CYBERBOK Cyber Crime Security Essential Body of Knowledge: A Competency and Functional Framework for Cyber Crime Management

Transcription

1 CYBERBOK Security Essential Body of Knowledge: A Competency and Functional Framework for Security Workforce Development aligned with ISO 31000* risk management principles and guidelines. *Note : ISO is the internationally-adopted risk management standard recognized by over 60 countries. More information : Ver 1.00

2 Training & Education: Program Goals and Objectives Improve cyber crime awareness and management education for cyber professionals in both law enforcement and corporate domain Increase efficiency of existing cyber security training programs to comply with ISO Promote vendor-neutral cyber security certifications and compliance standards

3 CYBERBOK Definition = unlawful act using any active or non active electronic device affecting the objectives of any type of networks or critical infrastructure.

4 CYBERBOK 11 Cyber Risks Domains Cyber management practices Cyber Security management practices Cyber systems and methodology Cyber Telecommunications and networking security Cyber Cryptography Cyber Security architecture and models Cyber Operations security Cyber Application and systems development and security Cyber Security Business continuity and disaster recovery planning Laws, investigation, and ethics

5 CYBERBOK CYBERBOK Cyber crime management focuses on cyber crime information management and containment. CYBERBOK cyber crime management objectives are: Manage and containment of cyber threats Awareness of cyber crime in the IT workforce arena Protecting cyber assist against cyber crime

6 CYBERBOK Cyber Risks Cyber risk management and ISO Nature and impact of Cyber Risk / Principles of Cyber risk management Alignment with ISO Achieving the benefits of CRM (Cyber Risks )

7 CYBERBOK Practices Need to know what to do /act in time -Subjects should know objects that enables them to perform basic risk assessment and management during cyber online functions. Secure IT environment -Subjects should know how to work on a secure environment online what to do and what not to do IT administrative controls -Subjects should know Policies, Standards, Processes, Procedures, & Guidelines in their IT work environment Risk awareness -Subjects should know cyber risk awareness, good practices, Procedures, & Guidelines in their IT work environment when online

8 Categories of Cyber Risk Controls Cyber crime risk assessment online -Online Policies, standards procedures and processes together with guideline of online access during work and out of work. Cyber access control online -Service providers, firewalls, Infosec controls and identification control online in workforce or offline Cyber crime preventive controls online -Prevention policies, guidelines, ID visibility and program security online Cyber threat assessment online - Knowledge awareness of hacking, privacy, types of threats, trends of threats and impact,

9 CYBERBOK Security: Objectives Ensure that all government officials and corporate staff who have access to the online web has a good knowledge of cyber crime management when on the world wide web. Establish a international baseline representing the essential knowledge and cyber skills when confronted with Cyber crime online in alignment with ISO risk management tools. Advance the cyber security landscape by promoting cyber crime risk management competency guideline aligned with ISO 31000

10 CYBERBOK Security: Framework Model

11 CYBERBOK Security: Methodology Develop notional cyber crime management competencies using ISO Standard Identify functions from resources and critical infrastructure work functions (CIWFs) and map to crime management competencies Identify key terms and concepts for each cyber crime risk management competency area Identify theoretical cyber security roles Categorize functions as: evaluate risk type - manage Map roles to Key competencies to functional perspectives

12 CYBERBOK Security: Functional Perspectives Evaluate Risk Type Key Competencies Manage

13 CYBERBOK Security: Functional Perspectives Evaluate - Assessing the potential risks, threats and the policy or processes to effective achieve objectives Risk - Scope of cyber threat risks and developing procedure guidelines to effectively asses the cyber risk. Type - Putting policies, programs in action to determine the type of Cyber risk at hand to categorize it within the guidance of the work framework Manage - Overseeing and managing technical aspects of the cyber security risk at low, medium or high level to change the risk and threat levels providing maximum cover in incident management possible.

14 CYBERBOK Security: The Framework Key Competency Areas (11) Regulatory and Standards such as ISO Guidelines 17 Function-Based Cyber Security Roles

15 CYBERBOK Security: Key Competency Areas IT systems and operations Network systems and operations Cyber incident management Critical infrastructures point of access Enterprise permanence Digital management Data System and application management IT access and management Information management Information access

16 CYBERBOK Security: Regulatory and Standards Refers to the application of the ISO risk management principles, framework and process that enable an enterprise to meet applicable information security CRM, regulations, standards, and policies to satisfy statutory requirements, perform industry-wide best practices, and achieve its information security program goals.

17 CYBERBOK Security: 17 Function-Based Cyber Security Roles IT access and control Chief Information Officer Digital Forensics Professional Information Security Officer/Chief Security Officer IT Security Compliance Professional IT Security Engineer IT Systems Operations and Maintenance Professional IT Security Professional Physical Security Professional Privacy Professional Procurement Professional Law Enforcement officials Intelligence officers Military and flagship officers

18 CYBERBOK Security: Cyber Security Compliance Professional Role Description: The Risk Security Compliance Professional is responsible for overseeing, evaluating, and supporting cyber risk compliance issues pertinent to the organization or government. Individuals in this role perform a variety of activities, encompassing cyber crime risk management compliance from an internal and external perspective. Such activities include leading and conducting internal investigations, assisting employees comply with internal cyber threat policies and procedures, and serving as a resource to external compliance officers during independent assessments. The Cyber Crime Risk Security Compliance Professional provides guidance and autonomous evaluation of the organization risk to Cyber crime and its management.

19 CYBERBOK Security: Support the Cyber Workforce TRAINING EXPERIENCE CYBERBOK COMPLIANCE

20 Contact Information: Program Director Training and Education -National Cyber Security Division

21

22 CYBERBOK Security: Testimonials & Feedback Aligned with our mandate to promote the internationally-recognized ISO risk management standard, we are strongly supporting the initiative of to provide a structured and robust foundation for. The CYBERBOK - Security Essential Body of Knowledge should become an extremely valuable source of knowledge for anyone involved or confronted to, especially since the publication will be aligned with the ISO risk management standard. Alex Dali, MBA, ARM, CT31000 President : The Global Institute for Risk management Standards G31000