Building a secure network to secure networks
Computer security - or the apparent lack of it - is increasingly a worry for network administrators. But viruses and other such vulnerabilities are no mystery for Europes Computer Security Incident Response Teams, now also finding their feet in the European Unions newest Member States.
Creating and managing Computer Security Incident Response Teams (CSIRTs) is just one of the topics at this years Computer Security Incident Handling Conference. Organised by FIRST (Forum of Incident Response and Security Teams), a Europe-wide association of CSIRTs, this event is being held in Budapest, Hungary, from 13-18 June 2004. Other subjects coming under the microscope include network monitoring, Internet threats, deployment of wireless systems and security in the emerging information society.
"At the last count, Europe had almost 90 CSIRTs," says Karel Vietsch, Secretary General of the Trans-European Research and Education Networking Association (TERENA), in The Netherlands. "But that number is still only a drop in the ocean, given the growing number of threats to the continents networks."
His organisation pioneered the training of Europes very first CSIRTs, which sprang up in the early 1990s. "You could call them computer-emergency teams," he says, "although their staff are also involved in more routine work, such as software-patch alerts and network-node protection."
CSIRT teams typically have from three to 15 members. Most work closely with the Internets academic side, protecting the computer networks of institutions and universities. However, every country in the EU has at least one such team, as do many of the bigger private companies.
"Our biggest challenge is extending the same level of help to smaller firms and customers of all the commercial Internet Service Providers (ISPs)," adds Vietsch. "Very few of them have direct access to CSIRTs. We need first to raise general awareness of the dangers of insecure networks. That would encourage people to seek out more security-conscious ISPs - even if they had to pay more for the privilege of using them."
Vietsch is also coordinator of TRANSITS, an IST project providing training to CSIRTs across Europe. Over the last two years, it has trained more than 60 IT specialists in everything from the setting up and operation of a CSIRT to the legal issues of dealing with computer incidents. The five-module courses are delivered over two days.
"Our international courses included many people from the EUs ten new Member States, a special focus for our project," says Vietsch. He emphasises that these countries are fully conversant with the latest information technologies. What they often lack, however, is access to trusted experts they can call in times of trouble.
"Network administrators need to be confident they can ask for help from outside their country, when necessary," he says. "Our training courses help to build networks of trust. Like CSIRTs, these networks were lacking in many Central and Eastern European Countries." Seven of the ten enlargement countries today have their own national CSIRTs.
TRANSITS develops and regularly revises its training-course material. The three-year project will soon also train future trainers from Latin America and the Asia-Pacific region.
Singel 468 D
NL-1017 AW Amsterdam
Tara Morros | IST Results