Comments on: Protecting Europe against large-scale cyber-attacks http://www.lightbluetouchpaper.org/2010/03/18/protecting-europe-against-large-scale-cyber-attacks/ Security Research, Computer Laboratory, University of Cambridge Fri, 10 Feb 2012 17:31:40 +0000 http://wordpress.org/?v=2.9.2 hourly 1 By: CrisisMaven http://www.lightbluetouchpaper.org/2010/03/18/protecting-europe-against-large-scale-cyber-attacks/comment-page-1/#comment-54533 CrisisMaven Wed, 07 Apr 2010 01:39:30 +0000 http://www.lightbluetouchpaper.org/?p=1976#comment-54533 Greece being bankrupt they won't move anything anywhere surely. Which begs the question: what if more and more states -the UK not too far from the brink either- will run out of money? Which goes first cybersecurity or other expenditures that politicans "understand" much better? Greece being bankrupt they won’t move anything anywhere surely. Which begs the question: what if more and more states -the UK not too far from the brink either- will run out of money? Which goes first cybersecurity or other expenditures that politicans “understand” much better?

]]> By: Matthew Pemble http://www.lightbluetouchpaper.org/2010/03/18/protecting-europe-against-large-scale-cyber-attacks/comment-page-1/#comment-53492 Matthew Pemble Mon, 29 Mar 2010 07:30:18 +0000 http://www.lightbluetouchpaper.org/?p=1976#comment-53492 CSIRTUK is not a 'national CERT' in the context of the EU parameters - it is limited to "its partners in the private sector who operate elements of the national infrastructure." Government organisations are managed by <a href="http://www.govcertuk.gov.uk/index.shtml" rel="nofollow">GovCERT</a>, operating out of Cheltenham. MoDCERT seems to have (been) disappeared (its webpage www.mod.uk/cert is 404) Non-CPNI private and third-sector organisations do not have a government body looking after them, although there are a number of <a href="http://www.warp.gov.uk/Index/WARPRegister/indexcurrentwarps.htm" rel="nofollow">WARPs</a> which focus on these areas. There is a clear distinction in vision between the original CERT-CC construction - a largely passive, best-practice and warning body, and the more active "Information Security Incident Response" elements of the ENISA vision. CSIRTUK is not a ‘national CERT’ in the context of the EU parameters – it is limited to “its partners in the private sector who operate elements of the national infrastructure.” Government organisations are managed by GovCERT, operating out of Cheltenham. MoDCERT seems to have (been) disappeared (its webpage http://www.mod.uk/cert is 404)

Non-CPNI private and third-sector organisations do not have a government body looking after them, although there are a number of WARPs which focus on these areas.

There is a clear distinction in vision between the original CERT-CC construction – a largely passive, best-practice and warning body, and the more active “Information Security Incident Response” elements of the ENISA vision.

]]> By: Mark C http://www.lightbluetouchpaper.org/2010/03/18/protecting-europe-against-large-scale-cyber-attacks/comment-page-1/#comment-52923 Mark C Mon, 22 Mar 2010 11:14:43 +0000 http://www.lightbluetouchpaper.org/?p=1976#comment-52923 I was under the impression we already have a national CERT (<a href="http://www.cpni.gov.uk/Products/advisories.aspx" rel="nofollow">CSIRTUK</a>), albeit not branded so overtly in that context as it once was...which seems to run contrary to their lordships' comments on such matters. I guess the ENISA vision of a CERT might differ from the CPNI one. As for exercises, my personal experience has been that there is often a great deal of wishful thinking on the part of high-level policy making types, which tends to divorce them from reality. The operational folk who are given the task of making exercises happen are then left to cobble together something that (with a bit of creative PR speak) meets the naive pledges of the policy types. As operational folk tend tend to be practical types they will extract as much learning and other benefits for participants as they can, but the bottom line is that the benefits of exercises (useful as they may be) are not necessarily what policy makers believe them to be. I was under the impression we already have a national CERT (CSIRTUK), albeit not branded so overtly in that context as it once was…which seems to run contrary to their lordships’ comments on such matters. I guess the ENISA vision of a CERT might differ from the CPNI one.

As for exercises, my personal experience has been that there is often a great deal of wishful thinking on the part of high-level policy making types, which tends to divorce them from reality. The operational folk who are given the task of making exercises happen are then left to cobble together something that (with a bit of creative PR speak) meets the naive pledges of the policy types. As operational folk tend tend to be practical types they will extract as much learning and other benefits for participants as they can, but the bottom line is that the benefits of exercises (useful as they may be) are not necessarily what policy makers believe them to be.

]]>