The National Council of Justice (CNJ) conducts, between March 24 and April 4, a public consultation on the documents that will be the guidelines of cyber governance in the Judiciary, whose primary purpose is to make the respective digital ecosystem in a developed, resistant and safe. The minutes were prepared by the Committee, instituted in November 2020, formed by representatives of the Superior Courts, the Federal Court of Justice, Courts of Justice and CNJ. The Committee is concerned with the presentation of standards in this area, applicable to the national justice system.
The proposed cyber security concept involves three main axes: information security (availability, integrity, confidentiality and authenticity of information assets); physical security and data and asset protection; and actions aimed at ensuring information security and continuity in the functioning of the Judiciary, standardization of good practices, development of a culture of cyber security and training and qualification of the professionals who work in this space.
The cybernetic governance proposal is structured in a centralized model at the national level through the activities of agencies advising the CNJ and a cooperation network of the Judiciary Branch on this topic. The purpose is to facilitate the coordination of the organs of the justice system around the development of a unified standard of maturity, which allows for joint analysis through indicators and routines for checking compliance. In addition, it is intended to promote the convergence of efforts and initiatives in investigating incidents and promoting training and education actions.
In risk management, the cyber incident prevention protocol stands out with guidelines involving the assessment of resources that support critical functions and related risks; safeguards for data protection and information assets; continuous security monitoring actions and anomaly and event detection processes; response, communications, analysis, mitigation and improvement plans; and plans for resilience and restoration of capabilities or services that may be hampered by security incidents.
Public consultation is also integrated by other reference manuals covering, among other aspects, crisis management, cyber crime investigation, infrastructure protection, risk prevention and mitigation, identity and access management, education and culture, in addition to a glossary with the definitions used in those documents.
Wilson Sales Belchior
PEC nº 39/2021 – Changes in special features
The Chamber of Deputies approved on 07/13/2022 the final text of the Proposed Amendment to the Constitution nº 39/2021 (“PEC of Relevance”). Presented on 11/08/2021 by...
Virtual Social Office application (ESVirtual)
The National Council of Justice (CNJ) launches today, 04/20/2021, the Virtual Social Office (ESVirtual) application. The objective is to expand the offer of services available to...
