SlideShare a Scribd company logo

2023 NCIT: Essentials for a CERT

APNIC
APNIC

APNIC Senior Security Specialist Adli Wahid gave a keynote presentation on the essential component of a CERT at the 2023 NCIT, held in Suva, Fiji from 17 to 18 August 2023.

Internet
1 of 20
Download to read offline
Essentials for a CERT : How Far Are We? Adli Wahid adli@apnic.net 1
Let’s Connect! Adli Wahid (LinkedIn) 2
CERT / CSIRT • Certificate • Computer Emergency Response Team • Computer Security Incident Response Team 3
My Perspective National CERT 2006 - 2012 Enterprise CSIRT 2012 - 2014 Support for new CERT/CSIRTS 2014 – now CERT Community (FIRST.org) 4
Where does it fit? Identify Protect Detect Respond Recover NIST Cyber Security Framework (v1) 5
Incidents Everywhere! Anticipate & Prepare Incident Response Plan / Playbook Mitigate & Share Lessons Learned 6
Entities & Capabilities CERT with National Responsibilities Enterprise CERTs/CSIRTs CERT of the Last Resort Ad-Hoc Incident Response Check out www.first.org Trusted Point of Contacts 7
Incident Response Process & Capabilities 8
Managing Things 9 • Managing Security Incidents o Reduce Impact of Security Incidents o Prevent Security Incident from Occurring o Fixing actual vulnerabilities o Gain insights about emerging threats or incidents (Information Security & Analysis Centers, Threat Intel Feeds) o Collaborate with other stakeholders (i.e. investigation, policy/strategy) • Managing Security Incident Response Teams o Establishing CSIRT o Operationalizing CSIRT o Having the right skill-sets, knowledge and tools o Being part of the community o Mentoring
Outcomes Co-ordination Reports with Context Information Sharing = Collaboration Actionable Plans Preparedness Better Policies / Strategy Education / Awareness (Targeted) 10
Don’t Phish Me! • Online Banking • Traditional Phishing (email -> Web) • Multiple Banks • CERT receiving reports but coordination is needed • Money Mules! • Outcomes – coordinated plan, LEA engagement, Awareness for Customers, Browser Plugin Anti Phishing Working Group (2007) 11
Key Ingredient – People • Who is going to work in the team • Role/Position = $$ • Training and capacity development oGo deeper and wider • Transitioning from non-security, non-secops • Upskilling for tech folks – management 12 Sri Lanka CERT Cyber Security Awareness Week (2016)
Annual National Cyber Security Exercise 2007 - XMAYA National Cyber Crisis Management Plan for Critical Infrastructure Process Coordination / Escalation People / Technology Capabilities and Communication o National Security Council o Support by Sector Lead of Critical Infrastructure o Drill Development & Preparation by National CERT o Good view of policy vs implementation o Roles & Responsibilities o Capacity Development – Experience Incident 13
Challenges • Different Set of Challenges for National vs Enterprise CERTs • Getting started ** • Organisational – Mandate/Responsibility, Sustainability and Expansion • Operational – visibility, resources, collaboration & coordination 14
Challenges - Continuity • Continuity – change is expected • Consistent policy, vision needed • Positive = CERT expanding into a cyber security agency • Negative = No funding for CERT, hostile takeovers • Strengthening the Stakeholders • User base and technology is dynamic • Supporting the ecosystem – Resources, Training & Infrastructure 15
CERT/CSIRT in the Pacific Project • Interest in setting up a National CERT (starting with CERT Tonga) in 2016 • Kick Start – Series of Workshops • Focus o Establishing & Operationalizing a CERT in the context of the Pacific o Collaboration + Networking (with other partners PACSON, APCERT & FIRST) o On the job training o Sharing ideas, success stories etc • Created momentum in other areas of cyber security i.e. education & awareness, support for LEAs and other stakeholders 16
Where are we? 1. Do you have an incident response plan? 2. What are the top 5 threats last year or last month? 3. Where do cyber security incidents* get reported? 4. Is there an active information sharing network for security practitioners or security teams? 5. Is there good visibility of what is happening in the environment? 6. Are organisations assessed to deal with data breach incidents or ransomware? How is the coverage? 7. Are there any activities related to the coordination of incidents within a specific economic sector or at the national level. 17
Cyber Security Ecosystem Network Operators Law Enforcement Policy Makers / Gov Researchers Vendors CERTS/ISACs /CSIRTs Individual Users Organizations 18
Take Aways • Appreciation of Incident Response in the Bigger Security Picture • Cyber Resilience is not an option • Continuous process • Dedicated Teams & Capabilities • Challenges – Getting Started, Expanding and Maintaining • Requires planning, resources and persistence • Our role – support & do something now 19
Thank you Adli Wahid (LInkedIn) adli@apnic.net www.apnic.net academy.apnic.net 20

Recommended

2021 CNCERT International Partnership Conference: Increasing cybersecurity pr...
2021 CNCERT International Partnership Conference: Increasing cybersecurity pr...2021 CNCERT International Partnership Conference: Increasing cybersecurity pr...
2021 CNCERT International Partnership Conference: Increasing cybersecurity pr...APNIC
 
Embracing Threat Intelligence and Finding ROI in Your Decision
Embracing Threat Intelligence and Finding ROI in Your DecisionEmbracing Threat Intelligence and Finding ROI in Your Decision
Embracing Threat Intelligence and Finding ROI in Your DecisionCylance
 
SIEM-plifying security monitoring: A different approach to security visibility
SIEM-plifying security monitoring: A different approach to security visibilitySIEM-plifying security monitoring: A different approach to security visibility
SIEM-plifying security monitoring: A different approach to security visibilityAlienVault
 
Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...
Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...
Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...Puneet Kukreja
 
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Joe Bartolo
 
Why Your Company Needs A Privacy Culture & Where To Start
Why Your Company Needs A Privacy Culture & Where To StartWhy Your Company Needs A Privacy Culture & Where To Start
Why Your Company Needs A Privacy Culture & Where To StartTrustArc
 
33rd TWNIC IP OPM: Practical Incident Response & Threat Intelligence
33rd TWNIC IP OPM: Practical Incident Response & Threat Intelligence33rd TWNIC IP OPM: Practical Incident Response & Threat Intelligence
33rd TWNIC IP OPM: Practical Incident Response & Threat IntelligenceAPNIC
 
Build an Information Security Strategy
Build an Information Security StrategyBuild an Information Security Strategy
Build an Information Security StrategyAndrew Byers
 

Recommended

2021 CNCERT International Partnership Conference: Increasing cybersecurity pr...
2021 CNCERT International Partnership Conference: Increasing cybersecurity pr...2021 CNCERT International Partnership Conference: Increasing cybersecurity pr...
2021 CNCERT International Partnership Conference: Increasing cybersecurity pr...APNIC
 
Embracing Threat Intelligence and Finding ROI in Your Decision
Embracing Threat Intelligence and Finding ROI in Your DecisionEmbracing Threat Intelligence and Finding ROI in Your Decision
Embracing Threat Intelligence and Finding ROI in Your DecisionCylance
 
SIEM-plifying security monitoring: A different approach to security visibility
SIEM-plifying security monitoring: A different approach to security visibilitySIEM-plifying security monitoring: A different approach to security visibility
SIEM-plifying security monitoring: A different approach to security visibilityAlienVault
 
Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...
Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...
Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...Puneet Kukreja
 
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Joe Bartolo
 
Why Your Company Needs A Privacy Culture & Where To Start
Why Your Company Needs A Privacy Culture & Where To StartWhy Your Company Needs A Privacy Culture & Where To Start
Why Your Company Needs A Privacy Culture & Where To StartTrustArc
 
33rd TWNIC IP OPM: Practical Incident Response & Threat Intelligence
33rd TWNIC IP OPM: Practical Incident Response & Threat Intelligence33rd TWNIC IP OPM: Practical Incident Response & Threat Intelligence
33rd TWNIC IP OPM: Practical Incident Response & Threat IntelligenceAPNIC
 
Build an Information Security Strategy
Build an Information Security StrategyBuild an Information Security Strategy
Build an Information Security StrategyAndrew Byers
 
Cybersecurity Risk Governance
Cybersecurity Risk GovernanceCybersecurity Risk Governance
Cybersecurity Risk GovernanceDan Michaluk
 
The Permanent Campaign
The Permanent CampaignThe Permanent Campaign
The Permanent CampaignDenim Group
 
The Permanent Campaign: Driving a Secure Software Initiative in the Enterprise
The Permanent Campaign: Driving a Secure Software Initiative in the EnterpriseThe Permanent Campaign: Driving a Secure Software Initiative in the Enterprise
The Permanent Campaign: Driving a Secure Software Initiative in the EnterpriseDenim Group
 
Helen Patton - Cross-Industry Collaboration
Helen Patton - Cross-Industry CollaborationHelen Patton - Cross-Industry Collaboration
Helen Patton - Cross-Industry Collaborationcentralohioissa
 
Security Program Guidance and Establishing a Culture of Security
Security Program Guidance and Establishing a Culture of SecuritySecurity Program Guidance and Establishing a Culture of Security
Security Program Guidance and Establishing a Culture of SecurityDoug Copley
 
Cert adli wahid_iisf2011
Cert adli wahid_iisf2011Cert adli wahid_iisf2011
Cert adli wahid_iisf2011Directorate of Information Security | Ditjen Aptika
 
Building an Effective Data Privacy Program – 6 Steps from TRUSTe
Building an Effective Data Privacy Program – 6 Steps from TRUSTeBuilding an Effective Data Privacy Program – 6 Steps from TRUSTe
Building an Effective Data Privacy Program – 6 Steps from TRUSTeTrustArc
 
[Agile Portugal 2014] - Agile Decision Support System for Upper Management - ...
[Agile Portugal 2014] - Agile Decision Support System for Upper Management - ...[Agile Portugal 2014] - Agile Decision Support System for Upper Management - ...
[Agile Portugal 2014] - Agile Decision Support System for Upper Management - ...Pedro Henriques
 
Cybersecurity response in the Pacific
Cybersecurity response in the PacificCybersecurity response in the Pacific
Cybersecurity response in the PacificAPNIC
 
Introducing Ethical Hacking to the Ministry of Defence.pdf
Introducing Ethical Hacking to the Ministry of Defence.pdfIntroducing Ethical Hacking to the Ministry of Defence.pdf
Introducing Ethical Hacking to the Ministry of Defence.pdfAssociation for Project Management
 
Stockholm Internet Forum 2017: Development of CERTs in the Asia Pacific
Stockholm Internet Forum 2017: Development of CERTs in the Asia PacificStockholm Internet Forum 2017: Development of CERTs in the Asia Pacific
Stockholm Internet Forum 2017: Development of CERTs in the Asia PacificAPNIC
 
Battle Tested Application Security
Battle Tested Application SecurityBattle Tested Application Security
Battle Tested Application SecurityTy Sbano
 
Corporate Security Intelligence Just Got Smarter All Courses Linkedin
Corporate Security Intelligence Just Got Smarter All Courses LinkedinCorporate Security Intelligence Just Got Smarter All Courses Linkedin
Corporate Security Intelligence Just Got Smarter All Courses LinkedinSteve Phelps
 
Testing in the Year 2020: The Erosion of Governance, Management, and Excellence
Testing in the Year 2020: The Erosion of Governance, Management, and ExcellenceTesting in the Year 2020: The Erosion of Governance, Management, and Excellence
Testing in the Year 2020: The Erosion of Governance, Management, and ExcellenceTechWell
 
Build and Information Security Strategy
Build and Information Security StrategyBuild and Information Security Strategy
Build and Information Security StrategyInfo-Tech Research Group
 
Improve Information Security Practices in the Small Enterprise
Improve Information Security Practices in the Small EnterpriseImprove Information Security Practices in the Small Enterprise
Improve Information Security Practices in the Small EnterpriseGeorge Goodall
 
ISF Congress 2016 - Session 7.2_Kukreja
ISF Congress 2016 - Session 7.2_KukrejaISF Congress 2016 - Session 7.2_Kukreja
ISF Congress 2016 - Session 7.2_KukrejaPuneet Kukreja
 
Towards data responsibility - how to put ideals into action
Towards data responsibility - how to put ideals into actionTowards data responsibility - how to put ideals into action
Towards data responsibility - how to put ideals into actionMindtrek
 
Digital crypto currency - Is it a game changer investment in India?
Digital crypto currency - Is it a game changer investment in India?Digital crypto currency - Is it a game changer investment in India?
Digital crypto currency - Is it a game changer investment in India?Pavan Dikondkar
 
Security Awareness Training for Community Colleges 2009
Security Awareness Training for Community Colleges 2009Security Awareness Training for Community Colleges 2009
Security Awareness Training for Community Colleges 2009Donald E. Hester
 
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024APNIC
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...APNIC
 

More Related Content

Similar to 2023 NCIT: Essentials for a CERT

Cybersecurity Risk Governance
Cybersecurity Risk GovernanceCybersecurity Risk Governance
Cybersecurity Risk GovernanceDan Michaluk
 
The Permanent Campaign
The Permanent CampaignThe Permanent Campaign
The Permanent CampaignDenim Group
 
The Permanent Campaign: Driving a Secure Software Initiative in the Enterprise
The Permanent Campaign: Driving a Secure Software Initiative in the EnterpriseThe Permanent Campaign: Driving a Secure Software Initiative in the Enterprise
The Permanent Campaign: Driving a Secure Software Initiative in the EnterpriseDenim Group
 
Helen Patton - Cross-Industry Collaboration
Helen Patton - Cross-Industry CollaborationHelen Patton - Cross-Industry Collaboration
Helen Patton - Cross-Industry Collaborationcentralohioissa
 
Security Program Guidance and Establishing a Culture of Security
Security Program Guidance and Establishing a Culture of SecuritySecurity Program Guidance and Establishing a Culture of Security
Security Program Guidance and Establishing a Culture of SecurityDoug Copley
 
Building an Effective Data Privacy Program – 6 Steps from TRUSTe
Building an Effective Data Privacy Program – 6 Steps from TRUSTeBuilding an Effective Data Privacy Program – 6 Steps from TRUSTe
Building an Effective Data Privacy Program – 6 Steps from TRUSTeTrustArc
 
[Agile Portugal 2014] - Agile Decision Support System for Upper Management - ...
[Agile Portugal 2014] - Agile Decision Support System for Upper Management - ...[Agile Portugal 2014] - Agile Decision Support System for Upper Management - ...
[Agile Portugal 2014] - Agile Decision Support System for Upper Management - ...Pedro Henriques
 
Cybersecurity response in the Pacific
Cybersecurity response in the PacificCybersecurity response in the Pacific
Cybersecurity response in the PacificAPNIC
 
Stockholm Internet Forum 2017: Development of CERTs in the Asia Pacific
Stockholm Internet Forum 2017: Development of CERTs in the Asia PacificStockholm Internet Forum 2017: Development of CERTs in the Asia Pacific
Stockholm Internet Forum 2017: Development of CERTs in the Asia PacificAPNIC
 
Battle Tested Application Security
Battle Tested Application SecurityBattle Tested Application Security
Battle Tested Application SecurityTy Sbano
 
Corporate Security Intelligence Just Got Smarter All Courses Linkedin
Corporate Security Intelligence Just Got Smarter All Courses LinkedinCorporate Security Intelligence Just Got Smarter All Courses Linkedin
Corporate Security Intelligence Just Got Smarter All Courses LinkedinSteve Phelps
 
Testing in the Year 2020: The Erosion of Governance, Management, and Excellence
Testing in the Year 2020: The Erosion of Governance, Management, and ExcellenceTesting in the Year 2020: The Erosion of Governance, Management, and Excellence
Testing in the Year 2020: The Erosion of Governance, Management, and ExcellenceTechWell
 
Improve Information Security Practices in the Small Enterprise
Improve Information Security Practices in the Small EnterpriseImprove Information Security Practices in the Small Enterprise
Improve Information Security Practices in the Small EnterpriseGeorge Goodall
 
ISF Congress 2016 - Session 7.2_Kukreja
ISF Congress 2016 - Session 7.2_KukrejaISF Congress 2016 - Session 7.2_Kukreja
ISF Congress 2016 - Session 7.2_KukrejaPuneet Kukreja
 
Towards data responsibility - how to put ideals into action
Towards data responsibility - how to put ideals into actionTowards data responsibility - how to put ideals into action
Towards data responsibility - how to put ideals into actionMindtrek
 
Digital crypto currency - Is it a game changer investment in India?
Digital crypto currency - Is it a game changer investment in India?Digital crypto currency - Is it a game changer investment in India?
Digital crypto currency - Is it a game changer investment in India?Pavan Dikondkar
 
Security Awareness Training for Community Colleges 2009
Security Awareness Training for Community Colleges 2009Security Awareness Training for Community Colleges 2009
Security Awareness Training for Community Colleges 2009Donald E. Hester
 

Similar to 2023 NCIT: Essentials for a CERT (20)

Cybersecurity Risk Governance
Cybersecurity Risk GovernanceCybersecurity Risk Governance
Cybersecurity Risk Governance
 
The Permanent Campaign
The Permanent CampaignThe Permanent Campaign
The Permanent Campaign
 
The Permanent Campaign: Driving a Secure Software Initiative in the Enterprise
The Permanent Campaign: Driving a Secure Software Initiative in the EnterpriseThe Permanent Campaign: Driving a Secure Software Initiative in the Enterprise
The Permanent Campaign: Driving a Secure Software Initiative in the Enterprise
 
Helen Patton - Cross-Industry Collaboration
Helen Patton - Cross-Industry CollaborationHelen Patton - Cross-Industry Collaboration
Helen Patton - Cross-Industry Collaboration
 
Security Program Guidance and Establishing a Culture of Security
Security Program Guidance and Establishing a Culture of SecuritySecurity Program Guidance and Establishing a Culture of Security
Security Program Guidance and Establishing a Culture of Security
 
Cert adli wahid_iisf2011
Cert adli wahid_iisf2011Cert adli wahid_iisf2011
Cert adli wahid_iisf2011
 
Building an Effective Data Privacy Program – 6 Steps from TRUSTe
Building an Effective Data Privacy Program – 6 Steps from TRUSTeBuilding an Effective Data Privacy Program – 6 Steps from TRUSTe
Building an Effective Data Privacy Program – 6 Steps from TRUSTe
 
[Agile Portugal 2014] - Agile Decision Support System for Upper Management - ...
[Agile Portugal 2014] - Agile Decision Support System for Upper Management - ...[Agile Portugal 2014] - Agile Decision Support System for Upper Management - ...
[Agile Portugal 2014] - Agile Decision Support System for Upper Management - ...
 
Cybersecurity response in the Pacific
Cybersecurity response in the PacificCybersecurity response in the Pacific
Cybersecurity response in the Pacific
 
Introducing Ethical Hacking to the Ministry of Defence.pdf
Introducing Ethical Hacking to the Ministry of Defence.pdfIntroducing Ethical Hacking to the Ministry of Defence.pdf
Introducing Ethical Hacking to the Ministry of Defence.pdf
 
Stockholm Internet Forum 2017: Development of CERTs in the Asia Pacific
Stockholm Internet Forum 2017: Development of CERTs in the Asia PacificStockholm Internet Forum 2017: Development of CERTs in the Asia Pacific
Stockholm Internet Forum 2017: Development of CERTs in the Asia Pacific
 
Battle Tested Application Security
Battle Tested Application SecurityBattle Tested Application Security
Battle Tested Application Security
 
Corporate Security Intelligence Just Got Smarter All Courses Linkedin
Corporate Security Intelligence Just Got Smarter All Courses LinkedinCorporate Security Intelligence Just Got Smarter All Courses Linkedin
Corporate Security Intelligence Just Got Smarter All Courses Linkedin
 
Testing in the Year 2020: The Erosion of Governance, Management, and Excellence
Testing in the Year 2020: The Erosion of Governance, Management, and ExcellenceTesting in the Year 2020: The Erosion of Governance, Management, and Excellence
Testing in the Year 2020: The Erosion of Governance, Management, and Excellence
 
Build and Information Security Strategy
Build and Information Security StrategyBuild and Information Security Strategy
Build and Information Security Strategy
 
Improve Information Security Practices in the Small Enterprise
Improve Information Security Practices in the Small EnterpriseImprove Information Security Practices in the Small Enterprise
Improve Information Security Practices in the Small Enterprise
 
ISF Congress 2016 - Session 7.2_Kukreja
ISF Congress 2016 - Session 7.2_KukrejaISF Congress 2016 - Session 7.2_Kukreja
ISF Congress 2016 - Session 7.2_Kukreja
 
Towards data responsibility - how to put ideals into action
Towards data responsibility - how to put ideals into actionTowards data responsibility - how to put ideals into action
Towards data responsibility - how to put ideals into action
 
Digital crypto currency - Is it a game changer investment in India?
Digital crypto currency - Is it a game changer investment in India?Digital crypto currency - Is it a game changer investment in India?
Digital crypto currency - Is it a game changer investment in India?
 
Security Awareness Training for Community Colleges 2009
Security Awareness Training for Community Colleges 2009Security Awareness Training for Community Colleges 2009
Security Awareness Training for Community Colleges 2009
 

More from APNIC

DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024APNIC
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...APNIC
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024APNIC
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGAPNIC
 
IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119APNIC
 
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119APNIC
 
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119APNIC
 
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119APNIC
 
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119APNIC
 
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...APNIC
 
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC
 
NANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonNANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonAPNIC
 
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonDNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonAPNIC
 
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPNIC
 
Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6APNIC
 
AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!APNIC
 
CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023APNIC
 
AFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet developmentAFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet developmentAPNIC
 
AFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment StatusAFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment StatusAPNIC
 
AFSIG 2023: Internet routing and addressing
AFSIG 2023: Internet routing and addressingAFSIG 2023: Internet routing and addressing
AFSIG 2023: Internet routing and addressingAPNIC
 

More from APNIC (20)

DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOG
 
IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119
 
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
 
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
 
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
 
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
 
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
 
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
 
NANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonNANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff Huston
 
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonDNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
 
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
 
Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6
 
AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!
 
CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023
 
AFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet developmentAFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet development
 
AFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment StatusAFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment Status
 
AFSIG 2023: Internet routing and addressing
AFSIG 2023: Internet routing and addressingAFSIG 2023: Internet routing and addressing
AFSIG 2023: Internet routing and addressing
 

Recently uploaded

VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With RoomVIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Roomgirls4nights
 
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Russian Call girls in Dubai +971563133746 Dubai Call girls
Russian Call girls in Dubai +971563133746 Dubai Call girlsRussian Call girls in Dubai +971563133746 Dubai Call girls
Russian Call girls in Dubai +971563133746 Dubai Call girlsstephieert
 
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...SofiyaSharma5
 
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.soniya singh
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Roomishabajaj13
 
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779Delhi Call girls
 
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts servicesonalikaur4
 
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With RoomVIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Roomdivyansh0kumar0
 
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine ServiceHot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Servicesexy call girls service in goa
 
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl ServiceRussian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl Servicegwenoracqe6
 
Challengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya Shirtrahman018755
 
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call GirlVIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girladitipandeya
 
AlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsAlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsThierry TROUIN ☁
 
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls KolkataLow Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Callshivangimorya083
 
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebGDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebJames Anderson
 
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersMoving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersDamian Radcliffe
 

Recently uploaded (20)

VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With RoomVIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
 
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
 
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
Russian Call girls in Dubai +971563133746 Dubai Call girls
Russian Call girls in Dubai +971563133746 Dubai Call girlsRussian Call girls in Dubai +971563133746 Dubai Call girls
Russian Call girls in Dubai +971563133746 Dubai Call girls
 
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
 
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
 
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
 
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
 
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
 
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With RoomVIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
 
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine ServiceHot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
 
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl ServiceRussian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
 
Challengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya Shirt
 
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call GirlVIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
 
AlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsAlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with Flows
 
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls KolkataLow Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
 
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebGDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
 
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersMoving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
 

2023 NCIT: Essentials for a CERT

  • 1. Essentials for a CERT : How Far Are We? Adli Wahid adli@apnic.net 1
  • 3. CERT / CSIRT • Certificate • Computer Emergency Response Team • Computer Security Incident Response Team 3
  • 4. My Perspective National CERT 2006 - 2012 Enterprise CSIRT 2012 - 2014 Support for new CERT/CSIRTS 2014 – now CERT Community (FIRST.org) 4
  • 5. Where does it fit? Identify Protect Detect Respond Recover NIST Cyber Security Framework (v1) 5
  • 6. Incidents Everywhere! Anticipate & Prepare Incident Response Plan / Playbook Mitigate & Share Lessons Learned 6
  • 7. Entities & Capabilities CERT with National Responsibilities Enterprise CERTs/CSIRTs CERT of the Last Resort Ad-Hoc Incident Response Check out www.first.org Trusted Point of Contacts 7
  • 8. Incident Response Process & Capabilities 8
  • 9. Managing Things 9 • Managing Security Incidents o Reduce Impact of Security Incidents o Prevent Security Incident from Occurring o Fixing actual vulnerabilities o Gain insights about emerging threats or incidents (Information Security & Analysis Centers, Threat Intel Feeds) o Collaborate with other stakeholders (i.e. investigation, policy/strategy) • Managing Security Incident Response Teams o Establishing CSIRT o Operationalizing CSIRT o Having the right skill-sets, knowledge and tools o Being part of the community o Mentoring
  • 11. Don’t Phish Me! • Online Banking • Traditional Phishing (email -> Web) • Multiple Banks • CERT receiving reports but coordination is needed • Money Mules! • Outcomes – coordinated plan, LEA engagement, Awareness for Customers, Browser Plugin Anti Phishing Working Group (2007) 11
  • 12. Key Ingredient – People • Who is going to work in the team • Role/Position = $$ • Training and capacity development oGo deeper and wider • Transitioning from non-security, non-secops • Upskilling for tech folks – management 12 Sri Lanka CERT Cyber Security Awareness Week (2016)
  • 13. Annual National Cyber Security Exercise 2007 - XMAYA National Cyber Crisis Management Plan for Critical Infrastructure Process Coordination / Escalation People / Technology Capabilities and Communication o National Security Council o Support by Sector Lead of Critical Infrastructure o Drill Development & Preparation by National CERT o Good view of policy vs implementation o Roles & Responsibilities o Capacity Development – Experience Incident 13
  • 14. Challenges • Different Set of Challenges for National vs Enterprise CERTs • Getting started ** • Organisational – Mandate/Responsibility, Sustainability and Expansion • Operational – visibility, resources, collaboration & coordination 14
  • 15. Challenges - Continuity • Continuity – change is expected • Consistent policy, vision needed • Positive = CERT expanding into a cyber security agency • Negative = No funding for CERT, hostile takeovers • Strengthening the Stakeholders • User base and technology is dynamic • Supporting the ecosystem – Resources, Training & Infrastructure 15
  • 16. CERT/CSIRT in the Pacific Project • Interest in setting up a National CERT (starting with CERT Tonga) in 2016 • Kick Start – Series of Workshops • Focus o Establishing & Operationalizing a CERT in the context of the Pacific o Collaboration + Networking (with other partners PACSON, APCERT & FIRST) o On the job training o Sharing ideas, success stories etc • Created momentum in other areas of cyber security i.e. education & awareness, support for LEAs and other stakeholders 16
  • 17. Where are we? 1. Do you have an incident response plan? 2. What are the top 5 threats last year or last month? 3. Where do cyber security incidents* get reported? 4. Is there an active information sharing network for security practitioners or security teams? 5. Is there good visibility of what is happening in the environment? 6. Are organisations assessed to deal with data breach incidents or ransomware? How is the coverage? 7. Are there any activities related to the coordination of incidents within a specific economic sector or at the national level. 17
  • 18. Cyber Security Ecosystem Network Operators Law Enforcement Policy Makers / Gov Researchers Vendors CERTS/ISACs /CSIRTs Individual Users Organizations 18
  • 19. Take Aways • Appreciation of Incident Response in the Bigger Security Picture • Cyber Resilience is not an option • Continuous process • Dedicated Teams & Capabilities • Challenges – Getting Started, Expanding and Maintaining • Requires planning, resources and persistence • Our role – support & do something now 19
  • 20. Thank you Adli Wahid (LInkedIn) adli@apnic.net www.apnic.net academy.apnic.net 20