www'CASES'lu - PowerPoint PPT Presentation

1 / 21
About This Presentation
Title:

www'CASES'lu

Description:

CASES a Luxembourg initiative to reduce the digital divide in information security ... Deployment of malware collection tools CSRRT-LU ... – PowerPoint PPT presentation

Number of Views:25
Avg rating:3.0/5.0
Slides: 22
Provided by: CRM94
Category:

less

Transcript and Presenter's Notes

Title: www'CASES'lu


1
(No Transcript)
2
www.CASES.lu (Cyberworld Awareness and Security
Enhancement Structure) CASES a Luxembourg
initiative to reduce the digital divide in
information security 16.05.2007
3
  • Agenda
  • Introduction
  • The national strategy
  • CASES The approach

4
  • Introduction
  • The actual situation in Luxembourg
  • Modern communication technologies offer many
    opportunities for business and customers
  • SME invest in IT but are not willing to invest in
    B2C
  • Resource consuming
  • Lack of know-how
  • Afraid of the risks
  • Citizens mainly adopt these technologies for
    home usage
  • Lack of trust and confidence
  • Low level of know-how

5
  • Introduction
  • The actual situation in Luxembourg
  • We observe that
  • IT is broadly used by SMEs and citizens, but only
    internally
  • E-commerce is not spreading as it could
  • E-services are not as much used as planned
  • Return on invest is often bad for Internet
    related business
  • Digital divide in IT security is increasing
    quickly
  • But however fact is
  • Very high level of connectivity and high level of
    exposure
  • Know-how is very low even for the implemented
    basic tasks
  • Many security incidents
  • Behaviour of SMEs and citizens is unpredictable
    there is no common culture

6
  • Introduction
  • The actual situation - globally
  • We observe a
  • Convergence in technologies and vulnerabilities
  • Professionalisation of threats
  • Cybercrime meets organised crime
  • Targets also include small and medium entities
  • Critical vulnerabilities increase in number (130
    MS)
  • Increase of zero-day-exploits (between 21 and 48
    FOR MS)
  • Increase of zombie PC

7
  • The national strategy
  • The national strategy
  • What we want to achieve is
  • Increase know-how
  • Make aware of responsibilities
  • Establish trust and confidence
  • Build a culture of security in order to turn the
    unpredictable behaviour of SMEs and citizens into
    reflected and responsible actions.
  • Foster cooperation and coordinate action plans of
    the stakeholders in order to keep them aligned to
    the national strategy

8
  • The national strategy
  • The national strategy
  • The strategy is based upon four pillars
  • Awareness and prevention
  • Incident handling
  • investigation and repression
  • legislation and standardisation
  • Luxembourg is already interesting from a legal
    and infrastructural point of view. But biggest
    advantages are still the lean management
    structures in government and the open ear for
    business needs.

9
  • The national strategy
  • Pillar one
  • Permanent structures
  • CASES
  • PKI
  • Certification Bodies
  • Honeynets
  • Technological survey
  • Standardisation survey
  • Deliverables
  • know-how transfer
  • guidelines for SME and citizens
  • e-commerce certified
  • e-infrastructure certified
  • e-learning
  • Necessary actions
  • awareness and prevention
  • culture of security OCDE
  • give sense of responsibility
  • certification vs. regulation
  • Strategic interest
  • become proactive (best defence)
  • protect investments
  • international constraints
  • foster trust

10
  • CASES The approach
  • Cyberworld Awareness and Security Enhancement
    Structure
  • CASES Reduce the digital divide in security
  • Mission
  • Raise awareness
  • Promote the usage of security measures
  • Foster trust and confidence via know-how and
    cooperation
  • Target groups are
  • Children
  • Citizens
  • SMEs
  • Administrations
  • Unconsciousness and lack of knowledge are the
    worst vulnerabilities we have to address. This
    vulnerability is widely spread and continuously
    exploited.

11
  • CASES The approach
  • Cyberworld Awareness and Security Enhancement
    Structure
  • Approach chosen in CASES
  • Search cooperation with all stakeholders
  • Use layman language (most difficult) and stay
    positive
  • Use global approaches
  • Consider interdependencies not only singularities
  • Structure knowledge
  • Risk Vulnerability Threat
    Impact

12
  • CASES The approach
  • Cyberworld Awareness and Security Enhancement
    Structure
  • CASES - Addressing vulnerabilities
  • Tools used
  • Glossary
  • Fact sheets in layman language
  • Elaborated dossiers on special issues
  • Behaviour rules
  • Policy documents
  • Communication channels used
  • Internet portal
  • E-learning platform
  • Documents
  • Workshops
  • Conferences
  • Posters

13
  • CASES The approach
  • Cyberworld Awareness and Security Enhancement
    Structure
  • CASES - Addressing vulnerabilities
  • Example WiFi in Luxembourg
  • Fact sheet on WiFi
  • Fact sheet on Bluetooth
  • Elaborated papers on WiFi
  • Paper on Bluetooth cracking
  • Analysis of the WiFi-Routers sold in Luxembourg
  • ?cooperation with stakeholders

14
  • CASES The approach
  • Cyberworld Awareness and Security Enhancement
    Structure
  • CASES addressing vulnerabilities
  • Example Awareness raising campaign in
    government
  • Risk assessment and analyses of needs (EBIOS)
  • Teaching
  • Security Policy based on ISO 177992005
  • Campaign

15
  • CASES The approach
  • Cyberworld Awareness and Security Enhancement
    Structure
  • CASES addressing vulnerabilities
  • Example Awareness raising campaign for children
  • Internet driving licence https//pwws.cases.lu
  • Sheets for children
  • Presentations

16
  • CASES The approach
  • Cyberworld Awareness and Security Enhancement
    Structure
  • CASES - Addressing vulnerabilities
  • Example e-Learning
  • Merging expertise in the area of security and
    Technology Enhanced Learning in order to propose
    an innovative e-learning platform to reduce the
    digital divide in security
  • Citizen 13 training modules
  • SMEs 25 training modules
  • Innovative open source platform based on Php,
    mysql,
  • www.AnaXagora.lu

17
  • CASES The approach
  • Cyberworld Awareness and Security Enhancement
    Structure
  • CASES - Addressing vulnerabilities
  • Example e-Learning Internet driving license
    in preparation

Key points
E-learning at Public Research Center Henri
Tudor Please contact luc.vandenabeele_at_tudor.lu
or brice.bucciarelli_at_tudor.lu
18
  • CASES The approach
  • Cyberworld Awareness and Security Enhancement
    Structure
  • CASES - Addressing threats
  • Tools used
  • R2SIC research project on Cyber-Criminals
  • Honey-pots and Honey-nets CSRRT-LU
  • Deployment of malware collection tools CSRRT-LU
  • Computer Security Research and Response Team
    Luxembourg CSRRT.ORG.LU

19
  • CASES The approach
  • Cyberworld Awareness and Security Enhancement
    Structure
  • CASES National Cooperation
  • Networking tools CASiX - CASES in the box


20
  • CASES The approach
  • Cyberworld Awareness and Security Enhancement
    Structure
  • CASES International Cooperation
  • Cooperation on ministerial level with Switzerland
  • Cooperation on ministerial level with Canada
  • Cooperation with SGDN-DCSSI
  • Cooperation with Belgium - IBPT
  • Cooperation with several countries CASES-idea


21
Thank you for your attention François
Thill francois.thill_at_eco.etat.lu www.cases.lu
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "www'CASES'lu" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!