Information Technology Reference
In-Depth Information
Vellone
: You mentioned national confidential communication for the government.
Are we talking about this network now or a different network?
Kolobov
: That is a different network. This network is physically separated from
others, and only confidential information circulates in it. Our centre is working with all
types of networks in Ukraine and also telecommunication systems.
Vellone
: You mean that the confidential network uses the TCIP protocols but it is not
connected?
Uneri
: To explain the situation in Turkey, all the national networks are Internet
networks, isolated from the Internet, so we do not expect denial of services attack from
the Internet to that network. If I understood the question correctly, this means no denial
of service attacks to our isolated network.
Handy
: Even if it is not connected to the network, say you have an insider who does
damage to your network, do you have a protocol for what you should repair first and
what should be repaired last?
Uneri
: Inside denial of service attacks we have our intrusion detection systems
installed. There are some precautions and there are some counter-measures for those
attacks. We back up the systems properly but as far as I know, there is no classification
of data that should be repaired first, second, then third. I do not know such a kind of
precaution in Turkey.
Handy
: This is a critical one. I participated in an exercise years back when all of a
sudden a lot of our networks got hit and I got calls from headquarters asking what was
the status of a particular system, what was the status of another, and I finally said they
should tell me which ones they wanted me to look at first and I would have my people
concentrate on those, but if we were to look at all of them we might be concentrating on a
football management system rather than an aircraft lounge system, so we definitely
needed some type of weighted priorities. I was just checking to see if anybody else had
those same kind of scenarios.
Uneri
: For fires we have a classification of assets that should be recovered first in our
military. But you are right, we should have priorities.
Valente
: Actually, I was not worrying so much about the organisation and about
management or private companies having to deal with government licences. I was more
worried about your reference to the purpose of maintenance or realization of a uniform
state policy in the field of cryptographic and technical protection. For this purpose the
uniform infrastructure of protection of CERT information resources has been created in
Ukraine. I ask if this uniformity can cause you to be more vulnerable? Someone referred
to monoculture; could the monoculture of a single uniform system make Ukrainian
infrastructure more vulnerable? What is your experience?
Kolobov
: As far as I understood your question, I would like to stress that uniform is
just an approach. The approach is that each system has its own system of protection of
Search WWH ::
Custom Search