OAS Cybersecurity Capacity Building Efforts

Similar documents
Donor Countries Security. Date

Reducing Risk and Building Capacity

Cybersecurity and Vulnerability Assessment

GUIDING PRINCIPLES I. BACKGROUND. 1 P a g e

INTER-AMERICAN COMMITTEE AGAINST TERRORISM (CICTE) Washington, D.C. 24 February 2014 Original: Spanish

Resolution adopted by the General Assembly on 21 December [on the report of the Second Committee (A/64/422/Add.3)]

COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN

About Issues in Building the National Strategy for Cybersecurity in Vietnam

INTER-AMERICAN COMMITTEE AGAINST TERRORISM (CICTE) Washington, D.C. 9 March 2012 Original: English

Caribbean Cyber Security: Not Only Government s Responsibility

Global cybersecurity and international standards

Commonwealth Cyber Declaration

PROGRAM SUMMARY OBJECTIVES RESULTS. Last updated date: 7/27/2017. Target Beneficiaries. Donor Security

Virtual Currencies and The Commonwealth. 1 June 2016

Cybersecurity for ALL

Promoting Global Cybersecurity

MEETINGS OF MINISTERS OF JUSTICE OR OEA/Ser.K/XXXIV

REGIONAL WORKSHOP ON E-COMMERCE LEGISLATION HARMONIZATION IN THE CARIBBEAN COMBATING CYBERCRIME: TOOLS AND CAPACITY BUILDING FOR EMERGING ECONOMIES

The UNODC Global Programme on Cybercrime Alexandru Caciuloiu CYBERCRIME COORDINATOR SOUTHEAST ASIA AND THE PACIFIC

The Republic of Korea. economic and social benefits. However, on account of its open, anonymous and borderless

INTER-AMERICAN COMMITTEE AGAINST TERRORISM (CICTE) 19 March 2015 CICTE/doc.4/15 Cor.1 Washington, D.C. March 23, 2015 Original: English

Presented by: - Anselm Charles ICT Manager CARICOM IMPACS

RESOLUTION 130 (REV. BUSAN, 2014)

Creating the Enterprise CSIRT: Building the ecrime Response Platform

National Policy and Guiding Principles

Donor Countries Security. Date

Bradford J. Willke. 19 September 2007

Cyber Security in Europe

INTERPOL Capacity Building and Training Activities. Lili SUN Head of Training Unit Cybercrime Directorate June 15, 2017

Resolution: Advancing the National Preparedness for Cyber Security

NATIONAL CYBER SECURITY STRATEGY. - Version 2.0 -

Fundamentals of Cybersecurity/CIIP. Building Capacity: Using a National Strategy & Self-Assessment

International Law Enforcement Cooperation on Cybercrime investigations: the role of INTERPOL. Mr Olusola Oguntunde

Cybersecurity Strategy of the Republic of Cyprus

CITEL s s Focus on Cybersecurity and Critical Infrastructure Protection CITEL

Discussion on MS contribution to the WP2018

Regional Cyber Security and Cyber Crime Best Practices Workshop November 28-30, 2011 Bogotá, Colombia

RESOLUTION 130 (Rev. Antalya, 2006)

Bridging Standardization Gap BDT Sylvester Cadette

AG/RES (XXXIV-O/04)

RESOLUTION 45 (Rev. Hyderabad, 2010)

Implementing the Administration's Critical Infrastructure and Cybersecurity Policy

ENISA s Position on the NIS Directive

Presentation to the ITU on the Q-CERT Incident Management Team. Ian M Dowdeswell Incident Manager, Q-CERT

UN General Assembly Resolution 68/243 GEORGIA. General appreciation of the issues of information security

Regional Workshop on Frameworks for Cybersecurity and CIIP Feb 2008 Doha, Qatar

Itu regional workshop

Inter-American Port Security Cooperation Plan

Critical Information Infrastructure Protection. Role of CIRTs and Cooperation at National Level

ENISA & Cybersecurity. Dr. Udo Helmbrecht Executive Director, European Network & Information Security Agency (ENISA) 25 October 2010

Cybersecurity in Asia-Pacific State of play, key issues for trade and e-commerce

National CIRT - Montenegro. Ministry for Information Society and Telecommunications

NATIONAL DEFENSE INDUSTRIAL ASSOCIATION Homeland Security Symposium

GLOBAL AGENDA FOR CYBER CAPACITY BUILDING

UNEP DTU Partnership

SAINT PETERSBURG DECLARATION Building Confidence and Security in the Use of ICT to Promote Economic Growth and Prosperity

Stakeholders Analysis

Caribbean Private Sector Network meeting 24 August 2017, Ministry of Trade, Port-of-Spain, Trinidad and Tobago

Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure

BRIEFING COMBATING CYBERCRIME: TOOLS AND CAPACITY BUILDING FOR EMERGING ECONOMIES. Geneva 18 April David Satola

Compliance Assistance Programme (CAP) of Montreal Protocol

Provisional Translation

POSITION DESCRIPTION

ASEAN COOPERATION ON DISASTER MANAGEMENT. Disaster Management & Humanitarian Assistance Division, ASEAN Secretariat

Special Action Plan on Countermeasures to Cyber-terrorism of Critical Infrastructure (Provisional Translation)

IGF 2018 Workshop Proposals Pre-Evaluation Figures

Directive on security of network and information systems (NIS): State of Play

A Multi-Stakeholder Approach in the Fight Against Cybercrime

Package of initiatives on Cybersecurity

World Telecommunication Development Conference (WTDC- 14) Dubai, 30 March 10 April 2014

Federal Information Sharing Resources for Small and Midsize Businesses

December 10, Statement of the Securities Industry and Financial Markets Association. Senate Committee on Banking, Housing, and Urban Development

DHS Cybersecurity: Services for State and Local Officials. February 2017

Cyber Security Strategic Level Landscape in Poland. Krzysztof Silicki NASK Institute, Poland ENISA MB, EB

The challenges of the NIS directive from the viewpoint of the Vienna Hospital Association

Plenipotentiary Conference (PP- 14) Busan, 20 October 7 November 2014

A Holistic Approach to Cyber Security

Call for Expressions of Interest

UCD Centre for Cybersecurity & Cybercrime Investigation

Brussels, 19 May 2011 COUNCIL THE EUROPEAN UNION 10299/11 TELECOM 71 DATAPROTECT 55 JAI 332 PROCIV 66. NOTE From : COREPER

OUTCOME DOCUMENT OF THE INTERNATIONAL CONFERENCE ON CYBERLAW, CYBERCRIME & CYBERSECURITY

Draft Resolution for Committee Consideration and Recommendation

Centre for cybersecurity Belgium : Role, Missions et future capacities

UNODC. International Cooperation and Assistance in Cybercrime Matters

Legal Foundation and Enforcement: Promoting Cybersecurity

Global Alliance Against Child Sexual Abuse Online 2014 Reporting Form

Network and Information Security Directive

Australian Government Cyber-security Activities in the Pacific

INDEPENDENT COMMUNICATIONS AUTHORITY OF SOUTH AFRICA(ICASA) CYBERSECURITY PRESENTATION AT SAIGF. 28 th November 2018

COUNCIL OF THE EUROPEAN UNION. Brussels, 24 May /13. Interinstitutional File: 2013/0027 (COD)

EU policy on Network and Information Security & Critical Information Infrastructures Protection

Establishing National Incident Response Capability for Viet Nam - VNCERT activities and challenges

Valérie Andrianavaly European Commission DG INFSO-A3

cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services

DHS Cybersecurity. Election Infrastructure as Critical Infrastructure. June 2017

National Cyber Security Strategy - Qatar. Michael Lewis, Deputy Director

Coordinated implementation of the Basel, Rotterdam and Stockholm Conventions

Critical Infrastructure Protection and Suspicious Activity Reporting. Texas Department of Public Safety Intelligence & Counterterrorism Division

Panel 1 National CSIRT Experience

Department of Homeland Security Updates

Transcription:

OAS Cybersecurity Capacity Building Efforts Are We Ready in Latin America and the Caribbean? 2016 Cybersecurity Report www.cybersecurityobservatory.com

The opinions expressed in this publication are of the authors and do not necessarily reflect the point of view of the Inter-American Development Bank, its Executive Directors, or the countries they represent, or the Organization of American States or the countries that comprise it. Belisario Contreras Cybersecurity Program Manager Organization of American States BContreras@oas.org @belisarioc

OAS Regional Framework CICTE Secretariat REMJA Cybercrime (Legislation) CITEL (Telecommunications) OAS Hemispheric Cyber Security Strategy (2004)

OAS Regional Framework REMJA Cybercrime (Legislation) Ensuring That OAS Member States Have the Legal Tools Necessary to Protect Internet Users and Information Networks. Drafting and Enacting Effective Cybercrime Legislation and Improving International Handling of Cybercrime Matters. Substantive Computer Crime Laws Procedural Laws for Gathering Electronic Evidence Following the workshops, the Experts Group will further assist member states by providing legal consultation to support government ministries and legislatures in drafting legislation, regulations, and policies.

OAS Regional Framework CITEL (Telecommunications) The Identification and Adoption of Technical Standards for a Secure Internet Architecture. Development of cybersecurity technical standards. Identify and evaluate technical issues relating to standards required for the security of future communications networks across the region, as well as existing ones.

CICTE Secretariat OAS Hemispheric Cyber Security Strategy (2004) Declaration Strengthening Cyber Security in the Americas (2012) Declaration Protection of Critical Infrastructure from Emerging Threats (2015) Declaration Strengthening Hemispheric Cooperation to Counter Terrorism and Promote Security, Cooperation and Development in Cyberspace (2016)

The OAS Cybersecurity Program Development of National Cybersecurity Strategies Trainings, Workshops and Technical Missions Cybersecurity Exercises Development of national CSIRTs and a regional CSIRT Hemispheric Network Awareness Raising, Research and Expertise

Overview-2016 Cybersecurity Report Expert Contributions Cyber Confidence Building and Diplomacy in Latin America and the Caribbean Cybersecurity, Privacy and Trust: Trends in Latin America and the Caribbean Incident Response Capacity Building in the Americas The State of Cybercrime Legislation in Latin America and the Caribbean Digital Economy and Cybersecurity in Latin America and the Caribbean Sustainable and Secure Development: A Framework for Resilient Connected Societies Country Profiles 32 countries from Latin America and the Caribbean region

Timeline

CMM - 5 Dimensions

CMM - 5 Levels of Maturity

Observatory

How the report looks?

Challenges in the region 27 of 32 countries do not have cyber security strategies 18 countries have NOT identified key elements of their National Critical Infrastructure 24 do not count with mechanism for planning and coordination on Critical Infrastructure Issues

Challenges in the region In 20 countries no command and control center exist, and in another 7 this function is performed without formality 26 countries in the region do not have a structured cybersecurity education program In 28 of the 32 countries, there is no national cyber security awareness programs

2013 2014 2015

What are we doing?

National Cyber Security Strategies

National Strategies Adopted Colombia (2011 & 2016) Trinidad and Tobago 2013 Panama 2013 Jamaica 2015

National Strategies under development Costa Rica Dominica Dominican Republic Guatemala Paraguay Peru Suriname Chile

Technical Training, Workshops and Technical Missions

Technical Training, Workshops and Technical Missions Regional and Sub regional technical training and workshops on various skillsets e.g. industrial control systems and critical infrastructure protection, cybersecurity incident handling and digital forensics. Variety of country-specific technical training based on needs, including forensics and digital investigations Workshops on exchange of best practices to encourage information sharing. Tailored in-situ missions with the participation of recognized experts to address specific country needs.

Cybersecurity SummerCamp 2016 (more than 200 participants). Organized with the support of Spain. Webinars on cybersecurity topics, including developing trends and new tools. Approximately 30 activities per year. Over 4,500 participants benefited from our events since 2003. No only government officials, but also civil society, academia, private sector, critical infrastructure operators. Model is based on south-south collaboration and global exchange of best practices.

Cybersecurity Exercises

Cybersecurity Exercises With the support of the Department of Information and Technology Services (DOITS) of the OAS, we have built a robust virtual platform to carry both national and regional exercises. 8 National Exercises to date and 3 Regional Exercises. With the support of the government of Spain, the OAS organized the first International CyberEx in 2015 and 2016: 300+ regional and international participants 45 teams 21 participating countries 2 day Capture-the-Flag Exercise There are a variety of themes and process that these exercises cover. It is important to identify the right fit for you!

Development of National CSIRTs

Development of National CSIRTs 22 National CSIRTs in the Americas. Only 5 in 2004. Every CSIRT has a different level of maturity. OAS provides technical support + equipment. Best Practices for Establishing a National CSIRT - in-house designed methodology to establish and improve CSIRTs in the Americas.

Comunicación en tiempo real Intercambio de información Proyectos colaborativos

Online platform designed to: Facilitate real-time communication and information sharing. Provide early warning feeds and alerts. Identify incident trends in the region. Facilitate online and real-time collaboration between national CSIRTs. Virtual sandboxes to develop tools.

Technological platform / to offer BASIC SERVICES Chat and multichat Forum CSIRTs news Digital Library Directory Events Polls SPECIALIZED SERVICES Early warning systems (ftp) - performance improvement for second half of 2016 PARTNER SERVICES International Partners CSIRT of the Americas / for CSIRT Defense CSIRT Police CSIRT Gob CSIRT National

Unify the Community

Alerts Vulnerability: jdownloads joomla core Same attacker : MuhmadEmad period of time: 6 hours At 53 websites At 5 countries affected Action: rly Regional Warning

North AlfabetoVirtual: continued attacks AR,VE, CL, US, MX Gov,gob sites rly Regional Warning South

Awareness Raising, Research and Expertise

Awareness Raising, Research and Expertise Raising cybersecurity awareness through multi-stakeholder outreach. Producing research and data focused on cybersecurity in Latin America and the Caribbean region. Developing expertise in the area of cybersecurity from the Latin America and the Caribbean region.

Thank you! Merci Gracias Obrigado Belisario Contreras Cybersecurity Program Manager Organization of American States BContreras@oas.org @belisarioc

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback