government and enterprise collaboration in cybersecurity
DESCRIPTION
My presentation at Fortinet's Security 361° conference: "Government and Enterprise Collaboration in Cybersecurity"TRANSCRIPT
URGENT NEED F
OR
GOVERNMENT AND
ENTERPR
ISE
COLLABORAT
ION IN
CYBER S
ECURITY
22
/ 11
/ 20
13
S
EC
UR
I TY
36
1
“Technological advances, combined with the ubiquity of the Internet, have spawned a near-infinite range of potentially grave security threats to governments, commercial entities and individuals.”
Paul Rosenzweig
CYBER-SECURITY:MOST CRUCIAL ISSUE AT ALL LEVELS
WHAT ABOUT HONG KONG?
recorded botnet, hacking and denial-of-service attacks in first 10 months of 2013
871
Source: Hong Kong Computer Emergency Response Team Coordination Center
40% increase over
the same period last year
APT ATTACKS
stealthy, targeted, persistent
DDOS ATTACKS
HONG KONG NETWORK: VULNERABLE?
Edward Snowden:
NSA targets included CUHK, public officials, businesses, students, network backbones
Mandiant:
HKUST network involved in
cyberattacks?
Complex, sophisticated attacks can wreak havoc not only on enterprise networks but critical infrastructure, even media agencies are vulnerable.
ECONOMIC SECURITY AT RISK
Classified information
Intellectual property
Consumer data
Business networks
CYBERSECURITY OF THE PRIVATE SECTOR IS CRUCIAL
• Protect investment in innovation and crucial functions – public utilities, finance and telecommunications
• Government’s daily function relies on assets owned and operated by the private sector
The
Need fo
r
Colla
borat
ion
INTER-DEPARTMENTAL WORKING GROUP ON COMPUTER RELATED CRIME
Major recommendations implemented
• ‘24-hour liaison system’ and ‘cooperation platforms’ between Law Enforcement Agencies, major ISPs and other institutions
• Enhancing education and publicity (Seminars)
• Internet Infrastructure Liaison Group (IILG) - no regular meeting?
• Standard procedures and guidelines
Year 2000
CYBERSECURITY: HK GOVT’S RESPONSE
OGCIO
• Infosec policies and guidelines
• Awareness building / public education
HKCERT
• Monitoring and response
• Threat detection and assessment
• Alert, drills and education
Police
• Combat of technology crimes at HQ, Regions and District levels;
• Cyber Security Centre set up in 2012
LEGISLATION: COMPUTER AND INTERNET-RELATED CRIMESTelecommunications Ordinance (Cap. 106)
•Prohibits unauthorised access to computer by telecommunications
Crimes Ordinance (Cap. 200)
•Tackles access to computer with criminal or dishonest intent.
Theft Ordinance (Cap. 210)
•Deals with offences of destroying, defacing, concealing or falsifying records kept by computer
UEMO (Cap. 593)
•prohibits fraud activities related to the sending of multiple commercial electronic messages.
SOME QUESTIONS
• Are our laws robust and relevant to handle ever-evolving cyber-threats?
• Is there enough info sharing and support to the private sector?
• How can private sector contribute?
MORE CAN BE DONE
• Conduct a comprehensive cyber security review and audit?
• Review of computer related crime and cybersecurity legislation?
• More, better communication channels between private sector and government?
• Directly support enterprises and SMEs to take precautions?
CYBER SECURITYCOLLABORATION:
PUBLIC-PRIVATE PARTNERSHIP?
GovernmentFrom law enforcement to info sharing facilitator?Accelerate the flow of info and support sharing of threat data?
EnterpriseImprove overall cyber security infrastructureShare information without the risk of legal action?
ISSUES TO IRON OUT…
• Government and enterprises using different sets of technology and process?
• How much to share? Privacy and sensitive business information
• What is the incentive or responsibility to report breaches and attacks?
• Real-time notification requires significant resources
GOVTS ARE PUTTING IN MORE EFFORT IN CYBER-SECURITYUSA: Cybersecurity Executive Order emphasize the need for PPP, greater information
sharing, and the collaborative development of a cybersecurity framework and program
UK: Cyber Security Strategy
Set up Cyber Security Information Partnership to share information and intelligence in real time
Singapore: 5-Year National Cyber Security Masterplan 2018
Enhance security of infrastructure, promote infosec adoption among end-users and businesses, grow pool of infosec experts
OUR ENTERPRISES HAS MUCH TO OFFER
• Ample local experts and technology to detect and mitigate cyber threats
• Strong expertise in infosec professional associations
• Extensive experience to contribute
Collaboration is the key
HONG KONG NEEDS TO STEP UP
• Mechanism for real-time detection and alert already in place (Police and HKCERT)
• Comprehensive, up-to-date review of government and enterprise infosec readiness
• Strengthen, organize and incentivize cyber security info exchange
• Support end-users and business beyond publicity and education
THANK YO
U!
Charles MokLegislative Councillor (Information Technology)
[email protected]: Charles Mok BTwitter: @charlesmok