0 оценок0% нашли этот документ полезным (0 голосов)
30 просмотров1 страница
Meeting scheduled for 30 May 2016 Subject Matter: The Cyber Security Challenge AIM: Protecting our National Cyberspace from cyber threats (particularly in government) Identify the current network and systems infrastructure (in terms of layout up to the DIT site) Identify whether our current network systems require improvement to achieve better security. Identify the trending cyber threats-most costly cybercrimes are those caused by denial of service and eavesdropping attacks, forgery and redirection attacks, malicious insiders (phishing attacks) and
Meeting scheduled for 30 May 2016 Subject Matter: The Cyber Security Challenge AIM: Protecting our National Cyberspace from cyber threats (particularly in government) Identify the current network and systems infrastructure (in terms of layout up to the DIT site) Identify whether our current network systems require improvement to achieve better security. Identify the trending cyber threats-most costly cybercrimes are those caused by denial of service and eavesdropping attacks, forgery and redirection attacks, malicious insiders (phishing attacks) and
Meeting scheduled for 30 May 2016 Subject Matter: The Cyber Security Challenge AIM: Protecting our National Cyberspace from cyber threats (particularly in government) Identify the current network and systems infrastructure (in terms of layout up to the DIT site) Identify whether our current network systems require improvement to achieve better security. Identify the trending cyber threats-most costly cybercrimes are those caused by denial of service and eavesdropping attacks, forgery and redirection attacks, malicious insiders (phishing attacks) and
AIM: Protecting our National Cyberspace from cyber threats (particularly in government) We start with our DIS Information assets then elevate to the national level 1. First understand the current network and systems infrastructure (in terms of layout up to the DIT site). i.e. Identify the information systems Assets 2. Identify whether our current network systems require improvement to achieve better security 3. The current security products installed on the existing systems- Do require update? 4. Identify the trending cyber threats-most costly cybercrimes are those caused by denial of service and eavesdropping attacks, forgery and redirection attacks, malicious insiders (phishing attacks) and malicious code. 5. Relevant stakeholder engagement/cooperation both nationally and internationally on fighting cybercrime/terrorism 6. Any means of threat detection and prevention mechanisms adopted so far (means of hunting for indicators of compromise in real time, using various toolsets, based on intelligence gathered)- Do we currently follow the protection principles of Deter-ReactDetect and Prevent. (E.g. Note that the modern IPSs combine firewall, intrusion detection, antivirus and vulnerability assessment capabilities). Do we presently have such capability?- harden our system configurations. 7. Forensic Investigation Tools require enhancement? 8. The current legislation on cybercrime (law enforcement)- Any cybercrime laws in areas such as computer misuse, electronic signatures, data protection, intellectual property, liability and dispute resolution; 9. The National cybercrime laws are globally applicable and interoperable with the existing regional and global legislative measures; and (b) National cybercrime legislation allows global cooperation on cybercrime investigations and prosecution. 10. Any procedures of communicating the threats feeds obtained via intelligence monitoring and Surveillance 11. Any means of analyzing the threats (Security Auditing using Security Assessment tools)-log management and audit trailing procedures in place? 12. Communication procedures to leadership in response to security intelligence findings (Any incident response team in place, CIRTs) 13. What can be done to improve security? Cyber security strategy available? Does it comply with the current versions of security standards (ISO27000 series/PCI-DSS), 14. Give alternative intelligent security solutions and compare (e.g. Kaspersky widely used by London Metropolitan Police UK, Cisco security systems, NCR security system, etc) 15. Capacity building (involves security training and awareness, transfer knowledge and boost cybersecurity on the national policy agenda, JUDICIAL CAPACITY that enforces cybersecurity legal measures). 16. DIS Physical Assets, are they intelligently monitored and protected from the central point? 17. Annual review of the current IS Policy? Accountability 18. Roles and responsibilities need to be defined appropriately under the Cyber Security Team 19. We (the security team) can reduce our administrative workload by becoming more dynamic and precise in identifying and responding to the trending threats and adapting defenses. 20. Cost implications of adopting the way forward. 21. Website Development (professional layout, About us, What we do, etc)