7/25/2019 The Cyber Security Meeting Guidelines

1/1

Meeting scheduled for 30 May 2016 Time: From 0900hours

Drafted by Dr. Mapoka

Subject Matter: The Cyber Security Challenge

AIM: Protecting our National Cyberspace from cyber threats (particularly in government)

We start with our DIS Information assets then elevate to the national level

1. First understand the current network and systems infrastructure (in terms of layout up

to the DIT site). i.e. Identify the information systems Assets2. Identify whether our current network systems require improvement to achieve better

security

3. The current security products installed on the existing systems- Do require update?

4. Identify the trending cyber threats-most costly cybercrimes are those caused by denial

of service and eavesdropping attacks, forgery and redirection attacks, malicious insiders

(phishing attacks) and malicious code.

5. Relevant stakeholder engagement/cooperation both nationally and internationally on

fighting cybercrime/terrorism

6. Any means of threat detection and prevention mechanisms adopted so far (means of

hunting for indicators of compromise in real time, using various toolsets, based on

intelligence gathered)- Do we currently follow the protection principles of Deter-React-

Detect and Prevent. (E.g. Note that the modern IPSs combine firewall, intrusiondetection, antivirus and vulnerability assessment capabilities). Do we presently have

such capability?- harden our system configurations.

7.

Forensic Investigation Tools require enhancement?

8. The current legislation on cybercrime (law enforcement)- Any cybercrime laws in areas

such as computer misuse, electronic signatures, data protection, intellectual property,

liability and dispute resolution;

9. The National cybercrime laws are globally applicable and interoperable with the existing

regional and global legislative measures; and (b) National cybercrime legislation allows

global cooperation on cybercrime investigations and prosecution.

10.Any procedures of communicating the threats feeds obtained via intelligence monitoring

and Surveillance

11.

Any means of analyzing the threats (Security Auditing using Security Assessmenttools)-log management and audit trailing procedures in place?

12.

Communication procedures to leadership in response to security intelligence findings

(Any incident response team in place, CIRTs)

13.What can be done to improve security? Cyber security strategy available? Does it

comply with the current versions of security standards (ISO27000 series/PCI-DSS),

14.

Give alternative intelligent security solutions and compare (e.g. Kaspersky widely used

by London Metropolitan Police UK, Cisco security systems, NCR security system, etc)

15.Capacity building (involves security training and awareness, transfer knowledge and

boost cybersecurity on the national policy agenda, JUDICIAL CAPACITY that enforces

cybersecurity legal measures).

16.

DIS Physical Assets, are they intelligently monitored and protected from the central

point?17.Annual review of the current IS Policy? Accountability

18.Roles and responsibilities need to be defined appropriately under the Cyber Security

Team

19.We (the security team) can reduce our administrative workload by becoming more

dynamic and precise in identifyingand respondingto the trending threats and adapting

defenses.

20.Cost implications of adopting the way forward.

21.Website Development (professional layout, About us, What we do, etc)