The words you are searching are inside this book. To get more targeted content, please make full-text search by clicking here.
Discover the best professional documents and content resources in AnyFlip Document Base.
Search
Published by , 2016-08-10 22:02:44

DEA-e-gov_Malaysia_MAMPU 050215

DEA-e-gov_Malaysia_MAMPU 050215

TBILISI – SEPTEMBER
2012

E-GOVERNMENT
LEGISLATIVE FRAMEWORK

e-Document and e-Signature law – 2007
Law on Creation of Data Exchange Agency –2010
Law on Unified Information Registry –2011
Law on Information Security – 2012
Law on Personal Data Protection – 2012

LAW OF GEORGIA ON UNIFIED
STATE REGISTRY OF
INFORMATION

Aim of the Law: establishment of a unified state registry of registers,
databases, services and information systems within the public sector of
Georgia

A supplementary act – Instruction on standards and procedures of
working with the Registry of Registers, as well as manual on the use of
web-portal

Categories of information to be submitted:
• Establishment of a registry or service (initial registration)
• Significant amendment of a registry or service
• Merger, division, revocation, deletion, transfer or archiving a
registry or service

Data Exchange Agency as implementer

E-GOVERNMENT
STRATEGY

E-GOVERNMENT
STRATEGY

• e-Services
• e-Participation and Open Government
• e-Health
• Public Finance Management System
• e-Business
• ICT-Hub Georgia
• Infrastructure
• e-Security
• Skills and e-Inclusion
• Enabling frameworks and governance
• Awareness

INFORMATIONAL
SECURITY

AVAILABILITY INTEGRITY CONFIDENTIALITY

false information
network jamming
intrusions
information stealing
system paralyzing

CYBER SECURITY
ECOSYSTEM

Security Council

Minister of Justice Ministry of Internal Affair Minister of Defense
Data Exchange Agency 24/7 Cyber Crime Unit Military Cyber Defense Unit

LEGAL FRAMEWORK

Cyber Security Strategy E-Government Strategy Other Strategic
for 2013–2015 for 2014–2019 Documents

1. Information Security Law (2012) 1. Cyber Crime Convention 24/7
2. All Major IPR Conventions
2. Personal Data Protection ( 2012) (U 3. Processing of Personal Data Conventions (1981)

3. Cyber Crime Chapter on Crime Code.

2010)

• CERT.GOV.GE Computer emergency Response Team Charter

• Presidential Decrees Approval List of Critical Information System Subjects.
• Requirements of Information Security Officer working in Critical Information System Subjects.
• Decrees of Network Sensor Configuration.
• Decrees of Minimal Security Requirements for Critical Information System Subjects.
• Decrees of Asset Management Requirements for Critical Information System Subjects.
• Decrees of Information Security Audit Body Accreditation.
• Decrees of Information Security Audit Requirements in Critical Information System Subjects

CYBER SECURITY STRATEGY OF
GEORGIA 2013-2015

Basic Principles – Cyber Security Strategy
• Whole-of-Government Approach.
• Public-private Cooperation.
• Active International Cooperation.

Cyber Security Strategy – Main Domains
• Research and analysis
• New legislative framework
• Institutional coordination for ensuring cyber security
• Public awareness and education
• International cooperation

INFORMATION AND
CYBER SECURITY

Information Security policy development, implementation, monitoring.
CERT.GOV.GE (Computer Emergency Response Team)

Military Public Sector +
Subject of Critical
Infrastructure
Systems

State Secret

INFORMATION SECURITY
& POLICY DIVISION

Information Security CERT.GOV.GE
Team Team

All Team Members are All CERT Team members are SANS
BSI Certified Professionals: Certified Professionals:

BSI/ISO 27001 (Information Security) SANS GIAC Certified
LI/LA Professionals
BSI/ISO 22301 (Business Continuity)
LI/LA
BSI/ISO 9001 (Quality Management) LA

ISO 31000 (Risk Management)
4 Member of the team are:

CISM (Certified Information Security Manager)

2 Member of the team are:

CISA (Certified Information System Auditor)

INFORMATION 36
SECURITY
2
Management Services Consulting Service
105
Review of Information Security documentation: Policy, Plans, Audit report and etc. 40

ISMS Implementation Service

Current Projects: Service Development Agency; Public Registry of Georgia

Certified Course in Management Systems

( Introduction, Implementation and Internal Audit in Information Security Management Systems,
Certification Exam).
NATO SPS Project Trained Professionals from Moldova and Montenegro

Information Systems Audit Service

CERT.GOV.GE

CERT.GOV.GE

The Cyber security Executing The Trusted Introducer - a.k.a. FIRST is an international
Arm Of The UNITED NATIONS TI - is the trusted backbone of confederation of trusted computer
SPECIALISED AGENCY of The the Security and Incident incident response teams who
International Telecommunication Response Team community in cooperatively handle computer
Union (ITU) Europe security incidents and promote
incident prevention programs.
Partners:

CERT-EE

CERT.GOV.GE

Services and Activities Other Services:

Proactive Services: • Source and Binary Code Analyze Service.
• Incident Handling • Malware Analyze Service.
• Incident Support System • Penetration Test Service
• Detection of Infected Web Sites
• Safe DNS

Monitoring Service

• IP Monitoring Services.
• Network Monitoring System

Special Activities & Awareness • Website (dea.gov.ge),
• Facebook (certgovge)
• Cyber Security Forum • Media Campaign (TV, Internet)
• Annual GITI Regional Conference • Wall Calendar

Course in Cyber Security and Incident Handling

Basic Incident Handling 20
90
NATO SPS Project Trained Professionals from Afghan, Macedonia, Moldova and Montenegro

64

INFORMATION SECURITY
AWARENESS

GITI – GEORGIAN IT
INNOVATION EVENT 2008

THANK YOU FOR YOUR
ATTENTION!

Irakli Gvenetadze
LEPL Data Exchange Agency
Ministry of Justice of Georgia
[email protected]
www.dea.gov.ge; www.my.gov.ge; www.cert.gov.ge;


Click to View FlipBook Version