APCERT Meeting 2014: International Collaboration for Regional Cybersecurity Risk Reduction
•
0 gostou•756 visualizações
International Collaboration for Regional Cybersecurity Risk, by Yurie Ito. A presentation given at APNIC 38.
Recomendados
Recomendados
Mais conteúdo relacionado
Mais procurados
Mais procurados (20)
Semelhante a APCERT Meeting 2014: International Collaboration for Regional Cybersecurity Risk Reduction
Semelhante a APCERT Meeting 2014: International Collaboration for Regional Cybersecurity Risk Reduction (20)
Mais de APNIC
Mais de APNIC (20)
Último
Último (20)
APCERT Meeting 2014: International Collaboration for Regional Cybersecurity Risk Reduction
- 1. APCERT : APNIC Meeting 2014’ International Collaboration for Regional Cybersecurity Risk Reduction - APCERT Collaboration with Stakeholders Yurie Ito Chair, APCERT SC Director, Global Coordination, JPCERT/CC
- 2. General Introduction Asia Pacific Computer Emergency Response Team http://www.apcert.org Forum of CSIRTs in the Asia Pacific region Established in February 2003 Annual Events 1. APCERT AGM & Conference 2. APCERT Drill (Simulation exercise of cyber attacks) APCERT Annual Report http://www.apcert.org/documents/index.html
- 3. Computer Security Incident Response Team CERT Services : by CERT/CC SEI CMU
- 5. Key Cybersecurity Risks Threats exposed 2011-12 Data extortion by Persistence Threats Crowd sourced attack IT system down / Data loss by Natural Disaster IT System Environment / Technology Evolves New devices; Mobile Tablets, Smart Phones Social Media Cloud Computing Control System connects to Networks IT System EnvironmeRnistk /s T echnology Evolves Intellectual Property Economic Competition Infrastructure Service National Security All those old bad problems still exist Bots Malware, Exploits DDoS, etc Cyber Conflicts Insider threats
- 6. Applying Root-Cause Analysis to Internet Health
- 7. APCERT Security Operations / Regional CERTs Collaboration • Opportunities – Collaborate on cyberspace safety, cleanliness and health – clean up malware and cooperate in removing botnets – Focus on measurement and enabling remediation through education, tools, information sharing – Point of Contact (POC) arrangement – Cross boarder incident handling and coordination APCERT efforts should go farther in this area
- 8. APCERT 11 years of Achievement • 2013 – APCERT 10th anniversary • Collaboration agreement with external experts and global security operations – OIC-CERT, EGC, TF-CSIRT, FIRST and many more industry partners • Participated in global dialogues on fostering clean-up norms – Including guest status at APEC-TEL SPSG – AP*, APNIC, ASEAN Regional Forum • Partnership with OECD on Cybersecurity Risk measurement program • CSIRT Training for Africa and pacific islands • APCERT Drills & ASEAN CERT Incident Drills • TSUBAME -> Network Monitoring Data and tool sharing program
- 9. what can we do more with APNIC, APTLD and Network Operators? • Cybersecurity capacity building and training • Point of Contact exchange? – APCERT-AP-TLC, APCERT-AP-NIC – NICs – CERTs – ccTLDs – POC for NOGs • More Info sharing? • Send us Incident Reports • Collaborate on regional risk reduction Cyber Green approach
- 10. Towards the Safe, Clean and Reliable Internet Ecosystem Yurie Ito yito@jpcert.or.jp Mobile: +1 310.463.2776
Notas do Editor
- My name is Yurie Ito. I am a chair of APCERT, and also a director of global coordination at JPCERT/CC. thank you for the invitation to speak with you today. Today I will be representing the CERT collaboration forum in Asia Pacific Region known as APCERT. I will share how we overcome the challenges and have kept us closely working together to make the internet cleaner, safer and reliable space through managing the regional level of cyber risks.
- It’s been 10 years since APCERT was established. We have 25 teams from 19 economies today working together closely with trust. Building trust is not easy. There are significant differences in political systems, IT infrastructure, cultural and language differences. Each team also has different authorities and their remediation approaches in dealing with incidents can be be very different.
- Just to give you a general idea what type of capability we have in our group –
- Today, with both technology and the threat continue to rapidly evolve – targeted attacks are occurring globally and we see increasing number of clearly national security motivated attacks and DDOS against governments and banking systems. Governments are start discussion on cyber war/conflict in places. Around the world, governements are making accusations and taking sides on who is conducting attacks and poses risks. Managing cyberspace and cyber security is quickly being seen as a competition. We must rebalance this competitive approach with collaborative risk reduction approach. APCERT works together to not only respond the symptom of the diseases, but we are trying to identifies the causes and root causes, and remediate them. We focus the identification of underlying cyber risk factors in the global cyber ecosystem that poses a risk to stakeholders across the globe. And we work together to remediate them.
- We suggest root cause analysis of global cybersecurity situations can lead to a tremendous impact when the root cause is addressed, greater than simply treating the symptoms. APCERT works together to not only respond the symptom of the diseases, but we are trying to identifies the causes and root causes, and remediate them. We focus the identification of underlying cyber risk factors in the global cyber ecosystem that poses a risk to stakeholders across the globe. And we work together to remediate them.
- Look for Opportunities collaborate on safety, cleanliness and health –> clean up malware and cooperate in removing botnets focus on measurement –> education, tools, information sharing Industry critical for real time incident response and information sharing Government plays important role for clean up– enabler for the action by industry and technical community Provide trusted POC for hotlines as a part of confidence building measures
- APCERT has turned this challenge to an opportunity. APCERT members work on addressing cyber security concerns through many programs including: an annual cybersecurity exercise, cleanup programs, awareness campaign, partnership, developing and training support, and shared network monitoring system and data sharing. We provide trust POC hotline between the members.