How to communicate with your government - Lessons from Japan -

Similar documents
Dr. Emadeldin Helmy Cyber Risk & Resilience Bus. Continuity Exec. Director, NTRA. The African Internet Governance Forum - AfIGF Dec 2017, Egypt

Bradford J. Willke. 19 September 2007

Fundamentals of Cybersecurity/CIIP. Building Capacity: Using a National Strategy & Self-Assessment

Implementing a National Strategy : the case of the Tunisian CERT

Information Security and Cyber Security

National Cyber Incident Response - Architectural Concepts

Promoting Global Cybersecurity

Valérie Andrianavaly European Commission DG INFSO-A3

Provisional Translation

Information Sharing and Cooperation

Commonwealth Cyber Declaration

2nd ENISA Workshop German CERT-Activities. 5 th October, 2006 Brussels

Computer Security Trend 2008 from Japan. SQL Injection, DNS cache poisoning, Phishing, Key logger Malware and Targeted Attacks

UNCLASSIFIED. National and Cyber Security Branch. Presentation for Gridseccon. Quebec City, October 18-21

Centre for cybersecurity Belgium : Role, Missions et future capacities

Brussels, 19 May 2011 COUNCIL THE EUROPEAN UNION 10299/11 TELECOM 71 DATAPROTECT 55 JAI 332 PROCIV 66. NOTE From : COREPER

Global cybersecurity and international standards

Enhancing the security of CIIPs in Europe - ENISA s Approach Dimitra Liveri Network and Information Security Expert

Detecting Lateral Movement in APTs ~Analysis Approach on Windows Event Logs~ June 17, 2016 Shingo ABE ICS security Response Group JPCERT/CC

Cybersecurity for ALL

Netherlands Cyber Security Strategy. Michel van Leeuwen Head of Cyber Security Policy Ministry of Security and Justice

Panelists. Moderator: Dr. John H. Saunders, MITRE Corporation

Co-operation against cybercrime CSIRTs LE private sector

The Republic of Korea. economic and social benefits. However, on account of its open, anonymous and borderless

Securing Europe's Information Society

Discussion on MS contribution to the WP2018

Building Global CSIRT Capabilities

European Union Agency for Network and Information Security

Critical Infrastructure Partnership

Resolution adopted by the General Assembly on 21 December [on the report of the Second Committee (A/64/422/Add.3)]

Security and resilience in the Information Society: the role of CERTs/CSIRTs in the context of the EU CIIP policy

ITU Regional Cybersecurity Forum for Asia-Pacific

Secure Product Design Lifecycle for Connected Vehicles

U.S. Japan Internet Economy Industry Forum Joint Statement October 2013 Keidanren The American Chamber of Commerce in Japan

OAS Cybersecurity Capacity Building Efforts

Rohana Palliyaguru Director -Operations Sri Lanka CERT CC APCERT AGM and Conference, 24 th October 2018 Shanghai, China MINISTRY OF TELECOMMUNICATION

Cybersecurity Strategy of the Republic of Cyprus

Directive on Security of Network and Information Systems

Overview. Objectives. Components. Information and Communication Technologies Sector Development Project. Project

MELANI: Information exchange a story of success

Hitachi s Social Infrastructure Defenses for Safety and Security through Collaborative Creation with Customers

ENISA & Cybersecurity. Dr. Udo Helmbrecht Executive Director, European Network & Information Security Agency (ENISA) 25 October 2010

NATIONAL CYBER SECURITY STRATEGY. - Version 2.0 -

UN General Assembly Resolution 68/243 GEORGIA. General appreciation of the issues of information security

Directive on security of network and information systems (NIS): State of Play

Data Governance for Smart City Management

An Overview of DHS s Role and Missions. James McCament Chief of Legislative Affairs, USCIS

Outline of AFIT Member Countries/Regions Data on Information Security. AFIT Secretariat February 19, 2009

Issues, lessons learned through the eyes of JPCERT/CC on the vulnerability handling framework in Japan

DHS Cybersecurity. Election Infrastructure as Critical Infrastructure. June 2017

National Cybersecurity preparation to deal with Cyber Attacks

DHS Cybersecurity: Services for State and Local Officials. February 2017

Special Action Plan on Countermeasures to Cyber-terrorism of Critical Infrastructure (Provisional Translation)

Critical Information Infrastructure Protection. Role of CIRTs and Cooperation at National Level

Best Practices in Public Information Management in Sri Lanka. Presented by Nimal Athukorala D.C. Dissanayake

Cyber Security Technologies

Critical Infrastructure Protection (CIP) as example of a multi-stakeholder approach.

The UNODC Global Programme on Cybercrime Alexandru Caciuloiu CYBERCRIME COORDINATOR SOUTHEAST ASIA AND THE PACIFIC

Department of Homeland Security Updates

Cybersecurity in Asia-Pacific State of play, key issues for trade and e-commerce

National Policy and Guiding Principles

Greg Garcia President, Garcia Cyber Partners Former Assistant Secretary for Cyber Security and Communications, U.S. Department of Homeland Security

CENTER FOR SECURITY STUDIES

Panel 1 National CSIRT Experience

EU policy on Network and Information Security & Critical Information Infrastructures Protection

Cybersecurity Risk Mitigation: Protect Your Member Data. Introduction

Defining Computer Security Incident Response Teams

Cybersecurity and Vulnerability Assessment

Laws and Regulations & Data Governance

The challenges of the NIS directive from the viewpoint of the Vienna Hospital Association

National Cyber Security Strategy - Qatar. Michael Lewis, Deputy Director

CYBERCRIME AS A NEW FORM OF CONTEMPORARY CRIME

INFORMATION SECURITY NO MORE THE CINDERELLA?

Using a Vulnerability Description Ontology for vulnerability coordination

Future Challenges and Changes in Industrial Cybersecurity. Sid Snitkin VP Cybersecurity Services ARC Advisory Group

Cybersecurity & Digital Privacy in the Energy sector

Disaster Management and Security Solutions to Usher in the IoT Era

About Issues in Building the National Strategy for Cybersecurity in Vietnam

COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN

Critical Information Infrastructure Protection Law

ENCS The European Network for Cyber Security

BRIEFING COMBATING CYBERCRIME: TOOLS AND CAPACITY BUILDING FOR EMERGING ECONOMIES. Geneva 18 April David Satola

Election Infrastructure Security: The How and Why of It

The APEC Model. Global Partnership through Regional Initiatives

Cybersecurity governance in Europe. Sokratis K. Katsikas Systems Security Laboratory Dept. of Digital Systems University of Piraeus

Critical Infrastructure Sectors and DHS ICS CERT Overview

Legislative Framework

COUNCIL OF THE EUROPEAN UNION. Brussels, 24 May /13. Interinstitutional File: 2013/0027 (COD)

Australian Government Cyber-security Activities in the Pacific

SAINT PETERSBURG DECLARATION Building Confidence and Security in the Use of ICT to Promote Economic Growth and Prosperity

NEW INNOVATIONS NEED FOR NEW LAW ENFORCEMENT CAPABILITIES

Critical Infrastructure Protection and Suspicious Activity Reporting. Texas Department of Public Safety Intelligence & Counterterrorism Division

RESOLUTION 130 (REV. BUSAN, 2014)

Global Resilience Federation Trust. Collaboration. Community. Cindy Donaldson President, Global Resilience Federation October 2017

Garry Mukelabai Communications Authority Zambia

Caribbean Cyber Security: Not Only Government s Responsibility

FEMA Region III Cyber Security Program

cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services

Security and resilience in Information Society: the European approach

RESOLUTION 130 (Rev. Antalya, 2006)

Transcription:

How to communicate with your government - Lessons from Japan - Dr. Suguru Yamaguchi JPCERT/CC Japan

Summary CSIRT can be a good liaison between government and industries. Cybersecurity is emerging in various policy domain by the government, esp. for nagonal security and crigcal infrastructure protecgon (CIP & CIIP). Infrastructure and various components for ICT society are operated mainly by private sectors (private industries). But, classic regulagons are not working well with this business structure for cybersecurity, because the situagon changes very rapidly. Be a good catalyst, Nice & rich communicagon with your government is a key for more collaboragons.

JPCERT/CC and others MulGple Point of Contact (POC) Structure for JAPAN JPCERT POC for Japan Provide its service for Japan as its consgtuency NISC - Policy & Government related NaGonal InformaGon Security Center, Cabinet Secretariat, GOJ NPA Law Enforcement NaGonal Police Agency, GOJ More than 20 CSIRT s in Japan Enterprise CSIRT 20 FIRST members.

Quick overview of JPCERT/CC Budget comes from METI (Ministry of Economy, Trade and Industry), but not 100% Non-governmental, Not for Profit Organization National POC CSIRT in Japan (Point of Contact for International relations) FIRST (Forum of Incident Response and Security Team) Full member since 1998 APCERT (Asia Pacific Computer Emergency Response Teams) chair, Secretariat Technical OperaGon Vulnerability Handling Watch and Warning Incident Response ArGfact Analysis - Vulnerability Analysis - Industry CoordinaGon - Impact analysis - Advisory - Public Monitoring - Incident Analysis - Network monitoring - Alert, Special CommunicaGon - Advisory - Malware Analysis - Vulnerability validagon - research and study 4

No infonet, No business! so what our government can do?

Where we are heading? Widely ICT deployment to social infrastructures. We are living in Connected world where more informagon are exchanged and processed among vast number of computers and ICT devices. True ICT society Covers our whole globe. Knowledge based economy. Global opgmizagon. High mobility of users, informagon processing and assets.

Supply Chain Management (SCM), today suppliers Stock mgt factories logistics customers ProducGon OpGmizaGon Financial Management Integrated Business Management & ERP ICT plaaorm Copyright (C) 2011 Suguru Yamaguchi, All Rights Reserved.

Security is our #1 priority InformaGon systems are also business enabler for criminals. InformaGon systems are adding power for criminals in many ways, such as APT and adacks using cloud compugng. Global collaboragon for making malwares, composing adacks and geeng $$$. We have to change this game! Good scheme to strengthen informagon security management. More efficient measures against criminals. Need changes on the structure.

Economics of Cyber Crimes, Today Risk Effort Reward

Economics of Cyber Crimes, Tomorrow? Risk Effort Reward

Areas we have to work today NaGonal Security ProtecGon of CiGzens Industry Policy NaGonal Cyber Security Policy

Policy Areas Industry Policy ProtecGon of ICT infrastructure as our business basis for various economic acgviges. Data confidengality, ID management, digital signature, commerce over the Internet NaGonal Security Counter acgviges against malicious acgviges over the Internet. CombaGng against cyber terrorism, high- tech crimes, Counter intelligence acgviges, Preparedness for large- scale state organized cyber adacks. ProtecGon of CiGzens ProtecGon of CiGzens from malicious acgviges CiGzens as consumers in e- Commerce ProtecGon of Individual informagon & privacy data transferred over the Internet Human rights protecgon

Japan s DirecGons Industry Policy Basic Act on the FormaGon of an Advanced InformaGon and TelecommunicaGons Network Society (2001) IT HQ (2001) & NISC (2005) in Cabinet Secretariat (PM office) NaGonal Security NaGonal Cyber Security Master Plan, version 4 (2011) NaGonal Defense Program (2011) Legal framework for ang- cyber terrorism, high- tech crime, and the other malicious acgviges against our society CIP/CIIP basic plan by NISC (first ed. In 2006) Counter intelligence, counter espionage, (2009) ProtecGon of CiGzens Personal InformaGon ProtecGon Law (2004 etc.) Consumer Affairs Agency (CAA), est. 2009

But, the gov cannot do everything. The network infrastructure and their vital components are operated by private sectors. The Internet and communicagon networks. InformaGon systems for our society Today crigcal informagon infrastructure includes various business infrastructure including financial services, supply chain systems, and energy networks. Government has its own silo structure. It comes from bureaucrat system, naturally. However, cybersecurity is the common issue for all the ministries. Industries have their own legal framework for operagons. ConfidenGality management of their operagon is highly required, especially for farms on stock markets. Government regulagons controls many in the business area.

What can CSIRT do?

Main OperaGons of NaGonal POC CSIRTs FIRST APCERT Other Interna0onal CSIRT Communi0es Overseas DomesGc Vendor Industrial En00y Incident Handling Coordina0on Vulnerability Handling Ar0fact Handling Publishing Alerts Organiza0onal CSIRT NaGonal POC CSIRT Incident Handling Coordina0on Vulnerability Handling Ar0fact Handling Publishing Security Alerts Educa0on, Training Develop Security Tools Monitoring Detect Invasions Providing Security Informa0on Informa0on Analysis, etc. User Overseas CSIRT Government LE Media

National Strategy NaGonal Policy LegislaGon and Law Enforcement Private Sector Security CriGcal Infrastructure ProtecGon NaGonal Defense InternaGonal CooperaGon Technical Experts (Human Resource)

Areas we can work together with gov Dealing with the bureaucrat silo structure. Cybersecurity is cross- sector agenda today, not limited to ICT. Being a bridge among ministries is possible way to work together. Public Private Partnership (PPP) needs a good coordinator for informagon sharing. CSIRT can be a clearinghouse of informagon for industries to be shared with government. The society needs more human resource development for cyber security management in various business area. We can working together, including public awareness raising. Global & internagonal collaboragons.

JPCERT/CC case, communicagons with JP Gov Sharing with our own analysis data with government. Periodic & emergency report for government as cyber hurricane center Update them for rapid changes of incidents. CollaboraGons for various areas Technical capability development Human resource development Engineering & technical research, and standardizagons. FuncGons as ISAC. (informagon sharing & analysis center) Working as a primary contacts of industries for governments. Especially for telecommunicagon infrastructure. EscalaGon for specific cases, especially for internagonal cases that need communicagon with the other countries authoriges (gov).

International partnership and framework for ICS security CoordinaGon Overseas CCs CERT/CC CPNI, CERT- Fi Public Disclosure InformaGon share JPCERT/CC JVN Japanese CS vendors Yokogawa, Toshiba, Fuji electric, Takebishi, Fanuc Mitsubishi Electric, Hitachi, Yamatake etc. CoordinaGon 20

For telecom sector Japan Government G to G official comm. Government Partner POC CSIRT CSIRT Network JPCERT/CC to Peer Network Coordination Escalation Telecom-ISAC Japan

Summary Government has various concerns on cybersecurity policy, but it cannot do everything by itself alone. Industries always deal with mulgple ministries and regulagons for their business operagon. They need a good coordinator for working with government. CSIRT is a specialized organizagon to deal with cyber security incidents, but today we have many capabiliges to work with both gov and industries, as a catalyst for them. Gov / CSIRT / industries is a good formagon to deal with cybersecurity issues. Proofed with many cases in various countries, including JP.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback