1 Case Study ESTABLISHING NATIONAL CERT By Saleem Al-Balooshi Etisalat - AE.

Slides:

Advertisements

Similar presentations

National Infrastructure Security Co-ordination Centre

Advertisements

ETHICAL HACKING A LICENCE TO HACK

Computer Emergency Response Teams

Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.

INFORMATION SOCIETY DEVELOPMENT IN THE REPUBLIC OF BULGARIA “Information Society perspectives in South-Eastern Europe” Thessaloniki, 29 & 30 June 2001.

Cyberspace and the Police Mamoru TAKAHASHI Head of Computer Forensic Center, Hi-tech Crime Technology Division National Police Agency, Japan.

(Geneva, Switzerland, September 2014)

NIS Directive and NIS Platform

Network and Systems Security Security Awareness, Risk Management, Policies and Network Architecture.

Affiliated Information Security Collaborative An Affiliated Enterprise Approach to Information Security Deans and Vice Presidents Meeting April 17, 2014.

About Waterloo website Project report June Outline Overview of process Project deliverables Lessons learned.

Network security policy: best practices

Comptroller of the Currency Administrator of National Banks E- Security Risk Mitigation: A Supervisor’s Perspective Global Dialogue World Bank Group September.

Cybercrime Outlook on African banks Adwo Heintjes Global Head IT Audit & Ops Rabobank.

National Public Health Performance Standards Local Assessment Instrument Essential Service:3 Inform, Educate, and Empower People about Health Issues.

Experiences from establishing a national Centre for Information Security in Norway TERENA Networking Conference 2003 Maria Bartnes Dahl &

Giandonato CAGGIANO ENISA MANAGEMENT BOARD REPRESENTATIVE LEGAL ADVISER ON EUROPEAN AFFAIRS OF THE MINISTRY OF COMMUNICATIONS U. OF ROMA TRE LAW FACULTY.

Topic: Information Security Risk Management Framework: China Aerospace Systems Engineering Corporation (Case Study) Supervisor: Dr. Raymond Choo Student:

Marketing of Information Security Products. The business case for Information Security Management.

What if you suspect a security incident or software vulnerability? What if you suspect a security incident at your site? DON’T PANIC Immediately inform:

ICT business statistics and ICT sector: Uzbekistan’s experience Prepared by Mukhsina Khusanova.

CSC 386 – Computer Security Scott Heggen. Agenda Security Management.

Resources to Support Training Programs for CSIRTs.

How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Congregational UCC Church: Facebook Kate Kauffman Social Media Consultant

T R U S T A N D C O N F I D E N C E I N C Y B E R S P A C E I N D U S T R Y C A N A D A P C C - I Q u i t o, E c u a d o r, M a r c h 1 6 – 1 9,

What if you suspect a security incident or software vulnerability? What if you suspect a security incident at your site? DON’T PANIC Immediately inform:

Network and Systems Security Security Awareness, Risk Management, Policies and Network Architecture.

Intrusion Detection Prepared by: Mohammed Hussein Supervised by: Dr. Lo’ai Tawalbeh NYIT- winter 2007.

Copyright © 2010 APCERT Graham Ingram AusCERT SC member of APCERT AP* Retreat, Gold Coast 23 rd August 2010.

Managing Information System Security: Principles GP Dhillon Associate Professor Virginia Commonwealth University.

Recent Cyber Attacks and Countermeasures September 2006.

Creating A CERT at WARP Speed.

9-1 Chapter 9 The Internet.

1 August 18, 2010 Disaster Recovery Coordinators’ Meeting.

Cloud Computing Security Keep Your Head and Other Data Secure in the Cloud Lynne Pizzini, CISSP, CISM, CIPP Information Systems Security Officer Information.

EGEE-III INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks David Kelsey RAL/STFC,

The Culture of Healthcare Privacy, Confidentiality, and Security Lecture d This material (Comp2_Unit9d) was developed by Oregon Health and Science University,

Knowing What You Missed Forensic Techniques for Investigating Network Traffic.

Cyber-security policy to encourage CSIRTs activities Yasuhiro KITAURA Ministry of Economy, Trade and Industry, JAPAN.

CU – Boulder Security Incidents Jon Giltner. Our Challenge.

Converting Policy to Reality Designing an IT Security Program for Your Campus 2 nd Annual Conference on Technology and Standards May 3, 2005 Jacqueline.

1 NIST Notify U.S. A Service of the National Center for Standards and Certification Information (NCSCI)

IT Security Policies and Campus Networks The dilemma of translating good security policies to practical campus networking Sara McAneney IT Security Officer.

Economic, Social and Environmental Benefits Better Planning and Operational Decisions in Water Management Decision Making Capacity and Institutions; Stakeholder.

CERT cooperation with ISP’s on Cybersecurity C ă t ă lin P ă trașcu CERT-RO 29 October 2015 RONOG 2 Meeting1.

1 CREATING AND MANAGING CERT. 2 Internet Wonderful and Terrible “The wonderful thing about the Internet is that you’re connected to everyone else. The.

Strategic Agenda We want to be connected to the internet……… We may even want to host our own web site……… We must have a secure network! What are the.

Chapter 3 Pre-Incident Preparation Spring Incident Response & Computer Forensics.

Quickly Establishing A Workable IT Security Program EDUCAUSE Mid-Atlantic Regional Conference January 10-12, 2006 Copyright Robert E. Neale This.

IS3220 Information Technology Infrastructure Security

The Practices of CERT -- Building National Computer Network Emergency Response Capability Mingqi CHEN CNCERT/CC APCERT APAN Bangkok.

Mohssen Mohammed Sakib Pathan Building Customer Trust in Cloud Computing with an ICT-Enabled Global Regulatory Body Mohssen Mohammed Sakib Pathan.

Information and Network security: Lithuania Tomas Lamanauskas Deputy Director Communications Regulatory Authority (RRT) Republic of Lithuania; ENISA Liaison.

M O N T E N E G R O Negotiating Team for the Accession of Montenegro to the European Union Working Group for Chapter 10 – Information society and media.

Montgomery College Acceptable Use Policy (AUP). 2 This Acceptable Use Policy (AUP) PowerPoint presentation was developed by the Office of the Information.

Incident Response Strategy and Implementation Anthony J. Scaturro University IT Security Officer September 22, 2004.

Building Global CSIRT Capabilities Barbara Laswell, Ph. D

Team 1 – Incident Response

Security Standard: “reasonable security”

Responding to Intrusions

DIGITAL CZECH REPUBLIC Impact of Digital Revolution

Cyber Security coordination in Europe CERT-EU’s perspective

Threat Trends and Protection Strategies Barbara Laswell, Ph. D

Enhanced alerting and collaborative incident management

Computer Emergency Response Team

DATA DISASTER RECOVERY PLAN

APPLICATION DISASTER RECOVERY RESPONSE

Presentation transcript:

1 Case Study ESTABLISHING NATIONAL CERT By Saleem Al-Balooshi Etisalat - AE

2 Internet Wonderful and Terrible “The wonderful thing about the Internet is that you’re connected to everyone else. The terrible thing about the Internet is that you’re connected to everyone else.” Vint Cerf

3 CERT Main Services 1.Alerting 2.Reporting 3 Examples: AusCERT CERT-CC GOVCERT.NL

4 Alerting Services: Purpose of the alerting Service: –AusCERT: To provide timely early warning advice to the Australian public about computer network threats and vulnerabilities which could compromise confidentiality, integrity of availability

5 Alerting Services: Purpose of the alerting Service: –CERT-CC: To provide information on critical incidents and vulnerabilities to system and network administrators around the globe and to other CSIRT teams.

6 Alerting Services: Purpose of the alerting Service: –GOVCERT.NL: To create an independent and free alerting service for IT security related incidents aimed at Dutch home users and small companies (up to 10 PCs)

7 Sponsors of the alerting service: AusCERT: The Australian Commonwealth Government. CERT-CC: The U.S. government and industry. GOVCERT.NL: The ministry of economic affairs in the Netherlands.

8 Alerting Services Target Groups of the alerting service: –AusCERT: The target group is Australian individuals and small to medium Enterprises (SMEs). –CERT-CC: System and network administrators, technology managers, other CSIRT teams around the world. –GOVCERT.NL: Target Group of the service is Dutch home users and small enterprises (up to 10 PC’s)

9 Reporting Services What is a Reporting service: –A system to collect, process and analyze computer security incident reports and share sanitized aggregate reporting to appropriate audience.

10 Reporting Services Purpose of the reporting service: –AusCERT: To provide a source of “current” data about malicious network activity which, when collated and analyzed can provide meaningful intelligence about: –Computer network attack trends, malicious network attack activity, threats and vulnerabilities, To provide reporting groups (and others if appropriate) access to sanitized aggregate reporting to : –Promote the use of appropriate mitigation strategies –Raise awareness of computer security issue –Keep them up to date with changing or emerging threat activity and trends –Give them access to computer network attack data beyond their own networks (which they would not otherwise obtain) –Provide value-added assessment of aggregate data trends and activity to encourage their continued reporting

11 Reporting Services Purpose of the reporting service: –GOVCERT.NL: Improving the quality of GOVCERT.NL’s output by acting as an extra CERT-Source Generating trends analysis of IT related security incidents for stakeholders Central reporting and monitoring point for (relevant) IT related security incidents

12 How to set up an alerting and reporting services? (GOVCERT.NL) –Operational CERT: Center of operations Technical expertise Information process up & running –Technical Systems: Web Server Content management system Mailing list software –Organization (project team): Project and office management Technical, communication, legal, information analysis

13 How to set up an alerting and reporting services? –Legal: Develop General terms & conditions Develop privacy policy and disclaimers Take position in Market regulation issues Develop Contracts and Service level agreements –Communication and PR: Organize Content-production and editing Determine your media mix for alerts Organize Co-writing of alerts for website, and SMS Organize public campaign management –Internal Processes: Revise your information and operational processes Establish escalation procedures for public warning.

14