Network and Information Security. Assessments and Incidents Handling

Abstract

The TCP/IP, not adapted to the high security requirements, the ever increasing complexity of information systems, security gaps in the software and the shorter time for elimination of incidents, occurring due to the software gaps, financial motivation of cybercriminals, the botnet networks and mobility of the security incidents show a rather threatening networks and information security situation in the world. The studies, executed in Lithuania in 2005 have shown that 85 % of the Internet users, 79 % of enterprises and 100 % of the Internet services providers (hereinafter referred to as ICP) face computer viruses and spam. This forces to view the situation systematically and immediately react by developing separate security incidents management mechanisms and CERT crews. The aim of CERT is to quickly respond to the security incidents in the electronic communication networks, analyze them and coordinate the incident elimination activities, especially when there is a potential risk to the functionality of the network or security of the data. After ensuring the efficient management of security incidents in the networks of Lithuania’s ISP, there would be no need to resolve the security problems at the Internet home users’ level. That is why the development and activities of a CERT-IPT service in Lithuania should be efficient to the maximum. Il. 8, bibl. 4 (in English; summaries in English, Russian and Lithuanian).