The training was organized by the Cybersecurity and Infrastructure Security Agency of the Department of National Security of the United States of America (CISA) with the support of the USAID Project "Cybersecurity of Critical Infrastructure of Ukraine".
The curriculum consisted of 2 modules and practice:- Module 1 - SQL 1 Fundamentals;- Module 2 - PL/SQL Fundamentals.The training concept was to present the basic principles of operation of industrial control systems, possible vulnerabilities and methods of protection.
The training program consisted of two modules:- Module I – general training;- Module II – specialized training.The concept of the training was to present the training group in the form of a SOC (Security Operations Center) and, using theoretical and practical training elements, familiarize the training group with SOC activities.
Representatives of the State Research Institute of Cyber Security Technologies participated in the ICS-UKR-CERT program and gained theoretical and practical skills in understanding the work of CERT/CSIRT INCIBE, their interaction with the public/private sector and citizens.Completion of the specified training event allowed the participants to find useful tools for testing systems and networks for vulnerability (Shodan), to increase the general level of knowledge about the features and nature of attacks and vulnerabilities, the level of knowledge about cyber defense of systems and networks, to learn new features of testing systems for vulnerability, to obtain statistical data regarding the most common vulnerabilities in network infrastructures, to consider the possibility of applying and implementing the obtained tools and methods in their own activities.
In the conditions of the rapid development of information technologies, the formation of effective approaches that will ensure the cyber resilience of information systems is extremely important. In order for this work to be as effective as possible, it is necessary to develop cooperation both within the state and at the interstate level, create a modern regulatory framework, and train specialists who will be able to resist threats in cyberspace. This was emphasized by Oleksandr Potii, the deputy head of the State Special Service, during his speech at the World Economic Forum.
COMPUTER SECURITY AND INCIDENT RESPONSE TEAM
CSIRT - is a computer emergency response team of the State Research Institute of Cyber Protection Technologies, which functions as part of the State Service for Special Communications and Information Protection of Ukraine. The main functional direction of the CSIRT is to counter cyber threats in automated systems and information and communication systems of the State Research and Development Institute of Cyber Security Technologies and energy industry enterprises. The territorial zone of responsibility consists of the western regions of Ukraine, namely: Khmelnytskyi, Rivne, Volyn, Ternopil, Chernivtsi, Ivano-Frankivsk, Lviv and Zakarpattia regions.
Tasks of the CSIRT:
accumulation and analysis of data on cyber incidents, maintenance of the state registry of cyber incidents;
providing owners of cyber protection facilities with practical assistance in preventing, identifying and eliminating the consequences of cyber incidents in relation to these facilities;
organization and holding of practical seminars on cyber protection issues for subjects of the national cyber security system and owners of cyber protection objects;
preparation and placement on its official website of recommendations on countering modern types of cyber-attacks and cyber-threats;
interaction with law enforcement agencies, providing them with timely information about cyber attacks;
interaction with foreign and international organizations on cyber incident response issues, in particular within the framework of participation in the FIRST Security Incident Response Teams Forum with payment of annual membership fees;
interaction with Ukrainian computer emergency response teams, as well as other enterprises, institutions and organizations, regardless of the form of ownership, that conduct activities related to ensuring the security of cyberspace;
processing information received from citizens about cyber incidents regarding cyber protection objects;
assistance to state bodies, local self-government bodies, military formations formed in accordance with the law, enterprises, institutions and organizations regardless of the form of ownership, as well as citizens of Ukraine in solving issues of cyber protection and countering cyber threats.