CYBER TERRORISM : THE RISING THREAT IN CYBER DIMENSION?
|
|
- Kristopher Holland
- 7 years ago
- Views:
Transcription
1 CYBER TERRORISM : THE RISING THREAT IN CYBER DIMENSION? Commonwealth Cybersecurity Forum 2014 London 5 6 March 2014 Zahri Yunos Chief Operating Officer CyberSecurity Malaysia
2 CRITICAL NATIONAL INFORMATION INFRASTRUCTURE (CNII)
3 Critical National Information Infrastructure (CNII) In Malaysia VISION Malaysia's Critical National Information Infrastructure shall be secure, resilient and self-reliant. Infused with a culture of security, it will promote stability, social well being and wealth creation DEFENCE & SECURITY TRANSPORTATION BANKING & FINANCE HEALTH SERVICES EMERGENCY SERVICES CRITICAL NATIONAL INFORMATION INFRASTRUCTURE Assets (real & virtual), systems and functions that are vital to the nation that their incapacity or destruction would have a devastating impact on National defense & security National economic strength National image Government capability to function Public health & safety ENERGY INFORMATION & COMMUNICATIONS GOVERNMENT FOOD & AGRICULTURE WATER 3
4 Inter- Dependent 4
5 Interdependency of CNII Referece: Lewis, T. G. (2006). Critical Infrastructure Protection in Homeland Security. Published by John Wiley & Sons, Inc., Hoboken, New Jersey
6 Threats to CNII : Interdependency ELECTRICITY UTILITIES SECTORS / SERVICES
7 Threats to CNII : SCADA Systems The interconnection of SCADA systems to corporate networks & their reliance on common operating platforms and remote excess - exposing SCADA systems to vulnerabilities Reference: Using ANSI/ISA-99 Standards to Improve Control System Security by Tofino Security SCADA = Supervisory Control & Data Acquisition 7
8 Threats to CNII : The Use of ICT and Cyberspace by Terrorist Reference: Planning and Coordination Sharing Information Psychological Warfare Use of Internet By Terrorist Publicity and Propaganda Data Mining [1] Mantel, B.: (2009). Terrorism and the Internet. Should Web Sites That Promote Terrorism Be Shut Down?. From CQ Researchers, pp [2] Zhang, Y., Zeng, S., Huang, C.N., Fan, L., Yu, X., Dang, Y., Larson, C., Denning, D., Roberts, N., and Chen, H.: (2010). Developing a Dark Web Collection and Infrastructure for Computational and Social Sciences. IEEE International Conference on Intelligence and Security Informatics, pp [3] Li, X., Mao, W., Zeng, D., and Wang, F.: (2010). Automatic Construction of Domain Theory for Attack Planning. IEEE International Conference on Intelligence and Security Informatics, pp Social Networking Fundraising [4] Fu, T., Abbasi, A., and Chen, H. A Focused Crawler for Dark Web Forums. Journal of the American Society for Information Science and Technology Recruitment and Mobilization [5] Yunos, Z., Ahmad, R., Mat Ali, S., and Shamsuddin, S. Illicit Activities and Terrorism in Cyberspace: An Exploratory Study in the Southeast Asian Region. in:m. Chau et al. (Eds.): Pacific Asia Workshop on Intelligence and Security Informatics (PAISI 2012), 29 May 2012, LNCS 7299 Springer, Heidelberg, pp ,
9 The perpetrator may utilize the cyberspace for conducting cyber attacks on critical national information infrastructure facilities Psychological Warfare Planning and Coordination Publicity and Propaganda Sharing Information Use of cyber space by terrorist Attacks against CNII Social Networking Fundraising Recruitment and Mobilization 9
10 Why would a perpetrator decide to use ICT instead of using the usual methods of assassination, hostagetaking, guerrilla warfare and bombing? Many nations all over the world constantly increase their dependency on cyberspace by maximising the use of ICT Interdependencies that exist within critical infrastructures have raised concerns - successful cyber attacks on one computer system can have serious cascading effects on other, resulting in potentially catastrophic damage and disruption Through ICT, perpetrators can disrupt critical services, hence affecting the nation s operation and its ability to function. 10
11 CYBER TERRORISM 11
12 Cyber Attack to CNII - Estonia Cyber Attack on Estonia Occurred in May 2007 Estonia was under cyber attacks for 3 weeks Attack targeted government, banking, media and police websites Paralyzed internet communication. Attacks from 128 sources outside Estonia US and European countries aided Estonia in overcoming the cyber attacks Is it cyber terrorism? You don't see buildings reduced to piles of rubble or dead bodies strewn across the street... There's nothing to take photos of There's only economic damage, websites that cannot be accessed and transactions that cannot take place.. Is it cyber crime? By destabilizing the economy, the people of Is it cyber the country is subject to riots, rallies and protests, and crippling its stability which war? could result in violence and creating unrest in the country YB Datuk Seri Dr Ahmad Zahid Hamidi, DSA
13 Cyber Attack to CNII Stuxnet Stuxnet was targeted at Siemens industrial software and equipment running Microsoft Windows (June 2010). Symantec reported that nearly 60% of the approximately 100,000 infect hosts were located in Iran, which has lead to speculation that Stuxnet s target was at Iran s nuclear power plant or uranium enrichment plant 13
14 Cyber Attack to CNII Shamoon 14
15 OP Malaysia Cyber Attacks by Anonymous Hackers (15-19 June 2011) 15
16 Definition: Cyber Terrorism Cyber terrorism is the convergence of terrorism and cyberspace 1. It is generally understood to mean unlawful attacks and threats of attack against computers, networks and the information stored therein 2 when done to intimidate a government or its people 3 in furtherance of political or social objectives 4. Further, to qualify as cyber terrorism, an attack should result in violence against persons or property 5, or at least cause enough harm to generate fear 6. Attacks that lead to death or bodily injury, explosions, plane crashes, water contamination, or severe economics loss 7 would be examples. Serious attacks against critical infrastructures could be acts of cyber terrorism 8, depending on their impact. Attacks that disrupt nonessential services or that are mainly a costly nuisance would not. 9 Reference: D. E. Denning, Cyberterrorism, Testimony given to the House Armed Services Committee Special Oversight Panel on Terrorism,
17 Definition : Cyber Terrorism.. many more There are many definitions on cyber terrorism provided by researchers, policy makers and individuals Interestingly, most governments in the world do not agree on one single definition of cyber terrorism. There is no common definition of cyber terrorism The ambiguity in the definition brings indistinctness in action; as the old maxim goes one man s terrorist is another man s freedom fighter [1]. According to Schmid, "there is no agreement among experts and there is not likely to be an agreement as long they cannot even agree on a common definition on terrorism (and cyber terrorism). [2] Reference: [1] L. E. Prichard, J. J., and MacDonald, Cyber Terrorism: A Study of the Extent of Coverage in Computer Security Textbooks, Journal of Information Technology Education, vol. 3, [2] A. P. Schmid, Root Causes of Terrorism: Methodological and Theoretical Notes, Empirical Findings and Four Inventories of Assumed Causal Factors,
18 Cyber Terrorism Framework: Veerasamy Provide context in which cyber terrorism is functioning Methods of carrying cyber terrorism Motivation Reference : N. Veerasamy, A Conceptual High-level Framework of Cyberterrorism, International Journal of Information Warfare, vol. 8, no. 1, pp. 1-14,
19 Cyber Terrorism Framework: Heickero Actor-target-effect Chain Reference: R. Heickero, Terrorism Online and the Change of Modus Operandi, Swedish Defence Research Agency, Stockholm, Sweden, pp. 1-13,
20 Cyber Terrorism Framework: Gordon and Ford Components Description Perpetrator Group/Individual In cyber context, virtual interactions can lead to anonymity. Place Worldwide The event does not have to occur in a particular location. The Internet has introduced globalization of the environment. Action Tool Threats/Violence/ Recruitment/ Education/Strategies Kidnapping/ Harassment/ Propaganda/Education Terrorist scenarios typically are violent or involve threats of violence. Violence in virtual environment includes psychological effects, possible behavior modification and physical trauma. Terrorist use the computer as tool. Facilitating identity theft, computer viruses, hacking are examples fall under this category. Target Government Officials/Corporations Potential targets are corporations and government computer systems. Affiliation Actual/Claimed Affiliation refers to recruitment in carrying out given instructions. Affiliation can result in strengthening of the individual organizations as they can immediately acquire access to the information resources of their allies. Motivation Social/Political Change Political, social and economic are the motivations present in the real-world terrorism. Reference: S. Gordon and R. Ford, Cyberterrorism?, Symantec White Paper,
21 Cyber Terrorism Framework: Brickey Reference: J. Brickey, Defining Cyberterrorism: Capturing a Broad Range of Activities in Cyberspace, CTC Centinel, United States Military Academy, West Point, Vol 5, Issue 8, pp. 4-6, Aug
22 Cyber Terrorism Framework: Yunos & Ahmad Critical National Information Infrastructure computer system Critical Infrastructure Civilian population Political Ideological Social Economic Network warfare Psychological operation Motivation Tools of Attack Factor AND Target C y b e r Te r r o r i s m Impact Method of Action Mass disruption or seriously interfere critical services operation Cause fear, death or bodily injury Severe economic loss Unlawful means Illegal acts Cyberspace (includes the Internet, telecommunications networks, computer systems, and embedded processors and controllers) Borderless Domain Reference: R. Ahmad, Z. Yunos, S. Sahib, and M. Yusoff, Perception on Cyber Terrorism: A Focus Group Discussion Approach, Journal of Information Security, vol. 03, no. 03, pp ,
23 Extended CERT-taxanomy from Howard and Longstaff (1998) Reference: K. Stefan et. all, Taxonomy for Computer Incidents, In Cyber Warfare and Cyber Terrorism, Chapter XLVIII, pp 414,
24 Initiatives in Safeguarding Malaysia CNII Against Cyber Threats
25 CNII Protection Against Cyber Terrorism Topping the list of possible perpetrator abuse of the ICT and cyberspace is the potential for actual attacks on the network itself, or cyber terrorism Terrorist cyber-attack on critical information infrastructure is possible, where motivation and resources are fundamental Therefore, there is a need to have a strategy at the national level for the protection of the CNII against cyber terrorism The strategy for the CNII protection could be through industry cooperation and information sharing, awareness and education program, adequate laws related to infrastructure protection, R&D program and organizational structure 25
26 The National Cyber Security Policy - Background and Objectives The National Cyber Security Policy formulated by MOSTI NCSP Adoption and Implementation The policy recognizes the critical and highly interdependent nature of the CNII and aims to develop and establish a comprehensive program and a series of frameworks that will ensure the effectiveness of cyber security controls over vital assets Objectives: Address The Risks To The Critical National Information Infrastructure (CNII) To Ensure That Critical Infrastructure Are Protected To A Level That Is Commensurate With The Risks To Develop And Establish A Comprehensive Program And A Series Of Frameworks 26
27 The National Cyber Security Policy - Policy Thrust INTERNATIONAL COOPERATION Ministry of Communication & Multimedia CYBER SECURITY EMERGENCY READINESS National Security Council COMPLIANCE & ENFORCEMENT Ministry of Communication & Multimedia EFFECTIVE GOVERNANCE 1 National Security Council 5 Malaysia's Critical National Information Infrastructure shall be secure, resilient and self-reliant. Infused with a culture of security, it will promote stability, social well being and wealth creation R & D TOWARDS SELF RELIANCE Ministry of Science, Technology & Innovation Copyright 2010 CyberSecurity Malaysia LEGISLATION & REGULATORY FRAMEWORK Attorney General s Chambers CYBER SECURITY TECHNOLOGY FRAMEWORK Ministry of Science, Technology & Innovation CULTURE OF SECURITY & CAPACITY BUILDING Ministry of Science, Technology & Innovation
28 The National Cyber Security Policy - Current Progress A STUDY ON THE LAWS OF MALAYSIA TO ACCOMMODATE THE LEGAL CHALLENGES IN THE CYBER ENVIROMENT PT 1 EFFECTIVE GOVERNANCE PT 2 LEGISLATION & REGULATORY FRAMEWORK PT 3 CYBER SECURITY TECHNOLOGY FRAMEWORK NATIONAL STRATEGY FOR CYBER SECURITY ACCULTURATION AND CAPACITY BUILDING PROGRAM PT 7 CYBER SECURITY EMERGENCY READINESS PT 4 CULTURE OF SECURITY & CAPACITY BUILDING 28
29 PT1: EFFECTIVE GOVERNANCE Public-Private Partnership Public-private partnership is essential in order to enhance the security of Malaysia s cyber space Government led and supported by the industries, academia and NGOs 29 29
30 PT7: CYBER SECURITY EMERGENCY READINESS National Cyber Crisis Management Plan NATIONAL CYBER CRISIS MANAGEMENT PLAN A framework that outlines the strategy for cyber attacks mitigation and response among Malaysia s Critical National Information Infrastructure (CNII) through public and private collaboration and coordination 30
31 PT8: INTERNATIONAL COOPERATION ENGAGE Participate in relevant cyber security meetings and events to promote Malaysia s positions and interests in the said meetings and events PRIORITIZE Evaluate Malaysia s interests at international cyber security platforms and act on elements where Malaysia can get tangible benefits and voice third world interests LEADERSHIP Explore opportunities at international cyber security platforms where Malaysia can vie for positions to play a leadership role to project Malaysia s image and promote Malaysia s interests ASEAN Regional Forum 31
32 PT8: INTERNATIONAL COOPERATION APCERT DRILL 2012, 2013 & Source: Secretariat, APCERT / JPCERT-CC
33 Conclusion Cyber world offers great opportunity, but the emergence of cyber threats brought together a number of repercussions that should not be taken for granted Hence it is important to address these threats in a comprehensive manner. These include: To have an integrated policy framework To enhance the use of technology and process to mitigate the threats To inculcate a cyber security acculturation through continuous training and awareness programs Public-Private Partnership is essential to enhance the security and safety of cyber space 33
34
CAPACITY BUILDING TO STRENGTHEN CYBERSECURITY. Sazali Sukardi Vice President Research CyberSecurity Malaysia
CAPACITY BUILDING TO STRENGTHEN CYBERSECURITY by Sazali Sukardi Vice President Research CyberSecurity Malaysia SCOPE INTRODUCTION CYBER SECURITY INCIDENTS IN MALAYSIA CAPACITY BUILDING The Council For
More informationCyber Terrorism and Australia s Terrorism Insurance Scheme. Physically Destructive Cyber Terrorism as a Gap in Current Insurance Coverage
Cyber Terrorism and Australia s Terrorism Insurance Scheme Physically Destructive Cyber Terrorism as a Gap in Current Insurance Coverage Cyber Terrorism? 2013 cyber attacks on the websites of media companies
More informationNATO & Cyber Conflict: Background & Challenges
NATO & Cyber Conflict: Background & Challenges Dr. Sean Lawson Department of Communication University of Utah [Full citation: Lawson, Sean. (2012) NATO & Cyber Conflict: Background & Challenges. Presented
More informationThe Application of Qualitative Method in Developing a Cyber Terrorism Framework
The Application of Qualitative Method in Developing a Cyber Terrorism Framework Zahri Yunos and Rabiah Ahmad Abstract - A qualitative method research has become an increasingly popular approach in the
More informationCyber security trends & strategy for business (digital?)
Cyber security trends & strategy for business (digital?) Presentation by Anwer Yusoff Head, Industry & Business Development C y b e r S e c u r i t y M a l a y s i a NATIONAL CYBERSECURITY TECHNICAL SPECIALIST
More information2 Gabi Siboni, 1 Senior Research Fellow and Director,
Cyber Security Build-up of India s National Force 2 Gabi Siboni, 1 Senior Research Fellow and Director, Military and Strategic Affairs and Cyber Security Programs, Institute for National Security Studies,
More informationCYBER SECURITY IN INDIA
CYBER SECURITY IN INDIA Introduction In the last couple of decades India has carved a niche for itself in the field of Information technology. Optimization of Information technology in Banking, Defence,
More informationFor Discussion Paper No. 9/2011 on 3 November 2011 DIGITAL 21 STRATEGY ADVISORY COMMITTEE. Cyber Security
For Discussion Paper No. 9/2011 on 3 November 2011 DIGITAL 21 STRATEGY ADVISORY COMMITTEE Cyber Security Purpose This paper briefs Members on the global cyber security outlook facing governments of some
More informationThe Senior Executive s Role in Cybersecurity. By: Andrew Serwin and Ron Plesco.
The Senior Executive s Role in Cybersecurity. By: Andrew Serwin and Ron Plesco. 1 Calling All CEOs Are You Ready to Defend the Battlefield of the 21st Century? It is not the norm for corporations to be
More informationCYBER SECURITY IN INDIA'S COUNTER TERRORISM STRATEGY
Co--t ~~ ~~/ ~V".-b Irr~ CYBER SECURITY IN INDIA'S COUNTER TERRORISM STRATEGY Introduction 1. The threat of terrorism has posed an immense challenge in the post Cold War period. Terror attacks in major
More informationTrends and Tactics in Cyber- Terrorism
Trends and Tactics in Cyber- Terrorism Presented by Li Jingjing Information Security Supervision Bureau (ISSB) Ministry of Public Security (MPS) China Outline What s Cyber-Terrorism? Crime Types and Trends
More informationOn the European experience in critical infrastructure protection
DCAF a centre for security, development and the rule of law On the European experience in critical infrastructure protection Valeri R. RATCHEV ratchevv@yahoo.com @ratchevv DCAF/CSDM 1 This presentation
More informationMaking our Cyber Space Safe
Making our Cyber Space Safe Ghana s Emerging Cyber Security Policy & Strategy William Tevie Director General 5/28/2014 1 Agenda Cyber Security Issues Background to Policy Target Audience for Framework
More informationCyber Diplomacy A New Component of Foreign Policy 6
Cyber Diplomacy A New Component of Foreign Policy 6 Assistant Lecturer Dana DANCĂ, PhD. candidate Titu Maiorescu University, Bucharest dana.danca@yahoo.com Abstract Nowadays, the boundary between virtual
More informationToday s Global Cyber Security Status and Trustworthy Systems That Leverage Distrust Amongst Sovereigns
Today s Global Cyber Security Status and Trustworthy Systems That Leverage Distrust Amongst Sovereigns Benjamin GITTINS Ronald KELSON What is cyberspace and why is it so important? US Government Cyberspace
More informationCybersecurity & International Relations. Assist. Prof. D. ARIKAN AÇAR, Ph.D. Department of International Relations, Yaşar University, Turkey.
Cybersecurity & International Relations Assist. Prof. D. ARIKAN AÇAR, Ph.D. Department of International Relations, Yaşar University, Turkey. Cybersecurity & IR This part of the IWOSI aims to link the Information
More informationSubject: Critical Infrastructure Identification, Prioritization, and Protection
For Immediate Release Office of the Press Secretary The White House December 17, 2003 Homeland Security Presidential Directive / HSPD-7 Subject: Critical Infrastructure Identification, Prioritization,
More informationDecember 17, 2003 Homeland Security Presidential Directive/Hspd-7
For Immediate Release Office of the Press Secretary December 17, 2003 December 17, 2003 Homeland Security Presidential Directive/Hspd-7 Subject: Critical Infrastructure Identification, Prioritization,
More informationSeptember 4, 2003. appearing before you today. I am here to testify about issues and challenges in providing for
Testimony of John A. McCarthy, Director of the Critical Infrastructure Protection Project, George Mason School of Law Before a joint hearing of the House Subcommittee on Infrastructure Security and The
More informationThe role of CyberSecurity Malaysia towards cyber security industry development in Malaysia
The role of CyberSecurity Malaysia towards cyber security industry development in Malaysia Presentation by Dr. Amirudin Abdul Wahab Chief Executive Officer CyberSecurity Malaysia NATIONAL CYBERSECURITY
More informationGlobal Cybersecurity Index Good Practices
AUSTRALIA Global Cybersecurity Index Good Practices LEGAL Australia has acceded to the Council of Europe Convention on Cybercrime. The convention came into force on 1 March 2013. Cybercrime Legislation
More informationCYBER-TERRORISM IN THE AGE OF HIGH TECHNOLOGY
Phd. Mirgen Prençe: Lawyer; Lector in law at European University of Tirana Cel: +355686070014/ prencemm@yahoo.com Aldo Shkëmbi: Lawyer; Lector; and PhD student in law at European University of Tirana Cel:
More informationPublic Private Partnerships and National Input to International Cyber Security
Public Private Partnerships and National Input to International Cyber Security 10 September 2009 Tallinn, Estonia Maeve Dion Center for Infrastructure Protection George Mason University School of Law Arlington,
More informationOf Citadels And Sentinels: State. Tim Legrand and Jeff Malone
Of Citadels And Sentinels: State Strategies For Contesting Cyber-terror Tim Legrand and Jeff Malone 4 key issues and challenges 1. A cyber architecture designed for efficiency, not security 2. Private
More informationCENTRE FOR STRATEGIC CYBERSPACE + SECURITY SCIENCE LEADERSHIP. RESEARCH. DEFENCE.
CSCSS CENTRE FOR STRATEGIC CYBERSPACE + SECURITY SCIENCE LEADERSHIP. RESEARCH. DEFENCE. CSCSS CENTRE FOR STRATEGIC CYBERSPACE + SECURITY SCIENCE The early 21st century has been defined by the Internet,
More informationNavigating Cyber Risk Exposure and Insurance. Stephen Wares EMEA Cyber Risk Practice Leader Marsh
Navigating Cyber Risk Exposure and Insurance Stephen Wares EMEA Cyber Risk Practice Leader Marsh Presentation Format Four Key Questions How important is cyber risk and how should we view the cyber threat?
More information2. SECURITY OF COMMUNICATION AND INFORMATION SYSTEMS IN THE GLOBALIZATION PROCESS
CYBER SECURITY WITHIN THE GLOBALIZATION PROCESS Milan PODHOREC University of Defence, Faculty of Economics and Management, Brno, Czech Republic The contribution focuses on the issue regarding security
More informationNational Cyber Security Policy -2013
National Cyber Security Policy -2013 Preamble 1. Cyberspace 1 is a complex environment consisting of interactions between people, software and services, supported by worldwide distribution of information
More informationGermany: Report on Developments in the Field of Information and Telecommunications in the Context of International Security (RES 69/28),
Germany: Report on Developments in the Field of Information and Telecommunications in the Context of International Security (RES 69/28), General appreciation of the issues of information security Information
More informationTHE STRATEGIC POLICING REQUIREMENT. July 2012
THE STRATEGIC POLICING REQUIREMENT July 2012 Contents Foreward by the Home Secretary...3 1. Introduction...5 2. National Threats...8 3. Capacity and contribution...9 4. Capability...11 5. Consistency...12
More informationTEXAS HOMELAND SECURITY STRATEGIC PLAN 2015-2020: PRIORITY ACTIONS
TEXAS HOMELAND SECURITY STRATEGIC PLAN 2015-2020: PRIORITY ACTIONS INTRODUCTION The purpose of this document is to list the aligned with each in the Texas Homeland Security Strategic Plan 2015-2020 (THSSP).
More informationCYBER SECURITY GUIDANCE
CYBER SECURITY GUIDANCE With the pervasiveness of information technology (IT) and cyber networks systems in nearly every aspect of society, effectively securing the Nation s critical infrastructure requires
More informationAppendix A: Gap Analysis Spreadsheet. Competency and Skill List. Critical Thinking
Appendix A: Gap Analysis Spreadsheet Competency and Skill List Competency Critical Thinking Data Collection & Examination Communication & Collaboration Technical Exploitation Information Security Computing
More informationNATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA
NATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA JOÃO MANUEL ASSIS BARBAS Coronel de Artilharia. Assessor de Estudos do IDN INTRODUCTION Globalization and information and communication technologies
More informationMASLINA DAUD CISSP, ISMS Lead Auditor SPACE & CYBER SECURITY NATIONAL SECURITY COUNCIL FOR SEMINAR KESELAMATAN ICT KKM 24 MARCH 2011 PUTRAJAYA
INFORMATION SECURITY MANAGEMENT SYSTEM (ISMS) : MS ISO/IEC 27001:2007 MASLINA DAUD CISSP, ISMS Lead Auditor SPACE & CYBER SECURITY NATIONAL SECURITY COUNCIL FOR SEMINAR KESELAMATAN ICT KKM 24 MARCH 2011
More informationWater Critical Infrastructure and Key Resources Sector-Specific Plan as input to the National Infrastructure Protection Plan Executive Summary
Water Critical Infrastructure and Key Resources Sector-Specific Plan as input to the National Infrastructure Protection Plan Executive Summary May 2007 Environmental Protection Agency Executive Summary
More informationOil & Gas Industry Towards Global Security. A Holistic Security Risk Management Approach. www.thalesgroup.com/security-services
Oil & Gas Industry Towards Global Security A Holistic Security Risk Management Approach www.thalesgroup.com/security-services Oil & Gas Industry Towards Global Security This white paper discusses current
More informationPromoting a cyber security culture and demand compliance with minimum security standards;
Input by Dr. S.C. Cwele Minister of State Security, Republic of South Africa Cyber Security Meeting, Johannesburg 27 March 2014 I would like to thank the Wits School of Governance for inviting us to contribute
More informationResearch Note Engaging in Cyber Warfare
Research Note Engaging in Cyber Warfare By: Devin Luco Copyright 2013, ASA Institute for Risk & Innovation Keywords: Cyber War, Cyber Warfare, Cyber Attacks, Cyber Threats Abstract This research note defines
More informationAn Overview of Large US Military Cybersecurity Organizations
An Overview of Large US Military Cybersecurity Organizations Colonel Bruce D. Caulkins, Ph.D. Chief, Cyber Strategy, Plans, Policy, and Exercises Division United States Pacific Command 2 Agenda United
More informationHow Secure is Your SCADA System?
How Secure is Your SCADA System? Charles Drobny GlobaLogix, Inc. Houston, TX, USA Our Industry is a Target 40% of cyber attacks on Critical Infrastructure targets are aimed at the Energy Industry The potential
More informationSafety & Security: Cyber Security
Introduction to Homeland Security Chapter 5 Part III Safety & Security: Cyber Security Information Security and National Network Infrastructure Security Information Security: Techniques used to protect
More informationCONNECTING WITH CONFIDENCE: OPTIMISING AUSTRALIA S DIGITAL FUTURE. AIIA Response
CONNECTING WITH CONFIDENCE: OPTIMISING AUSTRALIA S DIGITAL FUTURE AIIA Response 14 November 2011 INTRODUCTION The Australian Information Industry Association (AIIA) is the peak national body representing
More informationPresenter: October 14, 2009 Mr. Takanobu Ito Managing Director, Asia Pacific & Middle East Operations
TeleContinuity The Survivable Cyber Solution Presentation For Presenter: October 14, 2009 Mr. Takanobu Ito Managing Director, Asia Pacific & Middle East Operations 2007 TeleContinuity, Inc.. All Rights
More informationThe Strategic Importance, Causes and Consequences of Terrorism
The Strategic Importance, Causes and Consequences of Terrorism How Terrorism Research Can Inform Policy Responses Todd Stewart, Ph.D. Major General, United States Air Force (Retired) Director, Program
More informationCyber Security & State Energy Assurance Plans
Cyber Security & State Energy Assurance Plans Michigan Cyber Summit 2011 Friday, October 7, 2011 Jeffrey R. Pillon, Director of Energy Assurance National Association of State Energy Officials What is Energy
More informationInfocomm Security Masterplan 2
INFOCOMM DEVELOPMENT AUTHORITY OF SINGAPORE 8 Temasek Boulevard #14-00 Suntec Tower 3 Singapore 038988 Tel : 65-62110888 Fax : 65-62112222 www.ida.gov.sg April 2009 Infocomm Security Masterplan 2 The Infocomm
More informationCyberSecurity Solutions. Delivering
CyberSecurity Solutions Delivering Confidence Staying One Step Ahead Cyber attacks pose a real and growing threat to nations, corporations and individuals globally. As a trusted leader in cyber solutions
More informationCyber Security Strategy
NEW ZEALAND S Cyber Security Strategy 2015 A secure, resilient and prosperous online New Zealand Ministerial Foreword The internet and technology have become a fundamental element in our lives. We use
More informationIntroducing Catastrophe Risk man-made hazards*
Introducing Catastrophe Risk man-made hazards* dr marie gemma dequae 21.2.2014 IRSG Frankfurt This presentation expresses the views of the author and neither the views of EIOPA nor the IRSG. agenda Risk
More information7 Homeland. ty Grant Program HOMELAND SECURITY GRANT PROGRAM. Fiscal Year 2008
U.S. D EPARTMENT OF H OMELAND S ECURITY 7 Homeland Fiscal Year 2008 HOMELAND SECURITY GRANT PROGRAM ty Grant Program SUPPLEMENTAL RESOURCE: CYBER SECURITY GUIDANCE uidelines and Application Kit (October
More informationASEAN s Cooperation on Cybersecurity and against Cybercrime
ASEAN s Cooperation on Cybersecurity and against Cybercrime Presentation by the ASEAN Secretariat Octopus Conference: Cooperation Against Cybercrime 4 December 2013, Strasbourg, France Outline ASEAN Mechanisms
More informationv. 03/03/2015 Page ii
The Trident University International (Trident) catalog consists of two parts: Policy Handbook and Academic Programs, which reflect current academic policies, procedures, program and degree offerings, course
More informationPennsylvania House Veterans Affairs and Emergency Preparedness Public Hearing
Pennsylvania House Veterans Affairs and Emergency Preparedness Public Hearing Cyber-Terrorism: The Security of Banking, Financial and Insurance Systems Thursday, October 16, 2003 Pennsylvania Insurance
More informationOil and Gas Industry A Comprehensive Security Risk Management Approach. www.riskwatch.com
Oil and Gas Industry A Comprehensive Security Risk Management Approach www.riskwatch.com Introduction This white paper explores the key security challenges facing the oil and gas industry and suggests
More informationThe Dow Chemical Company. statement for the record. David E. Kepler. before
The Dow Chemical Company statement for the record of David E. Kepler Chief Sustainability Officer, Chief Information Officer, Business Services and Executive Vice President before The Senate Committee
More informationFinal Draft/Pre-Decisional/Do Not Cite. Forging a Common Understanding for Critical Infrastructure. Shared Narrative
Final Draft/Pre-Decisional/Do Not Cite Forging a Common Understanding for Critical Infrastructure Shared Narrative March 2014 1 Forging a Common Understanding for Critical Infrastructure The following
More informationCYBERSECURITY RISK RESEARCH CENTRE. http://www.riskgroupllc.com. http://www.riskgroupllc.com info@riskgroupllc.com + (832) 971 8322
CYBERSECURITY RISK RESEARCH CENTRE http://www.riskgroupllc.com http://www.riskgroupllc.com info@riskgroupllc.com + (832) 971 8322 Cyber-Security Risk Research Centre In this era of interconnected and interdependent
More informationJOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015
JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015 The following consists of the joint explanatory statement to accompany the Cybersecurity Act of 2015. This joint explanatory statement
More informationCyber Risks and Insurance Solutions Malaysia, November 2013
Cyber Risks and Insurance Solutions Malaysia, November 2013 Dynamic but vulnerable IT environment 2 Cyber risks are many and varied Malicious attacks Cyber theft/cyber fraud Cyber terrorism Cyber warfare
More informationCommonwealth Approach to Cybergovernance and Cybersecurity. By the Commonwealth Telecommunications Organisation
Commonwealth Approach to Cybergovernance and Cybersecurity By the Commonwealth Telecommunications Organisation Trends in Cyberspace Cyberspace provides access to ICT Bridging the digital divide and influencing
More informationProtecting Organizations from Cyber Attack
Protecting Organizations from Cyber Attack Cliff Glantz and Guy Landine Pacific Northwest National Laboratory (PNNL) PO Box 999 Richland, WA 99352 cliff.glantz@pnnl.gov guy.landine@pnnl.gov 1 Key Topics
More informationINSIDE. Cyberterrorism and the Home User By Sarah Gordon, Senior Research Fellow
Symantec Security Response WHITE PAPER Cyberterrorism and the Home User By Sarah Gordon, Senior Research Fellow Symantec Security Response INSIDE What it is? How does this affect me? What can I do to make
More informationEnergy Cybersecurity Regulatory Brief
Energy Understand the regulations that impact the energy industry and accelerate information security initiatives. Contents Overview 3 A Highly Vulnerable Energy Industry 4 Key Regulations to Consider
More informationRecent cyber-security studies in the U.S. David D. Clark MIT CFP May, 2009
Recent cyber-security studies in the U.S. David D. Clark MIT CFP May, 2009 Two recent studies National Academies Study: Technology, Policy, Law, and Ethics Regarding U.S. Acquisition and Use of Cyberattack
More informationUNCLASSIFIED. UNCLASSIFIED Office of Secretary Of Defense Page 1 of 9 R-1 Line #139
Exhibit R-2, RDT&E Budget Item Justification: PB 2015 Office of Secretary Of Defense Date: March 2014 0400: Research, Development, Test & Evaluation, Defense-Wide / BA 6: RDT&E Management Support COST
More informationLessons from Defending Cyberspace
Lessons from Defending Cyberspace The Challenge of Addressing National Cyber Risk Andy Purdy Workshop on Cyber Security Center for American Studies, Christopher Newport College 10 28-2009 Cyber Threat
More informationPanel on Emerging Cyber Security Technologies. Robert F. Brammer, Ph.D., VP and CTO. Northrop Grumman Information Systems.
Panel on Emerging Cyber Security Technologies Robert F. Brammer, Ph.D., VP and CTO Northrop Grumman Information Systems Panel Moderator 27 May 2010 Panel on Emerging Cyber Security Technologies Robert
More informationSurvey of Cyber Security Frameworks
Survey of Cyber Security Frameworks Alice Nambiro Wechuli (Department of Computer Science, Masinde Muliro University of Science and Technology, Kenya alicenambiro@yahoo.com) Geoffrey Muchiri Muketha (Department
More informationNATIONAL STRATEGY FOR GLOBAL SUPPLY CHAIN SECURITY
NATIONAL STRATEGY FOR GLOBAL SUPPLY CHAIN SECURITY JANUARY 2012 Table of Contents Executive Summary 1 Introduction 2 Our Strategic Goals 2 Our Strategic Approach 3 The Path Forward 5 Conclusion 6 Executive
More informationDeveloping a National Strategy for Cybersecurity FOUNDATIONS FOR SECURITY, GROWTH, AND INNOVATION. Cristin Flynn Goodwin J.
Developing a National Strategy for Cybersecurity FOUNDATIONS FOR SECURITY, GROWTH, AND INNOVATION Cristin Flynn Goodwin J. Paul Nicholas October 2013 Contents Executive Summary... 3 What Is a National
More informationTHE CRITICAL ROLE OF EDUCATION IN EVERY CYBER DEFENSE STRATEGY
THE CRITICAL ROLE OF EDUCATION IN EVERY CYBER DEFENSE STRATEGY Juan Cayón Peña, PhD. & Luis Armando García Abstract: The implementation, maintenance, and improvement of a national Cyber defense strategy
More informationFinland s Cyber security Strategy
Finland s Cyber security Strategy FINLAND S CYBER SECURITY STRATEGY Government Resolution 24.1.2013 1 TABLE OF CONTENTS 1. INTRODUCTION... 1 2. VISION FOR CYBER SECURITY... 3 3. CYBER SECURITY MANAGEMENT
More informationCybersecurity thoughts and issues from a political perspective
Cybersecurity thoughts and issues from a political perspective Abstract Area: COMBINED INTERNET GOVERNANCE PRINCIPLES AND ROADMAP Entitled by: Gonzalo A Romero B Region: Colombia Organization:.CO Internet
More informationWho Are The Enemies? What Can They Do?
Who Are The Enemies? What Can They Do? Internet Software Security Issues in the Software Development Process Dr Charles P Pfleeger Pfleeger Consulting Group chuck@pfleeger.com Overview WAMPS 2009 - Workshop
More informationCapacity Building to Strengthen Cybersecurity: Thailand Update
Capacity Building to Strengthen Cybersecurity: Thailand Update ASEAN Regional Forum Workshop on Measures to Enhance Cyber Security Legal and Cultural Aspects September 11-12, 2013 1 1 Chain is only as
More informationJan van den Berg. Delft University of Technology. Faculty of Technology, Policy and Management, section of ICT
1 From From information information security security to cyber cyber warfare: warfare: some some paradigm paradigm shifts shifts and and research research challenges challenges Jan van den Berg Delft University
More informationThe National Cyber Security Strategy (NCSS) Success through cooperation
The National Cyber Security Strategy (NCSS) Success through cooperation 1. Introduction The Netherlands stands for safe and reliable ICT 1 and the protection of the openness and freedom of the Internet.
More informationGAO. CRITICAL INFRASTRUCTURE PROTECTION DHS Leadership Needed to Enhance Cybersecurity
GAO For Release on Delivery Expected at 3 p.m. EDT Wednesday, September 13, 2006 United States Government Accountability Office Testimony Before the House Committee on Homeland Security, Subcommittee on
More informationCyberspace Situational Awarness in National Security System
Cyberspace Situational Awarness in National Security System Rafał Piotrowski, Joanna Sliwa, Military Communication Institute C4I Systems Department Zegrze, Poland, r.piotrowski@wil.waw.pl, j.sliwa@wil.waw.pl
More informationHow To Manage Risk On A Scada System
Risk Management for Industrial Control Systems (ICS) And Supervisory Control Systems (SCADA) Information For Senior Executives (Revised March 2012) Disclaimer: To the extent permitted by law, this document
More informationCyber Side-Effects: How Secure is the Personal Information Entered into the Flawed Healthcare.gov? Statement for the Record
Cyber Side-Effects: How Secure is the Personal Information Entered into the Flawed Healthcare.gov? Statement for the Record Roberta Stempfley Acting Assistant Secretary for Cybersecurity and Communications
More informationNATIONAL DEFENSE AND SECURITY ECONOMICS
NATIONAL DEFENSE AND SECURITY ECONOMICS FUTURE DEVELOPMENT OF ECONOMICS OF DEFENSE AND SECURITY ECONOMIC DIMENSION OF CYBERSPACE AS NEW SECURITY THREAT Content of Topic Introduction Basic Concepts Cyberspace
More informationCyberterror. Cyberspace computer-mediated communication systems has become a battleground between states and terrorists, and among nation states.
Cyberterror Cyberspace computer-mediated communication systems has become a battleground between states and terrorists, and among nation states. What are terrorists main uses of cyberspace? How does cyberterror
More informationA Detailed Strategy for Managing Corporation Cyber War Security
A Detailed Strategy for Managing Corporation Cyber War Security Walid Al-Ahmad Department of Computer Science, Gulf University for Science & Technology Kuwait alahmed.w@gust.edu.kw ABSTRACT Modern corporations
More informationMethods for Assessing Vulnerability of Critical Infrastructure
March 2010 Methods for Assessing Vulnerability of Critical Infrastructure Project Leads Eric Solano, PhD, PE, RTI International Statement of Problem Several events in the recent past, including the attacks
More informationCYBER SECURITY THREATS AND RESPONSES
CYBER SECURITY THREATS AND RESPONSES AT GLOBAL, NATION-STATE, INDUSTRY AND INDIVIDUAL LEVELS Heli Tiirmaa-Klaar* Although cyber security has accompanied the ICT sector since the first computer systems
More informationTHE WHITE HOUSE. Office of the Press Secretary. For Immediate Release February 12, 2013. February 12, 2013
THE WHITE HOUSE Office of the Press Secretary For Immediate Release February 12, 2013 February 12, 2013 PRESIDENTIAL POLICY DIRECTIVE/PPD-21 SUBJECT: Critical Infrastructure Security and Resilience The
More informationJOB ANNOUNCEMENT. Chief Security Officer, Cheniere Energy, Inc.
JOB ANNOUNCEMENT Chief Security Officer, Cheniere Energy, Inc. Position Overview The Vice President and Chief Security Risk Officer (CSRO) reports to the Chairman, Chief Executive Officer and President
More informationCybersecurity MORE THAN A GOOD HEADLINE. Protect more
Cybersecurity MORE THAN A GOOD HEADLINE Protect more Contents 2 Introduction 3 What is Cybersecurity? 4 Thought model 5 Social, Economic, Political, and IT Alignment 8 ICT Infrastructure 10 National Projects
More information11-09-2013. Cyberspace Strategic Impact Social Risk Management. Cyber Security and Cyber Defence. Cyber Defense: NATO Vision
Agenda Cyberspace Strategic Impact Social Risk Management Cyber and Cyber Defence Cyber Defense: NATO Vision Cyber Strategic Concept Conclusions Seminar Cyber : An Action to Establish the Cyber Center
More informationCybersecurity Strategy of the Republic of Cyprus
Policy Document Cybersecurity Strategy of the Republic of Cyprus Network and Information Security and Protection of Critical Information Infrastructures Version 1.0 23 April 2012 TABLE OF CONTENTS EXECUTIVE
More informationNetwork security policy issues. Ilias Chantzos, Director EMEA & APJ NIS Summer School 2008, Crete, Greece
Network security policy issues Ilias Chantzos, Director EMEA & APJ NIS Summer School 2008, Crete, Greece 1 Sample Agenda Slide 1 The current threat landscape 2 IT security and policy leadership 3 The EU
More informationBest Practices in ICS Security for Device Manufacturers. A Wurldtech White Paper
Best Practices in ICS Security for Device Manufacturers A Wurldtech White Paper No part of this document may be distributed, reproduced or posted without the express written permission of Wurldtech Security
More informationEMERGING CYBER RISK CYBER ATTACKS AND PROPERTY DAMAGE: WILL INSURANCE RESPOND?
EMERGING CYBER RISK CYBER ATTACKS AND PROPERTY DAMAGE: WILL INSURANCE RESPOND? ABOUT JLT SPECIALTY JLT Specialty Insurance Services is the U.S. platform of JLT Group, the leading specialty business adivsory
More informationCyber Security Strategy for Germany
Cyber Security Strategy for Germany Contents Introduction 2 IT threat assessment 3 Framework conditions 4 Basic principles of the Cyber Security Strategy 4 Strategic objectives and measures 6 Sustainable
More informationCyber-security: legal implications for financial institutions. IAPP Europe Data Protection Intensive 2013
Cyber-security: legal implications for financial institutions IAPP Europe Data Protection Intensive 2013 Vivienne Artz Managing Director and General Counsel, Citi Cyber threat landscape Kris McConkey Director,
More information