CYBERSECURITY STRATEGY OF THE REPUBLIC OF CYPRUS 2012
TABLE OF CONTENTS
EXECUTIVE SUMMARY ........................................................................................................................................... 3
1.
1.1
1.2
1.3
1.4
1.5
2.
2.1
2.2
2.3
2.4
3.
3.1
3.2
3.3
3.4
3.5
3.6
3.7
3.8
3.9
3.10
3.11
3.12
3.13
3.14
3.15
4.
4.1
4.2
4.3
4.4
INTRODUCTION ............................................................................................................................................. 5
Network and Information Security ...................................................................................................................5
Critical Information Infrastructures ..................................................................................................................6
Vision ................................................................................................................................................................7
Aims and Objectives .........................................................................................................................................7
Guiding Principles .............................................................................................................................................7
STRATEGIC CONTEXT ..................................................................................................................................... 8
European Policy ................................................................................................................................................8
Network and Information Security in the Republic of Cyprus ........................................................................10
Competent/Relevant Authorities and Observers of the Republic of Cyprus ..................................................11
Threats in Cyberspace Today ..........................................................................................................................12
STRATEGIC RESPONSE ................................................................................................................................. 14
Priority Areas ..................................................................................................................................................14
Splitting the Actions – Phases A and B ...........................................................................................................15
Organisational Structure ................................................................................................................................15
Legal Framework ............................................................................................................................................18
Cooperation between the State and the Private Sector ................................................................................18
Identification of Critical Information Infrastructures .....................................................................................20
Threat Landscape Analysis..............................................................................................................................21
National Cybersecurity Framework ................................................................................................................21
Incident Response ..........................................................................................................................................22
National and International Cyber Exercises....................................................................................................23
Training and Capability Development ............................................................................................................24
Security Culture (Awareness) .........................................................................................................................25
Cooperation with External Agencies and International Working Groups ......................................................25
Development of a National Contingency Plan for Critical Information Infrastructures .................................26
Interdependencies ..........................................................................................................................................28
NEXT STEPS ................................................................................................................................................. 29
Immediate Actions – Phase A .........................................................................................................................29
Cost of Implementation ..................................................................................................................................29
Planning of Actions 2012 - 2015 .....................................................................................................................30
Results Assessment and Strategy Review.......................................................................................................30
APPENDIX I -
OVERVIEW OF STRATEGY ACTIONS ............................................................................................. 31
APPENDIX II -
ACTION INTERDEPENDENCIES ................................................................................................. 33
2