Information and Cyber Security In Georgia
Information & Cyber Security In Georgia
Irakli Lomidze
Tbilisi December 2014
Institution Organization
Institution Organization In Georgia
Minister of Justice
Data Exchange Agency
MoIA Cyber Crime
Division 24/7 International
Contact Point
Minister of Defense
Cyber Security Bureau
State Security and Crisis
Management Council
been established in January 2014
Under the Direct Subordination of the Prime-Minister
has been established In December 2012 as a
Structural Unit of the Ministry of Internal Affairs
Cybercrime division is the only agency
that has Investigatory functions on all
types of Cyber Incidents;
established in 2014 Under Supervision of
Ministry of Defense of Georgia (MoD)
Cybercrime division is the only
agency that has Investigatory
functions on all types of Cyber
Incidents;
Public
Sector
+ SCIS
State
Secret
Military
Public
Sector
+ SCIS
State
Secret
Military
Public
Sector
+ SCIS
State
Secret
Military
Has been established in January 2010
Under Supervision on MoJ of Georgia
1) E-Government Development
2) Information Security Development.
3) CERT.GOV.GE Operate.
Data Exchange Agency Agency has been established in January 2010
Under Supervision on Ministry of Justice of Georgia
E-Government Development
Information Security development, implementation, monitoring, development.
CERT.GOV.GE (Computer Emergency Response Team) Creation and Operate.
Public Sector +
Subject of Critical
Infrastructure
Systems
State Secret
Military
Legislation
Cyber Security Strategy
for 2013–2015 National Security Strategy Other Strategic Documents
1. Information Security Law (2012)
2. Personal Data Protection (2012)
3. Cyber Crime Chapter on Crime Code. (U 2010)
4. Criminal Procedural Code (August 2014
Amendments)
1. Budapest Convention on Cyber Crime All Major
IPR Conventions
2. Processing of Personal Data Conventions (1981)
• CERT.GOV.GE Computer emergency Response Team Charter
• Presidential Decrees Approval List of Critical Information System Subjects.
• Requirements of Information Security Officer working in Critical Information System Subjects.
• Order of Network Sensor Configuration.
• Order of Minimal Security Requirements for Critical Information System Subjects.
• Order of Asset Management Requirements for Critical Information System Subjects.
• Order of Information Security Audit Body Accreditation.
• Order of Information Security Audit Requirements in Critical Information System Subjects
• Order on Computer Emergency Response Team - Legal Entity under Public Law of Cyber Security Bureau
• Order on the Minimal Requirements for Information Security
• Order on the Rules for Information Asset Management.
Who is Critical information system subject ?
a legal entity or state agency whose uninterrupted operation of its information systems is
important for the defense and/or economic security of the state, as well as for normal
functioning of the state and/or society;
Law of Georgia on Information Security
Also: Critical information system subjects in the field of defense
Data Exchange Agency Services/Activities
Data Exchange Agency
Information Security policy development, implementation, monitoring, development.
CERT.GOV.GE (Computer Emergency Response Team)
Established In 2010 Under Supervision of Ministry of Justice Georgia
Information Security & Policy Division
Information Security
Team
CERT.GOV.GE
Team
All Team Members are
BSI Certified Professionals:
BSI/ISO 27001 (Information Security) LI/LA
BSI/ISO 22301 (Business Continuity) LI/LA
BSI/ISO 9001 (Quality Management) LA
ISO 31000 (Risk Management)
4 Member of the team are:
CISM (Certified Information Security Manager)
All CERT Team members are SANS
Certified Professionals:
SANS GIAC Certified Professionals
2 Member of the team are:
CISA (Certified Information System Auditor)
Information Security
Management Services Consulting Service
ISMS Implementation Service
Current Projects: Service Development Agency; Public Registry of Georgia
Review of Information Security documentation: Policy, Plans, Audit report and etc.39
Certified Course in Management Systems
( Introduction, Implementation and Internal Audit in Information Security Management
Systems, Certification Exam). 135
NATO SPS Project Trained Professionals from Afghanistan, Moldova, Montenegro,
Macedonia and Azerbaijan
90
Information Systems Audit Service
CERT.GOV.GE
CERT.GOV.GE Established in 2011
The Cyber security Executing Arm Of The UNITED NATIONS
SPECIALISED AGENCY of The International Telecommunication Union (ITU)
The Trusted Introducer - a.k.a. TI - is the trusted
backbone of the Security and Incident Response
Team community in Europe
FIRST is an international confederation of trusted
computer incident response teams who cooperatively
handle computer security incidents and promote
incident prevention programs.
Obtaining the trademark “CERT” Officially.
CERT.GOV.GE Established in 2011
Partners:
CERT-EE
CERT.GOV.GE (Computer Emergency Response Team)
Services and Activities
Monitoring Service
• IP Monitoring Services.
• Network Monitoring System
Proactive Services: (Free)
• Incident Handling Support and Consulting
• National Incident Database
• Detection of Infected Web Sites
• Safe DNS (Safe Internet)
• Check My IP Service
Special Services:
• Source and Binary Code Analyze Service.
• Malware Analyze Service.
• Vulnerability Annalise Service
Course in Cyber Security and Incident Handling
Special Activities & Awareness
• Cyber Security Forum
• Annual GITI Regional Conference
• Website (dea.gov.ge),
• Facebook (certgovge)
• Media Campaign (TV, Internet)
• Wall Calendar
Basic Incident Handling 120
NATO SPS Project Trained Professionals from Afghan, Macedonia, Moldova and Montenegro 90
IP Monitoring System
Information Provided Daily About Infected IP Addressee:
10 000 IP Addresses
20 000 IP Addresses 500 IP Addresses
1 500 IP Addresses
100 IP Addresses 15-20 Phishings
25-30 Deface Web-Sites
15-20 Malware Sites
More Then 12 000 000 Record in Database
Check My IP Service:
• DEA.GOV.GE
• MY.GOV.GE
Network Monitoring System
NetFlow Sensors (NfDump & NfSen)
Analyze NetFlow Data In Real Time:
Detects:
• SSH Brute Force Attacks.
• Botnets.
• dDoS Attacks.
Connected 11 Governmental Organization
Fully Transparent
Normative Act: Order of Network Sensor Configuration
Safe Internet
Safe DNS Georgia
Integrated with Collective Intelligence Framework.
Blocks malware domains and redirecting to warning
page.
First DNSSEC Enabled Resolver In Georgia.
Blacklist Service
IP and Domain blacklist.
Different formats for different software.
Available for Organization's.
Trainings
Turkey With University METU SPS Program
• Afghanistan
• Macedonia
• Montenegro
• Moldova
• Azerbaijan
Totally Up to 90 Professional
Training Course Cyber Security, Incident Handling, Information Security
Management Systems
Trainings in Georgia Totally Up to 120 Professional
Regional Cooperation
Moldova CERT
We Support them in various activities
Azerbaijan
Sponsor them became Trusted Introducer List member
Turkey
Joined Training for developing countries
Awareness
Wall Calendar
TV Social Adverts
Cyber Events in Georgia
September 2014
Cyber Security Exercises read and blue teams
For Governmental and Commercial
organizations.
October 2014
FIRST Symposia, Tbilisi
Symposia are regional themed events that are
run by FIRST or co-hosted with a local team(s)
and sponsors.
November 2014
Companies and Agencies presenting ICT
Innovations and sharing experiences.
Dedicated Cyber Security Day.
Q/A
Thank you for your attention
Contact Information Phone: +995 (32) 2 91 51 40
E-mail: [email protected]; [email protected]
Web: www.dea.gov.ge