eg-cert lessons learned - itu...eg-cert lessons learned by ahmed mashaly cyber security awareness...
TRANSCRIPT
![Page 1: Eg-CERT lessons learned - ITU...Eg-CERT lessons learned By Ahmed Mashaly Cyber security awareness Department manager 1-2 years before the official start in 4/2009. The real start As](https://reader034.vdocuments.us/reader034/viewer/2022042612/5f46dddc975de32855585fab/html5/thumbnails/1.jpg)
Eg-CERT lessons learnedBy Ahmed Mashaly
Cyber security awareness Department manager
![Page 2: Eg-CERT lessons learned - ITU...Eg-CERT lessons learned By Ahmed Mashaly Cyber security awareness Department manager 1-2 years before the official start in 4/2009. The real start As](https://reader034.vdocuments.us/reader034/viewer/2022042612/5f46dddc975de32855585fab/html5/thumbnails/2.jpg)
1-2 years before the official start in 4/2009.
The real start
![Page 3: Eg-CERT lessons learned - ITU...Eg-CERT lessons learned By Ahmed Mashaly Cyber security awareness Department manager 1-2 years before the official start in 4/2009. The real start As](https://reader034.vdocuments.us/reader034/viewer/2022042612/5f46dddc975de32855585fab/html5/thumbnails/3.jpg)
As usual with CERTs, we started with an incident response team.
6 team members, now we are around 35 team members.
Now we have (incident handling, Digital forensics, malware analysis and penetration testing)
We were hit by a major national case that required digital forensic analysis.
The start
![Page 4: Eg-CERT lessons learned - ITU...Eg-CERT lessons learned By Ahmed Mashaly Cyber security awareness Department manager 1-2 years before the official start in 4/2009. The real start As](https://reader034.vdocuments.us/reader034/viewer/2022042612/5f46dddc975de32855585fab/html5/thumbnails/4.jpg)
National Telecom Regulatory Authority - EGYPT 4
Phish Phry…
In Oct 2009, Egypt-US identity theft ring: “Authorities arrested 100 Americans and Egyptians in the smashing of an international identity theft ring publicized as one of the largest cybercrime cases ever
![Page 5: Eg-CERT lessons learned - ITU...Eg-CERT lessons learned By Ahmed Mashaly Cyber security awareness Department manager 1-2 years before the official start in 4/2009. The real start As](https://reader034.vdocuments.us/reader034/viewer/2022042612/5f46dddc975de32855585fab/html5/thumbnails/5.jpg)
Having a vision.
Knowing exactly where you are and where you want to be.
Vision
![Page 6: Eg-CERT lessons learned - ITU...Eg-CERT lessons learned By Ahmed Mashaly Cyber security awareness Department manager 1-2 years before the official start in 4/2009. The real start As](https://reader034.vdocuments.us/reader034/viewer/2022042612/5f46dddc975de32855585fab/html5/thumbnails/6.jpg)
Getting the political leadership on board.
Which organization will incubate the CERT.
Major difficulties
![Page 7: Eg-CERT lessons learned - ITU...Eg-CERT lessons learned By Ahmed Mashaly Cyber security awareness Department manager 1-2 years before the official start in 4/2009. The real start As](https://reader034.vdocuments.us/reader034/viewer/2022042612/5f46dddc975de32855585fab/html5/thumbnails/7.jpg)
Major difficulties
![Page 8: Eg-CERT lessons learned - ITU...Eg-CERT lessons learned By Ahmed Mashaly Cyber security awareness Department manager 1-2 years before the official start in 4/2009. The real start As](https://reader034.vdocuments.us/reader034/viewer/2022042612/5f46dddc975de32855585fab/html5/thumbnails/8.jpg)
Recruiting the appropriate calibers and building the needed knowledge.
communication with entities that are vital to our goals.
Major difficulties
![Page 9: Eg-CERT lessons learned - ITU...Eg-CERT lessons learned By Ahmed Mashaly Cyber security awareness Department manager 1-2 years before the official start in 4/2009. The real start As](https://reader034.vdocuments.us/reader034/viewer/2022042612/5f46dddc975de32855585fab/html5/thumbnails/9.jpg)
Communicating and Enforcing the needed actions with different telecom leaders (ISPs, Mobile operators, ..etc)
Awareness and Education for critical infrastructure IT staff ( governmental entities, banks,…)
The process of building a CERT team and an incident handling process (from our experienced partners)
Major difficulties
![Page 10: Eg-CERT lessons learned - ITU...Eg-CERT lessons learned By Ahmed Mashaly Cyber security awareness Department manager 1-2 years before the official start in 4/2009. The real start As](https://reader034.vdocuments.us/reader034/viewer/2022042612/5f46dddc975de32855585fab/html5/thumbnails/10.jpg)
Choosing a model (incident response only, incident response + awareness, malware analysis,….)
A new model that focuses on industrial control systems and infrastructure protection.
Also mobile security.
Models
![Page 11: Eg-CERT lessons learned - ITU...Eg-CERT lessons learned By Ahmed Mashaly Cyber security awareness Department manager 1-2 years before the official start in 4/2009. The real start As](https://reader034.vdocuments.us/reader034/viewer/2022042612/5f46dddc975de32855585fab/html5/thumbnails/11.jpg)
Try to find a way to communicate and stay in touch with your stake holders and your community ( conferences, periodical meetings, newsletters, even social media)
Commnication
![Page 12: Eg-CERT lessons learned - ITU...Eg-CERT lessons learned By Ahmed Mashaly Cyber security awareness Department manager 1-2 years before the official start in 4/2009. The real start As](https://reader034.vdocuments.us/reader034/viewer/2022042612/5f46dddc975de32855585fab/html5/thumbnails/12.jpg)
Questions