Bogdan is responsible for all areas of ICT security operations at UniCredit Bank. His expertise includes enterprise risk and threat management, IT compliance, information protection, identity management, security monitoring, forensics and internal fraud detection and prevention.
He is vice-president of the ICT Security technical commission of the Romanian Banking Association (ARB). He also holds several other technical certifications (Security+, ACSA, ECSA, MoRP, COBITF, PRINCE2F) and delivered presentations at local and international security conferences.
The need of private and sectorial CERTS. The Banking and Telcoes examples
(Paper delivered with Eduard Bisceanu)
The constant evolution of cyber threat landscape is pushing businesses, as well as the governments to adopt new tactics and strategies for defense. Too many times, when a critical attack occurs, cyber security community is accusing the state for not taking the right actions or not employing the right defense. Instead of looking at the state and waiting to be protected by a non-contractual third party, businesses should be more opened to build or develop more on cooperation need basis. Establishing a CERT/CSIRT capability is involving a huge amount of time, effort and resources, even we are talking about the public sector or the private one. As a model, we could see worldwide a variety of applied cyber security strategies across countries, from west to east, but, usually, we see government bodies and singular private sector parties. If the states are struggling to improve cooperation between different legal entities, the private sector is protecting itself by building business defense capabilities with a limited connectivity outside their constituency. If we have a closer look at FIRST website, we will see a lot of big banking CSIRTs/CERTs, a lot of telco CSIRTs/CERTs and also many technology producers CSIRTs/CERTs.
Since the European Commission is trying to establish a similar legal framework regarding Network and Information Security across the member states, it is easy to understand that this would be a huge effort from governments, and that the states and the legal framework will not be able to fight cyber crime or advanced cyber threats alone.
Where is the real business defense then ? That is why the proposed subject to be discussed in this panel is related to the reasons coming from real life that are creating the need of sectorial/private CSIRTs/CERTs, and to the main pillars and principles for putting the basis of such a capability. The topic will be approached as an open discussion with one of the first Romanian expert in building a CERT capability and making it operational.