Report on SIG-ISM Peter Szegedi, GANT Association Last TF-NOC - - PowerPoint PPT Presentation

report on sig ism
SMART_READER_LITE
LIVE PREVIEW

Report on SIG-ISM Peter Szegedi, GANT Association Last TF-NOC - - PowerPoint PPT Presentation

Aug 07, 2023 45 likes •115 views

Report on SIG-ISM Peter Szegedi, GANT Association Last TF-NOC meeting in Cambridge How do we deal with NOC security incidents? Roundtable chaired by Jonny Lundin (NORDUnet) What does TF-CSIRT do (Lionel Ferette - remote)

slide-1
SLIDE 1

Report on SIG-ISM

Peter Szegedi, GÉANT Association

slide-2
SLIDE 2
  • How do we deal with NOC security incidents?

Roundtable chaired by Jonny Lundin (NORDUnet)

  • What does TF-CSIRT do (Lionel Ferette - remote)
  • Introduction to the TERENA CISO group (James Davis)
  • UK National Crime Agency
  • Discussion about NOC security incidents and NREN security policies in general
  • NREN Security Strategy Workshop & TERENA CISO SIG kick-off
  • 3-4 September 2014, Utrecht, Netherlands
  • ISM-SIG has been created.

2

Last TF-NOC meeting in Cambridge

slide-3
SLIDE 3
  • Reaching a shared view about international collaboration among NRENs
  • n security, privacy and trust was the main aim of the workshop.
  • The formation of the new SIG provides a platform for future collaboration in

this area.

  • Parallel group discussions were dedicated to the topics of security,

privacy & trust strategy, knowledge sharing, trust frameworks, security services, international collaboration and organising the work of Chief Information Security Officers.

  • The workshop concluded that harmonisation of strategies is needed,

checklists can serve as the simplest security framework for products and services, and 'share with care' is an important maxim.

3

Information Security Management

slide-4
SLIDE 4

SIG format with Steering Committee:

  • Alf Moens (SURF)
  • Wayne Routly (DANTE)
  • Rolf Sture Normann (UNINETT)
  • James Davis (JANET)

Closed collaboration with TF-CSIRT, TF-NOC, and TF-MSP

4

SIG - Information Security Management

slide-5
SLIDE 5
  • TF-CSIRT
  • Formal membership (open for commercials), representation and processes.
  • Trusted Introducer:
  • Listed (support from two)
  • Accredited (fee ~1000 EUR/year)
  • Certified (SIM3 Model 45 parameters)
  • TRANSITS I and II (discount for TI members)
  • Recognized by ENISA / FIRST
  • Regular collaborations and co-location of meetings.

5

Security landscape of GÉANT Ass.

slide-6
SLIDE 6

6

Security landscape of GÉANT Ass.

TF-MSP TF-CSIRT TI TRANSITS TF-NOC (SIG-NOC) ENISA FIRST SIG-ISM NREN space Technical penetration Security space

slide-7
SLIDE 7
  • SIG-NOC from April 2014
  • Develop training course(s) for NOC personnel...
  • TRANSITS I (based on the survey results)
  • Plus advanced/recommended training(s) including...
  • ITIL ???
  • ....
  • The aim would be to bring as many NOC personnel as possible up to the

”standard” level...

  • How to define the ”standard” level???
  • Brainstorming maybe next time...
  • Develop a NOC registry...
  • What information is mandatory, recommended, optional ???

7

How to continue...