysis – Constant evolution of policies, procedures & best practices EGI Operational Security
  • 3. 317/04/2018 More details published in https://www.egi.eu/wp-content/uploads/2017/07/EGI-CSIRT-report-July- 2017.pdf EGI Operational Security
  • 5. 517/04/2018 EGI CSIRT Activities • Prevention of security incidents – Risk assessment & mitigation – Security Monitoring – Vulnerability Handling • Incident Response – Support NGI, Community & service security teams – Digital forensics – Mitigation • Security Drills • Training and Dissemination • Also – Security Policy Group EGI Operational Security
  • 6. 617/04/2018 Collaboration with other Infrastructures - WISE • Wise Information Security for e-Infrastructures – SCI & GEANT SIG-ISM together – first meeting Oct 2015 – Excellent way of collaborating with other Infrastructures • EGI, EUDAT, PRACE, GEANT, NRENs, WLCG, XSEDE, OSG, HBP, … – EGI people on WISE steering committee – Leading, for example, the SCI working group • Security for Collaborating Infrastructures • SCI version 2 was endorsed at TNC17 Linz (1 June) EGI Operational Security
  • 8. 817/04/2018 New or improved policies • Security policies and procedures were completely updated to address new technologies and AAI scenarios • These support the operation of diverse distributed infrastructures supporting multiple international collaborations • Other Infrastructures can use (and modify) and do – WLCG, EUDAT, PRACE, ELIXIR – Input to WISE SCI group EGI Operational Security
  • 9. 917/04/2018 The future – already started of course EGI Operational Security
  • 10. 1017/04/2018 EOSC-hub • WP4 Task 4.4 responsible for Operational Security • During Year 1, we will review, sharpen and harmonise, including • EGI/EUDAT Incident Response procedures • EGI/EUDAT other security policies and procedures • Evolution of vulnerability handling • Develop/streamline all communication processes • Coordinate with many external bodies (WISE etc) • Develop new training and certification • Security Risk Assessment of EOSC-hub service catalogue • Define security requirements, controls and procedures for services in the catalogue • Evolution of our monitoring infrastructure EGI Operational Security