Rohana Palliyaguru Director -Operations Sri Lanka CERT CC APCERT AGM and Conference, 24 th October 2018 Shanghai, China MINISTRY OF TELECOMMUNICATION
|
|
- Alberta Dalton
- 5 years ago
- Views:
Transcription
1 Rohana Palliyaguru Director -Operations Sri Lanka CERT CC APCERT AGM and Conference, 24 th October 2018 Shanghai, China SRI LANKA COMPUTER EMERGENCY READINESS TEAM COORDINATION CENTRE
2 Agenda o About Sri Lanka ostatistics on ICT readiness and Cyber Security Landscape o Approach for the development of the strategy othrust Areas of our Strategy and our plan SRI LANKA COMPUTER EMERGENCY READINESS TEAM COORDINATION CENTRE
3 About Sri Lanka Population: 21 Million
4 ICT Readiness Computer Ownership 23.5% Urban: 39.9% Rural: 21% Estate: 5.1% Broadband Subscriptions Fixed 2.65 % Wireless 7.8 % Telephone Subscriptions Fixed 12.49% Mobile 103.1% Internet usage 21.3% usage 11% Devices use to Connect to Internet Desktop or Laptops 38.1% Smart Phones 56.9% Tablets 2.1% Mobile Phones 2.9% a. Computer Literacy 28.3% (A person could use computer by own) (Urban 41.1%, Rural 26.5%, Estate 9.5%) b. Digital Literacy 38.7% (A person use computer, laptop, tablet or smartphone by own) (Urban 54.5%, Rural 36.4%, Estate 16.4%)
5 Initiating Maturing Leading Cyber Security Landscape Evaluation Dimensions of GCI (As at 2017) 6 LEGAL: We are Initiating Legal dimension assessed with reference to the existence of legislation on cybercrime and cybersecurity, and legal training. TECHNICAL: We are Maturing Assessed with reference to the existence of technical institutions and frameworks for dealing with cybersecurity related issues. CAPACITY BUILDING: We are Maturing Measured based on the existence of research and development, education and training programs, certified professionals and public sector agencies fostering capacity building COOPERATION: We are Initiating Measured based on the existence of partnerships, cooperative frameworks and information sharing networks ORGANIZATIONAL: We are Maturing Assessed based on the existence of institutions for policy formulation and coordination, and strategies for cybersecurity development at the national level SRI LANKA COMPUTER EMERGENCY READINESS TEAM COORDINATION CENTRE
6 Incidents Reported Incidents Types Phishing Abuse/Privacy Violation Scams Malicious Software/ Ransomware Financial Frauds Compromise of Websites Compromise of s IP Violation Unauthorized Access DoS/ DDoS SRI LANKA COMPUTER EMERGENCY READINESS TEAM COORDINATION CENTRE
7 Social Media Related Incidents Social Media Related Incidents Reported fake social media accounts 785 hacking social media accounts 400 photo abuse threatening 53 involving misuse of phone numbers 17 pornographic videos 7 copyright violations Other SRI LANKA COMPUTER EMERGENCY READINESS TEAM COORDINATION CENTRE
8 Approach for the Development of the Strategy Cabinet approval Public Consultation Launch the Strategy Literature Review Develop the Strategy (Draft) o Reviewed about 20 different strategies including Singapore, Australia, UK, India, Estonia, Malaysia o o ICT and Cyber Security Readiness in Sri Lanka Maturity of the Information Systems Stakeholder meetings ISPs, Academia, Critical Infrastructure, Law Enforcement Authorities, Ministries & Departments SRI LANKA COMPUTER EMERGENCY READINESS TEAM COORDINATION CENTRE
9 Establishment of Governance Framework Establishment of a governance framework to implement national information and cyber security strategy. Our Strategy Enactment and Establishment of Legislation, Policies and Standards Formulation of legislation, policies, and standards to create a regulatory environment to protect individuals and organizations in the cyber space. Public-Private, Local- International Partnerships Establishment of Governance Framework Vision Legislations, Policies and Standards Resilient Digital Government and Infrastructure Work with public authorities to ensure that the digital government systems implement and operate by the them have the appropriate level of cyber security and resilience. Development of Competent Workforce Development of a skilled and competent workforce to meet future demands. Awareness and Empowerment of Citizens Resilient Digital Government and Infrastructure Raising Awareness and Empowerment of Citizens Make our citizens more competent in protecting their identity, privacy and economic assets in the cyber space. Competent Workforce Development of Public-Private, Local-International Partnerships Development of public-private, local-international partnerships to create a robust cybersecurity ecosystem. SRI LANKA COMPUTER EMERGENCY READINESS TEAM COORDINATION CENTRE
10 Thrust # 1 Establishment of the Governance Framework o Sri Lanka CERT was established as the National Center for Cyber Security in Sri Lanka in o It was mandated to protect the Sri Lanka's information infrastructure, and to take protective measures and respond to information and cyber security attacks in Sri Lanka. o Sri Lanka CERT was established under the ICTA, and now comes under the purview of the MTDI. o As the complexity of the cyber security ecosystem increases, the government of Sri Lanka recognizes the importance of introducing a national cyber security strategy to cope with emerging threats. o National Information and Cyber Security Agency is proposed. o The Agency shall be responsible for overseeing the implementation of the cyber security strategy SRI LANKA COMPUTER EMERGENCY READINESS TEAM COORDINATION CENTRE
11 Cyber Security Experts for Government National Cyber Security Agency Sectoral CERTS Our strategy is to establish a powerful agency which oversees the overall implementation of the information and cyber security strategy of Sri Lanka, and to establish specialized subordinate agencies for effectively battling emerging cyber threats Forencis Labs Research Centre Establishment of the Governance Framework 24 x 7 Cyber Security Call Center National Certificate Authority National Security Operating Center SRI LANKA COMPUTER EMERGENCY READINESS TEAM COORDINATION CENTRE
12 Our plan 1.1. Establishment of the National Information and Cyber Security Agency of Sri Lanka (NICSA): Agency will be established as the apex institution for all cyber security related affairs in Sri Lanka. Agency Shall, o Function as the command and control body to promote this strategy and play a leading role in implementing cyber security initiatives set forth in this strategy. o The Head of the Agency shall represent the National Security Council of Sri Lanka. o Provide technical support for law enforcement agencies in conducting digital forensic investigations. o Build the capacity of sectoral CERTs and coordinate with sectoral CERTs for sharing incident information. SRI LANKA COMPUTER EMERGENCY READINESS TEAM COORDINATION CENTRE
13 1.2. Institutions Under the NICSA o Set up a 24 X 7 Cyber Security Call Center with a focus on assisting citizens, government organizations, and private firms to respond to cyber security incidents. o Set up a National Cyber Security Alert System with the involvement of ISPs and Telcos to deliver targeted, timely, and actionable information to Sri Lankans. o Establish a Digital Forensic Lab to conduct digital forensic investigations and in the areas of computer forensics, mobile forensics, audio and video forensics. examinations o Establish the National Cyber Security Operating Centre (NCSOC) for monitoring threats to digital government applications, critical information infrastructure, and critical systems of private firms. o Establish the National Certification Authority (NCA) by addressing the limitations of the existing certificate authorities. o Establish a Research Unit for developing, coordinating and stimulating continuous research activities in the fields of Strategic Policy Research, Information Security Research, Cyber Security and Technology related research. SRI LANKA COMPUTER EMERGENCY READINESS TEAM COORDINATION CENTRE
14 1.3. Information Security Officers and Chief Information Security Officer We will appoint Information Security Officers for all layers of government organizations. We will work with the Public Service Commission to establish a Chief Information Security Officer position for government. We will empower Chief Innovation Officers (CIOs) with appropriate skills and knowledge on cyber security. SRI LANKA COMPUTER EMERGENCY READINESS TEAM COORDINATION CENTRE
15 Thrust # 2 Legislation, Policies, and Standards o To battle cybercrimes, it is necessary to have appropriate legislation, policies, and standards. o Sri Lanka has taken a number of steps in this regard. They are, o Legislations: Computer Crimes Act No 24 of 2007, Electronic Transactions Act No. 19 of 2006, Payment Devices Frauds Act No 30 of 2006, and Intellectual Property Rights Acts. o Sri Lanka ratified the Budapest Convention on Cybercrime in 2015 and became the first country in South Asia to join this convention. o Government security policy o Gaps in the existing policies and laws will be identified, and new legislation, policies, and standards will be drafted and implemented. SRI LANKA COMPUTER EMERGENCY READINESS TEAM COORDINATION CENTRE
16 Cyber Security Act Our strategy is to create an appropriate regulatory framework for securing individuals and organizations in the cyberspace and for strengthen prosecution support for modern cyber offences through the introduction of relevant legislation, policies and standards Data Sharing Policy Legislation, Policies and Standards Data Protection Act Security Policy for Oragnizations SRI LANKA COMPUTER EMERGENCY READINESS TEAM COORDINATION CENTRE
17 Our plan 2.1. Introduce a New Cyber Security Act Government will introduce a new cybersecurity Act for the establishment of the NICSA and give necessary powers to effectively address cyber threats to the nation Data Protection and Privacy Laws, and Data Sharing Policy Sri Lanka lacks appropriate laws to protect customer data. We will, introduce a data privacy and protection law which governs the collection, use, and disclosure of citizens personal data by government and private organizations. SRI LANKA COMPUTER EMERGENCY READINESS TEAM COORDINATION CENTRE
18 Thrust # 3: Resilient Digital Government Systems and Infrastructure o Sri Lanka advanced from 101 st (2008) to 79 th position (2016) in the e-government Development Index. o To date there are about 500 government websites and more than 50 e-services. o Many organizations maintaining critical infrastructure also have developed e-administrative systems with the aim of increasing the organizational efficiency. o Lanka Government Network, and Lanka Government Cloud provide the digital infrastructure for e- services and e-administrative services. o These digital government systems expose to various cyberattacks such as malware attacks, unauthorized access, denial of service attacks, and so forth. o Our citizens will not embrace digital government if their information cannot be securely kept in the government systems. COMPUTER EMERGENCY READINESS TEAM COORDINATION CENTRE SRI LANKA
19 Security Risk Assessments Our strategy is to ensure that our digital systems and digital infrastructure are more resilient to cyber threats, through implementing risk management processes, implementing appropriate security policies and strategies at the organizational level, increasing awareness and building the capacity of public staff at all levels Government CERT Readiness Assessments Resilient Digital Government Systems and Infrastrcture Security Policy Multi-sector Cyber Dirlls Awareness and Capacity Building Security-by- Design SRI LANKA COMPUTER EMERGENCY READINESS TEAM COORDINATION CENTRE
20 Our plan 3.1. Awareness and Capacity Building of Staff Working with Digital Government Sri Lankan public officers awareness of information and cyber security is inadequate. We will, therefore, first conduct information and cyber security readiness surveys on public sector employees to assess their readiness to work in a digital government environment. We will, then, conduct information and cyber security awareness activities across all levels of government staff. COMPUTER EMERGENCY READINESS TEAM COORDINATION CENTRE SRI LANKA
21 3.2. Information and Cyber Security Risk Assessments We will facilitate stakeholders to conduct information and cyber security risk assessments to identify weaknesses in digital government systems Security Policy for Organizations We will encourage government organizations to comply with baseline security standards (BSS) which will be developed based on ISO standards Digital Government Infrastructure Protection Unit/ Government CERT G-CERT will be responsible for detecting cyber threats, disseminating cyber threat alerts, and coordinating incident response activities Establishment of Joint Military Security Operation Centre/Defense CERT Sri Lankan Militaries, Police, and Intelligence Services all work separately in confronting malicious cyber actors. There is a lack of coordination among these organizations to share valuable information on cyber threats. We will establish a joint Cyber Security Operations Centre with a focus on strengthening our cyber defenses. SRI LANKA COMPUTER EMERGENCY READINESS TEAM COORDINATION CENTRE
22 Thrust # 4: Development of a Competent Workforce o Cyber-attacks and the disruptions to information systems caused by them are increasing exponentially. o Availability of a highly skilled professionals in this field is essential to protect, detect, defend and respond to cyberattacks. o A research done by ISACA in 2016 estimated a global shortage of 2 million cybersecurity professionals by o Women are globally underrepresented in the cybersecurity profession. In Asia-Pacific region, women participation is at 11% o In Sri Lanka, there is a lack of initiatives to address the domestic shortage of cybersecurity experts. It is revealed from the GCI. o We, therefore, aim to implement strategies to increase the supply of cyber security professionals, and facilitate our existing workforce to gain required competency for effectively work in the cyber environment. SRI LANKA COMPUTER EMERGENCY READINESS TEAM COORDINATION CENTRE
23 Our strategy is to create a virtuous circle of supply and demand of information and cyber security experts through continuous assessment of the gap between the supply and demand of cyber professionals, increasing learning opportunities to capitalize on cyber security knowledge, and educating youth for building a pool of future cybersecurity professionals. Specialized Trainings Up-skilling and Reskilling Opportunities Training Infrastructure across the Country Supply and Demand Gap Competent Workforce e-learning Modules Competancy Framework Expanding Tertiary and Vocational Education SRI LANKA COMPUTER EMERGENCY READINESS TEAM COORDINATION CENTRE
24 Our plan 4.1. Assess Supply and Demand of Professionals We will conduct a national level survey to understand the gap between the supply and demand of cyber security professionals in Sri Lanka Competency Framework In collaboration with the academia, we will develop an Information and Cybersecurity Competency Framework which outlines the core competencies that both the government and private sector should possess to effectively work in the cyber environment Expanding Tertiary and Vocational Education We will facilitate local universities, and vocational training institutes to introduce industry oriented diplomas, undergraduate and post graduate programs to provide learning opportunities to students. SRI LANKA COMPUTER EMERGENCY READINESS TEAM COORDINATION CENTRE
25 4.4. Up-Skilling and Re-Skilling Opportunities for Public Sector With the financial and administrative assistance of the Line Ministry, we will roll out an information cyber security training program for staff at grass root level organizations. and 4.5. e-learning Modules We will encourage the Distance Learning Centre (DLC) to design and deliver e-learning modules on Information and Cyber Security which government staff can take up upon their convenience. SRI LANKA COMPUTER EMERGENCY READINESS TEAM COORDINATION CENTRE
26 Thrust # 5: Raising Awareness and Empowerment of Citizens o The Internet has become important for all aspects of daily life in our society. o A considerable segment of society is becoming more and more dependent on the internet thereby becoming more vulnerable to cybercrime. o A major reason for that is lack of awareness among citizens about possible cyber threats and their consequences. o Theft of identity, stealing of credit card numbers, and privacy violation and unauthorized access on social media for example are commonly caused due to the lack of awareness of citizens. o It is, therefore, essential to raise citizens awareness about emerging cyber threats and empower them with the knowledge and skills necessary to defend themselves against evolving cyber threats SRI LANKA COMPUTER EMERGENCY READINESS TEAM COORDINATION CENTRE
27 Our strategy is to raise the awareness of citizens about the risks derived from cyberspace, and build their capacity to protect their identity, privacy and economic assets in the cyber space Security Features by Default Security Readiness Survey Raising Awareness and Empowerment Establish C-CERT Lifelong Learning Cyber Security Awareness for School Children Public Awareness on Cyber Security SRI LANKA COMPUTER EMERGENCY READINESS TEAM COORDINATION CENTRE
28 Our plan 5.1. National Information and Cyber Security Readiness Survey In collaboration with the Department of Census and Statistics, we will conduct a National Baseline Survey to assess Sri Lankan citizens awareness, attitudes and behaviors on information and cyber security Public s Awareness of Social Media Security and Cyber Security We will pay special attention to most vulnerable communities in the society including youth, women and elderly people. We will use printed and electronic media to reach a broader population. The Government Call Center (GIC 1919) will be also enhanced to provide basic information on cyber security related matters. SRI LANKA COMPUTER EMERGENCY READINESS TEAM COORDINATION CENTRE
29 5.3. Introduction of Information and Cyber Security into Curriculums 5.5. Lifelong Learning Opportunities With the involvement of Open University of Sri Lanka and Vocational Training Institutes we will design of basic information and cyber security learning modules for adults. COMPUTER EMERGENCY READINESS TEAM COORDINATION CENTRE SRI LANKA
30 Thrust # 6: Development of Public-Private, Local- International Partnerships Our strategy is to develop a mechanism for cooperation extending beyond government agencies to public-private collaboration, and local- international collaboration in developing a cybersecurity ecosystem Partner with Social Groups and NGOs Nature Startups Partner with Telcos and ISPs Public-Private, Local-International Parterships Partner with CI Owners Work with Militaries Research Culture Partner with Training Providers Stregnth Internation al Parterships SRI LANKA COMPUTER EMERGENCY READINESS TEAM COORDINATION CENTRE
31 Our plan 6.1. Partner with Telecos and ISPs to Protect Internet Users o ISPs in Sri Lanka occupy a unique position as the gateway to Sri Lanka s cyberspace. o We will, set up an ISP-CERT with the involvement of Telcos and ISPs to effectively handle emerging cyber threats Promote Cooperation with Industry Sectors o We will partner with industry sectors in order to jointly improve detection, prevention, response and recovery capabilities. o We will develop a channel to share real-time sensitive information on cyber threats and potential consequences with industry sectors. o Special attention would be paid to small and medium size businesses, which are currently increasingly being victimized by malicious actors in the cyber space. Tailored alerts and advice will be generated for them. SRI LANKA COMPUTER EMERGENCY READINESS TEAM COORDINATION CENTRE
32 6.3. Strengthening International Partnerships Through the links between countries, we will engage with the international community to build a system of cyberspace stability Increase our Presence at International level We will enhance our presence at the international level through participation in international forums and conferences on cyber security and through playing an active role in knowledge gaining and sharing exercises Partner with Businesses to Promote Security in Product and Services We will work with suppliers to bring products and services to the market with a high level of security to ensure the privacy and security of customer information Support of Social Groups and NGOs 6.7. Support Start-ups SRI LANKA COMPUTER EMERGENCY READINESS TEAM COORDINATION CENTRE
33 SRI LANKA COMPUTER EMERGENCY READINESS TEAM COORDINATION CENTRE Thank you
Sri Lanka THE JOURNEY OF TOWARDS A CREATIVE KNOWLEDGE BASED ECONOMY
THE JOURNEY OF Sri Lanka TOWARDS A CREATIVE KNOWLEDGE BASED ECONOMY Presented by Dr. Ajith Madurapperuma on behalf of the ICTA Email: ajitolanka@gmail.com A PRESENTATION BY The Information Communication
More informationGlobal Alliance Against Child Sexual Abuse Online 2014 Reporting Form
Global Alliance Against Child Sexual Abuse Online 2014 Reporting Form MONTENEGRO Policy Target No. 1 Enhancing efforts to identify victims and ensuring that they receive the necessary assistance, support
More informationNetherlands Cyber Security Strategy. Michel van Leeuwen Head of Cyber Security Policy Ministry of Security and Justice
Netherlands Cyber Security Strategy Michel van Leeuwen Head of Cyber Security Policy Ministry of Security and Justice 1 Netherlands: small country, big time vulnerable #1 80% online banking 95% youth uses
More informationResolution adopted by the General Assembly on 21 December [on the report of the Second Committee (A/64/422/Add.3)]
United Nations A/RES/64/211 General Assembly Distr.: General 17 March 2010 Sixty-fourth session Agenda item 55 (c) Resolution adopted by the General Assembly on 21 December 2009 [on the report of the Second
More informationProvisional Translation
Provisional Translation Environmental Change Vision to aim as a Goal Merger and Integration of Cyberspace and Real-space [expansion/penetration, progress of the use/application, global] Increasing Serious
More informationCybersecurity in Asia-Pacific State of play, key issues for trade and e-commerce
Cybersecurity in Asia-Pacific State of play, key issues for trade and e-commerce 5-8 September 2017 Yogyakarta, Indonesia Sameer Sharma Senior Advisor ITU Digital Infrastructure for Connectivity SDGs Evolution
More informationEU policy on Network and Information Security & Critical Information Infrastructures Protection
EU policy on Network and Information Security & Critical Information Infrastructures Protection Köln, 10 March 2011 Valérie ANDRIANAVALY European Commission Directorate General Information Society and
More informationThe challenges of the NIS directive from the viewpoint of the Vienna Hospital Association
The challenges of the NIS directive from the viewpoint of the Vienna Hospital Association page 1 Cybersecurity Strategy Essential Points The norms, principles and values that the City of Vienna and the
More informationAbout Issues in Building the National Strategy for Cybersecurity in Vietnam
Vietnam Computer Emergency Response Team - VNCERT About Issues in Building the National Strategy for Cybersecurity in Vietnam Vu Quoc Khanh Director General Outline Internet abundance Security situation
More informationCyber Security Strategy
Cyber Security Strategy Committee for Home Affairs Introduction Cyber security describes the technology, processes and safeguards that are used to protect our networks, computers, programs and data from
More informationRESOLUTION 130 (REV. BUSAN, 2014)
RESOLUTION 130 (REV. BUSAN, 2014) Strengthening the role of ITU in building confidence and security in the use of information and communication technologies The Plenipotentiary Conference of the International
More informationImplementation Strategy for Cybersecurity Workshop ITU 2016
Implementation Strategy for Cybersecurity Workshop ITU 2016 Council for Scientific and Industrial Research Joey Jansen van Vuuren Intricacies and interdependencies cyber policies must address potential
More informationBest Practices in Public Information Management in Sri Lanka. Presented by Nimal Athukorala D.C. Dissanayake
Best Practices in Public Information Management in Sri Lanka Presented by Nimal Athukorala D.C. Dissanayake Content Objectives Method of Information Management Case Study- GIC Call Center GIC Web Portal
More informationCOMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN
COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN 24-27 July 2016 1 CONTENT INTRODUCTION POLICY OBJECTIVES POLICY AND LEGISLATIVE PRINCIPLES CYBER SECURITY STRATEGY CHALLENGES AND OPPORTUNITIES CAPACITY BUILDING
More informationGovernment Resolution No of February 15, Resolution: Advancing National Regulation and Governmental Leadership in Cyber Security
Government Resolution No. 2443 of February 15, 2015 33 rd Government of Israel Benjamin Netanyahu Resolution: Advancing National Regulation and Governmental Leadership in Cyber Security It is hereby resolved:
More informationINDEPENDENT COMMUNICATIONS AUTHORITY OF SOUTH AFRICA(ICASA) CYBERSECURITY PRESENTATION AT SAIGF. 28 th November 2018
INDEPENDENT COMMUNICATIONS AUTHORITY OF SOUTH AFRICA(ICASA) CYBERSECURITY PRESENTATION AT SAIGF 28 th November 2018 AGENDA 1. State of Cybersecurity Globally 2. State of Cybersecurity in South Africa 2.1
More informationUNCLASSIFIED. National and Cyber Security Branch. Presentation for Gridseccon. Quebec City, October 18-21
National and Cyber Security Branch Presentation for Gridseccon Quebec City, October 18-21 1 Public Safety Canada Departmental Structure 2 National and Cyber Security Branch National and Cyber Security
More informationNATIONAL CYBER SECURITY STRATEGY. - Version 2.0 -
NATIONAL CYBER SECURITY STRATEGY - Version 2.0 - CONTENTS SUMMARY... 3 1 INTRODUCTION... 4 2 GENERAL PRINCIPLES AND OBJECTIVES... 5 3 ACTION FRAMEWORK STRATEGIC OBJECTIVES... 6 3.1 Determining the stakeholders
More informationMALAYSIA S APPROACH IN CAPACITY BUILDING. Dr Amirudin Abdul Wahab Chief Executive Officer CyberSecurity Malaysia 24 March 2017
MALAYSIA S APPROACH IN CAPACITY BUILDING Dr Amirudin Abdul Wahab Chief Executive Officer CyberSecurity Malaysia 24 March 2017 Copyright 2017 CyberSecurity Malaysia ASEAN s JOURNEY TOWARDS DIGITAL TRANSFORMATION
More informationG7 Bar Associations and Councils
COUNTRY PAPER UNITED STATES G7 Bar Associations and Councils SEPTEMBER 14, 2017 ROME, ITALY The American Bar Association P R E F A C E As we have witnessed, cyber terrorism is an extremely serious threat
More informationBrussels, 19 May 2011 COUNCIL THE EUROPEAN UNION 10299/11 TELECOM 71 DATAPROTECT 55 JAI 332 PROCIV 66. NOTE From : COREPER
COUNCIL OF THE EUROPEAN UNION Brussels, 19 May 2011 10299/11 TELECOM 71 DATAPROTECT 55 JAI 332 PROCIV 66 NOTE From : COREPER To: COUNCIL No Cion. prop.: 8548/11 TELECOM 40 DATAPROTECT 27 JAI 213 PROCIV38
More informationA Strategy for a secure Information Society Dialogue, Partnership and empowerment
A Strategy for a secure Information Society Dialogue, Partnership and empowerment Gerard.Galler@ec.europa.eu European Commission DG Information Society & Media Unit INFSO/A3: Internet; Network & Information
More informationRESOLUTION 45 (Rev. Hyderabad, 2010)
212 RESOLUTION 45 (Rev. Hyderabad, 2010) The World Telecommunication Development Conference (Hyderabad, 2010), recalling a) Resolution 45 (Doha, 2006) of the World Telecommunication Development Conference
More informationThe UK s National Cyber Security Strategy
The UK s National Cyber Security Strategy 2016 2021 Vision for 2021: The UK is secure and resilient to cyber threats, prosperous and confident in the digital world 1 National Cyber Security Strategy 2016
More informationCYBER INCIDENT REPORTING GUIDANCE. Industry Reporting Arrangements for Incident Response
CYBER INCIDENT REPORTING GUIDANCE Industry Reporting Arrangements for Incident Response DfT Cyber Security Team CYBER@DFT.GSI.GOV.UK Introduction The Department for Transport (DfT) has produced this cyber
More informationThe role of COP/ITU on international level. Dr Ibrahim Al dabal chair of child on line council working group
The role of COP/ITU on international level Dr Ibrahim Al dabal chair of child on line council working group I nformation & I nternational C ommunication T elecommunication T echnologies U nion WHO WE
More informationCyber Security in Europe
Cyber Security in Europe ENISA supporting the National Cyber Security Strategies An evaluation framework Liveri Dimitra Security and Resilience of Communication Networks Officer www.enisa.europa.eu Securing
More informationBradford J. Willke. 19 September 2007
A Critical Information Infrastructure Protection Approach to Multinational Cyber Security Events Bradford J. Willke 19 September 2007 Overview A framework for national Critical Information Infrastructure
More informationNational Cybersecurity preparation to deal with Cyber Attacks
National Cybersecurity preparation to deal with Cyber Attacks Dr. Chaichana Mitrpant Assistant Executive Director, Electronic Transactions Development Agency (ETDA) 1 Over all Internet usage in Thailand
More informationCybersecurity & Digital Privacy in the Energy sector
ENERGY INFO DAYS Brussels, 25 October 2017 Cybersecurity & Digital Privacy in the Energy sector CNECT.H1 Cybersecurity & Digital Privacy, DG CNECT ENER.B3 - Retail markets; coal & oil, DG ENER European
More informationNEW INNOVATIONS NEED FOR NEW LAW ENFORCEMENT CAPABILITIES
NEW INNOVATIONS NEED FOR NEW LAW ENFORCEMENT CAPABILITIES Kristina Doda & Aleksandar Vanchoski Budapest, CEPOL conference 2017 New technologies - new social interactions and economic development - need
More informationCyber Security Roadmap
Cyber Security Roadmap The Hague, 25 May 2011 Security: Developing a Secure Cyberspace Protecting the 5 th Domain As with land, sea, air and space, a safe Cyberspace is crucial for our societies. Different
More informationRESOLUTION 67 (Rev. Buenos Aires, 2017)
524 Res. 67 RESOLUTION 67 (Rev. Buenos Aires, 2017) The role of the ITU Telecommunication Development Sector in child online protection The World Telecommunication Development Conference (Buenos Aires,
More informationENISA EU Threat Landscape
ENISA EU Threat Landscape 24 th February 2015 Dr Steve Purser ENISA Head of Department European Union Agency for Network and Information Security www.enisa.europa.eu Agenda ENISA Areas of Activity Key
More informationDecember 10, Statement of the Securities Industry and Financial Markets Association. Senate Committee on Banking, Housing, and Urban Development
December 10, 2014 Statement of the Securities Industry and Financial Markets Association Senate Committee on Banking, Housing, and Urban Development Hearing Entitled Cybersecurity: Enhancing Coordination
More informationCommonwealth Cyber Declaration
Commonwealth Cyber Declaration Recognising that the development of cyberspace has made a powerful contribution to the economic, social, cultural and political life of the Commonwealth; Underlining that
More informationCONTEMPORARY CYBER ATTACK TRENDS AND CHALLENGES DR SHASHWAT RAIZADA
CONTEMPORARY CYBER ATTACK TRENDS AND CHALLENGES DR SHASHWAT RAIZADA RECENT TRENDS IN CYBER ATTACKS Cyber Security Threats From Requests to Ransom Notes Source: www.ripandscam.com Source https://en.wikipedia.org/wiki/wannacry_ransomware_attack
More informationStrengthening the Cybersecurity of Federal Networks and Critical Infrastructure
Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure Executive Order 13800 Update July 2017 In Brief On May 11, 2017, President Trump issued Executive Order 13800, Strengthening
More informationCybersecurity for ALL
Cybersecurity for ALL An Overview of ITU s Cybersecurity Activities OAS Hemispheric Workshop on the Development of a National Framework for Cyber Security 16 in Rio de Janeiro, Brazil Souheil Marine Head,
More informationUN General Assembly Resolution 68/243 GEORGIA. General appreciation of the issues of information security
UN General Assembly Resolution 68/243 GEORGIA General appreciation of the issues of information security Widely publicized cyber attacks and, to some expert opinions, cyber war - conducted against Georgia
More informationToday s cyber threat landscape is evolving at a rate that is extremely aggressive,
Preparing for a Bad Day The importance of public-private partnerships in keeping our institutions safe and secure Thomas J. Harrington Today s cyber threat landscape is evolving at a rate that is extremely
More informationCyber Security: Are digital doors still open?
Cyber Security: Are digital doors still open? Introduction Security is becoming a rapidly evolving and complex issue that various organizations are contending with today. It continues to be one of the
More informationNew Zealand National Cyber Security Centre Incident Summary
New Zealand National Cyber Security Centre 2013 Incident Summary National Cyber Security Centre 2013 Incident Summary Foreword The incidents summarised in this report reinforce that cyber security is truly
More informationState Governments at Risk: State CIOs and Cybersecurity. CSG Cybersecurity and Privacy Policy Academy November 2, 2017
State Governments at Risk: State CIOs and Cybersecurity CSG Cybersecurity and Privacy Policy Academy November 2, 2017 About NASCIO National association representing state chief information officers and
More informationMedia Kit. California Cybersecurity Institute
Media Kit Fact Sheet Cybercrime A Growing Threat Cybercriminals are invisible enemies who jeopardize our nation s security in increasingly sophisticated and pervasive ways. According to the Government
More informationGLobal Action on CYbercrime (GLACY) Assessing the Threat of Cybercrime in Mauritius
GLobal Action on CYbercrime (GLACY) Assessing the Threat of Cybercrime in Mauritius Presented By Mrs K.Gunesh-Balaghee,, Assistant Solicitor General Mr M.Armmogum,, Ag Senior State Counsel Mrs B.Kissoon-Luckputtya,
More informationSecurity and resilience in Information Society: the European approach
Security and resilience in Information Society: the European approach Andrea Servida Deputy Head of Unit European Commission DG INFSO-A3 Andrea.servida@ec.europa.eu What s s ahead: mobile ubiquitous environments
More informationNational Communications Authority
National Communications Authority - Press Release The International Workshop on Criminal Justice Statistics on Cybercrime and Electronic Evidence Opens in Accra A three-day International Workshop on Criminal
More informationCritical Information Infrastructure Protection. Role of CIRTs and Cooperation at National Level
Critical Information Infrastructure Protection Role of CIRTs and Cooperation at National Level 1 Global Cybersecurity Agenda (GCA) GCA is designed for cooperation and efficiency, encouraging collaboration
More informationSTRENGTHENING THE CYBERSECURITY OF FEDERAL NETWORKS AND CRITICAL INFRASTRUCTURE
STRENGTHENING THE CYBERSECURITY OF FEDERAL NETWORKS AND CRITICAL INFRASTRUCTURE By the authority vested in me as President by the Constitution and the laws of the United States of America, it is hereby
More informationPosition Description. Engagement Manager UNCLASSIFIED. Outreach & Engagement Information Assurance and Cyber Security Directorate.
Position Description Engagement Manager Business unit: Position purpose: Direct reports: Directorate overview: Business Unit Overview Remuneration indicator: Outreach & Engagement Information Assurance
More informationBoston Chapter AGA 2018 Regional Professional Development Conference Cyber Security MAY 2018
Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security BRANDEIS UNIVERSITY PROFESSOR ERICH SCHUMANN MAY 2018 1 Chinese military strategist Sun Tzu: Benchmark If you know your
More informationNational Cyber Security Strategy - Qatar. Michael Lewis, Deputy Director
National Cyber Security Strategy - Qatar Michael Lewis, Deputy Director 2 Coordinating a National Approach to Cybersecurity ITU Pillars of Cybersecurity as a Reference Point providing the collected best
More informationCaribbean Cyber Security: Not Only Government s Responsibility
Caribbean Cyber Security: Not Only Government s Responsibility AWARENESS AND VIGILANCE IS EVERYBODY S RESPONSIBILITY Preseted at: ICT Symposium Antigua and Barbuda March 2017 Caribbean Cyber Security Events
More informationCyber Security Strategy
2014 2017 Cyber Security Strategy Ministry of Economic Affairs and Communication 2014 TABLE OF CONTENTS Introduction... 2 1. Analysis of current situation... 2 1.1. Sectoral progress... 2 1.2. Trends...
More informationDiscussion on MS contribution to the WP2018
Discussion on MS contribution to the WP2018, 30 January 2018 European Union Agency for Network and Information Security Possibilities for MS contribution to the WP2018 Expert Groups ENISA coordinates several
More informationSociety, the economy and the state depend on information and communications technology (ICT).
Society, the economy and the state depend on information and communications technology (ICT). We have witnessed the accelerated development of an information society and the growing dependency on ICT in
More informationCyber Security and Cyber Fraud
Cyber Security and Cyber Fraud Remarks by Andrew Ross Director, Payments and Cyber Security Canadian Bankers Association for Senate Standing Committee on Banking, Trade, and Commerce October 26, 2017 Ottawa
More informationThe Republic of Korea. economic and social benefits. However, on account of its open, anonymous and borderless
The Republic of Korea Executive Summary Today, cyberspace is a new horizon with endless possibilities, offering unprecedented economic and social benefits. However, on account of its open, anonymous and
More informationCommonwealth Telecommunications Organisation Proposal for IGF Open Forum 2017
Commonwealth Telecommunications Organisation Proposal for IGF Open Forum 2017 Title: Facilitating Investment in Cybersecurity as a means of achieving the Sustainable Development Goals Description: Information
More informationGujarat Forensic Sciences University
Gujarat Forensic Sciences University Knowledge Wisdom Fulfilment Cyber Security Consulting Services Secure Software Engineering Infrastructure Security Digital Forensics SDLC Assurance Review & Threat
More informationItu regional workshop
Itu regional workshop "Key Aspects of Cybersecurity in the Context of Internet of Things (IoT) Natalia SPINU 18 September, 2017 Tashkent, Uzbekistan AGENDA 1. INTRODUCTI ON 2. Moldovan public policy on
More informationNATIONAL STRATEGY:- MALAYSIAN EXPERIENCE
NATIONAL STRATEGY:- MALAYSIAN EXPERIENCE Devi Annamalai Security, Trust and Governance MCMC 28th August 2007 Hanoi. Vietnam BACKGROUND MCMC is a statutory body established under the Malaysian Communications
More informationStatement for the Record
Statement for the Record of Seán P. McGurk Director, Control Systems Security Program National Cyber Security Division National Protection and Programs Directorate Department of Homeland Security Before
More informationSafeguarding company from cyber-crimes and other technology scams ASSOCHAM
www.pwc.com Safeguarding company from cyber-crimes and other technology scams ASSOCHAM Rahul Aggarwal - Director The new digital business ecosystem is complex and highly interconnected The new business
More informationBirendra Kumar Mishra. Director General Department of Information Technology Ministry Of Science and Technology Government of Nepal
Birendra Kumar Mishra Director General Department of Information Technology Ministry Of Science and Technology Government of Nepal Area Total: 147,141 Sq. Km Mountains and Hill: 83 % Terai(flat Land):
More informationCybersecurity, safety and resilience - Airline perspective
Arab Civil Aviation Commission - ACAC/ICAO MID GNSS Workshop Cybersecurity, safety and resilience - Airline perspective Rabat, November, 2017 Presented by Adlen LOUKIL, Ph.D CEO, Resys-consultants Advisory,
More informationCo-operation with Law Enforcement Agencies in South Africa. 19 September 2008
Co-operation with Law Enforcement Agencies in South Africa 19 September 2008 Agenda About ISPA IMPACT Is cyber-terrorism real? Content and DNS People trafficking Training Is this a bad thing for ISPs?
More informationENISA & Cybersecurity. Dr. Udo Helmbrecht Executive Director, European Network & Information Security Agency (ENISA) 25 October 2010
ENISA & Cybersecurity Dr. Udo Helmbrecht Executive Director, European Network & Information Security Agency (ENISA) 25 October 2010 Agenda Some Definitions Some Statistics ENISA & Cybersecurity Conclusions
More informationCyber Security Development. Ghana in Perspective
Cyber Security Development Ghana in Perspective GHANA S CYBER SECURITY JOURNEY NCSPS Development Establishment of CERT NCSPS Validation 2015 Adoption of NCSPS by Cabinet 2016 NCSTWG NCSIAC NCSPS Review
More informationDraft Resolution for Committee Consideration and Recommendation
Draft Resolution for Committee Consideration and Recommendation Committee A: Security and Transparency in a Digital Environment The General Assembly; Draft Resolution Submitted for revision by the delegations
More information2. What do you think is the significance, purpose and scope of enhanced cooperation as per the Tunis Agenda? a) Significance b) Purpose c) Scope
Timestamp 8/30/2013 15:34:00 The information solicited through this questionnaire will only be used in aggregate form, unless otherwise authorised by the respondent. Do you authorise us to cite/share your
More informationISAO SO Product Outline
Draft Document Request For Comment ISAO SO 2016 v0.2 ISAO Standards Organization Dr. Greg White, Executive Director Rick Lipsey, Deputy Director May 2, 2016 Copyright 2016, ISAO SO (Information Sharing
More informationCanada Highlights. Cybersecurity: Do you know which protective measures will make your company cyber resilient?
Canada Highlights Cybersecurity: Do you know which protective measures will make your company cyber resilient? 21 st Global Information Security Survey 2018 2019 1 Canada highlights According to the EY
More informationRESOLUTION 179 (REV. BUSAN, 2014) ITU's role in child online protection
402 Res. 179 RESOLUTION 179 (REV. BUSAN, 2014) ITU's role in child online protection The Plenipotentiary Conference of the International Telecommunication Union (Busan, 2014), recognizing a) Resolution
More informationPromoting Global Cybersecurity
Promoting Global Cybersecurity Presented to ITU-T Study Group 17 Geneva, Switzerland 6 October 2005 Robert Shaw ITU Internet Strategy and Policy Advisor ITU Strategy and Policy Unit 1 Agenda Critical Infrastructures
More informationRESOLUTION 179 (REV. BUSAN, 2014) ITU's role in child online protection
RESOLUTION 179 (REV. BUSAN, 2014) ITU's role in child online protection The Plenipotentiary Conference of the International Telecommunication Union (Busan, 2014), recognizing a) Resolution 67 (Rev. Dubai,
More informationGEORGIA CYBERSECURITY WORKFORCE ACADEMY. NASCIO 2018 State IT Recognition Awards
GEORGIA CYBERSECURITY WORKFORCE ACADEMY NASCIO 2018 State IT Recognition Awards Title: Georgia Cybersecurity Workforce Academy Category: Cybersecurity State: Georgia Contact: Stanton Gatewood Stan.Gatewood@gta.ga.gov
More informationOAS Cybersecurity Capacity Building Efforts
OAS Cybersecurity Capacity Building Efforts Are We Ready in Latin America and the Caribbean? 2016 Cybersecurity Report www.cybersecurityobservatory.com The opinions expressed in this publication are of
More informationUAE National Space Policy Agenda Item 11; LSC April By: Space Policy and Regulations Directory
UAE National Space Policy Agenda Item 11; LSC 2017 06 April 2017 By: Space Policy and Regulations Directory 1 Federal Decree Law No.1 of 2014 establishes the UAE Space Agency UAE Space Agency Objectives
More informationFundamentals of Cybersecurity/CIIP. Building Capacity: Using a National Strategy & Self-Assessment
Fundamentals of Cybersecurity/CIIP Building Capacity: Using a National Strategy & Self- Presented to: 2009 ITU Regional Cybersecurity Forum for Asia-Pacific Connecting the World Responsibly 23-25 25 September
More informationMission: Continuity BUILDING RESILIENCE AGAINST UNPLANNED SERVICE INTERRUPTIONS
Mission: Continuity BUILDING RESILIENCE AGAINST UNPLANNED SERVICE INTERRUPTIONS Stephanie Poe, DNP, RN-BC CNIO, The Johns Hopkins Hospital and Health System Discussion Topics The Age of Acceleration Cyber
More informationHow Cybersecurity Initiatives May Impact Operators. Ross A. Buntrock, Partner
How Cybersecurity Initiatives May Impact Operators Ross A. Buntrock, Partner ross.buntrock@agg.com 202.669.0495 Agenda Rise in Data Breaches Effects of Increase in Cybersecurity Threats Cybersecurity Framework
More informationPresented by Ingrid Fredeen and Pamela Passman. Copyright 2017NAVEXGlobal,Inc. AllRightsReserved. Page 0
Cyber Security and Inside Threats: Turning Policies into Practices Presented by Ingrid Fredeen and Pamela Passman Copyright 2017NAVEXGlobal,Inc. AllRightsReserved. Page 0 Presented By Ingrid Fredeen, J.D.
More informationTURNING STRATEGIES INTO ACTION DISASTER MANAGEMENT BUREAU STRATEGIC PLAN
DISASTER MANAGEMENT BUREAU STRATEGIC PLAN 2005-2006 PREFACE Historical statistics would suggest that Bangladesh is one of the most disaster prone countries in the world with the greatest negative consequences
More informationGarry Mukelabai Communications Authority Zambia
Garry Mukelabai Communications Authority Zambia ICT in Zambia. Current and Future Legislations. Way Forward? Pop 12 million. Zambia pioneers of internet in region. Over 10 Internet Service Providers Internet
More informationNational Policy and Guiding Principles
National Policy and Guiding Principles National Policy, Principles, and Organization This section describes the national policy that shapes the National Strategy to Secure Cyberspace and the basic framework
More informationTechnology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited
Technology Risk Management in Banking Industry Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited Change in Threat Landscape 2 Problem & Threats faced by Banking Industry
More informationGLOBAL AGENDA FOR CYBER CAPACITY BUILDING
GLOBAL AGENDA FOR CYBER CAPACITY BUILDING Putting Principles into Practice GLOBAL AGENDA FOR CYBER CAPACITY BUILDING Putting Principles into Practice November 21 st 2017 Version CONTENTS 1. Introduction...
More informationCYBER FRAUD & DATA BREACHES 16 CPE s May 16-17, 2018
CYBER FRAUD & DATA BREACHES 16 CPE s May 16-17, 2018 Cyber fraud attacks happen; they can t all be stopped. The higher order question must be how can we, as fraud examiners and assurance professionals,
More informationISRAEL NATIONAL CYBER SECURITY STRATEGY IN BRIEF
SEPTEMBER 2017 ISRAEL NATIONAL CYBER SECURITY STRATEGY IN BRIEF STATE OF ISRAEL PRIME MINISTER S OFFICE NATIONAL CYBER DIRECTORATE Vision and Objective 5 Development of Israel s national cyber security
More informationDepartment of Homeland Security Updates
American Association of State Highway and Transportation Officials Special Committee on Transportation Security and Emergency Management 2016 Critical Infrastructure Committee Joint Annual Meeting Department
More informationSouth Asian Disaster Knowledge Network
South Asian Disaster Knowledge Network Using knowledge and innovation to build a culture of safety an resilience in South Asia SAARC Disaster Management Centre SAARC Disaster Management Centre (SDMC) was
More informationNational Cyber Security Operations Center (N-CSOC) Stakeholders' Conference
National Cyber Security Operations Center (N-CSOC) Stakeholders' Conference Benefits to the Stakeholders A Collaborative and Win-Win Strategy Lal Dias Chief Executive Officer Sri Lanka CERT CC Cyber attacks
More informationTHE CYBER SECURITY ENVIRONMENT IN LITHUANIA
Executive summary of the public audit report THE CYBER SECURITY ENVIRONMENT IN LITHUANIA 9 December 2015, No. VA-P-90-4-16 Full audit report in Lithuanian is available on the website of the National Audit
More informationGovernance Ideas Exchange
www.pwc.com.au Anatomy of a Hack Governance Ideas Exchange Robert Di Pietro October 2018 Cyber Security Anatomy of a Hack Cyber Security Introduction Who are the bad guys? Profiling the victim Insights
More informationChina and International Governance of Cybercrime
China and International Governance of Cybercrime Prof. Dr. Shenkuo WU Law Professor of CCLS, Beijing Normal University Head of Research Centre of Internet Society of China Consultant of Supreme Court of
More information1 History of CyberSecurity in the Philippines 2 3
CONTENTS 1 History of CyberSecurity in the Philippines 2 3 The National CyberSecurity Governance Framework The National CyberSecurity Plan Strategic Drivers Focal Areas Critical Infostructure, Government,
More informationBuilding digital competences in national and regional clusters
Building digital competences in national and regional clusters FIIF event on "Digital Trust and Security 14.2.2019 Jarno Salonen 14.2.2019 VTT beyond the obvious 1 Agenda Background Building competences
More informationThe UNODC Global Programme on Cybercrime Alexandru Caciuloiu CYBERCRIME COORDINATOR SOUTHEAST ASIA AND THE PACIFIC
The UNODC Global Programme on Cybercrime Alexandru Caciuloiu CYBERCRIME COORDINATOR SOUTHEAST ASIA AND THE PACIFIC UNODC is mandated to assist Member States in their struggle against illicit drugs, crime
More information