Upload
dangtu
View
220
Download
0
Embed Size (px)
Citation preview
ITU-IMPACT Capacity Building for Least Developed & Developed Countries
Marco ObisoCybersecurity CoordinatorInternational Telecommunication Union (ITU)
30 January 2012
2
ITU and cybersecurity2003 – 2005
WSIS entrusted ITU as sole facilitator for WSIS Action Line C5“Building Confidence and Security in the use of ICTs”
2007ITU Secretary‐General launched the Global Cybersecurity
Agenda (GCA) A framework for international cooperation in cybersecurity
2008 ‐ 2010ITU Membership endorsed the GCA as the ITU‐wide strategy
on international cooperation.
3
ITU-IMPACT strategy
IndustryExperts
AcademiaInternational
BodiesThinkTanks
IMPACT’s partners
Training & Skills Development
5
Training & Skills Development
Mission
To increase knowledge and skills in cybersecurity domains for ITU-IMPACT partner countries.
Vision
To become a global training provider in cybersecurity to effectively understand and manage cybersecurity to prevent, defend against and respond to cyber threats.
6
Providing world class capability & capacity programmesTraining & Skills Development
Specialised training programs
• IMPACT SecurityCore
• IMPACT Network Forensics
• IMPACT Developing & Implementing a CIRT
• IMPACT Forensics Investigation for Law Enforcement
• IMPACT Malware Analysis
Scholarship - partnership with global certification body
• EC-Council (USD $1mil. grant)
Global certification courses and Partners
• ITU Centres of Excellence
• (ISC)2
• EC-Council
7
Training & Skills DevelopmentTraining Roadmap
8
2009 - 2011ITU-IMPACT Training Milestones
• Trained over 200 cybersecurity professionals and practitioners in 2010
• Deployed 220 scholarships to 41 partner countries globally
• Trained 50 law enforcement officers globally on Network Investigation for Law Enforcement
• Trained 40 government, CIRT & telecom officers from 19 Countries on Securing Networks under ITU CoE (Asia Pacific)
• Developed IMPACT SecurityCore Programme to meet needs of partner countries and governments
ITU-IMPACT CIRT Assessment & Implementation Project
10
Developing National CIRTs
• There is still a low level of computer emergency preparedness within many countries particularly developing countries
• The high level of interconnectivity of ICT networks could be affected by the launch of an attack from networks of the less-prepared nations, which are mostly
the developing countries
• The importance of having an appropriate level of computer emergency preparedness in all countries
• The need for establishment of computer incident response teams (CIRTs) on a national basis
• Importance of coordination within and among the regions,
Encourage the creation of national computer incident response teams, particularly for developing countries
11
ITU –IMPACT Support
Proposed CIRT ModelITU-IMPACT Support for Member States
12
CIRT Deployment
• Proactive Services
» Cybersecurity Training & Awareness Activities within the country
• Reactive Services
» Incident response & handling (both remote and on-site).» Alerts & warnings» Vulnerability response
Key Activities (sub phases) :-
Assessment Implementation & Testing OperationsPlanning &
Design Collaboration
Phase 1 : Basic CIRT Services (6 Months)
13
Current StatusITU ‐ IMPACT performed readiness assessment
Countries are now moving to the implementation phase
ITU-IMPACT ALERT(Applied Learning for Emergency Response Team)
CYBER DRILL
15
Objectives
The objectives of the ITU-IMPACT ALERT are to encourage participants to:
• Recognize the growing importance of cross-border cooperation and coordination in cyber security;
• Enhance the communication and participating teams’ incident response capabilities; and
• Enhance the CERT/CIRTs’ current processes and procedures in handling cyber threats and attacks.
16
ITU-IMPACT ALERT Execution
The cyber drill exercise was based on real life scenarios to gauge the CERT/CIRTs incident handling capabilities such as:
•Spam •Web defacement •Malware
17
(Contd.)ITU-IMPACT ALERT Execution
• The attack details were sent by the organizer to the participants in the form of e-mails.
• The participants performed their analysis on the incident and came out with the mitigation solution
• Prepare advisory report on the incident and submit to the organizer via email.
Start
Player receives incidents via email
Player performs incident analysis
Team observer assists the players
Submit advisory report to organiser via email
Organiser sends an acknowledgement
End
Done
18
Participants
The ITU-IMPACT ALERT 2011 participants included members of Computer Emergency / Incident Response Team (CERT/CIRT) from four countries Cambodia, Lao P.D.R., Myanmar and Vietnam.
19
Yangon, MyanmarITU-IMPACT ALERT 2011
“Drill is a good supplemental way for capacity building” said Dr. Hoang Dang Hai, Deputy Director General of Vietnam Computer Emergency Response Team (VNCERT).
IMPACTJalan IMPACT63000 CyberjayaMalaysia
T +60 (3) 8313 2020F +60 (3) 8319 2020E [email protected] © Copyright 2010 IMPACT. All Rights Reserved.
Thank youwww.facebook.com/impactalliance