Nº 10 2012 > Country focus
Cybersecurity in Bulgaria
Bulgaria to streamline its National Computer Security Incidents Response Team
Iraylo Moskovski, Bulgaria’s Minister of Transport, Information Technology and Communications
The global nature of cybersecurity requires joint activities by States to protect critical information infrastructure. This implies wide cooperation, both at national and international level.
No matter whether cyberattacks are directed against businesses or governments, the role and responsibility of governments are of the utmost importance. Information and communication technologies (ICT) are increasingly becoming part of our everyday activities. Disruption or destruction of critical information infrastructure could have a serious impact on vital public functions. That is why society needs firm guarantees that this infrastructure is resilient to disasters, cyberattacks and other crises.
Recognizing the global nature of cybersecurity, Bulgaria’s Ministry of Transport, Information Technology and Communications (MTITC) attaches great importance to international cooperation. We maintain contacts with the European Union, through the European Network and Information Security Agency (ENISA), with the North Atlantic Treaty Organization (NATO), with which we have a Memorandum of Understanding on Cybersecurity, and with ITU.
As an example of cooperation, Bulgaria is constantly in contact with the Global Response Centre (GRC) of the International Multilateral Partnership Against Cyber Threats (IMPACT). Through such contacts, and with strong support from the ICT security industry, ITU is currently providing technical assistance to 144 Member States that have formally agreed to be part of this global effort.
MTITC takes full advantage of the services of the Network Early Warning System (NEWS), which helps in identifying cyberthreats at an early stage and provides recommendations on how to respond. Access to the Electronically Secure Collaborative Application Platform for Experts (ESCAPE) is also useful and enables the Global Response Centre to act as a focal point for action against incidents. As Minister responsible for information technology and communications, it is an honour for me that ITU chose Bulgaria for the second time to host the Regional Forum on Cybersecurity for Europe and CIS. We consider this a recognition of the active role played by Bulgaria in ITU.
MTITC keeps track of global trends in security improvement, paying particular attention to the functioning of the National Computer Emergency Response Team (CERT), established in 2008. Since September 2012, we have been working on a project (funded by the European Union) to develop unified requirements for centres that store very sensitive information, in order to meet the need for interoperability and information security.
Improving the quality and number of services provided by CERT-Bulgaria, a national unit of the European Information Sharing and Alert System, will result in:
- description of a reliable process for reporting, registration and elimination of incidents related to information security in administration;
- establishment of a procedure for informing public and private organizations about possible threats or incidents related to information security;
- providing assistance for the timely dissemination of technical information, tools, techniques and methods related to information security;
- cooperation between public and private non-governmental organizations for effective prevention, detection and elimination of the consequences of information security incidents;
- training on networks and information security for selected target groups within the public administration.
A highly reliable system will be established within the project for managing and monitoring e‑government information security in Bulgaria. At the same time the network and information security portal will be upgraded with new functionalities. Thus CERT will play a much more efficient role in reducing the risks of computer security incidents and in resolving such incidents where they have already occurred.
The implementation of the project will also enable CERT-Bulgaria to provide electronic administrative services, which will be made available on the network and information security portal.
CERT development was the focus of the second Regional Forum on Cybersecurity for Europe and CIS, which took place on 23–25 October 2012 in Sofia. This was just one of the steps that are being taken to enhance the security of infrastructure and information systems. During the forum, the Applied Learning for Incident Response Team (ITU-IMPACT ALERT) assisted Member States to develop and implement operational procedures in response to various cyber incidents, and to identify future planning and process improvements. This cyber drill helped Member States to maintain and strengthen international cooperation between countries, thus ensuring consistent collective efforts against cyberthreats.
Events like the second Regional Forum on Cybersecurity for Europe and CIS, organized by ITU, will contribute to improving the competence of the institutions that are responsible for cybersecurity, and provide new guidelines for efficient collaboration.