CyberBoK

CYBERBOK Cyber Crime Security Essential Body of Knowledge:

A Competency and Functional Framework for Cyber Crime Management Security Workforce Development aligned with ISO 31000* risk management principles and guidelines. *Note : ISO 31000 is the internationally-adopted risk management standard recognized by over 60 countries. More information : http://www.iso.org/iso/home/standards/iso31000.htm

Cyber Crime Management

CYBERPOL

Ver 1.00

Concept & Definition

CYBERPOL

Improve cyber crime awareness and management education for

cyber professionals in both law enforcement and corporate domain

Increase efficiency of existing cyber security training programs to

comply with ISO 31000

Promote vendor-neutral cyber security certifications and

compliance standards

Training & Education: Program Goals and Objectives


CYBERBOK Definition

CYBERPOL

Cyber Crime = unlawful act using any active or non active electronic device affecting the objectives of any type of networks or critical infrastructure.



CYBERBOK 11 Cyber Risks Domains

CYBERPOL

Cyber management practices Cyber Security management practices Cyber systems and methodology Cyber Telecommunications and networking security Cyber Cryptography Cyber Security architecture and models Cyber Operations security Cyber Application and systems development and security Cyber Security Business continuity and disaster recovery planning Laws, investigation, and ethics



CYBERBOK Cyber Crime Management

CYBERPOL

CYBERBOK Cyber crime management focuses on cyber crime information management and containment. CYBERBOK cyber crime management objectives are:

Manage and containment of cyber threats Awareness of cyber crime in the IT workforce arena Protecting cyber assist against cyber crime



CYBERBOK Cyber Risks Cyber risk management and ISO 31000

CYBERPOL

Nature and impact of Cyber Risk / Cyber Crime

Principles of Cyber risk management

Alignment with ISO 31000

Achieving the benefits of CRM (Cyber Risks Management)



CYBERBOK Practices

CYBERPOL

Need to know what to do /act in time -Subjects should know objects that enables them to perform basic risk assessment and management during cyber online functions.

Secure IT environment -Subjects should know how to work on a secure environment online what to do and what not to do

IT administrative controls -Subjects should know Policies, Standards, Processes, Procedures, & Guidelines in their IT work environment

Risk awareness -Subjects should know cyber risk awareness, good practices, Procedures, & Guidelines in their IT work environment when online



Categories of Cyber Risk Controls

CYBERPOL

Cyber crime risk assessment online -Online Policies, standards procedures and processes together with guideline of online access during work and out of work.

Cyber access control online -Service providers, firewalls, Infosec controls and identification control online in workforce or offline

Cyber crime preventive controls online -Prevention policies, guidelines, ID visibility and program security online

Cyber threat assessment online - Knowledge awareness of hacking, privacy, types of threats, trends of threats and impact,



CYBERBOK Security: Objectives

CYBERPOL

Ensure that all government officials and corporate staff who have access to the online web has a good knowledge of cyber crime management when on the world wide web.

Establish a international baseline representing the essential knowledge and cyber skills when confronted with Cyber crime online in alignment with ISO 31000 risk management tools.

Advance the cyber security landscape by promoting cyber crime risk management competency guideline aligned with ISO 31000



CYBERBOK Security: Framework Model

CYBERPOL



CYBERBOK Security: Methodology

CYBERPOL

Develop notional cyber crime management competencies using ISO 31000 Standard Identify functions from resources and critical infrastructure work functions (CIWFs) and map to crime management competencies Identify key terms and concepts for each cyber crime risk management competency area Identify theoretical cyber security roles Categorize functions as: evaluate risk type - manage Map roles to Key competencies to functional perspectives



CYBERBOK Security: Functional Perspectives

CYBERPOL

Evaluate

Risk

Type

Manage


Key Competencies


CYBERBOK Security: Functional Perspectives

CYBERPOL


Evaluate - Assessing the potential risks, threats and the policy or processes to effective achieve objectives

Risk - Scope of cyber threat risks and developing procedure guidelines to effectively asses the cyber risk.

Type - Putting policies, programs in action to determine the type of Cyber risk at hand to categorize it within the guidance of the work framework

Manage - Overseeing and managing technical aspects of the cyber security risk at low, medium or high level to change the risk and threat levels providing maximum cover in incident management possible.


CYBERBOK Security: The Framework

CYBERPOL

Key Competency Areas (11)

Regulatory and Standards such as ISO 31000 Guidelines

17 Function-Based Cyber Security Roles



CYBERBOK Security: Key Competency Areas

CYBERPOL

IT systems and operations Network systems and operations Cyber incident management Critical infrastructures point of access Enterprise permanence Digital management Data Management System and application management IT access and management Information management Information access



CYBERBOK Security: Regulatory and Standards

CYBERPOL

Refers to the application of the ISO 31000 risk management principles, framework and process that enable an enterprise to meet applicable information security CRM, regulations, standards, and policies to satisfy statutory requirements, perform industry-wide best practices, and achieve its information security program goals.



CYBERBOK Security: 17 Function-Based Cyber Security Roles

CYBERPOL

IT access and control Chief Information Officer Digital Forensics Professional Information Security Officer/Chief Security Officer IT Security Compliance Professional IT Security Engineer



IT Systems Operations and Maintenance Professional IT Security Professional Physical Security Professional Privacy Professional Procurement Professional Law Enforcement officials Intelligence officers Military and flagship officers

CYBERBOK Security: Cyber Security Compliance Professional Role Description:

CYBERPOL

The Cyber Crime Risk Management Security Compliance Professional is responsible for overseeing, evaluating, and supporting cyber risk compliance issues pertinent to the organization or government. Individuals in this role perform a variety of activities, encompassing cyber crime risk management compliance from an internal and external perspective. Such activities include leading and conducting internal investigations, assisting employees comply with internal cyber threat policies and procedures, and serving as a resource to external compliance officers during independent assessments. The Cyber Crime Risk Management Security Compliance Professional provides guidance and autonomous evaluation of the organization risk to Cyber crime and its management.



CYBERBOK Security: Support the Cyber Workforce

CYBERPOL



CYBERBOK

TRAINING EXPERIENCE

COMPLIANCE

Contact Information:

CYBERPOL

CYBERPOL Program Director Training and Education CYBERPOL -National Cyber Security Division

[email protected]



CYBERPOL


CYBERBOK Security: Testimonials & Feedback

CYBERPOL



Aligned with our mandate to promote the internationally-recognized ISO 31000 risk management standard, we are strongly supporting the initiative of CYBERPOL to provide a structured and robust foundation for Cyber Crime Management. The CYBERBOK - Cyber Crime Security Essential Body of Knowledge should become an extremely valuable source of knowledge for anyone involved or confronted to Cyber Crime, especially since the publication will be aligned with the ISO 31000 risk management standard.

Alex Dali, MBA, ARM, CT31000 President : The Global Institute for Risk management Standards G31000

Documents

CyberBoK