Activities, Challenges & Collaboration

Slides:



Advertisements
Similar presentations
© 2004 APCERT APCERT Activity Update Yurie Ito JPCERT/CC (On behalf of the APCERT Secretariat)
Advertisements

STRENGTHENING COOPERATION ON CYBER SECURITY WITHIN THE ASEAN REGION
1 ASEAN Regional Forum Meeting 28 – 30 April 2010 Bandar Seri Begawan, Brunei CERT-Ins Initiative on International Information Security Dr A S Kamble Director.
Philippine Cybercrime Efforts
Joint efforts in incident response in AP region and future work with RIR Suguru Yamaguchi JPCERT/CC.
INTRODUCTION The Climate Technology Centre and Network NDE Workshop : 5-7 March 2014, Nairobi, Kenya Manfredi Caltagirone UNEP.
APNG Camp Anthony S. Lee. What Is APNG Camp? APNG Camp means Asia Pacific Next Generation Camp that provides a forum for Asia Pacific young Internet users.
Cyberspace and the Police Mamoru TAKAHASHI Head of Computer Forensic Center, Hi-tech Crime Technology Division National Police Agency, Japan.
1 Case Study ESTABLISHING NATIONAL CERT By Saleem Al-Balooshi Etisalat - AE.
Hong Kong E-commerce Readiness. APEC E-commerce Readiness Assessment Guide 2 The assessment helps identify actions needed to improve e-commerce environment.
Cyber Security Issues in South Korea and CSIRTs Cooperation September 17, 2014 Eunju Pak
JPCERT/CC May Fixed-Point Auto Data Collecting System Getting more accurate Scan and Prove data to provide more accurate network traffic analysis.
APCERT : APNIC Meeting 2014’ International Collaboration for Regional Cybersecurity Risk Reduction - APCERT Collaboration with Stakeholders Yurie Ito Chair,
Copyright © 2008 APCERT APCERT Activity Updates Asia Pacific Computer Emergency Response Team Jia-Chyi Wu Deputy Director, TWNCERT On behalf of APCERT.
1 PRESENTED BY DEBORAH WAN WORKABILITY ASIA DIRECTOR WORKABILITY INTERNATIONAL DIRECTOR WORKABILITY ASIA (WASIA)
Development Services Duncan Macintosh Development Director.
Resources to Support Training Programs for CSIRTs.
APNIC Update RIPE 59 October Overview APNIC Services Update APNIC 28 policy outcomes APNIC Members and Stakeholder Survey Next APNIC Meetings.
National Workshop on ANSN Capacity Building IT modules OAP, Thailand 25 th – 27 th June 2013 KUNJEER Sameer B History of centralized ANSN website as well.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
AP Security Framework Suguru Yamaguchi JPCERT/CC.
Australia Cybercrime Capacity Building Conference April 2010 Brunei Darussalam Ms Marcella Hawkes Director, Cyber Security Policy Australian Government.
Copyright © 2010 APCERT Graham Ingram AusCERT SC member of APCERT AP* Retreat, Gold Coast 23 rd August 2010.
Day 4-2 Inter-Network Cooperation 4-2.inter-network-cooperation 1 Cooperation and Coordination community, sharing, incident response, trust.
CAI-Asia Local Network Strategy CAI-Asia Internal Secretariat Coordination Meeting 10 July 2004 Bangkok, Thailand.
Cyber-security policy to encourage CSIRTs activities Yasuhiro KITAURA Ministry of Economy, Trade and Industry, JAPAN.
Future Regional Trends, Regional Direction and Cooperation Global Cybersecurity Agenda Pillars.
How we work as a national CERT in China ZHOU Yonglin CNCERT/CC, China 2 Addressing security challenges on a global scaleGeneva, 6-7 December 2010.
T h e A A A H Asia-Pacific Action Alliance on Human Resources for Health.
The APNG Camp Anthony S. Lee. What Is APNG Camp? APNG Camp means Asia Pacific Next Generation Camp that provides a forum for AP regional young Internet.
CONFERENCE ON REFORMING THE ASIA-PACIFIC FINANCIAL INFRASTRUCTURE Session B-2 Dusit Thani Manila Hotel Makati City, Philippines 12 November 2015 Dr. James.
0 ARF-ISG DOD Delhi, 9 November 2009 Takeshi ISHIKAWA Director for International Policy Ministry of Defense, Japan Promoting Effectiveness of Defense-Security.
Global Geospatial Information Management (GGIM) A UN-DESA Initiative in collaboration with Cartographic Section, DFS Stefan Schweinfest UNSD.
Update on ESCAP Work on Trade Facilitation and implementation of the ROC-TF mechanism Regional Organizations Cooperation Mechanism for Trade Facilitation.
TLP:Green FIRST/TF-CSIRT Technical Colloquium January 25 th – 27 th, 2016 Prague, CZ TLP:Green.
Update on APCERT Asia Pacific Computer Emergency Response Team Thomas Ng, SingCERT (On behalf of APCERT)
The Practices of CERT -- Building National Computer Network Emergency Response Capability Mingqi CHEN CNCERT/CC APCERT APAN Bangkok.
Global Support For Librarians in Asia Through SLA Sue Henczel President Australia and New Zealand Chapter.
Strawman : Output Document of Seoul Retreat Committee Meeting - Presentation Material - APAN Retreat Committee 21 January 2003.
Information and Network security: Lithuania Tomas Lamanauskas Deputy Director Communications Regulatory Authority (RRT) Republic of Lithuania; ENISA Liaison.
M O N T E N E G R O Negotiating Team for the Accession of Montenegro to the European Union Working Group for Chapter 10 – Information society and media.
International Atomic Energy Agency Planning Meeting of the RCA Project on Establishing a Benchmark for Assessing the Radiological Impact of Nuclear Power.
October, 2012 Tech Titan Limited Company Profile.
1  Carnegie Mellon University Overview of the CERT/CC and the Survivable Systems Initiative Andrew P. Moore CERT Coordination Center.
Prinath Dias Former RCA Focal Person.  A little history  The policies behind the achievements  Some thoughts for the future.
Asia Pacific Logistics Federation Date of presentation: 19-May-2016 Mr. David Rogers APLF Chairman (Jan Dec 2017)
Issue Date: Revision: APNIC Outreach Activities in Cyber Security Adli Wahid Security Specialist
APCERT Dr. Suguru Yamaguchi JPCERT/CC. What’s APCERT? “Asia Pacific Computer Emergency Response Team” –Regional forum of CSIRT in Asia Pacific –Established.
Building Global CSIRT Capabilities Barbara Laswell, Ph. D
Asia-Pacific Network for the Coordination of Statistical Training
Civil Society Consultation Frika Chia Iskandar
From Diagnostic to Reform
About the NIS directive
The Forum of Incident Response and Security Teams (FIRST)
Cyber Security coordination in Europe CERT-EU’s perspective
APCERT Activities Asia Pacific Computer Emergency Response Team
ICT: Driving Innovation in Asia-Pacific
The Forum of Incident Response and Security Teams (FIRST)
Protective Security Advisor Program Brief
Dan Tofan | Expert in NIS 21st Art. 13a WG| LISBON |
Threat Trends and Protection Strategies Barbara Laswell, Ph. D
AVI AFRIQUE October 2018 Tshepo Peege
Promoting regional cooperation in metrology in the Asia-Pacific region
Securing free and fair European elections
Asset management Ontario
The European Union response to cyber threats
Computer Emergency Response Team
-- by APFNet-Kunming Training Center
The Forum of Incident Response and Security Teams (FIRST)
UNDP Asia Pacific Regional Centre August 2010
Presentation transcript:

Activities, Challenges & Collaboration APCERT Asia Pacific Computer Emergency Response Team Activities, Challenges & Collaboration  TLP:WHITE Prepared by APCERT Secretariat February 2018 As I am in charge of APCERT Secretariat business, I would like to talk about APCERT activities for global collaboration. Copyright © 2018 APCERT 1

APCERT Vision Statement About APCERT Asia Pacific Computer Emergency Response Team http://www.apcert.org Forum of CSIRTs/CERTs in the Asia Pacific region Established in February 2003 30 Operational Members from 21 economies New members: Bhutan (BtCIRT), CERT NZ APCERT also has MOU/cooperative relationships with STOP.THINK.CONNECT TF-CSIRT (CSIRT community in Europe) OIC-CERT (Organisation of Islamic Cooperation CERT) APNIC APCERT Vision Statement APCERT will work to help create a Safe, Clean and Reliable cyber space in the Asia Pacific Region through global collaboration Copyright © 2018 APCERT 2

APCERT’s Outreach - Cross regional collaboration EGC ENISA TF-CSIRT OIC-CERT AFNOG/AfriNIC/AfREN APEC-TEL GFIRST GCC- CERT FIRST CLARA WG-CSIRT Copyright © 2017 APCERT 3

APCERT Operational Members (30 Teams from 21 Economies) Mongolia MNCERT/CC, MonCIRT Japan ★JPCERT/CC China ★CNCERT/CC, CCERT South Korea ★KrCERT/CC Bhutan BtCIRT Taiwan ★TWNCERT, TWCERT/CC, EC-CERT Bangladesh bdCERT, BGD e-Gov CIRT Hong Kong HKCERT, GovCERT.HK India ★CERT-In Macau MOCERT Myanmar mmCERT Vietnam VNCERT Sri Lanka Sri Lanka CERT|CC, TechCERT Brunei BruCERT Laos LaoCERT Indonesia Id-SIRTII/CC, ID-CERT Thailand ThaiCERT Australia ★CERT Australia(Chair), AusCERT Malaysia ★MyCERT New Zealand CERT NZ Singapore SingCERT Corporate Partners (3) Bkav (Vietnam), Microsoft, Secureworks ★Steering Committee Copyright © 2018 APCERT

APCERT OM Criteria be a CERT from an Asia Pacific economy, which performs the function of a CSIRT or CERT on a full time basis be a leading or national CERT within its own economy be not-for-profit and/or wholly or partly government funded have established policies, practices and procedures for operating a CERT within its economy and have experience in CERT operations including incident handling and cyber threat and vulnerability monitoring and advice have a broad responsibility and capability for disseminating information and coordinating incident response across and/or among sectors within its economy Obtain an OM sponsor, application and site visit Copyright © 2018 APCERT

Asia-Pacific Region Source: APNIC Copyright © 2018 APCERT

Copyright © 2018 APCERT

Why do we need APCERT? Cyber threat landscape continues to evolve Range of threats is ever increasing – seeing two distinct trends Targeted: Increasingly sophisticated exploits are being developed and deployed against well-protected networks Broad-based: Criminals compromising networks using publicly known vulnerabilities that have known mitigations (eg WanaCry) Current challenges Ransomware Business Email Compromise / Social engineering Targeting trusted third parties DDoS The challenges are not national – they are regional and global Theft of money, data (corporate & personal) and intellectual property Extortion attacks such as denial of service and ransomware Malware hosted on compromised websites Spear phishing emails / Business email compromise – network access & fraud Copyright © 2018 APCERT 8

APCERT Objective 1 – Security Cooperation Encourage and support regional and international cooperation on information security in the Asia Pacific region Jointly develop measures to deal with large-scale or regional network security incidents Facilitate information sharing and technology exchange, including info security, computer virus and malicious code, among its members Promote collaborative research and development on subjects of interest to its members Copyright © 2018 APCERT

APCERT Objective 2 – Emergency Response Assist other CSIRTs in the region to conduct efficient and effective computer security emergency response capability Provide inputs and/or recommendations to help address legal issues related to information security and emergency response capabilities across regional boundaries Copyright © 2018 APCERT

APCERT Objective 3 – Security Awareness Organize and conduct an annual AGM and APCERT Conference to raise awareness on computer security incident responses and trends, exchange information on cyber security trends, discuss threats and challenges, and assist government & critical entities Copyright © 2018 APCERT

How does APCERT work? Independent from politics, industry, market… CSIRT (Computer Security Incident Response Team) Independent from politics, industry, market… Do not focus on WHO and WHY, focus on WHAT and HOW from a technical coordination perspective CSIRT Common Policy MY security depends on YOUR security Web of trust Systematic Handling Timely manner Each team has appropriate domestic contacts to handle and respond to incidents (ISPs, critical infrastructure, government…) Mailing lists, Traffic Light Protocol, encrypted e-mail Reaching to disconnected areas using CSIRT network POC arrangement between members One Point of Contact per economy Deal with serious and time critical computer security incidents Reachable 24 hours / 7 days via call Copyright © 2018 APCERT 12

APCERT Working Groups Malware Mitigation WG (Convener: MyCERT) To discuss security metrics in order to identify ways to improve on currently available security metrics, best practices on clean-up and data sharing methods Information Sharing WG (Convener: CNCERT/CC) To identify information regarded as useful for APCERT members and/or available to share with other APCERT members Membership WG (Convener: KrCERT/CC) To review the current membership criteria/classes Policy, Procedures and Governance WG (Convener: CERT Australia) To promote the Vision and Mission of APCERT, To review the Operational Framework and other documents Training WG (Convener: TWNCERT) To establish an overall education and training program to assist members to develop, operate, and improve their incident management capabilities. TSUBAME WG (Convener: JPCERT/CC) To exchange analytical information of TSUBAME, the packet traffic monitoring system to observe suspicious scanning activities in the Asia Pacific and other regions. Drill WG (Convener: ThaiCERT) To improve the efficiency and stability of the organization of the annual drill by maintaining a fixed organization that can learn from experiences each year. Copyright © 2018 APCERT

Capacity Building APCERT Online Training (bimonthly) Date Theme Presenter 8 Feb 2017 Digital Forensics Sri Lanka CERT|CC 19 Apr Mobile Vulnerability Check and Case Study KrCERT/CC 1 Aug Cyber Detection, Eradication and Forensic (Cyber D.E.F) MyCERT 3 Oct Cyber threat information sharing CERT Australia 5 Dec Introduction of DDoS Offensive and Defensive Exercise in Taiwan TWNCERT 6 Feb 2018 Malware Information Sharing Platform (MISP) in a CERT AusCERT Copyright © 2018 APCERT

Recent and upcoming Activities Updated APCERT Operational Framework New structure to include Partners APCERT Information Classification Policy Update Updating APCERT Information Classification Policy in line with the ‘FIRST Standards Definitions and Usage Guidance — Version 1.0’ Capacity Building Survey Surveyed members in 2017 conducted to determine APCERT member strengths and gaps Capacity Development WG to be established: will use the skills and expertise of APCERT Members/Partners to share experiences and strengthen the APCERT community Events presented as APCERT Representative: The OIC-CERT Annual General Meeting and Annual Conference APRICOT / FIRST TC / AP* APEC-TEL Copyright © 2018 APCERT 15

Recent and upcoming Activities - APCERT Drill Practice – APCERT Incident Handling Drill Conducted annually Participation from most of APCERT teams and some external organisations A simulation exercise of cyber attacks, includes communication checks based on given scenario. Last Drill: 22 March, 2017 Theme: “Emergence of a New DDoS Threat ” Participating Teams: 23 CSIRTs from 18 economies 4 CSIRTs from OIC-CERT Objective/Scenario: Mitigate DDoS incidents triggered by a type of malware which has been widely observed in the Asia Pacific region Next Drill: 7 March 2018 Copyright © 2018 APCERT 16

Recent and upcoming Activities - APCERT AGM & Conference 2017 APCERT AGM and Conference Date: 12-15 November, 2017 Hosted by: CERT-In (India), Delhi Theme: “Building Trust in the Digital Economy” 2018 APCERT AGM and Conference Date: Q4 2018 Hosted by: CNCERT/CC (China), Shanghai Theme: TBA Copyright © 2018 APCERT 17

APCERT Annual Report Activity reports of APCERT member teams Overview and activities of each team Team reports and statistics on incidents and trends Projects and Activities Annual Report 2016 is available online https://www.apcert.org/documents/pdf/APCERT_Annual _Report_2016.pdf Annual Report 2017 will be available soon Copyright © 2018 APCERT

Thank you! APCERT General Contact: apcert-sec@apcert.org APCERT Website: https://www.apcert.org Copyright © 2018 APCERT 19

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.