strategy and Conpes (National Planning Policy guidelines for cyber security and defense). CERTIFICATION. Colombia does not. Transcript of CONPES Conclusiones Se busca con esta politica establecer lineamientos que permitan al govierno colombiano proteger. Generar lineamientos de política en ciberseuridad y ciberdefensa orientados a desarrollar una estrategia nacional que contrarreste el.

Author: Nikolmaran Minos
Country: Guadeloupe
Language: English (Spanish)
Genre: Relationship
Published (Last): 19 September 2009
Pages: 129
PDF File Size: 15.13 Mb
ePub File Size: 18.51 Mb
ISBN: 660-9-26754-656-2
Downloads: 38133
Price: Free* [*Free Regsitration Required]
Uploader: Vilabar

The institutions responsible for cybersecurity and cyberdefense should seek and evaluate their participation in different international cooperation networks and mechanisms Council of Europe, OAS, and FIRSTwith a view to preparing the conpws to tackle the increasing cybersecurity challenges that exist on the international plane, as well as to respond more efficiently to cybersecurity incidents and offenses.

Request the Ministry of Information and Communication Technologies, to facilitate institutional channels to enable ColCERT to carry out awareness raising on cybersecurity. In general terms, its functions will be as follows: The adoption of a national policy on cybersecurity and cyberdefense involving all sectors of society, under the leadership of the Cnpes of Defense and in coordination with other state entities, is an imperative of the highest priority.

It should be noted that although the CCC originated in the European region, it is an instrument that is open to all countries for accession.

Conpes 3701 Document

SUBJECT MATTER The main objective of the Convention is the adoption of legislation to facilitate the prevention of criminal conduct as well as to contribute efficient tools in the cpnpes of criminal law with which to detect, investigate, and punish unlawful behavior. Tackling the issues of cybersecurity and cyberdefense entails a commitment on the part of the national government to guarantee information security. The name given to a network of computers that combines their resources to perform a common task and shares the workload among all the computers FireEye — Arbornet.

The physical and virtual environment composed of computers, computer systems, computer programs softwareand telecommunications, data, and information networks, in which users interact with each other. Request the Ministry of Information and Communication Technologies to issue a document containing information security guidelines based on international standards, which public-sector entities would be required to implement.

The attack conpess a crisis that necessitated the intervention of the international community and alerted NATO. Implement the appropriate institutional framework: It was found, however, with regard to ISP network security, for example, that logs are not stored for a sufficient length of time, so that, at a given point, they can be used as evidence or contribute to cybercrime investigations.

Among others, the objectives of that policy are to prevent, combat, and eliminate new security threats and, as appropriate, their interactions, through cooperation and coordinated measures to confront the challenges that those threats pose to the Andean Community.


The appearance of a potential or actual situation in which an agent has the capacity to produce a cyber attack against the population, territory, and political organization of the state. Financial and non-financial operations, by medium, Source: As an upshot of the above activities, government agencies requested the Ministry of Defense to lead the way in implementing cybersecurity policies and establish mechanisms to respond to any cybercrimes and incidents that might affect the nation.

International Organization for Standardization, which has its headquarters in Geneva, Switzerland. An unwanted or unexpected event that occurs in conpe, which, in different circumstances, can harm individuals and affect or cause losses to processes and businesses – 20 – ColCERT Relational Scheme Graph 6: Effects of the core problem The main effects of the above problem are conpex increase in copes and the risk of unauthorized access to information, impairment of the normal operation and continuity of services, and ongoing impunity in tackling offenses of this type.

Identification and adoption of technical standards for a secure Internet architecture.

Any transmission and reception of signs, signals, writing, images and sound, data, or information of any nature by wire, radiofrequency, optical media, or other electromagnetic systems. National initiatives Con;es, Colombian government agencies have been raising awareness about the importance of developing a cybersecurity and cyberdefense policy since ColCERT will have the following specific objectives: To that end, the national government, in partnership at the international level with the Organization of American States OASthrough the Inter-American Committee against Terrorism CICTEorganized a workshop on cybersecurity awareness in Mayfollowed by a national roundtable in October This request arose as a result of the need for an in-depth analysis of the specific features of the national security scheme, the technical capabilities in place in the Ministry of Defense, and a study of the international context.

CONPES by luis miguel sanchez rodriguez on Prezi Next

Inthe funding for the three centers will be provided by the operating budget. Law of Introduces measures to encourage efficiency and transparency in Law conpss ofand issues other general provisions on procurement using public funds. Colombia was the fifth worst-affected country by this network. Computer Emergency Response Team. The International Strategy for Cyberspace was adopted in May Business Management Conpes Document advertisement.

Conpes Document

Strengthen laws and international cooperation on cybersecurity and cyberdefense: Final Reflection Essay—Qi Zhu. Cyberdefense measures adopted at the international level III. Request connpes Ministry of the Interior and Justice to prepare, in coordination with the Donpes of Defense and the Ministry coneps Information and Communication Technologies, a document that reviews the standards in place and proposes the necessary modifications as regards information security and data protection, in order to prevent cybercrime, as well as identifying difficulties in terms of interpretation and enforcement.


Request the Ministry of Defense to carry out a civil-servant training program on information security and cybersecurity, with the support of international agencies Internet users, – Source: An Intersectoral Committee charged with devising a strategic vision for information management and with introducing policy guidelines for technology infrastructure management hardware, software, and communicationspublic information, and cybersecurity and cyberdefense. It will prevent and counter all cyber threats or attacks that affect the country’s assets and interests.

The continual evolution, spread, and sophistication of cyber attacks, as well as technological convergence,3 highlight the need to adopt measures and controls to protect the state from these new threats. A log is an official record of events over a particular period of time. Weak regulation and legislation on information and data protection.

In terms of international standards, one of the instruments that would enable the country to draw level with the international community is the Council of Europe’s Convention on Cybercrime, under which it would have to meet certain requirements, such as the establishment of judicial cooperation mechanisms, including extradition, points of contact available on a twenty-four hour, seven-day-a-week basis to facilitate investigation, and log-keeping20 by ISPs,21 for the requisite amount of time.

ISO standard for information security management systems transcribing the second part of BS Service not available to a person or process application when necessary availability.

This law also ocnpes the National Spectrum Agency as well as issuing other provisions. Very often, the chain of custody of digital evidence is lost, hampering forensic investigations. It is not certifiable. At first, training will be provided to staff directly involved in tackling and managing cyber incidents. A worldwide federation of national standards institutes promoting the development of standardization of goods and services.

The convergence of terrorism and cyberspace. CRC resolution of Conoes resolution of To that end, the national government will need to create the following bodies: For computer security professionals, a log serves to keep a record of data or information as to the who, what, when, where, and why with regard to an event that involves a particular device or application. Domestic standards Different initiatives have been devised in a number of sectors, which CONPES has drawn on as research and reference papers for preparing this document: