asean regional forum meeting 28 – 30 april 2010 bandar seri begawan, brunei
DESCRIPTION
ASEAN Regional Forum Meeting 28 – 30 April 2010 Bandar Seri Begawan, Brunei CERT- In’s Initiative on International Information Security Dr A S Kamble Director Indian Computer Emergency Response Team (CERT-In) Department of Information Technology - PowerPoint PPT PresentationTRANSCRIPT
1
ASEAN Regional Forum Meeting 28 – 30 April 2010
Bandar Seri Begawan, Brunei
CERT-In’s Initiative on International Information Security
Dr A S KambleDirector
Indian Computer Emergency Response Team (CERT-In)Department of Information Technology
Min. of Communications & IT, Govt. of IndiaNew Delhi
Email : [email protected], [email protected]
‘Ensure security of cyber space in the country’
by
‘Enhancing the security of communications and Information infrastructure’
through
‘Proactive action and effective collaboration aimed at security incident prevention, prediction, response &
recovery and security assurance’
CERT-In: Mission and Mandate
Mission: ‘Alert, Advice and Assurance’
2
CERT-In: Legal Status
CERT-In derives its authority from Section70B of Indian IT Act
Amendments (2008).
Section 70B: Designates CERT-In as the National nodal
agency to carry out all activities related to cyber security and
emergency response. In discharge of its functions, CERT-In is
empowered to call for information and give direction to service
providers, intermediaries, data centres, body corporate & any
other person.
Any failure to comply with its request or directions is liable for
punishment as provided in the amended Act.
3
ISPsKey Networks
Sectoral CERTs CSIRTsVendors
MediaLawEnforcement Agencies
Small and Home Users
CERT-In
-- Government Sector- Critical information
Infrastructure - Corporate Sector
International CERTsAPCERTFIRST
CERT-In is the nodal agency to coordinate all cyber security related matters in India
CERT-In Partners & Stakeholders
4
Department of Information Technology
Department of Information Technology
Detection Analysis Dissemination & Support
Analysis
Recovery
Det
ect
Dissem
inatio
n
ISP Hot Liners
Press & TV / Radio
Home Users
Private Sectors
Major ISPs
Foreign partners
CERT-In Work Process
5
• International Cooperation
– Member of FIRST
– Member of APCERT
– Research Partner of APWG
– Bilateral MoUs with JPCERT; NCSC,Korea;KrCERT(proposed)
– National Computer Board (NCB), Mauritius
– Members of CERT-In visited Mauritius for setting up of CERT-MU in Mauritius
– Provided training on CERT operations to technical staff of CERT-Mauritius
– CERT-MU has been operationalised and launched in May 2008
International Security Cooperation and Collaboration
6
7
• Collaboration with international security organizations and CERTs to facilitate exchange of information related to latest threats and international best practices
– Organized and hosted ARF Workshop on “Cyber Security” in New Delhi during 6th – 8th September 2006
– 20 ARF countries and representatives of ASEAN Secretariat and private sectors participated in the workshop – 58 delegates
– Organized Workshop on “Information Systems Security for System Administrators” of ASEAN countries, 28-30 August 2006, Manesar, India
– 21 System administrators attended the workshop
– Provided Hand-on practical training during the workshop
• Participated along with other International CERTs in resolving Estonia Govt. Website attack.
International Security Cooperation and Collaboration contd..
CERT-In as a National ‘watch and warning’ system primarily focuses
on the following:
•Monitoring the cyber space for timely forecasts, alerts & advice on cyber security incidents
•Coordination of cyber security crisis management & emergency response actions across all sectors in the country
•Focal point for collection, analysis, dissemination and sharing of information on cyber security issues and incidents
•Security policy compliance and enforcement within Govt. and Critical sectors
•Capacity building in terms of manpower, skills, facilities, tools and techniques
•Cyber security surveys, guidelines, standards and white papers
Focus of CERT-In activities
8
International Cyber Security Drill
Joint International Incident Handling Coordination Drill
• Participated in APCERT International Incident Handling Drill 2006
• Participants: 13 APCERT Members and New Zealand, Vietnam including 5 major Korean ISPs
• Scenario: Countermeasure against Malicious Code and relevant infringement as DDoS attack
• Participated in APCERT International Incident Handling Drill 2007
• Participants: 13 APCERT Members + Korean ISPs
• Scenario: DDoS and Malicious Code Injection
• Participated in APCERT International Incident Handling Drill 2008 & 2009
• Participants: 13 APCERT Members
• Scenario: Dealing with Underground Economy & Malware propagation
9
Thank youThank you
10