Finnish Information Security Cluster

Download Report

Transcript Finnish Information Security Cluster

Finnish Information Security Cluster
Reijo Savola, VTT Technical Research Centre of Finland
FISC – Finnish Information Security Cluster
•
FISC association
– Joint initiative by Finnish Information Security Industry
– 47 member companies and the VTT Technical Research
Centre of Finland
– Targets:
• Improve international business collaboration
• Secure the development of the business environment
• Expedite the implementation of the National Cyber
Security Strategy
• Improve and align innovation programs and academia
•
Cyberlab Ltd
– A non-profit company owned by FISC
– Cyberlab mission is to support public sector
organizations and enterprises in improving their cyber
resiliency
Copyright 2015 FISC
Confidential
Country of engineers
Finland ranks well on cyber ratings
#1 in infosec expenditure per GDP
Pierre Audoin Consultants, July 2013
#1 Network Readiness Index
World Economic Forum, 2013
#5 Cyber Readiness Index
Hathaway Global Strategies, Nov 2013
#5 ICT Development Index
ITU- International Telecommunication Union, 2013
Copyright 2015 FISC
Confidential
Finland’s position in the relevant surveys
10 Cyber Security Guidelines
1. Collaboration 2. Situational 3. Continuity of 4. Capacities of 5. Cyber defence
model
awareness preparedness
the police
6. Enhanced
international
co-operation
7. Education
and training
= knowledge
8. Legislation
30.5.2016
9. Tasks,
10. Monitoring
requirements
the
and service
implementation
www.turvallisuuskomitea.fi
models
6
Finnish success factors
o Comprehensive concept
o Co-operation among authorities,
businesses, and NGO’s
- possibility to utilize existing
knowledge and capabilities in Finland
 Cost-effectiveness!
o Shared awareness on the
importance of cyber security
o Technology skills and knowledge
30.5.2016
www.turvallisuuskomitea.fi
7
Finnish Communication Regulatory Authority: ”HAVARO”
•
Finnish CERT is using HAVARO
– Identify cyber-attacks with the finger-prints
– Shares information with national and
international organizations
– Runs with voluntary basis
– Information management
• Some information for general use
• Organization data highly confidential, not
shared with anyone
• More security and visibility of their
vulnerabilities
• Support from anti-analysis to anti-forensics
https://www.viestintavirasto.fi/en/aboutthesector/reviewsandarticles/informationsecurity.html
– Helps with rapid recovery of incidents
– Offers valuable information to operators,
government and national critical infrastructure
MINISTRY OF INFORMATION AND
NATIONWIDE
COMMUNICATION