Those of you who know me know that one of my crusades over the past number of years is the establishment of a Computer Emergency Response Team for Ireland. I am happy to say that today sees the end of one long chapter in that journey and the beginning of another. Today the Irish Reporting & Information Security Service (IRISS) is launched. IRISS is a not for profit company that aims to assist businesses, organisations and individuals to better protect their computer and network systems from threats posed by Internet attacks, hackers and computer viruses. The Irish Reporting & Information Security Service (IRISS) will provide a range of free services to Irish businesses and consumers in relation to information security issues to help counter the security threats posed to Irish businesses and the Irish Internet space
Ireland’s economy has grown rapidly over the past decade thanks in no small part to the increasing use of information technology. Information technology and the Internet has enabled consumers and businesses alike to better access and deliver services, create new markets, exchange information rapidly and process information in more efficient means. However this increasing reliance on information technology brings with it numerous risks and threats that if not properly addressed could result in significant negative impact on Ireland’s economy and potentially on the country’s national security. Just as business and consumers have found legitimate use for the Internet there are others who use the Internet for more nefarious purposes such as criminal, illegal, terrorist and corporate and national espionage activities.
Recent media coverage and posts to this blog have highlighted the increasing number of security breaches impacting on companies and individuals while at the same time criminals are finding more ways to exploit the technology that we use in our day to day business and personal lives.
The vulnerability of a nation’s ICT infrastructure was also highlighted in the spring of 2007 when Estonia suffered a massive cyber attackwhich resulted in it being effectively taken off from the Internet while these attacks lasted. The cyber attacks mirrored social unrest which included street riots and vandalism. While no cost has been put on the effects of the sustained cyber attacks, research indicates the costs were higher than those incurred as a result of the actual physical riots.
The attack on Estonia highlighted to many nations, Ireland included, how vulnerable many businesses and online systems are to attacks from cyberspace. Estonia had recently established a national Computer Emergency Response Team which is felt greatly diminished the potential impact of these attacks.
Up until now there has been no single body within Ireland that can provide services to consumers, businesses and other organisation alike to advise them on how to better protect their information assets and what to do in the event they discover they are the victim of an attack.
With this in mind IRISS has been set up as a trusted, independent and non-commercial Computer Emergency Response Team to initially provide the following services;
The above range of services are built on the WARP (Warning Advice & Reporting Point) model and are provided by a dedicated core of volunteers drawn from Ireland’s top experts in the field of information security and provide their services to the Irish Internet community free of charge. I would also like to extend a thanks to those who have helped sponsor the initiative and without whom this would not be possible. in particular i would like to thank BH Consulting and The SANS Institute for their support and guidance.
The services provided by IRISS are free and will help you better protect your organisation’s network infrastructure and ultimately that of the Irish Internet space so don’t hesitate to sign up and take advantage of the facilities.