Upload
others
View
0
Download
0
Embed Size (px)
Citation preview
bCyber Security Situation in Southeast AsiaSoutheast AsiaDr. Rom Hiranpruk
President: Thailand Information Security Association
27 September 2011, Bangkok
http://www.linkedin.com/in/romhiranpruk
Today’s Worldy• Internet of things: IPv6 will soon allow1 trillion connected devices (IPv4 ran out of addresses inconnected devices (IPv4 ran out of addresses in early 2010)
• Internet Traffic increased by 22 000% since 2000Internet Traffic increased by 22,000% since 2000 • Information/Data volume doubles every year • Over 210bn e mails sent daily• Over 210bn e‐mails sent daily • 43m Gb data sent across mobile phone daily F b k 4th l t t i ld (500 )• Facebook ‐ 4th largest country in world (500m)
• 32% of people in APAC mostly engage in social media at the their workplacemedia at the their workplace
• 1/3 Facebook users fake G ti l i P i ?• Geospatial services – Privacy?
Cybersecurity ThreatsCybersecurity Threats
h d d d d• Threats more advanced and targeted • Cyberterrorism against critical infrastructure –nuclear power stations, smart grids, public transportation, O&G refineries, water treatment
• Rise of ID and IP theft and corporate espionage • Sophisticated content‐based threats – thousandsSophisticated content based threats thousands new viruses and worms created everyday.
• Cross border cyber attacksCross border cyber attacks• Cybersecurity is National Security !!
Top Security Threat ConcernsTop Security Threat Concerns
Source: The 2011 (ISC)2 Global Information Security Workforce Study & Annual Report 2010
Government Policyhttp://www.google.com/trends
Government Policy
Borworn papasratorn @ NIDA Aug.2011
Cyberwar History ‐ 11982: logic bomb in computer control systems cause the explosion of Soviet g p y p
pipeline1999: AF/91 caused Iraqi anti‐aircraft guns malfunction1999: USA was attacked from computers and computer networks situated p p
in China and Russia. 2006: Israel alleged cyber‐warfare was part of the conflict, where the Israel
Defense Force (IDF) estimates several countries in the Middle East used R i h k d i iRussian hackers and scientists
2007: McAfee, Inc. alleged that China was actively involved in cyberwar. China was accused of cyber‐attacks on India, Germany, and the United States
2007 A il E i d b k f R i i2007, April: Estonia came under cyber attack from Russia targeting ministries, banks, and media
2007, Sept: Israel carried out an airstrike on Syria using a computer program designed to interfere with the computers of integrated air defensedesigned to interfere with the computers of integrated air defense systems
2007: US suffered "an espionage Pearl Harbor" ‐ "unknown foreign power...broke into all of the high tech agencies, all of the military agencies,power...broke into all of the high tech agencies, all of the military agencies, and downloaded terabytes of information.“
2007: Kyrgyz Central Election Commission was defaced. During the election campaigns and riots preceding the election, there were cases of Denial‐of‐p g p gservice attacks against the ISPs.
2008: Russian, South Ossetian, Georgian and Azerbaijani sites were attacked by hackers during the 2008 South Ossetia War.
Cyberwar History ‐ 22008 U S ilit f ilit i th Middl E t Th P t l d2008: U.S. military facility in the Middle East. The Pentagon released a
document, which reflected that a "malicious code" on a USB flash drive spread undetected on Pentagon systems.
2009 Dec‐Jan 2010 a cyber attack ‐ Operation Aurora was launched from2009 Dec‐Jan 2010, a cyber attack ‐ Operation Aurora, was launched from China against Google and over 20 other companies.
2009 March: a cyber spy network, GhostNet, using servers mainly based in China tapped into classified documents from government and privateChina tapped into classified documents from government and private organizations in 103 countries
2009 July: a series of cyber attacks against major government, news media, and financial websites in South Korea and the United States. From North Korea and UK
2010, Sept: Iran was attacked by Stuxnet worm. The worm is said to be the most advanced piece of malware ever discovered
2010, Oct: Britain faced a “real and credible” threat from cyber attacks by hostile states and criminals and government systems are targeted 1,000 times each month
2010 Nov Indian Cyber Army hacked the websites belonging to the Pakistan2010, Nov: Indian Cyber Army hacked the websites belonging to the Pakistan Army and ministries, as a revenge of the Mumbai terrorist attack
2010, Dec: Pakistan Cyber Army hacked the website of India's Central Bureau of Investigation (CBI)of Investigation (CBI)
The five pillars of the ITU Global Cybersecurity
AgendaAgenda
UN ‐ ITU’s Global CybersecurityAgenda (GCA)
Launched in 2007, GCA is a framework for international cooperation aimed at enhancing confidence and security in the information society.
18/8/2554 NCSC 2011 10
The five pillars of the ITU Global Cybersecurity
AgendaAgenda
UN ‐ ITU’s Global Cybersecurity
1. Legal Measures
Agenda (GCA)
Launched in 2007, GCA is a
2. Technical & Procedural Measures
3. Organizational Structuresframework for international cooperation aimed at enhancing confidence and security in the information society.
g
4. Capacity Building
5. International Cooperation
18/8/2554 NCSC 2011 11
Global Cybersecurity AgendaGlobal Cybersecurity Agenda
Global Cybersecurity AgendaA framework for international in cybersecurity
GCAChapter 4
Global Strategic Report – Capacity Building
Specific Steps to Promote a Culture of Cybersecurity
1) Implement a cybersecurity plan for government‐operated systems.2) Security awareness programmes and initiatives for users of systems and
networks3) E th d l t f lt f it i fi3) Encourage the development of a culture of security in firms4) Support outreach to civil society 5) Promote a comprehensive national awareness programme5) Promote a comprehensive national awareness programme6) Enhance Science and Technology (S&T) and Research and Development
(R&D) activities. 7) Review existing privacy regime and update it to the online environment. 8) Develop awareness of cyber‐threats and available solutions.
18/8/2554 NCSC 2011 13
Global Cybersecurity AgendaA framework for international in cybersecurity
GCAChapter 5
Global Strategic Report – International Cooperation
International cooperation• United Nations General Assembly;• International Telecommunication Union (ITU);• Interpol / Europol;• The Organisation for Economic Cooperation and Development (OECD);• The Organisation for Economic Cooperation and Development (OECD);• UN Organizations on Drug and Crime Problems (UNODC)• UN Interregional Crime and Justice Research Institute (UNICRI);g ( );• Internet Corporation for Assigned Names and Numbers (ICANN);• International Organization for Standardization (ISO);• The International Electrotechnical Commission (IEC);• Internet Engineering Task Force;
FIRST (F f I id t R d S it T )
18/8/2554 NCSC 2011 14
• FIRST (Forum of Incident Response and Security Teams).
Global Cybersecurity AgendaA framework for international in cybersecurity
GCAChapter 5
l b l l ifi l f i h i f i i
Global Strategic Report – International Cooperation
From a global culture to a specific culture for actors in the information security
18/8/2554 NCSC 2011 15
Network Readiness Index: WEFWorld Economic Forum
Borworn papasratorn @ NIDA Aug.2011
Infrastructure Ranking: WEFASEAN Countries
Borworn papasratorn @ NIDA Aug.2011
Government Policy: WEF
Borworn papasratorn @ NIDA Aug.2011
Cybersecurity Focus for ASEANAustrade Nov 2010Austrade Nov 2010
• Increasing risk awareness – public/enterpriseIncreasing risk awareness public/enterprise security culture and behaviors Ad t li i• Adequate policies
• Deploying Cybersecurity exercises at national p y g y ylevel
• Cross border collaboration to track cyber• Cross‐border collaboration to track cyber attackers
• Authentication ‐ biometrics, identity managementmanagement
IndonesiaIndonesia
SME th 90% f th I d i ICT• SMEs ‐more than 90% of the Indonesian ICT market.
• CAGR of around 15% over 2010 2014• CAGR of around 15% over 2010‐2014 • Hardware‐dominated market ‐more than 70% of ICT spendingICT spending
• 60% of software in use sourced from foreign producersproducers
• Establishment of National ICT Council in 2006 • Priority sectors for ICT spending: Telecoms• Priority sectors for ICT spending: Telecoms, Government, Manufacturing and Banking.
Indonesia Faces 1 Million Cyber Attacks DailyAttacks Daily
Q ilSh• BY MUHAMMAD IQBALEmailShare• The government should immediately create a National Cyber Security Framework to be used as a reference of all sectors in addressing cyber security issue. (IST)JAKARTA (IFT) ‐ Indonesia Security Incident Response Team on Internet I f (ID SIRTII) d d hInfrastructure (ID‐SIRTII) recorded that approximately one million cyber attacks are di t d t I d i d Th t ’ ldirected to Indonesia everyday. The country’s low security system has led to high levels of attack.
Lao PDR & Malaysia to Exchange Insights on IT Security03 MARCH 201103 MARCH 2011
• Malaysia hopes to share perspectives, y p p pexperiences and insights with the National Authority for Science and Technology (NAST)Authority for Science and Technology (NAST) on IT security at a workshop in Vientiane on 2 March 2011 The workshop on “IT SecurityMarch 2011. The workshop on IT Security Awareness” is organised by the NAST, a body under the purview of the Laotian Prime Minister’s office that is tasked to implement the Lao National E‐Government System.
MalaysiaMalaysia
T iti t Di it l E hi t h f d• Transition to Digital Economy – hi‐tech focused national development plan
• Priorities Mobile Content Broadband IT• Priorities: Mobile Content, Broadband IT, Financial IT, Health IT, IT Services – training / outsourcingoutsourcing
• Malaysian IT spending expected to grow to USD4.5bn in 2010USD4.5bn in 2010
• Addressable software market ‐ USD752mn (ERP, CRM, SaaS) , )
• Strong Government support – Multimedia Super Corridor (MSC) ( )
International Multilateral Partnership Against Cyber ThreatsInternational Multilateral Partnership Against Cyber Threats
About IMPACT
Non‐profit organisation
Focused on “upper end of cyber threats”
International & multilateral in nature
Public‐private partnership
Global HQ – Cyberjaya Malaysia
Staffed by international team of experts
18/8/2554 NCSC 2011 25
MYANMAR TOPS MALICIOUS INTERNET TRAFFIC SOURCE, STUDY FINDS : Posted on August 23rd, 2011 in by Simply Security
• The cybersecurity world is always evolving.The cybersecurity world is always evolving.• Proof that one can never be certain of what's going to happen in the world of cybercrimegoing to happen in the world of cybercrime, a new study from Akamai found that the country of Myanmar represented the top attack trafficof Myanmar represented the top attack traffic source in the first quarter of 2011.
• Akamai's report only serves to confound even• Akamai s report only serves to confound even further. According to the story, 13 percent of malicious internet traffic originated in Myanmarmalicious internet traffic originated in Myanmar. The United States, meanwhile, ranked No. 2 with 10 percent and Taiwan came in third with 9.110 percent and Taiwan came in third with 9.1 percent.
PhilippinesPhilippines
Phili i IT k t USD2 5B j t d• Philippine IT market approx. USD2.5B ‐ projected to grow to USD3.9B by 2014.
• CAGR of IT spending 12% (2010 14) rising• CAGR of IT spending = 12% (2010‐14) ‐ rising incomes & PC penetration.
• Software = 11% of IT spending (USD265m)• Software = 11% of IT spending (USD265m) • Supply of human resource with appropriate IT skills is a challengeskills is a challenge
• Priorities: Broadband and wireless IT, Health IT, E‐government IT solutions infra and servicesE government, IT solutions, infra and services for the BPO industry
GOVERNMENT SECURITYTHE PHILIPPINES PLOTS CYBER SECURITY PORTAL
By Robin Hicks | 7 November 2010The government of the Philippines is planning the launch of a cyber g pp p g y
security portal to help curb an alarming rise in cyber attacks on government online infrastructure.
RELATED ARTICLES• Philippine city govt connects satellite offices• The Philippines to implement new land management system
Th Phili i l l t f• The Philippines assesses local govt performance• The Philippines to use geohazard map for disaster reductionRELATED CATEGORIESGOVERNMENT SECURITYNEWS• 10 government agencies have experienced being hacked in the last• 10 government agencies have experienced being hacked in the last
few months, among them the Philippine Information Agency’s portal and the local government web site of the city of Bulacan, which was infiltrated by a hacker in protest over the Manilawhich was infiltrated by a hacker in protest over the Manila hostage seige.
First Annual Cyber Warfare Summit Philippines: Posted on October 20, 2010 by Joey Hernandez
• iSCSP is a proud contributor and co‐sponsor of the p p1st Annual Cyber Warfare Summit, Mandaluyong City, Philippines, December 10, 2010. The increased threat to the Cyber Commons demands cyber security professionals elevate the thought process and actions taken to mitigate attacks against the enterprisetaken to mitigate attacks against the enterprise.
• Cyber IntelligenceF i I ti ti S ti C b W f• Forensics Investigation Supporting Cyber Warfare Program
• Cyber Warfare Capacity of the Philippines• Cyber Warfare Capacity of the Philippines• Defensive Cyber Warfare Capability and StrategyM i f ti d i t ti il bl• More information and registration available @ http://www.cyberwarfaresummitph.com/
SingaporeSingapore
I CT t ib t d 7 7% t GDP i 2009• I CT contributed approx. 7.7% to GDP in 2009. • 350 new ICT tenders with a total projected worth of S$1 1b in FY Apr10/Mar11worth of S$1.1b in FY Apr10/Mar11
• ICT industry revenue = S$62.74b (+ 8%) H d 55% f ( 15 2%)• Hardware = 55% of revenue (+ 15.2%)
• Priorities: Government services, Education and l i T i /h it lit d t il Di it llearning, Tourism/hospitality and retail, Digital media and entertainment, Healthcare and biomedical sciences Financial servicesbiomedical sciences, Financial services, Manufacturing and logistics
Singapore will set up a new National Cyber Security Centre (NCSC)
PTI S 22 2011 07 50 ISTPTI Sep 22, 2011, 07.50pm IST• SINGAPORE: Singapore has said it will boost its national capability
to counter cyber security threats through the setting up of a 'N ti l C b S it C t ' i th i th'National Cyber Security Centre' in the coming months.
• The Centre, which will be headed by the Singapore InfocommTechnology Security Authority, will help the government deal more ff ti l ith b it th t d l biliti beffectively with cyber security threats and vulnerabilities by enhancing capabilities in early detection and prevention, Deputy Prime Minister Teo Chee Hean said.I hi dd h S d Si Gl b l Di l h• In his address at the Second Singapore Global Dialogue here yesterday, Teo, who is also coordinating minister for national security and home affairs minister, said a safe and functioning cyberspace was critical to "our society economy and nationalcyberspace was critical to "our society, economy and national security."
VIETNAMVIETNAM
IT di USD2 2b• IT spending = USD2.2b • •World’s second fastest growing ICT market ‐
t d t 11 1% i 2010 2013 (IDC)expected to grow 11.1% a year in 2010‐2013 (IDC) • •Hardware = 121,300 employees (+ 8% revenue growth)growth)
• •Software + 25% / Digital content + 56.8% revenue increaseincrease
• •ICT priorities: Human resource development, IT Skills Telecommunication infrastructureSkills, Telecommunication infrastructure development, IT solutions and services and outsourcing g
• High command proposed for
Vi t t i t $42
proposed for Vietnam cyber security operations
• Vietnam to invest $42 million in cybersecurity to
y p
• The Ministry of Public Security is preparing acybersecurity to
counter attacks• 7 December 2010
Security is preparing a proposal for establishing a high command for maintaining electronic and
• Vietnam's Ministry of Information and Communications has unveiled a US$42 million 10‐year plan to
maintaining electronic and cyber security, local newspaper Lao Dong quoted an official as saying Thursday.US$42 million, 10‐year plan to
bolster the country's cybersecurity defenses in response to increasing b k
y g y
cyberattacks.
ThailandThailand
ICT k t THB 55b (USD20b)• ICT market = THB 55b (USD20b). • Thailand IT spending to grow by 6.8% • Recovery in spending, especially in manufacturing, high‐tech industries, government financial servicesgovernment, financial services, telecommunications
• Remaining challenges: software piracy high• Remaining challenges: software piracy, high technology costs and lack of IT human resources
• Total ICT spending by Government = 47 4%Total ICT spending by Government = 47.4% (computer software/ services and communication) )
Thailand IT Security Situation
Th C t C i A t B E 2550 (2007) t d• The Computer Crime Act B.E.2550 (2007) created a major change in private and public sector’s operations Service providers are required tooperations. Service providers are required to protect their information system and to keep computer traffic data for at least 90 days.p y
• Overall IT security market is approximately USD110‐160 million and still expanding in.
• In 2010 there are about 2‐million users in government and private sectors. More than 50%
d f h d hnot ready for the Computer Crime Act, and have no IT security system.
โครงสรา้งพืน้ฐานทางกฎหมายICT Legal InfrastructureICT Legal Infrastructure
เทคโนโลยสีารสนเทศ
รฐัธรรมนญูแห่งราชอาณาจกัรไทย 2550
พ.ร.บ.ธุรกรรมทางอเิล็กทรอนกิส ์
ศ
พ.ร.บ.ข้อมลู่
พ.ร.บ.การกระทํา
(รา่ง) พ.ร.บ.
(รา่ง) พ.ร.บ.ั
พ.ร.บ. การ
ประกอบกจิการ
พ.ร.บ. การ
ประกอบิพ.ศ.
2544 และ
ที่แกไ้ข พ.ศ.2551
ข่าวสารของ
ราชการ พ.ศ. 2540
ความผิดเกี่ยวกบั
คอมพวิเตอร์พ.ศ.2550
คุ ้มครองข้อมลู
สว่นบคุคลพ.ศ. ....
พฒันาโครงสรา้งพืน้ฐานสารสนเทศพ.ศ. ....
กจการโทร
คมนาคม พ.ศ. 2544 และที่แกไ้ข
กจการกระจายเสยีง
และกจิการโทรทศัน ์ศ 25512551 แกไข
พ.ศ.2549 พ.ศ.2551
กฎหมายลําดบัรอง
1. พ.ร.ฎ.การกําหนดประเภทธุรกรรมในทางแพง่และพาณิชยท์ี่ยกเวน้มใิห้นํากฎหมายวา่ดว้ยธุรกรรมทางอเิล็กทรอนกิสม์าใช้บงัคบั พ .ศ. 25492. พ.ร.ฎ.กําหนดหลกัเกณฑ์และวธิีการในการทําธุรกรรมทางอเิล็กทรอนกิสภ์าครฐั พ .ศ. 25493. พ.ร.ฎ.วา่ดว้ยการควบคุมดูแลธุรกจิบรกิารการชําระเงนิทางอเิล็กทรอนกิส ์พ .ศ.25514. (รา่ง) พ.ร.ฎ.วา่ดว้ยการควบคุมดูแลธุรกจิการให้ให้บรกิารออกใบรบัรองเพือ่สนบัสนนุลายมอืชื่ออเิล็กทรอนกิส ์พ .ศ. ....5 (รา่ง) พ ร ฎ กําหนดวธิีการแบบปลอดภยัในการประกอบธรกรรมทางอเิล็กทรอนกิส์ พ ศ5. (ราง) พ.ร.ฎ.กาหนดวธการแบบปลอดภยในการประกอบธุรกรรมทางอเลกทรอนกส พ.ศ. ....
กฎหมายทรพัยส์นิทางปญัญา 1 ิ ิ ิ ์ 2537
กฎหมายคุ้มครองผู้บรโิภค 1. พ.ร.บ.คุ ้มครองผู้บรโิภค พ.ศ. 25222 ศ 2545
กฎหมายการเงนิการธนาคาร
1. พ.ร.บ.ธรกจิสถาบนัการเงนิ พ.ศ. 2551 1. พ.ร.บ.ลขิสทิธ ิพ.ศ. 2537 2. พ.ร.บ.สทิธิบตัร พ.ศ. 2522 3. พ.ร.บ.เครื่องหมายการคา้ พ.ศ. 2534 4. พ.ร.บ.ความลบัทางการคา้ พ.ศ. 2545
2. พ.ร.บ.ขายตรงและตลาดแบบตรง พ.ศ. 25453. พ.ร.บ.อาหาร พ.ศ. 25224. พ.ร.บ.ยา พ.ศ. 25105. พ.ร.บ.การแข่งขนัทางการคา้ พ.ศ. 2542 6. พ.ร.บ.วา่ดว้ยข้อสญัญาที่ไมเ่ป็นธรรม พ .ศ. 2540
1. พ.ร.บ.ธุรกจสถาบนการเงน พ.ศ. 25512. พ.ร.บ.การประกอบธุรกจิข้อมลูเครดติ พ.ศ. 25453. ประกาศคณะปฏิวตั ิฉบบัที่ 58
Thailand ICT laws
• Electronic Transaction Act 2001• Computer Crime Act 2006Computer Crime Act 2006• Data Protection Act (pending)• Electronic Fund Transfer Act (pending)
Thai CERTThai CERT
Th iCERT i f ll b f APCERT (A i P ifi• ThaiCERT is a full member of APCERT (Asia Pacific• Computer Emergency Response Team)• Training collaboration on computer security techniques• with APCERT• Incidence response coordination (continuously)• Incidence response drill (July 28th, 2006)• ThaiCERT is a national CERT in Thailand supported by FIRST (Forum of Incident Response and Security Team)
• Point of contact for ITU Forum for spam mail protection
i i i ( i ifi• Participate in APT Forum (Asia Pacific• Telecommunity Forum) in raising the level of y ) gmany important security issues, such as security standards, spam problemsy , p p
• Participate in e‐Security Task Group under APEC TEL Working GroupAPEC TEL Working Group
• Participate in RAISS Forum (Regional Asia I f ti S it St d d ) iInformation Security Standards) in securitystandard activities
TISA Proposal for ThailandpNational Cybersecurity
• Create Cybersecurity as part of National Security with specific strategyy p gy
• Create public private partnership on cybersecuritycybersecurity
• Create specialized agency responsible for cybersecurity issues
• Create new cybersecurity culture• Create new cybersecurity culture
Steps toward Cyber Security - 1p y y1 . Set up inter‐ministry project as a preliminary project for the new cybersecurity agency withproject for the new cybersecurity agency with funding for:N i l i l f b i• National contingency plan for cybersecurityemergencies
• Secure information systems for government and critical infrastructures systems
• Propose policy, laws, regulations to governmentg
• Create awareness of the risk and how to prepare for disaster in ICT environmentprepare for disaster in ICT environment
• Develop human capability for cybersecurity
Steps toward Cyber Security - 2p y y2. Set up Office of Cyber Security – OCS : charged withcharged with
• Co‐ordinating all cybersecurity policy to all relevant agenciesrelevant agencies
• Work directly with partners in public and private sectorsprivate sectors
• Monitor cyber events which may have impacts on Thailand and co ordinatingimpacts on Thailand and co‐ordinatingnecessary counter measuresC t d d t di b t• Create awareness and understanding about the risk of cyber attacks and how to prepare and respond for these attacksand respond for these attacks
Source: www.ict2020.in.th
Think Tank in National Security Ministry of Defence
Strategic Studies Center, Institute of National Defense, Military Supreme Command (www.sscthailand.org)
Ministry of Interior
Prince Damrong Rajanupab Institute of Research and Development www.moi.go.th
Ministry of Foreign Affairs Ministry of Foreign Affairs
Saranrom Institute of Foreign Affairs www.sifa.in.th
Ministry of Finance Ministry of Finance
Fiscal Policy Office (www.fpo.go.th)
Ministry of Transportation Ministry of Transportation
Office of Transport and Traffic Policy and Planning www.otp.go.th
Chulalongkorn UniversityC u a o g o U e s ty
Institute of Security and International Studies (ISIS), www.isisthailand.org
National Security AgenciesNational Security Agencies
National Intelligence Agency
www.nia.go.thwww.nia.go.th
Department of Special InventigationDepartment of Special Inventigation
www.dsi.go.thDefence Technology Institute (Public Organization)
www.dsi.go.th
www.dti.or.th
Office of The Electronic Transactions CommissionOffice of The Electronic Transactions Commission
www.etcommission.go.th
Electronic Government Agency (Public Organization)
Electronic Transactions Development Agency (Public Organization)
www.ega.or.th
Electronic Transactions Development Agency (Public Organization)
www etda or thwww.etda.or.th
www.most.go.th
National Science and Technology Development AgencyNational Science and Technology Development Agency
www.nstda.or.th
National Electronics and Computer Technology Center : NECTEC
www.nectec.or.th
Private OrganizationsPrivate Organizations
CIO16 Associationhttp://cio16 wordpress com/http://cio16.wordpress.com/
Thailand Information Security Association
www.tisa.or.thwww.tisa.or.th
สมาคมความมัน่คงปลอดภยัระบบสารสนเทศสมาคมความมนคงปลอดภยระบบสารสนเทศ
Thailand Information Security Association
About TISAAbout TISA• Vision
h l d f d– Thailand Information Security is Trusted Globally
• Mission• Mission– Develop Information Security processes and personnel to achieve international standardspersonnel to achieve international standards
• Objectives– Enhance public awareness about InfosecEnhance public awareness about Infosec– Promote Infosec knowledge standards and professional ethicsp
– Promote training and certification of Infosecprofessionals
TISA : Thailand Information Security AssociationPartner
53
TISA push on National Critical Infrastructure Protection
TISA in Bangkok Post : When Hacking risks health
TISA web site : http://www.tisa.or.th
d d & i
6%
25%
Standards & Best Practices
16%
25%
COSO COSO ERMERM
Others:Others:‐‐ProfessionalProfessional
a) COSO ERMb) COBIT
ERMERM
COBITCOBIT
‐‐Professional Professional certificatescertificates‐‐Network SecurityNetwork Security‐‐ForensicsForensics‐‐Penetration TestPenetration Test
l bili il bili i c) ITILd) BS25999 (BCM)e) ISO20000 (ITSM)f) ISO27001 (ISMS)ITILITIL
‐‐Vulnerabilities Vulnerabilities AssessmentAssessment
20%
23%
f) ISO27001 (ISMS)g) Others:
BCMBCM
ISMSISMS
9%2%
ITSMITSMBCMBCM
GRC – Governance Risk Management ComplianceGRC – Governance, Risk Management, Compliance
58
Information Technology (IT) SecurityE i l B d f K l d (EBK)Essential Body of Knowledge (EBK)
A Competency and Functional Frameworkfor IT Security Workforce Development
September 2008United States Department of Homeland Security
Enterprise Infosec Competency ProfileEnterprise Infosec Competency Profile
* Organization assess Infosec competency requirement against EBKi requirement against EBK* Assess current competency within the enterprise
EnterpriseCapability
* Identify competency gap training requirement, recruitment
EBK
Infosec training provider maps t i i t EBK
TrainingProvidertraining courses to EBK Provider
Key DivisionsKey Divisions
• 4 functional perspectives• 14 competency areas• 14 competency areas• 10 roles
Competency Areas (MDIE in each)Competency Areas (MDIE in each)
1. Data Security
2. Digital Forensics
8. Personnel Security
9. Physical and Environmental S it3. Enterprise Continuity
4. Incident Management
Security
10. Procurement
11 R l d S d d5. IT Security Training and Awareness
11. Regulatory and Standards Compliance
12 Security Risk Management6. IT System Operations and Maintenance
7 N t k d
12. Security Risk Management
13. Strategic Security Management
14 S t d A li ti S it7. Network and Telecommunication Security
14. System and Application Security
ISMS Training14‐Oct‐11
IT Security RolesIT Security Roles
1. Chief Information Officer
2. Digital Forensics Professional
3. Information Security Officer
4. IT Security Compliance Officery p
5. IT Security Engineer
6 IT Security Professional6. IT Security Professional
7. IT Systems Operations and Maintenance Professional
8 Ph i l S it P f i l8. Physical Security Professional
9. Privacy Professional10. Procurement Professional
ISMS Training14‐Oct‐11
14‐Oct‐11
TISA EBK Analysis IT Security Roles
E i F i l C ll
y
Executive Functional Corollary
IT Security EBK:A Competency and
cer
al alFunctional Framework
Functional PerspectivesM Manage on
Off
icer
curit
y O
ffic
er
mpl
ianc
e O
ffic
s Pr
ofes
sion
a
erat
ions
and
ro
fess
iona
l
fess
iona
l
inee
r
ty P
rofe
ssio
na
onal
rofe
ssio
nal
M - ManageD - Design
I - ImplementE - Evaluate
ief
Info
rmat
io
form
atio
n Se
c
Secu
rity
Com
gita
l For
ensi
cs
Syst
ems
Ope
aint
enan
ce P
r
Secu
rity
Prof
Secu
rity
Eng
ysic
al S
ecur
it
vacy
Pro
fess
i
ocur
emen
t Pr
Ch Inf
IT
Dig
IT
Ma
IT
IT
Phy
Priv
Pro
M 11 12 0 1 2 1 0 1 3 1
D 2 7 1 3 4 6 4 2 6 1 D 2 7 1 3 4 6 4 2 6 1
I 0 1 2 5 8 3 4 4 4 1
E 3 10 14 3 5 7 2 3 5 1
Total Competency Units 16 30 17 12 19 17 10 10 18 4
Entry LevelProfessional Level
Managerial Level
GRC related International Standards, Best Practices and Laws
HIPAASOX ISO 27799 ISMS for healthcareHIPAA
ISO/IEC 27001 27002ITSM
SOXGLBAISO/IEC 38500
ISACA ITAF ISO/IEC 27001,27002ITSMBasel IIPCI DSSIIA GTAGISO 24762
ICT DR
ISACA ITAF
Corporate Governance BS25999 (BCM)Basel IIPCI DSSG GICT DR
IT GovernanceITIL & ISO/IEC 20000 ISO/IEC 27005 27006
BS25777 (ICT CM)ITIL & ISO/IEC 20000
COSO (ERM), ISO/FDIS 31000:2009ISO/IEC 27005,27006
CobiT 4.1CobiT 4.1 CCA/ETAVal IT 2.0
CISSPs in Asia- South Korea: Highest population of CISSP in AsiaAsia
As of: 30/SEPT/07
China (400)
Macao (8)
Korea, South (2,003)
Japan (883)Thailand (91)
Hong Kong (1,311)Indonesia (44)
India (909)
Philippines (112)Singapore (9)47
Taiwan (238)Malaysia (177)Sri Lanka (35)