30/09/2021 1 EU4DIGITAL STEERING COMMITTEE – CYBERSECURITY EAST PROJECT ACTIVITIES 1 ST OCTOBER, 2021 Project implemented by Beneficiary 6 EaP Countries EUROPEAN COMMISSION NEIGHBOURHOOD AND ENLARGEMENT NEGOTIATIONS C - Neighbourhood East and Institution Building DG NEAR C1 Besnik LIMAJ Team Leader 2 PROJECT SYNOPSIS 1
34
Embed
Besnik LIMAJ Team Leader PROJECT SYNOPSIS - EU4Digital
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Project Funded by: EUROPEAN UNION’S NEIGHBOURHOOD INSTRUMENTTotal Budget: 3.1 Million Euros
Launched and Duration: January 2020 – 36 Months
Partner Countries: EAP – ARMENIA, AZERBAIJAN, BELARUS, GEORGIA, REPUBLIC OF MOLDOVA AND UKRAINE
TEAM OF KEY EXPERTSTeam Leader –Besnik Limaj30 years of work in software engineering, architect of various e-government one-stop-shops and Cyber SecurityTeam Leader of the first EU funded Cyber Security Project – ENCYSECTeam Leader of project for CIIP and OeS and KE for Cyber Security Risk Assessment in SeychellesAdvanced Ethical Hacking, Pentesting, Wireshark and excellent knowledge of programming languagesExtensive knowledge in exchanging encrypted data with EUROSTAT and National Statistical InstitutesKey Expert 2 – Epp Maaten20 years of work in ICT, e-government and Cyber Security4 years in senior management position with Estonian Information System AuthorityDirector of the Cyber Security Programme at the Estonian e-Governance AcademyIT Auditor at the National Audit Office in Estonia15 years of experience as Senior Information Security Consultant and in conducting resilience assessment of complex, large-scale ICT environmentsComprehensive knowledge of EU and International Standards, frameworks and legislation (NIST, ISO 27001, CIS Critical Controls, EU Cybersecurity Act, EU NIS directive, GDPR, Budapest Convention)Key Expert 3 – Andrew James Humphrys
30/09/2021
3
CONSORTIUM
One of the largest
development
cooperation
consultancies in
the European
market based in
Hamburg
Founded for the creation and transfer of knowledge concerning e-governance, e-democracy and the development of civil society based in Estonia
Many years of experience developing and securing national digital transformation and cyberspace initiatives
Operates a remote office in Kyiv
Publishes and updates the national cyber security index (NCSI) and conducted EaP Situational Review
ICT and cybersecurity management
consultancy and subsidiary of T-Systems
International of Deutsche Telekom
based in Germany
Strong experience working with
providers of critical infrastructure /
compliance with NIS Directive
BSI - German NIS designated national cyber-competent authority (NCA)
Actively contributed expertise to EU bodies for more than 10 years
Expert Divisions “Critical Infrastructures” and “Operational Cyber Security - Response” involved at technical level
Supporting project with stakeholder outreach
Full service, PR and Communications consultancy based in Cyprus
Operates national offices in all EaP countries and an EU office in Brussels
Can support communication and visibility, outreach regionally and locally with skilled communication experts
400Permanent
Staff
400Permanent
Staff
400Permanent
Staff
1,500Engaged Experts globally
1,500Engaged Experts globally
1,500Engaged Experts globally
3,000ProjectsIn 130
Countries
3,000ProjectsIn 130
Countries
3,000ProjectsIn 130
Countries
30,000Network
of Experts globally
30,000Network
of Experts globally
30,000Network
of Experts globally
19Office
Worldwide
19Office
Worldwide
19Office
Worldwide
160 CountriesCompleteProjects
160 CountriesCompleteProjects
160 CountriesCompleteProjects
6
CYBERSECURITYEAST
COMPONENTS 2
30/09/2021
4
THREE COMPONENTS
C O M P O N E N T
1
Strengthened national
cybersecurity governance and
legal frameworks in line with
the EU NIS Directive;
Identification of Operators
of Essential Services
(OES’s) in line with NIS
Directive
Increased
operational
capabilities for cyber
incidents and crisis
management.
C O M P O N E N T
3
C O M P O N E N T
2
COMPONENT 3OPERATIONAL CAPABILITIES FOR CYBER INCIDENTS AND CRISIS
MANAGEMENT ARE INCREASED
Enhance Regional Cooperation between CERTs0101 National/governmental CSIRTs/CERTs designated and set-up0202030304040505
Ensure cooperation between national/governmental CSIRTs/CERTs and owners/service providers of critical information infrastructure and OES. Establish a reporting, monitoring and threat assessment mechanismsStrengthened regional and international cooperation on cyber incident-response mitigation and management, where applicable
30/09/2021
5
9
METHODOLOGY
CYBER SECURITY TABLE-TOP EXERCISESIMULATION OF CYBER ATTACK – ROLE PLAYING EXERCISE
30/09/2021
6
11
CYBER SECURITY TECHNICAL EXERCISE (CYBERDRILL)
CYBER SECURITY TECHNICAL EXERCISE
30/09/2021
7
TRAINING ON INCIDENT RESPONSE AND OPEN SOURCE
INTELLIGENCE (OSINT)
HANDSON TRAINING WORKSHOPS FOR CERT’S
Block I - CSIRT Organisation -
Block II - CSIRT Operations
Block III - Attacks techniques -
Block IV - Training on Certified Ethical Hacker –
Block V - Incident Investigation: from SIEM to Log Analysis, a real hands-on investigation
30/09/2021
8
15
TAILOR MADE ACTIVITIES
INTERNATIONAL COOPERATION
30/09/2021
9
17
CURRENT ACTIVITIES 3
CYBERSECURITY EAST – CYBEREAST JOINT ACTIVITIES
30/09/2021
10
CYBERSECURITY EAST – CYBEREAST JOINT ACTIVITIES
DEVELOPMENT OF STANDARD OPERATING PROCEDURES FOR
COOPERATION BETWEEN CSIRTS AND LAW ENFORCEMENT
WORKSHOPS & EXERCISES – ONLINE PRESENCE
30/09/2021
11
TOPICS:
• Common taxonomy,
• Incident Handling,
• Flow of information
across CSIRTs, LE and
Judiciary, Segregation of
duties,
• Criminal Intelligence
• Evidence collection vs
damage mitigation
TOPICS:
• Common taxonomy,
• Incident Handling,
• Flow of information
across CSIRTs, LE and
Judiciary, Segregation of
duties,
• Criminal Intelligence
• Evidence collection vs
damage mitigation
COMMON TAXONOMY
CERT.PT
TAXONOMY
WAS THE BEST FITTING
FOR THE EXCHANGE
OF INFORMATION
BETWEEN THE CSIRTS
AND LEAS.
The Common Taxonomy
bridges the gap between the CSIRTs and international
LE communities by adding a
legislative framework to facilitate the
harmonisation of incident reporting
to competent authorities
The Common Taxonomy
bridges the gap between the CSIRTs and international
LE communities by adding a
legislative framework to facilitate the
harmonisation of incident reporting
to competent authorities
The Common Taxonomy
helps development of useful statistics and
sharing information within the entire
CYBER ECOSYSTEM!
The Common Taxonomy
helps development of useful statistics and
sharing information within the entire
CYBER ECOSYSTEM!
30/09/2021
12
FLOW OF INFORMATION ACROSS CSIRTS, LE AND JUDICIARY
SEGREGATION OF DUTIES (SOD MATRIX)
30/09/2021
13
ROLES OF CSIRT’S, LE AND JUDICIARY IN DIFFERENT PHASES OFCRIMINAL INVESTIGATION
INCIDENT HANDLING PROCESS
30/09/2021
14
30/09/2021
15
MOLDOVA CYBER WEEK 2020MOLDOVA CYBER WEEK 2020
SUPPORT THE
CONFERENCE
AND THE WORKSHOP
WITH SPEAKERS
AND TRAINERS
SUPPORT THE
CONFERENCE
AND THE WORKSHOP
WITH SPEAKERS
AND TRAINERS
30/09/2021
16
31
Incident Response
and Threat Hunt
Training
Thursday,
26th November,
2020
09:30 – 12:45
Incident Response
and Threat Hunt
Training
Thursday,
26th November,
2020
09:30 – 12:45
Cyber Risk
Management in
the Information
Age
Training
Friday,
27th November,
2020
09:30 – 14:00
Cyber Risk
Management in
the Information
Age
Training
Friday,
27th November,
2020
09:30 – 14:00
MOLDOVA CYBER WEEK 2020 TRAINING ACTIVITIES
CYBERSECURITY AND HUMAN RIGHTSWEBINAR – DECEMBER 2020
30/09/2021
17
WEBINAR – INTRODUCTION TO SOCIAL ENGINEERINGJANUARY 2021
WEBINAR – INTRODUCTION TO SOCIAL ENGINEERINGJANUARY 2021
30/09/2021
18
WEBINAR – CYBER HYGIENE TRAININGJANUARY 2021
GAP ANALYSIS – ENISA GUIDELINES – NIS DIRECTIVE –JANUARY – FEBRUARY 2021
30/09/2021
19
OVERVIEW OF KEY ELEMENTS OF NATIONAL CYBERSECURITY STRATEGIES
JANUARY – FEBRUARY 2021
Develop national cyber
contingency plans
Protect critical information
infrastructure
Establish incident reporting
mechanisms
Establish baseline security
measures
Organise cyber security
exercises
Raise user awareness
Strengthen training and
educational programs
Engage in international
cooperation
Address cyber crime
Establish an incident response
capability
Establish a public-private
partnership
Balance security with privacy
and data protection
Provide incentives for the
private sector to invest in sec.
measures
Foster R&D in cyber security
Institutionalise cooperation
between public agencies
Source: ENISA NCSS Good Practice Guide
JOINT WEBINAR - HATE SPEECH AND RESTRICTIVE MEASURES –26 FEBRUARY 2021
30/09/2021
20
TRAINING WORKSHOP – DEFENSIVE SOCIAL ENGINEERING
MARCH 2021
5 DAY - INTENSIVE CISSP TRAININGAPRIL 2021
30/09/2021
21
PRESENTATION OF GAP ANALYSIS OF CYBERSECURITY STRATEGY IN FRONT OF THE MP’S, VICEPRIME MINISTER, NSDC WHO IS IN CHARGE OF THE STRATEGY AND OTHER STAKEHOLDERS …