Building Global CSIRT Capabilities
|
|
- Gwen Ball
- 5 years ago
- Views:
Transcription
1 Building Global CSIRT Capabilities Barbara Laswell, Ph.D. September 2003 CERT Centers Software Engineering Institute Carnegie Mellon Pittsburgh, PA Sponsored by the U.S. Department of Defense Carnegie Mellon University
2 CERT Coordination Center The CERT/CC was established in 1988 with a mission to: respond to security emergencies on the Internet, serve as a focal point for reporting and facilitating the corrections to security vulnerabilities, analyze security-related data to develop and disseminate countermeasures and prevention techniques, serve as a model to help others establish incident response teams, raise awareness and understanding of security trends and issues Carnegie Mellon University
3 Growth in Number of Incidents Reported to the CERT/CC Carnegie Mellon University
4 Growth in Number of Vulnerabilities Reported to the CERT/CC Carnegie Mellon University
5 Growth in CSIRTs Carnegie Mellon University
6 Response Teams Around the World Carnegie Mellon University
7 Impact on CSIRTs Today s dynamic environment means less time for CSIRTs to react. Therefore, teams require a method for quick notification established and understood policies and procedures automation of incident handling tasks methods to collaborate and share information with others easy and efficient way to sort through all incoming information Carnegie Mellon University
8 Current Situation Many organizations do not have a formalized incident response capability. There is a shortage of effective CSIRTs and trained staff to respond to current and emerging computer security threats. A growing number of organizations are being mandated or required by laws/regulations to have an incident response plan in place proactively seeking to implement a CSIRT as a part of their information security program Carnegie Mellon University
9 Stages of CSIRT Development Stage 1 Stage 2 Stage 3 Stage 4 Stage 5 Novice Educating the organization Planning effort Initial implementation Operational phase Peer collaboration Expert Stage 1 Education Stage 2 Planning Stage 3 Implementation Stage 4 Operation Stage 5 Collaboration Carnegie Mellon University
10 General Categories of CSIRTs Internal CSIRT Educational Governmental Commercial Coordination Centers Country State Region Analysis Centers Vendor Incident Response Provider Carnegie Mellon University
11 CSIRT Organization Examples CERT Coordination Center (CERT/CC) Forum of Incident Response and Security Teams (FIRST) Federal Computer Incident Response Center (FedCIRC) Australian Computer Emergency Response Team (AusCERT) Department of Defense CERT (DOD-CERT) German Research Network CERT (DFN-CERT) Japan Computer Emergency Response Team Coordination Center (JPCERT/CC) IBM Business Continuity and Recovery Services (IBM-ERS) continuity/recover1.nsf/mss/ incident+management Carnegie Mellon University
12 CSIRT Collaborations FIRST: European CSIRT Directory: Asia Pacific: Carnegie Mellon University
13 Range of CSIRT Services Mandatory Services: Incident Handling Common CSIRT Services: Alerts and Announcements Vulnerability Analysis and Response Artifact Analysis Education and Training Incident Tracing Intrusion Detection Auditing and Penetration Testing Security Consulting Risk Analysis Security Product Development Collaboration Coordination Carnegie Mellon University
14 Information Flow Carnegie Mellon University
15 What is Reported? Carnegie Mellon University
16 Incident Handling Life Cycle Other IDS Triage Information Request Hotline/ Phone Vulnerability Report Coordinate Information and Response Incident Report Analyze Obtain Contact Information Provide Technical Assistance Carnegie Mellon University
17 CSIRT Related Projects State of the Practice of CSIRTs IETF Incident Handling Working Group (INCH WG) and Intrusion Detection Working Group (IDWG) Automated Incident Reporting (AirCERT) Incident Detection, Analysis, and Response (IDAR) Project Clearing House for Incident Handling Tools (CHIHT) Common Advisory Interchange Format (CAIF) Best Practices Documents Carnegie Mellon University
18 Current CSIRT Discussion Topics Legal issues and impacts Automation and standardization of CSIRT tools Data sharing and collaboration Certification for incident handlers and teams Regionalization efforts Carnegie Mellon University
19 Visit Publications and links to resources to help you create and manage your CSIRT Creating a Computer Security Incident Response Team: A Process for Getting Started Creating a Financial Institution CSIRT: A Case Study The Handbook for Computer Security Incident Response Teams (CSIRTs) (pdf) CSIRT Services CSIRT Frequently Asked Questions Responding to Intrusions Expectations for Computer Security Incident Response (RFC 2350) Forming an Incident Response Team (AusCERT Publication) Avoiding the Trial-by-Fire Approach to Security Incidents NIST: Computer Systems Laboratory Bulletin NIST: Establishing a Computer Security Incident Response Capability Carnegie Mellon University
20 For More Information CERT Centers Software Engineering Institute Carnegie Mellon University Pittsburgh, PA USA +1 (412) Carnegie Mellon University
Defining Computer Security Incident Response Teams
Defining Computer Security Incident Response Teams Robin Ruefle January 2007 ABSTRACT: A computer security incident response team (CSIRT) is a concrete organizational entity (i.e., one or more staff) that
More informationCERT Overview. Jeffrey J. Carpenter 2008 Carnegie Mellon University
CERT Overview Jeffrey J. Carpenter 2008 Carnegie Mellon University Software Engineering Institute Department of Defense R&D Laboratory FFRDC Created in 1984 Administered by Carnegie Mellon
More informationThe Case for National CSIRTs
The Case for National CSIRTs ENOG 12 Yerevan 3-4 Oct 2016 What is a CERT (CSIRT)? A Computer Security Incident Response Team (CSIRT) is a service organization that is responsible for receiving, reviewing,
More informationCSIRT in general CSIRT Service Categories Reactive Services Proactive services Security Quality Management Services CSIRT. Brmlab, hackerspace Prague
Brmlab, hackerspace Prague Lightning talks, November 2016 in general in general WTF is an? in general WTF is an? Computer Security in general WTF is an? Computer Security Incident Response in general WTF
More informationRFC2350 TLP1: WHITE. Έκδοση National CSIRT-CY RFC2350
Έκδοση 1.2-2018.02.14 TLP1: WHITE 1 TLP Sources may use TLP: WHITE when information carries minimal or no foreseeable risk of misuse, in accordance with applicable rules and procedures for public release.
More informationCreating and Managing Computer Security Incident Response Teams (CSIRTs)
Creating and Managing Computer Security Incident Response Teams (CSIRTs) CERT Coordination Center Networked Systems Survivability Program Software Engineering Institute Carnegie Mellon University Pittsburgh,
More informationGlobal Response Centre (GRC) & CIRT Lite. Regional Cyber security Forum 2009, Hyderabad, India 23 rd to 25 th September 2009
Global Response Centre (GRC) & CIRT Lite Regional Cyber security Forum 2009, Hyderabad, India 23 rd to 25 th September 2009 IMPACT Service offerings Global Response Centre CIRT Lite Need for GRC Access
More informationSecurity Monitoring Engineer / (NY or NC) Director, Information Security. New York, NY or Winston-Salem, NC. Location:
Position: Reports to: Location: Security Monitoring Engineer / (NY or NC) Director, Information Security New York, NY or Winston-Salem, NC Position Summary: The Clearing House (TCH) Information Security
More information2nd ENISA Workshop German CERT-Activities. 5 th October, 2006 Brussels
2nd ENISA Workshop German CERT-Activities 5 th October, 2006 Brussels Overview Hosting Organisation CERT-Bund Background Projects CERT Services German CERT Activities International Cooperation Lessons
More informationSteps for Creating National CSIRTs
Pittsburgh, PA 15213-3890 Steps for Creating National CSIRTs August 2004 Georgia Killcrece CERT CSIRT Development Team CERT Coordination Center Networked Systems Survivability Program Software Engineering
More informationCreating and Managing Computer Security Incident Response Teams (CSIRTs)
Creating and Managing Computer Security Incident Response Teams (CSIRTs) CERT Training and Education Networked Systems Survivability Program Software Engineering Institute Carnegie Mellon University Pittsburgh,
More informationSecurity Policy Guidelines
Security Policy Guidelines CSH6 Chapter 44 Security Policy Guidelines M. E. Kabay & Bridgett Robertson Selected Topics in CSH6 Ch 44 Terminology Resources for Policy Writers Writing the Policies Organizing
More informationCSIRT SERVICES. Service Categories
CSIRT SERVICES One of the primary issues to be addressed in creating a computer security incident response team (CSIRT) is deciding what services the CSIRT will provide to its constituency. This process
More informationRFC 2350 YOROI-CSDC. Expectations for Computer Security Incident Response. Date 2018/03/26. Version 1.0
RFC 2350 YOROI-CSDC Expectations for Computer Security Incident Response Title RFC 2350 YOROI-CSDC Document Type Specification Date 2018/03/26 Version 1.0 Yoroi S.r.l. Parte del gruppo MAM www.yoroi.company
More informationBe Secure! Computer Security Incident Response Team (CSIRT) Guide. Plan Establish Connect. Maliha Alam Mehreen Shahid
Computer Security Incident Response Team (CSIRT) Guide Maliha Alam Mehreen Shahid Plan Establish Connect Be Secure! CSIRT Coordination Center Pakistan 2014 i Contents 1. What is CSIRT?... 1 2. Policy,
More informationCyber Security Reality and Perspectives
Cyber Security Reality and Perspectives Universidad Carlos III-SPIN Ángel Jordán Madrid, June 24 2004 CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213-3890
More informationAn overview of the CERT/CC and CSIRT Community
An overview of the CERT/CC and CSIRT Community Jason A. Rafail October 2007 2007 Carnegie Mellon University Overview CERT/CC CSIRTs with National Responsibility Partnerships and Trust Training Conclusion
More informationSemantic Potential of existing Security Advisory Standards
Semantic Potential of existing Security Advisory Standards Secure Business Austria Challenges Well maintained and audited IT infrastructure is critical for ensuring business continuity Ever-growing complexity
More informationRFC 2350 CSIRT-TEHTRIS [CERT-TEHTRIS]
RFC 2350 CSIRT-TEHTRIS [CERT-TEHTRIS] 1 Document information... 2 1.1 Date of Last Update... 2 1.2 Distribution List for Notifications... 2 1.3 Locations where this Document May Be Found... 2 1.4 Authenticating
More informationCentralised service 6-7: Ensuring the resilience of centralised services cyber-security and sharing cyber intelligence
Centralised service 6-7: Ensuring the resilience of centralised services cyber-security and sharing cyber intelligence Patrick MANA CS6-7 Project Manager WAC 08 March 2017 Why doing it? NIS Directive EC
More informationThe State of Standardization Efforts to support Data Exchange in the Security Domain
The State of Standardization Efforts to support Data Exchange in the Security Domain Roman Danyliw FloCon 2004: Standards Talk Network Group Software Engineering Institute Carnegie Mellon
More informationIntroduction of APCERT APCERT
Introduction of Yurie Ito, JPCERT/CC (On behalf of the Secretariat) (Asia Pacific Computer Emergency Response Team) is a coalition of the forum of CSIRTs (Computer Security Incident Response Teams). The
More informationCIRT: Requirements and implementation
CIRT: Requirements and implementation By : Muataz Elsadig Sudan CERT Joint ITU-ATU Workshop on Cyber-security Strategy in African Countries Khartoum, Republic of Sudan, 24 26 July 2016 There is no globally
More informationBradford J. Willke. 19 September 2007
A Critical Information Infrastructure Protection Approach to Multinational Cyber Security Events Bradford J. Willke 19 September 2007 Overview A framework for national Critical Information Infrastructure
More informationCyberSecurity Training and Capacity Building: A Starting Point for Collaboration and Partnerships. from the most trusted name in information security
CyberSecurity Training and Capacity Building: A Starting Point for Collaboration and Partnerships About SANS The SANS (SysAdmin, Audit, Network, Security) Institute Established in 1989 Cooperative research
More informationIntroduction of APCERT
Introduction of APCERT Yurie Ito, JPCERT/CC (On behalf of the APCERT Secretariat) APCERT APCERT (Asia Pacific Computer Emergency Response Team) is a coalition of the forum of CSIRTs (Computer Security
More informationSwedish IT Incident Centre
Swedish IT Incident Centre Establishing a Government CERT from scratch the Swedish experience Establishment phase 2003 2004 CERTs in Europe Lessons Learned and Good Practices, Brussels 2005-12-13 Presentation
More informationIan Bryant (VEDEF WG Co-Chair) 26 th May 2006
!" Ian Bryant (VEDEF WG Co-Chair) 26 th May 2006 Summary of Situation Activity Since Last Meeting Discussion Summary of Situation Activity Since Last Meeting Discussion !"# Many TF-CSIRT members are engaged
More informationRFD. for ICERT ( ) RESULTS-FRAMEWORK DOCUMENT. Department of Information Technology. Results-Framework Document (RFD) for CERT-In ( )
Results-Framework Document (RFD) for CERT-In (-) RFD RESULTS-FRAMEWORK DOCUMENT for ICERT Department of Information Technology (-) Page 1 of 13 Results-Framework Document (RFD) for CERT-In (-) SECTION
More informationIndicate whether the statement is true or false.
Indicate whether the statement is true or false. 1. An intranet vulnerability scan starts with the scan of the organization's default Internet search engine. 2. Threats cannot be removed without requiring
More informationIncident Response. Is Your CSIRT Program Ready for the 21 st Century?
Incident Response Is Your CSIRT Program Ready for the 21 st Century? Speaker Bio Traditional Response Concepts Technical Incidents Requiring Technical Responses Virus/ Malware Network Intrusion Disaster
More informationCSIRT capability building and enhancement
CSIRT capability building and enhancement CNCERT/CC 05 Conference March 2005 Guilin. Mark McPherson AusCERT The University of Queensland Brisbane, Queensland 4072 AUSTRALIA Overview What is a CSIRT? Building
More informationInformation Security and Cyber Security
Information Security and Cyber Security Policy NEC recognizes that it is our duty to protect the information assets entrusted to us by our customers and business partners as well as our own information
More informationPresentation to the ITU on the Q-CERT Incident Management Team. Ian M Dowdeswell Incident Manager, Q-CERT
Presentation to the ITU on the Q-CERT Incident Management Team Ian M Dowdeswell Incident Manager, Q-CERT 2 Q-CERT Mission The Mission of Q-CERT is to be a world-class center of excellence providing expert
More informationCyber Hygiene: A Baseline Set of Practices
[DISTRIBUTION STATEMENT A] Approved for public Cyber Hygiene: A Baseline Set of Practices Matt Trevors Charles M. Wallen Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Copyright
More informationExtended INCident Handling Working Group (INCH)
Internet Engineering Task Force Extended INCident Handling Working Group (INCH) http://www.cert.org/ietf/inch/inch_interim_2004.html 12:00 16:00 Sunday, June 13 2004 Interim Meeting Budapest, Hungary Roman
More informationCentralised service 6-7: Ensuring the resilience of centralised services cyber-security and sharing cyber intelligence
Centralised service 6-7: Ensuring the resilience of centralised services cyber-security and sharing cyber intelligence Patrick MANA CS6-7 Project Manager WAC 08 & 09 March 2016 enter your presentation
More informationThreat and Vulnerability Assessment Tool
TABLE OF CONTENTS Threat & Vulnerability Assessment Process... 3 Purpose... 4 Components of a Threat & Vulnerability Assessment... 4 Administrative Safeguards... 4 Logical Safeguards... 4 Physical Safeguards...
More informationTwilio cloud communications SECURITY
WHITEPAPER Twilio cloud communications SECURITY From the world s largest public companies to early-stage startups, people rely on Twilio s cloud communications platform to exchange millions of calls and
More informationCERT Development EFFECTIVE RESPONSE
CERT Development EFFECTIVE RESPONSE CERT Development: EFFECTIVE RESPONSE 2 Effective Response Effective Response Well funded, organized attackers threaten your network IT attacks can result in: Loss of
More informationSage Data Security Services Directory
Sage Data Security Services Directory PROTECTING INFORMATION ASSETS ENSURING REGULATORY COMPLIANCE FIGHTING CYBERCRIME Discover the Sage Difference Protecting your business from cyber attacks is a full-time
More informationCERT.be Brussels 2011
What? CERT Computer Emergency Response Team CSIRT : Computer Security Incident Response Team = The Belgian National CERT 3 Our Mission s mission is to help Belgian key resources, critical information providers
More informationPreventing Insider Sabotage: Lessons Learned From Actual Attacks
Preventing Insider Sabotage: Lessons Learned From Actual Attacks Dawn Cappelli November 14, 2005 2005 Carnegie Mellon University Report Documentation Page Form Approved OMB No. 0704-0188 Public reporting
More informationItalian government CERT: INITIAL RESULTS
Italian government CERT: INITIAL RESULTS ISCOM Conference on Network and Information Security: Political and Technical Challenges Gianluigi Moxedano GovCERT.it National Center for Informatics in Public
More informationCertified Information Security Manager (CISM) Course Overview
Certified Information Security Manager (CISM) Course Overview This course teaches students about information security governance, information risk management, information security program development,
More informationCERT Secure Coding Standards Robert C. Seacord Carnegie Mellon University
CERT Secure Coding Standards Robert C. Seacord 2006 Carnegie Mellon University Problem Statement 6,000 5,000 Reacting to vulnerabilities in existing systems is not working 5,990 4,000 Total vulnerabilities
More informationImplementing a National Strategy : the case of the Tunisian CERT
Implementing a National Strategy : the case of the Tunisian CERT Belhassen ZOUARI, CEO, National Agency for Computer Security, Head of Cert-Tcc, E-mail : B.Zouari@ansi.tn a fast Historical Overview end
More informationReal-time DDoS Defense: A collaborative Approach at Internet Scale
Real-time DDoS Defense: A collaborative Approach at Internet Scale Agenda Problem & Goal Insight Overview Challenges Implementation Evaluation Conclusion Discussion 2 Problem & Goal Problem Source: https://www.youtube.com/watch?v=kbbiqkevddo
More informationSymantec Endpoint Protection Integration Component User's Guide. Version 7.0
Symantec Endpoint Protection Integration Component User's Guide Version 7.0 The software described in this book is furnished under a license agreement and may be used only in accordance with the terms
More informationPanel 1 National CSIRT Experience
Panel 1 National CSIRT Experience 2 nd Meeting of Government Cybersecurity Practitioners Sao Paulo, Brazil September 14-16, 2005 Andrew McAllister Senior Advisor, Cyber Security Public Safety and Emergency
More informationCERT community. Recognition mechanisms and schemes. November European Union Agency for Network and Information Security.
CERT community Recognition mechanisms and schemes November 2013 European Union Agency for Network and Information Security www.enisa.europa.eu CERT community Recognition mechanisms and schemes November
More informationCentre for cybersecurity Belgium : Role, Missions et future capacities
Centre for cybersecurity Belgium : Role, Missions et future capacities NLO meeting 30/01/2018 Phédra Clouner Deputy Director CCB 01 CCB mission & services Page 2 Legal Basis R.D. 10/10/2014 Contribute
More informationCyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.
Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK. In today s escalating cyber risk environment, you need to make sure you re focused on the right priorities by
More informationBUILDING AND MAINTAINING SOC
BUILDING AND MAINTAINING SOC Digit Oktavianto KOMINFO 7 December 2016 digit dot oktavianto at gmail dot com 1 Digit Oktavianto Profile in 1 Page Currently working as a Security Architect Professional Certifications:
More informationTransportation System Cybersecurity Framework
Transportation System Cybersecurity Framework August 24, 2016 Patrick Zelinski, AASHTO Background Growing issue of cybersecurity and its impact on the highway environment has highlighted safety and operational
More informationSoftware, Security, and Resiliency. Paul Nielsen SEI Director and CEO
Software, Security, and Resiliency Paul Nielsen SEI Director and CEO Dr. Paul D. Nielsen is the Director and CEO of Carnegie Mellon University's Software Engineering Institute. Under Dr. Nielsen s leadership,
More informationSecurity in grid control centers: Spectrum Power TM Cyber Security
Security in grid control centers: Spectrum Power TM Cyber Security Thomas Schmidt, Information Security Manager siemens.at/future-of-energy Spectrum Power TM 7 Historical Information System Table of content
More informationA Framework for Managing Crime and Fraud
A Framework for Managing Crime and Fraud ASIS International Asia Pacific Security Forum & Exhibition Macau, December 4, 2013 Torsten Wolf, CPP Head of Group Security Operations Agenda Introduction Economic
More informationHow to communicate with your government - Lessons from Japan -
How to communicate with your government - Lessons from Japan - Dr. Suguru Yamaguchi JPCERT/CC Japan Summary CSIRT can be a good liaison between government and industries. Cybersecurity is emerging in various
More informationThe latest version of this profile can be found on the location specified in 1.3
FORTHcert Profile according to RFC 2350 1. About this document 1.1 Date of Last Update This is version 1, published 2012/02/1. 1.2 Distribution List for Notifications The latest version of this profile
More informationThe Confluence of Physical and Cyber Security Management
The Confluence of Physical and Cyber Security Management GOVSEC 2009 Samuel A Merrell, CISSP James F. Stevens, CISSP 2009 Carnegie Mellon University Today s Agenda: Introduction Risk Management Concepts
More informationOAS Cybersecurity Capacity Building Efforts
OAS Cybersecurity Capacity Building Efforts Are We Ready in Latin America and the Caribbean? 2016 Cybersecurity Report www.cybersecurityobservatory.com The opinions expressed in this publication are of
More informationCritical Information Infrastructure Protection. Role of CIRTs and Cooperation at National Level
Critical Information Infrastructure Protection Role of CIRTs and Cooperation at National Level 1 Global Cybersecurity Agenda (GCA) GCA is designed for cooperation and efficiency, encouraging collaboration
More informationSOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT
RSA ARCHER IT & SECURITY RISK MANAGEMENT INTRODUCTION Organizations battle growing security challenges by building layer upon layer of defenses: firewalls, antivirus, intrusion prevention systems, intrusion
More informationCurrent skills gap for capable CTI analysts: Training for forensics & analysis
Current skills gap for capable CTI analysts: Training for forensics & analysis WORKSHOP CTI EU Bonding EU Cyber Threat Intelligence 30-31 October, Link Campus University, Rome, Italy Ing. Selene Giupponi
More informationTechSec WG: Related activities overview Information and discussion TechSec WG, RIPE-45 May 14, 2003
TechSec WG: Related activities overview Information and discussion TechSec WG, RIPE-45 May 14, 2003 Yuri Demchenko Outline TechSec WG liaison with CSIRT community! Results and developments
More informationDetecting Lateral Movement in APTs ~Analysis Approach on Windows Event Logs~ June 17, 2016 Shingo ABE ICS security Response Group JPCERT/CC
Detecting Lateral Movement in APTs ~Analysis Approach on Windows Event Logs~ June 17, 2016 Shingo ABE ICS security Response Group JPCERT/CC Agenda Introduction to JPCERT/CC About system-wide intrusions
More informationIMPACT Global Response Centre. Technical Note GLOBAL RESPONSE CENTRE
Technical Note GLOBAL RESPONSE CENTRE INTRODUCTION IMPACT s Global Response (GRC) acts as the foremost cyber threat resource centre for the global. It provides emergency response to facilitate identification
More informationRSA Solution Brief. Managing Risk Within Advanced Security Operations. RSA Solution Brief
RSA Solution Brief Managing Risk Within Advanced Security Operations RSA Solution Brief How do you advance your security operations function? Increasingly sophisticated security threats and the growing
More informationACTIVE SHOOTER RESPONSE CAPABILITY STATEMENT. Dynamiq - Active Shooter Response
ACTIVE SHOOTER RESPONSE CAPABILITY STATEMENT ACTIVE SHOOTER RESPONSE Responding to armed assault acts of terrorism and active shooter incidents Acts of terrorism and shootings in public places have become
More informationGoogle Cloud & the General Data Protection Regulation (GDPR)
Google Cloud & the General Data Protection Regulation (GDPR) INTRODUCTION General Data Protection Regulation (GDPR) On 25 May 2018, the most significant piece of European data protection legislation to
More informationWhy you should adopt the NIST Cybersecurity Framework
Why you should adopt the NIST Cybersecurity Framework It s important to note that the Framework casts the discussion of cybersecurity in the vocabulary of risk management Stating it in terms Executive
More informationStrengthening the Cybersecurity of Federal Networks and Critical Infrastructure
Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure Executive Order 13800 Update July 2017 In Brief On May 11, 2017, President Trump issued Executive Order 13800, Strengthening
More informationCisco PSIRT Dario Ciccarone Incident Manager, Product Security Incident Response Team
1 Cisco PSIRT Dario Ciccarone Incident Manager, Product Security Incident Response Team 2005, Cisco Systems, Inc. All rights reserved. CISCO CONFIDENTIAL 2 What Is PSIRT? Cisco s Product
More informationThe Insider Threat Center: Thwarting the Evil Insider
The Insider Threat Center: Thwarting the Evil Insider The CERT Top 10 List for Winning the Battle Against Insider Threats Randy Trzeciak 14 June 2012 2007-2012 Carnegie Mellon University Notices 2011 Carnegie
More informationNATIONAL STRATEGY:- MALAYSIAN EXPERIENCE
NATIONAL STRATEGY:- MALAYSIAN EXPERIENCE Devi Annamalai Security, Trust and Governance MCMC 28th August 2007 Hanoi. Vietnam BACKGROUND MCMC is a statutory body established under the Malaysian Communications
More informationCyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS
Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS Continual disclosed and reported
More informationNIS-Directive and Smart Grids
NIS-Directive and Smart Grids Workshop on European Smart Grid Cybersecurity: Emerging Threats and Countermeasures Marie Holzleitner Table of Content Aims & Objectives Affected Parties Selected Requirements
More informationGujarat Forensic Sciences University
Gujarat Forensic Sciences University Knowledge Wisdom Fulfilment Cyber Security Consulting Services Secure Software Engineering Infrastructure Security Digital Forensics SDLC Assurance Review & Threat
More informationCYBER THREAT INTELLIGENCE TOWARDS A MATURE CTI PRACTICE
CYBER THREAT INTELLIGENCE TOWARDS A MATURE CTI PRACTICE Richard Kerkdijk December 7th 2017 A WORD ABOUT TNO Dutch innovation and advisory body, founded by law in 1932 and currently comprising some 2800
More informationTEL2813/IS2820 Security Management
TEL2813/IS2820 Security Management Security Management Models And Practices Lecture 6 Jan 27, 2005 Introduction To create or maintain a secure environment 1. Design working security plan 2. Implement management
More informationMILE Implementation Report. Chris Inacio, Carnegie Mellon University Daisuke Miyamoto, The University of Tokyo
MILE Implementation Report Chris Inacio, Carnegie Mellon University Daisuke Miyamoto, The University of Tokyo daisu-mi@nc.u-tokyo.ac.jp Updates in Section 2 Information Sharing and Analysis Centers (ISAC)
More informationRegional Workshop on Frameworks for Cybersecurity and CIIP Feb 2008 Doha, Qatar
Regional Workshop on Frameworks for Cybersecurity and CIIP 18 21 Feb 2008 Doha, Qatar A National Cybersecurity Strategy aecert Roadmap Eng. Fatma Bazargan aecert Project Manager Technical Affairs Department
More informationCurrent procedures, challenges and opportunities for collection and analysis of Criminal Justice statistics CERT-GH
Current procedures, challenges and opportunities for collection and analysis of Criminal Justice statistics CERT-GH International Workshop on Criminal Justice Statistics on Cybercrime and Electronic Evidence
More informationRole of BC / DR in CISRP. Ramesh Warrier Director ebrp Solutions
Role of BC / DR in CISRP Ramesh Warrier Director ebrp Solutions You have been HACKED Now what? Incident Response Incident HANDLING Incident RESPONSE Incident HANDLING Assessment Containment Eradication
More informationIndustry role moving forward
Industry role moving forward Discussion with National Research Council, Workshop on the Resiliency of the Electric Power Delivery System in Response to Terrorism and Natural Disasters February 27-28, 2013
More informationSecurity Management Models And Practices Feb 5, 2008
TEL2813/IS2820 Security Management Security Management Models And Practices Feb 5, 2008 Objectives Overview basic standards and best practices Overview of ISO 17799 Overview of NIST SP documents related
More informationInstitute of Internal Auditors 2019 CONNECT WITH THE IIA CHICAGO #IIACHI
Institute of Internal Auditors 2019 CONNECT WITH THE IIA CHICAGO CHAPTER: @IIACHI #IIACHI WWW.FACEBOOK.COM/IIACHICAGO HTTPS://WWW.LINKEDIN.COM/GROUPS/1123977 1 CAE Communications and Common Audit Committee
More informationVulnerabilities. To know your Enemy, you must become your Enemy. Information security: Vulnerabilities & attacks threats. difficult.
Vulnerabilities To know your Enemy, you must become your Enemy. "The Art of War", Sun Tzu André Zúquete Security 1 Information security: Vulnerabilities & attacks threats Discouragement measures difficult
More informationThe rise of major Adversaries is the most relevant trend in 2014, targeting Government and Critical Services
The rise of major Adversaries is the most relevant trend in 2014, targeting Government and Critical Services Major Trends of 2014 And relevant changes in Threat Scenario Most Target Countries and Sectors
More informationIT Security Trends. The Australian Perspective. a presentation by. Viviani Paz, Security Assurance Manager
IT Security Trends The Australian Perspective a presentation by Viviani Paz, Security Assurance Manager Australian Computer Emergency Response Team The University of Queensland Brisbane, Queensland 4072
More informationBackground FAST FACTS
Background Terra Verde was founded in 2008 by cyber security, risk and compliance executives. The founders believed that the market needed a company that was focused on using security, risk and compliance
More informationNational Cyber Incident Response - Architectural Concepts
CSIRT Contributions to National Cyber Incident Response: An Architectural Perspective with U.S. Examples Bradford J. Willke Team Lead, Information Security Assessment & Evaluation Survivable Enterprise
More informationDATA SHEET RSA NETWITNESS PLATFORM PROFESSIONAL SERVICES ACCELERATE TIME-TO-VALUE & MAXIMIZE ROI
DATA SHEET RSA NETWITNESS PLATFORM PROFESSIONAL SERVICES ACCELERATE TIME-TO-VALUE & MAXIMIZE ROI EXECUTIVE SUMMARY The shortage of cybersecurity skills Organizations continue to face a shortage of IT skill
More informationAn Operational Cyber Security Perspective on Emerging Challenges. Michael Misumi CIO Johns Hopkins University Applied Physics Lab (JHU/APL)
An Operational Cyber Security Perspective on Emerging Challenges Michael Misumi CIO Johns Hopkins University Applied Physics Lab (JHU/APL) Johns Hopkins University Applied Physics Lab (JHU/APL) University
More informationGlobal Resilience Federation Trust. Collaboration. Community. Cindy Donaldson President, Global Resilience Federation October 2017
Global Resilience Federation Trust. Collaboration. Community. Cindy Donaldson President, Global Resilience Federation October 2017 Global Resilience Federation is a non-profit organization committed to
More informationProfessional Training Course - Cybercrime Investigation Body of Knowledge -
Overview The expanded use of the Internet has facilitated rapid advances in communications, systems control, and information sharing. Those advances have created enormous opportunities for society, commerce
More informationCybersecurity Auditing in an Unsecure World
About This Course Cybersecurity Auditing in an Unsecure World Course Description $5.4 million that s the average cost of a data breach to a U.S.-based company. It s no surprise, then, that cybersecurity
More informationCybersecurity in the EU Steve Purser Head of Operational Departments, ENISA Regional Cybersecurity Forum Sofia, Bulgaria 29 th November 2016 European
Cybersecurity in the EU Steve Purser Head of Operational Departments, ENISA Regional Cybersecurity Forum Sofia, Bulgaria 29 th November 2016 European Union Agency for Network and Information Security Positioning
More informationThe CERT Top 10 List for Winning the Battle Against Insider Threats
The CERT Top 10 List for Winning the Battle Against Insider Threats Dawn Cappelli CERT Insider Threat Center Software Engineering Institute Carnegie Mellon University Session ID: STAR-203 Session Classification:
More information