Day 1 From CERT To NCSC

•

0 likes•421 views

- CERT-Hungary started as a project under the Ministry of IT and Communications and is now under the Prime Minister's Office. It has partnership agreements with several government agencies and is responsible for the security of the e-government backbone network. - The Theodore Puskás Government Foundation, founded in 1993, is governed by civil code and oversees CERT-Hungary. It engages in technology transfer, information security, and other activities. - The e-Commerce Act and Ministerial Decree on National Alert Service for Communications establish CERT-Hungary's role in critical infrastructure protection and incident reporting for communications providers.

Technology

From CERT-Hungary
to National Cybersecurity Centre

Ferenc Suba LLM, MA
Chairman of the Board
PTA CERT-Hungary
Vice-chair of the MB
ENISA

CERT-Hungary
- Started as a project by the Ministry of IT and
Communications, now under Prime Minister’s Office
- Partnership Agreements with: National Communications
Authority, Financial Regulatory Authority, Prime Minister’s
Office, National Bureau of Investigation
- Accredited member of FIRST, TI, EGC
- Operator of the National Alert Service of Communications as
contractor
- Responsible for information security of the e-gov backbone
network
- Trusted partner of the banking and energy sector (WGs) in
CIIP, regular exercises
-- International co-operations: FI-ISAC, Meridian, IWWN

-- CERT capacity building: Bulgaria, South Africa

Government Foundation

- Theodore Puskás Government Foundation
- Founded in 1993 by the Government of Hungary, academia,
business companies
- Governed by the Civil Code, Act on Public Benefit
Organisations
- Part of the yearly state budget
- Supervised by the Prime Minister’s Office
- Engaged in technology transfer, information security
- Entitled to have business activities (max. 20% of the yearly
income)
- Flexible organisation, staff motivation, survives government
changes
- Think tank, preparation of regulation, project management,
technical service

e-Commerce Act
- Only tool to motivate the ISPs
- Liability clauses: indirect liability for ISPs = ISP is liable for
any wrongdoing committed through its system if ISP does not
co-operate to make the wrongdoing impossible
- Reason: criminals are anonymous + attacks come through
the ISPs + only ISPs can effectively take measures against
them
- Liability forms vary according to the function: content
provider, storage provider, access provider, cache provider,
information location tool provider
- Principle: ISPs liability stands as of an e-mail about the
wrongdoing committed through its system has been received

Ministerial Decree on National Alert Service
for Communications

- Regulates CIIP in communications sector
- Defines critical infrastructures legally
- Defines incidents flexbily (list updated by the National
Communications Authority)
- Designates 8 communications providers (biggest ones)
- Reporting obligation of the designated providers
- Reports on incidents affecting at least 1000 users
- Reports received and distributed by the Alert Service Centre
- Distribution list: Ministries, Centre for Crisis Management,
Services
- Alert Service Centre outsourced to CERT-Hungary, under the
supervision of the National Communications Authority

Government Decree No 223/2009.
on the security of public electronic services

- Sections 8-10: National Cybersecurity Centre
- Tasks: crisis management, central governmental system,
National Alert Service for Communications, awareness
raising, preparation of policy, CIIP collaboration, international
representation
- Control: Prime Minister’s Office, IT Security Supervisor
- Framework: Theodore Puskás Government Foundation, by a
public service agreement
- Basic services free for the government, value-added services
for payment

The Hungarian model
- Bottom-up approach, 5 years of evolution
- Establish a flexible organisation
- Be close to central government
-- Use ENISA and partner MSs as leverage

-- Have very strong international background

-- Build up PPPs with interested private sectors

-- Be not only technical (crisis management,

awareness raising, policy making, national and
international collaboration)
-- Distribute your financial resources (state

budget, state project contracts, service
contracts, EU and national research projects)

Thank you for your attention and patience!

PTA CERT-Hungary
www.cert-hungary.hu
Puskás Tivadar Közalapítvány
www.neti.hu
ENISA
www.enisa.europa.eu

The UK Cyber Security Strategy outlines the UK government's vision and plan to enhance cyber security by 2015. The vision is for the UK to derive great economic and social value from a vibrant, resilient and secure cyberspace. The strategy outlines 4 objectives: 1) tackle cyber crime and make the UK secure for business, 2) increase resilience to cyber attacks, 3) help shape an open and stable cyberspace, and 4) build UK cross-cutting cyber skills. The government will invest £650 million over 4 years and work with the private sector and internationally to achieve this vision through initiatives like strengthening law enforcement against cyber crime, improving critical infrastructure security, and establishing international cyber norms.

Protecting and Balancing Access and Privacy Rights, November 7, 2017

Andrea Corlett

Information Security (Management) at Stake In Belgium v1.1

Dominique Volon

The document provides an overview of information security management in Belgium from 2003 to 2016. It discusses how awareness of information security management was raised among political actors and federal public services. It also describes some of the key initiatives undertaken to protect important e-government assets such as social security systems, federal portals, and communication channels. These included implementing governance, policies, risk assessments, security services, and legal frameworks. The presentation aims to highlight the progress made in shaping Belgium's information society and the ongoing need for information security.

Presentation on EU Directives Impacting Cyber Security for Information Securi...

Brian Honan

This document discusses current and upcoming cybersecurity policies and directives in Europe. It summarizes that the EU considers cybercrime a major threat and has made it a priority between 2014-2017. Key policies and directives discussed include the EU's Critical Infrastructure Protection policy from 2009, directives on combating child abuse and attacks against information systems, and the upcoming Cyber Security and Data Protection directives. The document outlines the objectives and focus areas of these policies to enhance cybersecurity capabilities and cooperation across Europe.

Keeping our secrets? Shaping Internet technologies for the public good

blogzilla

This document discusses challenges to privacy from technological development, market failures, and authorized access. It then discusses approaches to designing for privacy, including data minimization, user consent, and privacy by design. Finally, it examines shaping technologies for the public good through defining privacy as a public good, limiting government surveillance, new privacy regulations like GDPR, and encouraging competition.

Russia and cybercrime

Russian Embassy

Copyright and privacy by design - what lessons have we learned?

blogzilla

This document discusses privacy and data protection by design. It covers: 1. Early efforts at digital rights management (DRM) and "trusted" system architectures. 2. More recent efforts at web blocking and legislation like the PROTECT-IP Act. Effectiveness of blocking is limited by encryption, site replication, and alternative access methods. 3. The GDPR's requirements for data protection by design and by default, including data minimization and limiting data collection and access.

White House IP Enforcement Coordinator Requests Comments on Development of St...

Patton Boggs LLP

The White House Intellectual Property Enforcement Coordinator (IPEC) has requested public comments on developing a strategic enforcement plan by July 25, 2012. IPEC seeks recommendations on improving government IP enforcement efforts, identifying existing and emerging threats to IP rights, and answering 10 optional questions related to international collaboration, information sharing between government and private sector, improving customs risk assessments, and making more efficient use of government resources to protect IP. Patton Boggs will assist clients in developing and submitting comments on important IP enforcement issues.

This document discusses several key issues relating to open data and access to information: 1) Open data enshrines the concept that data generated by the government with public funds cannot be unreasonably kept from citizens. 2) Access to information lays the foundation for good governance and transparency, allowing citizens to understand what is happening in their society. 3) Both open data and access to information laws must balance transparency with protecting personal privacy and sensitive information.

The Data Retention Directive: recent developments

blogzilla

Where next for the Regulation of Investigatory Powers Act?

blogzilla

This document summarizes recommendations from reports by David Anderson QC, the Intelligence and Security Committee, and RUSI on reforming and consolidating complex UK legislation governing intelligence agencies and investigatory powers. It notes calls to replace existing laws with a new comprehensive bill that clearly defines agencies' powers and capabilities while strengthening oversight and legal safeguards. The government plans to introduce a draft Investigatory Powers Bill for scrutiny later in 2015.

Application of principles of international law to computer networks operation...

Adriana Dvorsak

The document discusses the application of international law principles to computer network operations and management. It covers topics such as individual privacy rights, national security concerns, cyber security concepts, principles of just war theory applied to cyber conflicts, and NATO and EU rules and directives regarding cyber operations and national network security strategies. It also examines issues of sovereignty, self-defense, data protection, mandatory security breach reporting, and the development of cyber capabilities in the EU and among smaller states.

PL&B _UK_80

Lyndsey Shaw

The Trilogue, consisting of the European Commission, European Parliament, and Council of Ministers, committed to adopting the EU Data Protection Regulation and related Police Directive by the end of 2015. The Rapporteur for the European Parliament said agreement could be reached by year's end if all parties compromise. Both directives will be negotiated together as a package. The parties will hold several meetings through July and September to work through the texts article by article. All sides expressed optimism that the tight deadline can be achieved.

Cross Border Privacy : Intellectual Property Issues

Karl Larson

The document discusses various topics related to cross-border privacy and intellectual property issues, including: 1) Models of privacy protection such as comprehensive laws, sectoral laws, self-regulation, and technologies of privacy. 2) The European Union Data Protection Directive and its requirements for personal data processing and transfers to non-European countries. 3) The U.S. Department of Commerce Safe Harbor framework and its seven privacy principles for companies to self-certify compliance. 4) Issues around the transfer of EU airline passenger data to the U.S. and ongoing discussions between the two regions.

New Law on Access to Public Information:

FUSADES

Introduction to Information Policy

Niamh Headon

What is an Information Society Why are Information Policies needed What is an Information Policy Elements of Information Policy Who has Information Policies E-Inclusion Life Long Learning E-Business strategies Infrasture – physical (broadband/e-fibre) Infrastructure – political / Legal and regulatory Copyright, Intellectual Property, Data Protection, Freedom of Information Regulation of Domain Name Spaces ( .ie) E-government Information Policy in Ireland

GDPR presentation BE-Com - IFORI

Karel Holst

This document provides an overview of the General Data Protection Regulation (GDPR) from a legal perspective. It discusses key changes and obligations under the GDPR, including territorial scope, lawfulness of processing, rights of data subjects, roles of controllers and processors, data security requirements, and sanctions for noncompliance. The GDPR aims to strengthen and harmonize data protection across the EU by directly applying in all member states and ensuring free flow of personal data. It applies from May 25, 2018 and organizations should take action now to ensure compliance.

2017 09 13_VOKA The Big Refresh - GDPR - IFORI

Karel Holst

The document provides an overview of the General Data Protection Regulation (GDPR) from a legal perspective. It summarizes the key changes and obligations under the GDPR, including expanded territorial scope, strengthened rights for data subjects, requirements for controllers and processors, data security measures, data breach notification, and increased administrative fines for noncompliance. The presentation emphasizes that organizations should take action to ensure compliance with the GDPR, which applies starting May 25, 2018.

Where next for encryption regulation?

blogzilla

This document discusses issues around encryption regulation. It notes developments in end-to-end encryption and storage encryption. It discusses views from FBI Director James Comey and UK Prime Minister David Cameron calling for access to encrypted communications. It reviews national policies on encryption in the US, India, China and Russia. The Council of Europe and UN Special Rapporteur support strong encryption for privacy and security. Key issues are comparing political economies today versus the 1990s which led to encryption liberalization, and determining appropriate forums for decision making given interests of industry, civil society, states and others.

Cyber Banking Conference

Endcode_org

Data Protection & Risk Management

Endcode_org

This document discusses data protection and risk mitigation under South Africa's Protection of Personal Information Act (POPI). It addresses key issues like identifying personal data and systems impacted by POPI, information security safeguards, records management policies, digital content and app ownership, and considerations for protecting young people's data. The document provides recommendations like conducting a POPI audit, appointing an information officer, and establishing policies regarding privacy, security, and intellectual property.

North Lincolnshire and safer neighbourhoods

localinsight

The document discusses protecting victims and vulnerable people through the use of a Victim and Vulnerable Person Index system. The system identifies those at high risk of victimization by matching and coordinating data across partnership agencies. It provides knowledge required to comply with obligations to protect individuals from ill-treatment. The system also includes a support application to reduce vulnerability through safety plans and services. Practical examples describe protecting individuals' physical safety, online identity, equipment, property and money from crime through various technologies.

Protecting Europe's Network Infrastructure

European Union Agency for Network and Information Security (ENISA)

The document summarizes the role and activities of the European Union Agency for Network and Information Security (ENISA). ENISA works to protect Europe's network infrastructure by advising the EU and member states on cybersecurity strategies and policies. It supports the development and implementation of the EU Cybersecurity Strategy and the EU Network and Information Security Directive. ENISA also assists in developing computer emergency response teams, conducting cybersecurity exercises, and analyzing emerging threats and technologies to secure new business models and critical infrastructure.

NY State's cybersecurity legislation requirements for risk management, securi...

IT Governance Ltd

This webinar illustrates: - The responsibility to appoint a CISO - Application security program (internal and external) and review by the CISO - Overview of the risk assessment policy and procedures - Setting up a program specific to your organization's information systems and business operations - Identifying cyber threats and how to incorporate controls - Maintaining an audit trail to include detection and responses to cybersecurity events - How ISO 27001 and vsRisk can provide the right tools to help you implement a successful program that meets compliance requirements A recording of the webinar can be found here: https://www.youtube.com/watch?v=URfAd2E37Eo

Appointing a Data Protection Officer under the GDPR

IT Governance Ltd

This webinar discusses the following: - The specific situation in which organisations are required to appoint a DPO - The DPO's relation to the controller, processor and senior management/the board - The responsibilities of the DPO - The function of data protection impact assessment under the GDPR - The legal requirements for appointing a DPO A recording of this webinar is available here: https://www.youtube.com/watch?v=U06aooC-MRU

The combined effect of the collective effort

CSSaunders

Online crime

Victim Support Europe

I'm sorry to hear you're going through this difficult situation. Here are a few suggestions: - Screenshot or save evidence of the photos and where they're being shared without your consent. This can help if you decide to report it. - Consider filing a police report for revenge porn or non-consensual pornography. Laws are getting stronger on this issue. The police may be able to get the photos removed or take other legal action against your ex. - Contact websites directly where the photos are posted to report them and request takedown. Many sites have policies against non-consensual sharing of private images. - Seek support from loved ones and consider talking to a counselor. What happened

Day 1 Coop Banks

vngundi

This document discusses cooperation between CERT-Hungary and banks from a cybersecurity perspective. It describes CERT-Hungary's role in information sharing, exercises, and recommendations to improve cybersecurity in the banking sector. It outlines various agreements and information sharing centers established between CERT-Hungary, banks, and financial regulators. It also discusses cybersecurity exercises conducted between 2007-2009 to test communication and response procedures for banks in the event of cyberattacks.

Cybersecurity nl

Mark Johnson

1. The document outlines the national authorities, Computer Emergency Response Teams (CERTs), industry organizations, academic organizations, and other bodies involved in network and information security in the Netherlands. It describes their roles and responsibilities. 2. The key national authorities include several ministries and agencies responsible for areas such as economic affairs, interior, justice, law enforcement, and telecommunications. CERTs provide security incident response for different sectors. 3. Industry organizations represent private companies and coordinate on security issues. Academic groups promote research collaboration. Other organizations focus on awareness, standards, and specific domains like banking. The document provides websites for further information on each organization.

Information security (management) at stake in belgium 2017 v1.2

Dominique Volon

This document discusses information security management in Belgium. It outlines Belgium's journey to increase awareness of information security from 2003 to 2016. It discusses key assets that require protection, such as social security and e-government systems. It also describes governance structures established, including the creation of information security officer roles within the federal public services and the establishment of the BelNIS cybersecurity center. The document argues for an ongoing effort to continue improving information security management in Belgium.

What's hot

Finding balance in the age of open data

Caribbean Open Data Conference & Code Sprint

The Data Retention Directive: recent developments

blogzilla

Where next for the Regulation of Investigatory Powers Act?

blogzilla

Application of principles of international law to computer networks operation...

Adriana Dvorsak

PL&B _UK_80

Lyndsey Shaw

Cross Border Privacy : Intellectual Property Issues

Karl Larson

New Law on Access to Public Information:

FUSADES

Introduction to Information Policy

Niamh Headon

GDPR presentation BE-Com - IFORI

Karel Holst

2017 09 13_VOKA The Big Refresh - GDPR - IFORI

Karel Holst

Where next for encryption regulation?

blogzilla

Cyber Banking Conference

Endcode_org

Data Protection & Risk Management

Endcode_org

North Lincolnshire and safer neighbourhoods

localinsight

Protecting Europe's Network Infrastructure

European Union Agency for Network and Information Security (ENISA)

NY State's cybersecurity legislation requirements for risk management, securi...

IT Governance Ltd

Appointing a Data Protection Officer under the GDPR

IT Governance Ltd

The combined effect of the collective effort

CSSaunders

Online crime

Victim Support Europe

What's hot (19)

Finding balance in the age of open data

The Data Retention Directive: recent developments

Where next for the Regulation of Investigatory Powers Act?

Application of principles of international law to computer networks operation...

PL&B _UK_80

Cross Border Privacy : Intellectual Property Issues

New Law on Access to Public Information:

Introduction to Information Policy

GDPR presentation BE-Com - IFORI

2017 09 13_VOKA The Big Refresh - GDPR - IFORI

Where next for encryption regulation?

Cyber Banking Conference

Data Protection & Risk Management

North Lincolnshire and safer neighbourhoods

Protecting Europe's Network Infrastructure

NY State's cybersecurity legislation requirements for risk management, securi...

Appointing a Data Protection Officer under the GDPR

The combined effect of the collective effort

Online crime

Similar to Day 1 From CERT To NCSC

Day 1 Coop Banks

vngundi

Cybersecurity nl

Mark Johnson

Information security (management) at stake in belgium 2017 v1.2

Dominique Volon

SC7 Workshop 2: Big Data Challenges in Cybersecurity

BigData_Europe

Estonian experience in inclusive e-government by Mr. Arvo Ott, e-Governance A...

Metamorphosis

Quick Guide: EU General Data Protection Regulation and Smart Metering

nuances

Information Security (Management) at Stake In Belgium

Dominique Volon

The document discusses the journey of information security management in Belgium from 2003 to 2016. It began with raising awareness of information security management among political actors and federal public services. Key steps included establishing information security officer roles, adopting ISO 27001 as an information security framework, and developing governance, standards, and best practices. Over time, legal frameworks and institutions for privacy, digital identity, critical infrastructure protection and more were established to shape the information security landscape in Belgium.

Day 1 Large Scale Attacks

vngundi

This document discusses lessons learned from large scale cyber attacks in Hungary and Estonia and proposes policy recommendations. It summarizes a large phishing attack against Hungarian banks coordinated from abroad and distributed denial of service attacks against Estonia from compromised international machines. It describes the national and international responses to these incidents, highlighting coordination between CERT teams. Key lessons identified include the need for improved preparedness, early warning systems, resources for incident response, and international cooperation. The document proposes establishing national cybersecurity strategies, coordination bodies, and regular exercises in countries. It also discusses the value of information sharing organizations in critical infrastructure sectors.

2016 02-14-nis directive-overview isc2 chapter

isc2-hellenic

The document discusses the key aspects of the upcoming EU Directive concerning measures for a high common level of security of network and information systems across the Union. It outlines that the directive will require all EU member states to have a national cybersecurity strategy and designate authorities to cooperate on strategic and operational cybersecurity issues. It also establishes security and incident notification requirements for operators of essential services, such as energy and transport, and digital service providers.

Natasha - WorldBank

DEWAN TIK NASIONAL

This document discusses enabling e-government through broadband implementation at the local government level. It provides examples of how ICT is transforming various government services, such as taxes, business registration, agriculture, transportation, customs, finance and more. It also discusses elements of digital government like shared services, cloud computing and data centers. The World Bank supports digital connectivity, digital economies and digital government through various programs and resources. Case studies from India, Bangladesh, Indonesia and other countries show how the World Bank is assisting governments to improve connectivity, digital services delivery and implement e-government programs.

CCIS Brochure English (Nov 2014)

Gry Helene Stavseng

The document discusses the establishment of the Center for Cyber and Information Security (CCIS) in Norway. It notes that modern societies have become dependent on information and communication technologies, making them vulnerable to cyber threats. In response, key national cybersecurity stakeholders in Norway have partnered to create CCIS, a national center for research, training, and education in cyber and information security. CCIS aims to strengthen Norway's cybersecurity expertise and skills through research, training programs, collaboration, and developing the workforce. It will involve partnerships between universities, government agencies, and private companies.

Austrian experiences in e-gov by Mr. Peter Sonntagbauer, Federal Computing Ce...

Metamorphosis

Austrian experiences in e-gov by Mr. Peter Sonntagbauer, Federal Computing Ce...

Metamorphosis

eGovernment and Interoperability in Italy

Gianmarco Piva

The document discusses e-government and interoperability. It defines interoperability as the ability for diverse systems and organizations to work together. In 2002, developing a European Interoperability Framework became a priority for pan-European e-government strategy. Interoperability benefits citizens through simplified access to government services, and benefits administrative officials and legislation through improved data sharing. The document then discusses Italy's e-government initiatives and interoperability challenges.

Information Society, Estonia

Alianta INFONET

European priorities in information security

European Union Agency for Network and Information Security (ENISA)

The document summarizes the key points of the European Union's cybersecurity strategy, including establishing an open, safe, and secure cyberspace; boosting the EU economy by €500 billion annually by completing the digital single market; and achieving cyber resilience, reducing cybercrime, developing cyberdefense capabilities, and establishing international cyber policy. It outlines the strategy's five strategic objectives and roles for the European Union Agency for Network and Information Security (ENISA) in assisting member states, private sectors, and more.

E invoicing, the role of the pueb-inlviocic administration in the promotion o...

Friso de Jong

1. The document discusses the role of the Spanish Ministry of Industry in promoting the adoption of e-invoicing among small and medium enterprises (SMEs). 2. It addresses the need for public consultation on SME's readiness for e-invoicing given issues around their internet access and use of e-services. Mandatory policies are proposed to drive adoption. 3. The challenges around standardization are outlined given the insufficiency of current standards to enable automated processing. National policies are crucial to drive e-invoicing until standards and markets mature.

Digital Wallonia. Digital Strategy for Wallonia.

Agence du Numérique (AdN)

Andrus Aaslaid - E-government v Estónsku

Slovak Governance Institute

Trends and Prospects in the Information Society:Hungary and the New Member S...

Filipe Mello

Siemens Business Services provides IT services and solutions for government customers. They have experience implementing solutions such as e-government platforms, identity management systems, emergency response systems, and outsourcing IT operations. The document discusses challenges governments face and how SBS's global expertise and range of services can help address issues like rising costs, integration of services, and security needs. Specific examples of SBS projects in countries like Austria, Belgium, and the UK are also summarized.

Similar to Day 1 From CERT To NCSC (20)

Day 1 Coop Banks

Cybersecurity nl

Information security (management) at stake in belgium 2017 v1.2

SC7 Workshop 2: Big Data Challenges in Cybersecurity

Estonian experience in inclusive e-government by Mr. Arvo Ott, e-Governance A...

Quick Guide: EU General Data Protection Regulation and Smart Metering

Information Security (Management) at Stake In Belgium

Day 1 Large Scale Attacks

2016 02-14-nis directive-overview isc2 chapter

Natasha - WorldBank

CCIS Brochure English (Nov 2014)

Austrian experiences in e-gov by Mr. Peter Sonntagbauer, Federal Computing Ce...

eGovernment and Interoperability in Italy

Information Society, Estonia

European priorities in information security

E invoicing, the role of the pueb-inlviocic administration in the promotion o...

Digital Wallonia. Digital Strategy for Wallonia.

Andrus Aaslaid - E-government v Estónsku

Trends and Prospects in the Information Society:Hungary and the New Member S...

More from vngundi

Anatomy of a CERT - Gordon Love, Symantec

vngundi

This document discusses the need for Computer Emergency Response Teams (CERTs) in Africa given increasing internet connectivity and cyber threats on the continent. It outlines the changing digital landscape in Africa, including growing broadband infrastructure and more users. This expands the attack surface for malicious actors. The document then describes the objectives of a CERT in enhancing security awareness, building national expertise, assisting with cyber law, and establishing a central point of contact for incident reporting.

Dealing With Security Threats

vngundi

Dealing with security threats, the director discusses: 1) The current threat landscape including threats to governments, consumers, and examples of security breaches. 2) The anatomy of a security breach including disruption of operations and different types of insiders like well-meaning or malicious. 3) The need for operationalizing security through establishing in-depth defense at the network periphery and endpoints to effectively defend interconnected systems and information sharing.

Cyber Security Strategies and Approaches

vngundi

This document discusses cyber security strategies and approaches used by various governments and organizations. It outlines national strategies from the UK, US, Estonia, and Singapore, as well as approaches at the European Union level. Common themes across strategies include recognizing the interconnected nature of IT systems, moving from attack detection to prevention, and the need for joint public-private collaboration to develop regulations, share intelligence, and protect critical infrastructure and society.

Day 2 Dns Cert 4 Scenarios

vngundi

This document outlines several DNS attack scenarios that will be demonstrated for educational purposes. The scenarios include cache poisoning targeting a nameserver, nameserver redelegation exploiting a vulnerability in a registry system, and malicious use targeting individual systems. Rules of engagement are provided to assure participants that while the demonstrations show potential attacks, no actual malicious activity will occur. Attendees are invited to observe the effects through DNS queries, simulated phishing emails, and traffic analysis on provided virtual machines.

Day 2 Dns Cert 4c Malicious Use

vngundi

- The document describes how DNS can be used maliciously for botnet command and control or amplification attacks, using a demonstration of a DNS bot. - It provides the case study of the Conficker worm which used randomly generated domain names for instructions. A working group registered domains to prevent its activity until it switched to P2P. - The demonstration shows a rogue DNS server instructing the bot to execute commands and post results via DNS queries, which can be seen in Wireshark. - Mitigation strategies include domain blackholes, strengthening registration validation, detection mechanisms, and takedown policies developed with other organizations.

Day 2 Dns Cert 4b Name Server Redirection

vngundi

- The document discusses nameserver redirection attacks and SQL injection attacks against domain name registry systems. - It provides examples of how attackers can change domain name registrations through SQL injection or by directly modifying registry databases to redirect traffic to malicious sites. - A live demonstration shows how SQL injection can be used to enumerate and modify a registry database, redirecting a domain to a rogue IP address and server. - Mitigation strategies include securing web applications, validating input, using authentication for changes, and information sharing about attacks.

Day 2 Dns Cert 4a Cache Poisoning

vngundi

- The document describes a demonstration of a DNS cache poisoning attack. It provides instructions for setting up the attack using tools on a Ubuntu VM. The attack spoofs DNS responses to redirect traffic from a domain to a malicious IP address controlled by the attacker. This could enable realistic phishing attacks. Mitigation strategies include DNSSEC, SSL, and monitoring recursive DNS servers, but user awareness remains important.

Day 2 Dns Cert 3 Dns Organizations

vngundi

This document discusses organizational structures and policies related to DNS security. It outlines the various entities involved in managing DNS, including ICANN, IANA, RIRs, registries and registrars. It describes different registry models and where customer data is stored. It emphasizes that policies govern how registries operate and deal with issues like registrant requirements, dispute resolution, information release and takedown procedures. Developing comprehensive policies is important but also controversial as there are many stakeholders with differing needs.

Day 1 Enisa Setting Up A Csirt

vngundi

The document provides an introduction to setting up a Computer Security Incident Response Team (CSIRT). It discusses the history of CERTs and internet security incidents. The document outlines the key components of establishing a CSIRT, including developing an overall strategy, business plan, operational procedures, training, and project plan. It also covers defining the CSIRT's services, organizational structure, and information security policies. The goal is to provide guidance on effectively planning and implementing a CSIRT to respond to cybersecurity incidents.

More from vngundi (9)

Anatomy of a CERT - Gordon Love, Symantec

Dealing With Security Threats

Cyber Security Strategies and Approaches

Day 2 Dns Cert 4 Scenarios

Day 2 Dns Cert 4c Malicious Use

Day 2 Dns Cert 4b Name Server Redirection

Day 2 Dns Cert 4a Cache Poisoning

Day 2 Dns Cert 3 Dns Organizations

Day 1 Enisa Setting Up A Csirt

Recently uploaded

Letter and Document Automation for Bonterra Impact Management (fka Social Sol...

Jeffrey Haguewood

Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows. We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases. This video focuses on automated letter generation for Bonterra Impact Management using Google Workspace or Microsoft 365. Interested in deploying letter generation automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.

Serial Arm Control in Real Time Presentation

tolgahangng

Energy Efficient Video Encoding for Cloud and Edge Computing Instances

Alpen-Adria-Universität

Fueling AI with Great Data with Airbyte Webinar

Zilliz

Main news related to the CCS TSI 2023 (2023/1695)

Jakub Marek

An English 🇬🇧 translation of a presentation to the speech I gave about the main changes brought by CCS TSI 2023 at the biggest Czech conference on Communications and signalling systems on Railways, which was held in Clarion Hotel Olomouc from 7th to 9th November 2023 (konferenceszt.cz). Attended by around 500 participants and 200 on-line followers. The original Czech 🇨🇿 version of the presentation can be found here: https://www.slideshare.net/slideshow/hlavni-novinky-souvisejici-s-ccs-tsi-2023-2023-1695/269688092 . The videorecording (in Czech) from the presentation is available here: https://youtu.be/WzjJWm4IyPk?si=SImb06tuXGb30BEH .

leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...

alexjohnson7307

Your One-Stop Shop for Python Success: Top 10 US Python Development Providers

akankshawande

Driving Business Innovation: Latest Generative AI Advancements & Success Story

Safe Software

Are you ready to revolutionize how you handle data? Join us for a webinar where we’ll bring you up to speed with the latest advancements in Generative AI technology and discover how leveraging FME with tools from giants like Google Gemini, Amazon, and Microsoft OpenAI can supercharge your workflow efficiency. During the hour, we’ll take you through: Guest Speaker Segment with Hannah Barrington: Dive into the world of dynamic real estate marketing with Hannah, the Marketing Manager at Workspace Group. Hear firsthand how their team generates engaging descriptions for thousands of office units by integrating diverse data sources—from PDF floorplans to web pages—using FME transformers, like OpenAIVisionConnector and AnthropicVisionConnector. This use case will show you how GenAI can streamline content creation for marketing across the board. Ollama Use Case: Learn how Scenario Specialist Dmitri Bagh has utilized Ollama within FME to input data, create custom models, and enhance security protocols. This segment will include demos to illustrate the full capabilities of FME in AI-driven processes. Custom AI Models: Discover how to leverage FME to build personalized AI models using your data. Whether it’s populating a model with local data for added security or integrating public AI tools, find out how FME facilitates a versatile and secure approach to AI. We’ll wrap up with a live Q&A session where you can engage with our experts on your specific use cases, and learn more about optimizing your data workflows with AI. This webinar is ideal for professionals seeking to harness the power of AI within their data management systems while ensuring high levels of customization and security. Whether you're a novice or an expert, gain actionable insights and strategies to elevate your data processes. Join us to see how FME and AI can revolutionize how you work with data!

Recommendation System using RAG Architecture

fredae14

Artificial Intelligence for XMLDevelopment

Octavian Nadolu

In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject. We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup. Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved. The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring. The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise. By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.

Generating privacy-protected synthetic data using Secludy and Milvus

Zilliz

During this demo, the founders of Secludy will demonstrate how their system utilizes Milvus to store and manipulate embeddings for generating privacy-protected synthetic data. Their approach not only maintains the confidentiality of the original data but also enhances the utility and scalability of LLMs under privacy constraints. Attendees, including machine learning engineers, data scientists, and data managers, will witness first-hand how Secludy's integration with Milvus empowers organizations to harness the power of LLMs securely and efficiently.

Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf

flufftailshop

When it comes to unit testing in the .NET ecosystem, developers have a wide range of options available. Among the most popular choices are NUnit, XUnit, and MSTest. These unit testing frameworks provide essential tools and features to help ensure the quality and reliability of code. However, understanding the differences between these frameworks is crucial for selecting the most suitable one for your projects.

Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...

saastr

How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf

Chart Kalyan

A Comprehensive Guide to DeFi Development Services in 2024

Intelisync

DeFi represents a paradigm shift in the financial industry. Instead of relying on traditional, centralized institutions like banks, DeFi leverages blockchain technology to create a decentralized network of financial services. This means that financial transactions can occur directly between parties, without intermediaries, using smart contracts on platforms like Ethereum. In 2024, we are witnessing an explosion of new DeFi projects and protocols, each pushing the boundaries of what’s possible in finance. In summary, DeFi in 2024 is not just a trend; it’s a revolution that democratizes finance, enhances security and transparency, and fosters continuous innovation. As we proceed through this presentation, we'll explore the various components and services of DeFi in detail, shedding light on how they are transforming the financial landscape. At Intelisync, we specialize in providing comprehensive DeFi development services tailored to meet the unique needs of our clients. From smart contract development to dApp creation and security audits, we ensure that your DeFi project is built with innovation, security, and scalability in mind. Trust Intelisync to guide you through the intricate landscape of decentralized finance and unlock the full potential of blockchain technology. Ready to take your DeFi project to the next level? Partner with Intelisync for expert DeFi development services today!

Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...

Jeffrey Haguewood

Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows. We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases. This video focuses on integration of Salesforce with Bonterra Impact Management. Interested in deploying an integration with Salesforce for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.

HCL Notes and Domino License Cost Reduction in the World of DLAU

panagenda

Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-and-domino-license-cost-reduction-in-the-world-of-dlau/ The introduction of DLAU and the CCB & CCX licensing model caused quite a stir in the HCL community. As a Notes and Domino customer, you may have faced challenges with unexpected user counts and license costs. You probably have questions on how this new licensing approach works and how to benefit from it. Most importantly, you likely have budget constraints and want to save money where possible. Don’t worry, we can help with all of this! We’ll show you how to fix common misconfigurations that cause higher-than-expected user counts, and how to identify accounts which you can deactivate to save money. There are also frequent patterns that can cause unnecessary cost, like using a person document instead of a mail-in for shared mailboxes. We’ll provide examples and solutions for those as well. And naturally we’ll explain the new licensing model. Join HCL Ambassador Marc Thomas in this webinar with a special guest appearance from Franz Walder. It will give you the tools and know-how to stay on top of what is going on with Domino licensing. You will be able lower your cost through an optimized configuration and keep it low going forward. These topics will be covered - Reducing license cost by finding and fixing misconfigurations and superfluous accounts - How do CCB and CCX licenses really work? - Understanding the DLAU tool and how to best utilize it - Tips for common problem areas, like team mailboxes, functional/test users, etc - Practical examples and best practices to implement right away

AWS Cloud Cost Optimization Presentation.pptx

HarisZaheer8

This presentation provides valuable insights into effective cost-saving techniques on AWS. Learn how to optimize your AWS resources by rightsizing, increasing elasticity, picking the right storage class, and choosing the best pricing model. Additionally, discover essential governance mechanisms to ensure continuous cost efficiency. Whether you are new to AWS or an experienced user, this presentation provides clear and practical tips to help you reduce your cloud costs and get the most out of your budget.

WeTestAthens: Postman's AI & Automation Techniques

Postman

Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...

Tatiana Kojar

Skybuffer AI, built on the robust SAP Business Technology Platform (SAP BTP), is the latest and most advanced version of our AI development, reaffirming our commitment to delivering top-tier AI solutions. Skybuffer AI harnesses all the innovative capabilities of the SAP BTP in the AI domain, from Conversational AI to cutting-edge Generative AI and Retrieval-Augmented Generation (RAG). It also helps SAP customers safeguard their investments into SAP Conversational AI and ensure a seamless, one-click transition to SAP Business AI. With Skybuffer AI, various AI models can be integrated into a single communication channel such as Microsoft Teams. This integration empowers business users with insights drawn from SAP backend systems, enterprise documents, and the expansive knowledge of Generative AI. And the best part of it is that it is all managed through our intuitive no-code Action Server interface, requiring no extensive coding knowledge and making the advanced AI accessible to more users.

Recently uploaded (20)

Letter and Document Automation for Bonterra Impact Management (fka Social Sol...

Serial Arm Control in Real Time Presentation

Energy Efficient Video Encoding for Cloud and Edge Computing Instances

Fueling AI with Great Data with Airbyte Webinar

Main news related to the CCS TSI 2023 (2023/1695)

leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...

Your One-Stop Shop for Python Success: Top 10 US Python Development Providers

Driving Business Innovation: Latest Generative AI Advancements & Success Story

Recommendation System using RAG Architecture

Artificial Intelligence for XMLDevelopment

Generating privacy-protected synthetic data using Secludy and Milvus

Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf

Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...

How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf

A Comprehensive Guide to DeFi Development Services in 2024

Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...

HCL Notes and Domino License Cost Reduction in the World of DLAU

AWS Cloud Cost Optimization Presentation.pptx

WeTestAthens: Postman's AI & Automation Techniques

Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...

Day 1 From CERT To NCSC

1. From CERT-Hungary to National Cybersecurity Centre Ferenc Suba LLM, MA Chairman of the Board PTA CERT-Hungary Vice-chair of the MB ENISA

3. CERT-Hungary - Started as a project by the Ministry of IT and Communications, now under Prime Minister’s Office - Partnership Agreements with: National Communications Authority, Financial Regulatory Authority, Prime Minister’s Office, National Bureau of Investigation - Accredited member of FIRST, TI, EGC - Operator of the National Alert Service of Communications as contractor - Responsible for information security of the e-gov backbone network - Trusted partner of the banking and energy sector (WGs) in CIIP, regular exercises -- International co-operations: FI-ISAC, Meridian, IWWN -- CERT capacity building: Bulgaria, South Africa

4. Government Foundation - Theodore Puskás Government Foundation - Founded in 1993 by the Government of Hungary, academia, business companies - Governed by the Civil Code, Act on Public Benefit Organisations - Part of the yearly state budget - Supervised by the Prime Minister’s Office - Engaged in technology transfer, information security - Entitled to have business activities (max. 20% of the yearly income) - Flexible organisation, staff motivation, survives government changes - Think tank, preparation of regulation, project management, technical service

5. e-Commerce Act - Only tool to motivate the ISPs - Liability clauses: indirect liability for ISPs = ISP is liable for any wrongdoing committed through its system if ISP does not co-operate to make the wrongdoing impossible - Reason: criminals are anonymous + attacks come through the ISPs + only ISPs can effectively take measures against them - Liability forms vary according to the function: content provider, storage provider, access provider, cache provider, information location tool provider - Principle: ISPs liability stands as of an e-mail about the wrongdoing committed through its system has been received

6. Ministerial Decree on National Alert Service for Communications - Regulates CIIP in communications sector - Defines critical infrastructures legally - Defines incidents flexbily (list updated by the National Communications Authority) - Designates 8 communications providers (biggest ones) - Reporting obligation of the designated providers - Reports on incidents affecting at least 1000 users - Reports received and distributed by the Alert Service Centre - Distribution list: Ministries, Centre for Crisis Management, Services - Alert Service Centre outsourced to CERT-Hungary, under the supervision of the National Communications Authority

7. Government Decree No 223/2009. on the security of public electronic services - Sections 8-10: National Cybersecurity Centre - Tasks: crisis management, central governmental system, National Alert Service for Communications, awareness raising, preparation of policy, CIIP collaboration, international representation - Control: Prime Minister’s Office, IT Security Supervisor - Framework: Theodore Puskás Government Foundation, by a public service agreement - Basic services free for the government, value-added services for payment

8. The Hungarian model - Bottom-up approach, 5 years of evolution - Establish a flexible organisation - Be close to central government -- Use ENISA and partner MSs as leverage -- Have very strong international background -- Build up PPPs with interested private sectors -- Be not only technical (crisis management, awareness raising, policy making, national and international collaboration) -- Distribute your financial resources (state budget, state project contracts, service contracts, EU and national research projects)

9. Thank you for your attention and patience! PTA CERT-Hungary www.cert-hungary.hu Puskás Tivadar Közalapítvány www.neti.hu ENISA www.enisa.europa.eu

Day 1 From CERT To NCSC

Recommended

Recommended

More Related Content

What's hot

What's hot (19)

Similar to Day 1 From CERT To NCSC

Similar to Day 1 From CERT To NCSC (20)

More from vngundi

More from vngundi (9)

Recently uploaded

Recently uploaded (20)

Day 1 From CERT To NCSC