lessons learned and not learned
DESCRIPTION
Lessons learned and not learned. Enn Tyugu Leading research scientist NATO Cooperative Cyber Defense Center of Excellence. Who am I?. Educator and researcher at a technical university. Adviser at a center of excellence for cyber security. Citizen of a very small country. Who are we?. - PowerPoint PPT PresentationTRANSCRIPT
Lessons learned and not learned
Enn Tyugu
Leading research scientistNATO Cooperative Cyber Defense Center of
Excellence
Who am I?Educator and researcher at a technical university.
Adviser at a center of excellence for cyber security.
Citizen of a very small country.
Who are we?
• Estonia is a small East European country highly dependent on IT:
• 85% of income tax declarations are submitted via Internet
• 98% of all banking operations are performed electronically (very few bank offices for public use)
• E-Government provides services for citizens over Internet
• Close to a big country that wishes to keep us in its “sphere of influence”.
How are we?• Cyber attcks on Estonia in spring 2007 demonstrated
real threats in the cyber space.• A survey of the country’s CII disclosed that the most
important weakness is lack of competent IA personal:
Shortage of personal x x x x x x x x x x x x xHuman factor x x x x x Insufficient IDS x x x x xLegal aspects x x x Insufficient resources x x xPhysical dangers x x xBosses don’t care x xSecurity problemsx
Who should educate?
• Insufficient competence in the universities
• Insufficient teaching skills in the business and industry.
• It is not the responsibility of military.
• Only coordinated effort of the universities, military and industry can do it well.
What to teach?
A CD master studies core competence:• Organizational aspects, incl. risk analysis• Legal aspects• Cryptography• Network security• Malware• Attacks and defense• IDS and log analysis• Simulation and practical work