The document discusses critical infrastructure (CI) in Canada and strategies for protecting it. It identifies key sectors like energy, communications, finance, and transportation. It outlines a strategic approach involving federal and provincial collaboration with CI owners. The challenges include the vastness and interdependencies of the systems. Communication networks are recognized as highly important CI. The Internet poses unique challenges due to its size, lack of governance, and potential for cyber attacks.

1. A Network of Networks

2. Connections Making connections Body of knowledge Network to Protect a Network

3. Learning objectives Principle CI sectors in Canada Strategic approach

4. The main question As a nation what do we need to do to prevent attacks on our CI?

5. The main challenge “ What’s Best?”

6. Strategy Vital CI Protection National Security/Public Safety Federal/municipal

7. Strategic principles Network vs. network Hubs not spokes 80% on 20% spending Dual purpose Asymmetric

8. Current trends in Risk Assessment Rising level Efficiency and simplicity Effectiveness Preparedness

9. Sectors & responsible Federal Department Energy and utilities Natural Resources Canada Communications & IT Industry Canada Finance Finance Canada Health care Public Health Agency of Canada Food Agriculture and Agri-Food Canada Water Environment Canada Transportation Transport Canada Safety Public Safety Canada Government Public Safety Canada Manufacturing Industry Canada, Department of National Defence

10. Action plan Actor Roles Responsibilities Federal Lead national Advance collective national approach to protecting activities CI Collaborate with national associations Collaborate with CI owners and operators within federal mandate in consultation with provinces and territories Provincial/Territorial Lead provincial Collaborate with FTP activities to achieve the objectives of the National Strategy Coordinate activities with other levels of government, including local governments, associations and CI owners and operators Critical Infrastructure Owner/Operator Collaboratively manage risks related to their critical infrastructure Responsible for risk management Participate in CI identification, assessment, prevention/mitigation, preparedness, response and recovery activities

11. Reality

12. Critical Infrastructure (CI) “Club” Interdependence Mutual interests National Emergency Strategy 90% of events local “ Family” response

13. Linkages in CI sectors Communications & IT Healthcare Food Manufacturing Water Government Level 1 Level 2 Level 3 Transportation Safety Finance Energy Utilities

14. Communications & IT Safety Healthcare Finance Level 1 Level 2 Level 3 Example: Interdependencies on 911 Transportation Energy Utilities

15. Why is telecommunications a CI? What was the first critical infrastructure to be recognized as such by the Federal Government? Cuban Missile crisis Kennedy - Khrushchev Hotline link NCS (National Communications System)

16. Challenges in CI assurance Vastness Command Information sharing Knowledge Interdependencies Inadequate tools Asymmetric conflict

17. Critical Infrastructure #11: the Internet Beyond control Largest business No CEO, governance, oversight Potential for abuse Cyber war

18. Internet epidemics Social network Cascade model “ Susceptible, infected, susceptible” cycles

19. Cyber crime: Numbers speak volumes #1 crime in North America 70% of victims do not report Only 245 cyber crime police 18M Canadians - $50B of commerce

20. SCADA - Critical Infrastructure #12 Power generation Power distribution Automatic metering Gas production Gas distribution Gas supply management Telecommunications Oil refinery control Oil pipeline management

21. Telecommunications sector vulnerabilities Clustered Critical nodes telecom hotels IEC POPS and gateways land earth stations (LES) that link communication satellites to terrestrial communication Gateway connections Cyber attacks, and HPM attacks

22. Hardening the Internet 13 root servers 13 gTLD servers 26 NAPs 50+ top e-commerce sites

23. Unified Communications Video & other sensor data collection & analysis Event monitoring Situational management First responder alerting Field based identity verification

24. Redundancy Layering Geographical separation Growth/enhancement Situational awareness Control Centre security principals

25. Olympic winter games

26. Para-Olympic Winter Games

27. User Groups From Around The World VANOC IOC / IPC International Sport Federations Accredited Media National Committees Broadcasters Sponsors

28. Vancouver 2010 Connectivity Voice, Internet, Data Cable TV Broadcast PCS Wireless Private Radio Wireless Networking Business Office Portal Staffing 2010 Innovation Centre

29. Bell’s role

30. The games in numbers 34,000 8 2 130 19

31. What’s at play? H.323, XML, SOAP, T1, DS3, VoIP, SONET, EvDO, 802.11g, 802.1q, E10, E100, PSTN, PTT, SDI, HD, ISDN, SS7, HTML, SSL, BGP, OC3, OC12

32. Coverage

33. Conclusions Core based Security Public/Private partnership Security Culture Technology as tool External audit

34. Brian Phillips [email_address] 403 831-2434 Thank you