Information & Cyber Security
Capabilities In Georgia
Tbilisi, 20 Nov 2015
Irakli Lomidze
Overview
Information and Cyber
Security
In Georgia
Institution Organization In Georgia
State Security and Crisis
Management Council
been established in January 2014
Under the Direct Subordination of the Prime-Minister
Ministry of Justice
Data Exchange Agency
Has been established in January 2010
Under Supervision on MoJ of Georgia
1) E-Government Development
2) Information Security Development.
3) CERT.GOV.GE Operate.
Military
Public
Sector
+ SCIS
State
Secret
MoIA Cyber Crime
Division 24/7 International
Contact Point
has been established In December 2012 as a
Structural Unit of the Ministry of Internal Affairs
Ministry of Defense
Cyber Security Bureau
established in 2014 Under Supervision of
Ministry of Defense of Georgia (MoD)
Cybercrime division is the only agency
that has Investigatory functions on all
types of Cyber Incidents;
Military
Public
Sector
+ SCIS
State
Secret
Military
Public
Sector
+ SCIS
State
Secret
Legislation
Legislation
Cyber Security Strategy
for 2013–2015
1.
2.
3.
4.
5.
•
•
•
•
•
•
•
•
National Security
Concept and Threat
Assessment Document
Information Security Law
(2012)
Personal Data Protection
( 2012)
Cyber Crime Chapter on Crime Code. (U 2010)
Criminal Procedural Code (August 2014
Amendments)
List of Critical Informational Infrastructure
1.
2.
Budapest Convention on Cyber Crime All Major
IPR Conventions
Processing of Personal Data Conventions (1981)
CERT.GOV.GE Computer emergency Response Team Charter
Presidential Decrees Approval List of Critical Information System Subjects.
Requirements of Information Security Officer working in Critical Information System Subjects.
Order of Network Sensor Configuration.
Order of Minimal Security Requirements for Critical Information System Subjects.
Order of Asset Management Requirements for Critical Information System Subjects.
Order of Information Security Audit Body Accreditation.
Order of Information Security Audit Requirements in Critical Information System Subjects
• Order on Computer Emergency Response Team - Legal Entity under Public Law of Cyber Security Bureau
• Order on the Minimal Requirements for Information Security
• Order on the Rules for Information Asset Management.
Georgian National Security Concept
2011 Year First Time, Cyber is equal Domain to:
Land
Air
Water
Cyber
CYBER SECURITY STRATEGY OF GEORGIA
Strategy for 3 year 2013-2015 with Action plan
Basic Principles – Cyber Security Strategy
•
•
•
Whole-of-Government Approach.
Public-private cooperation.
Active international cooperation.
Content of Strategy
1.
2.
3.
4.
5.
Research and analysis
New legislative framework
Institutional coordination for ensuring cyber security
Public awareness and education
International cooperation
Strategy for 3 year 2016-2018 is under development
Information Security Law
Who is the Critical information system subject ?
a legal entity or state agency whose uninterrupted operation of its information systems is
important for the defense and/or economic security of the state, as well as for normal
functioning of the state and/or society;
Law of Georgia on Information Security
Also: Critical information system subjects in the field of defense
Legislation Approach
Organizations with in Critical Information systems subject’s list need to
establish appropriate level of security of core business processes
Law does not define specific measures for security.
Risk landscape is an unique for each organization.
Each organization understands their risks better than anyone other.
Law Requirements
Organization should have
• To be compliance with a Minimal Security requirements (Implement
Information Security Management System)
• Documentation
•
•
•
Information Security Policy
Defined scope of Information security management system
Conduct audit of Information security management system
• Order of Minimal Security Requirements for Critical Information System Subjects.
• Order of Asset Management Requirements for Critical Information System Subjects.
Organization should define role of
• Information Security Manager
• Cyber security specialist;
• Requirements of Information Security Officer working in Critical Information System Subjects.
• CERT.GOV.GE Computer emergency Response Team Charter
Order of Minimal Security Requirements for Critical Information System Subjects.
Based on ISO/IEC 27001 - Information security management system
Year 1:
Planning
Planning of Information Security Management System;
Asset identification, Risk Assessment, Risk Treatment Plan;
Year 2:
Implementation:
Implementing of Controls according Risk treatment Plan
Year 3:
Monitoring and correction:
Conduct Audit of Information Security Management
System, Measure Controls effectives; Corrective Actions.
Order of Asset Management Requirements for Critical Information System Subjects.
Based on ISO/IEC 27005:2011 Information technology — Security techniques —
Information security risk management
Defines guide for organization on managing information security risks.
Order of Information Security Audit Body Accreditation.
Order of Information Security Audit Requirements in Critical Information System Subjects
Organizations have to be accredited by DEA to performing compliance audit again
Information security Law.
Accreditation does not required to the ISO Pre\Certification Audit.
Order of Requirements of Information Security Managers in Critical Information System Subjects.
Describes functions and competence of Information Security Manager.
Possibility of Organization to check competence Level of Info Sec Manager
Order of CERT
Describes CERT.GOV.GE Functions and Constituency
CERT.GOV.GE is National and Governmental CERT
Order of Network Sensor Configuration.
Law declares it as possibility and not a requirements
DEA are not listening of traffic content
Sensors Configurations are open
2015 there amendment of Network Sensor configuration order
Type 1 and Type 2 Sensors Defined.
Data Exchange Agency
Core Services
Data Exchange Agency
Information Security and Policy Division
Established In 2010
Under Supervision of Ministry of Justice Georgia
Information Security policy development, implementation, monitoring, development.
CERT.GOV.GE (Computer Emergency Response Team)
Team Competence
Information Security Team
All Team Members are BSI Certified Professionals:
BSI/ISO 27001 (Information Security) LI/LA
5 Member of Team
BSI/ISO 22301 (Business Continuity) LI/LA
4 Member of Team
BSI/ISO 9001 (Quality Management) LA
5 Member of Team
ISO 31000 (Risk Management)
4 Member of Team
CISM (Certified Information Security Manager)
4 Member of Team
CISA (Certified Information System Auditor)
2 Member of Team
CRISC (Certified in Risk and Information Systems Control)
1 Member of Team
CGEIT (Certified in the Governance of Enterprise IT)
1 Member of Team
Information Security Services
ISO Management System Consulting Service
Review of Information Security Management documentation: Policy, Plans,
Audit report and etc.
39 Organization
ISMS Implementation Service
Service Development Agency;
Public Registry of Georgia
2 Organization
Certified Course in Management Systems
( Introduction, Implementation and Internal Audit in Information Security
Management Systems, Certification Exam).
More than 250
Professional
NATO SPS Project Trained Professionals from Moldova, Montenegro,
Azerbaijan, Ukraine, Mongolia
More than 100
Professional
Information Systems Audit Service
JSC Georgian State Electro system (GSE)
1 Organization
Consulting Services
Support on implementation of Legal requirements
•
•
•
Awareness for Organization's Management
ISMS Documentation Review
Recommendation in every stage (Pre, Implementation, Post)
Implementation of Management System
•
•
•
Information Security ISO 27001
Business Continuity ISO 22301
Quality Management ISO 9001
Consulting on establishment Risk management
Audit Services
Audit of Management Systems
•
•
•
Information Security ISO 27001
Business Continuity ISO 22301
Quality Management ISO 9001
Information System Audit
Training Course
Introduction on Information Security Management System
5 Day Course:
• Introduction on Information Security Management
System.
• Information Security Legislation Review.
• Information Security Standard ISO 27001 Review.
• Implementation of Information Security Management
System.
• Auditing of Information Security Management System
• DEA Certification Exam
New Courses are coming in 2016
Totally Up to 250 Georgian Professional
Course Language:
Georgian
English (Short Course)
CERT.GOV.GE
We are the member of :
The Trusted Introducer - a.k.a. TI - is the trusted backbone
of the Security and Incident Response Team community in
Europe
FIRST is an international confederation of trusted computer
incident response teams who cooperatively handle computer
security incidents and promote incident prevention programs.
The Cyber security Executing Arm Of The UNITED NATIONS
SPECIALISED AGENCY of The International Telecommunication Union (ITU)
Obtaining the trademark “CERT” Officially.
CERT.GOV.GE
Established in 2011
Partners:
CERT-EE
CERT.GOV.GE Team
All Team Members are SANS Certified Professionals:
SANS GIAC Certified Professionals
Systems and Network Auditor (GSNA)
Trained by Terena (TI)
CERT.GOV.GE (Computer Emergency Response Team)
Services and Activities
Proactive Services: (Free)
•
Incident Handling Support and Consulting
•
National Incident Database
•
Detection of Infected Web Sites
•
Safe DNS (Safe Internet)
•
Check My IP Service
Special Services:
•
Source Code Analyze Service.
•
Malware Analyze Service.
•
Vulnerability Annalise Service
Monitoring Service
•
•
IP Monitoring Services.
Network Monitoring System
Special Activities & Awareness
•
•
Cyber Security Forum
Annual GITI Regional Conference
•
•
•
•
Website (dea.gov.ge),
Facebook (certgovge)
Media Campaign (TV, Internet)
Wall Calendar
Course in Cyber Security and Incident Handling
Basic Incident Handling
NATO SPS Project Trained Professionals from Afghan, Macedonia, Montenegro, Moldova, Montenegro,
Azerbaijan, Ukraine
CERT.GOV.GE
Separate Presentation about CERT.GOV.GE
By David Kvatadze
SEESION III 14:30-16:30
DEA Activates
Georgian Information Security Forum (Abuse Forum)
Georgian Cyber Security Forum (Abuse Forum)
More than 50 active professionals from
governmental and commercial organizations
5 Annual extended meetings
Started formalization Process
CYBER-EXE GEORGIA
2014 (16 Organization (Commercial and government Sector)
Blue Team
Red Team
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Education Management Information System
National Public Registry
Ministry of Labour Health
MagtiCom
Bank of Georgia
Grena
Ministry of Internal Affairs
National Bank of Georgia
Cyber Security Bureau
Smart Logic
state chancelary
Geocell
VTB Bank
Ministry of Finance of Georgia
Public Service Development Agency
Free University of Tbilisi
CYBER-EXE 2015 GEORGIA
19 Organization (Commercial and government Sector)
2015 November 27
CERT-GOV-GE
COMCERT.pl
Regional Cooperation
Moldova CERT
We Support them in various activities
Azerbaijan
Sponsor them became Trusted Introducer List member,
Support To FIRTS Membership
Poland
Sponsor COMcert.pl became Trusted Introducer List member
Turkey
Joined Training for developing countries
Contribution in NATO SPS Trainings
Cyber Defense Training for IT Professionals
2-3 Day Cyber and Information Security Sessions:
• Afghanistan
• Moldova
• Macedonia
• Montenegro
• Azerbaijan
• Ukraine
• -> Mongolia
Totally Up to 150 Professional
Q/A
Thank you for your attention
Contact Information for Data Exchange Agency:
Phone: +995 (32) 2 91 51 40
E-mail: [email protected]; [email protected]
Web: www.dea.gov.ge