Open Source Incident Management Tool for CSIRTs
|
|
|
- Brett Rich
- 8 years ago
- Views:
Transcription
1 An Agency Under MOSTI Open Source Incident Management Tool for CSIRTs Adli Wahid Head, Malaysia CERT (MyCERT) CyberSecurity Malaysia Copyright 2008 CyberSecurity Malaysia
2 Agenda About MyCERT Where do incidents come from? Open Source Incident Handling Tool Conclusion Copyright 2008 CyberSecurity Malaysia 2
3 About MyCERT 1997 CyberSecurity Malaysia Malaysian Internet Users 15 staff Copyright 2008 CyberSecurity Malaysia 3
4 MyCERT s Services Cyber999 Cyber Early Warning Research National CERT & Global Emergency Co-ordination Copyright 2008 CyberSecurity Malaysia 4
5 Possible Services of CSIRT Reactive Proactive Security Quality Management Services Incident Handling Services Activities Activities Copyright 2008 CyberSecurity Malaysia 5
6 Where do incidents come from? External Parties CSIRT Internal Parties Copyright 2008 CyberSecurity Malaysia 6
7 Example of Incidents Defacement Host being used to send spam Host connected to a bot command & control Scanning activities from your network Etc Internal incidents Copyright 2008 CyberSecurity Malaysia 7
8 SOPs Standard Operating Procedures Different for different incidents Shows workflows and Response Time (SLAs) Copyright 2008 CyberSecurity Malaysia 8
9 Overview of MyCERT Incident Handling Process An Agency Under Complainant lodge Security incident Complainant lodge report to MyCERT via phone, fax, sms and or MOSTI Yes Yes 1 st level resolve issue? No 2 nd level resolve issue? Analyze the report and verify sufficient information is available to proceed Provide information and guide complainant in next course of action Ensure compliance to service level: Destructive or Criminal* incidents hours Spam/harrassment next working day Follow up with complainant until case is closed Analyze artifacts, logs, intelligence gathering, etc Provide solution/advise/recommendation based on analysis conducted No Cooperate with external parties (ISP, Vendor, Law Enforcement) Cooperation in assisting complainant to lodge official reports with respective law enforcement. Assist law enforcement & ISPs in gathering and preserving evidence Escalate to vendor should assistance is needed in getting the solution or the case is vendor-related Close Feedback to complainant and close the case * Destructive/Criminal Incidents include: Intrusion, Denial of Service, Copyright large 2008 CyberSecurity Malaysia
10 Artefacts Handling Logs Binaries ETC Screenshots Copyright 2008 CyberSecurity Malaysia 10
11 The tool that you need Incident Management Tool Copyright 2008 CyberSecurity Malaysia 11
12 Requirements Unique ticketing, tracking Escalation more than one user Artifacts handling Secure communication Database of contacts Copyright 2008 CyberSecurity Malaysia 12
13 Open Source Options OTRS RTIR AIRT Copyright 2008 CyberSecurity Malaysia 13
14 Incident Reporting Channel Fax ETC OTRS IDS Phone Web SMS Copyright 2008 CyberSecurity Malaysia 14
15 OTRS Modules Incident tracking module Authoring tools for advisories Vulnerabilities database Artifact database Contacts database Ticket module WebWatcher Call module IDMEFConsole Copyright 2008 CyberSecurity Malaysia 15
16 Screenshots OTRS in Action Copyright 2008 CyberSecurity Malaysia 16
17 Conclusion People, Process, Technology makes up CSIRT You need tools to support incident handling activities Choosing the right tool for your work is important Copyright 2008 CyberSecurity Malaysia 17
18 Thank You! Copyright 2008 CyberSecurity Malaysia 18
Incident Response & Handling
Incident Response & Handling BDNOG Workshop 19 21 May 2014 Adli Wahid Security Specialist, APNIC adli@apnic.net About Me Adli Wahid Current Role Security Specialist, APNIC Previous Roles Cyber Security
Cyber Security & Role of CERT-In. Dr. Gulshan Rai Director General, CERT-IN Govt. of India grai@mit.gov.in
Cyber Security & Role of CERT-In Dr. Gulshan Rai Director General, CERT-IN Govt. of India grai@mit.gov.in Web Evolution Web Sites (WWW) 1993 Web Invented and implemented 130 Nos. web sites 1994 2738 Nos.
Cyber Security Threats and Countermeasures
GBDe 2006 Issue Group Cyber Security Threats and Countermeasures Issue Chair: Buheita Fujiwara, Chairman, Information-technology Promotion Agency (IPA), Japan 1. Overview Cyber security is expanding its
L evoluzione del Security Operation Center tra Threat Detection e Incident Response & Management
L evoluzione del Security Operation Center tra Threat Detection e Incident Response & Management Security Services Architect & Advisor, IBM Italia Intervento al Security Summit Milano 2016 15 aprile Autore
How to build and run a Security Operations Center
How to build and run a Security Operations Center v1.1 Nicolas FISCHBACH Senior Manager, Network Engineering Security, COLT Telecom nico@securite.org - http://www.securite.org/nico/ About Nicolas Fischbach
Creating and Managing Computer Security Incident Response Teams (CSIRTs)
Creating and Managing Computer Security Incident Response Teams (CSIRTs) CERT Training and Education Networked Systems Survivability Program Software Engineering Institute Carnegie Mellon University Pittsburgh,
Country Case Study on Incident Management Capabilities CERT-TCC, Tunisia
Country Case Study on Incident Management Capabilities CERT-TCC, Tunisia Helmi Rais CERT-TCC Team Manager National Agency for Computer Security, Tunisia helmi.rais@ansi.tn helmi.rais@gmail.com Framework
Report on CAP Cybersecurity November 5, 2015
Agenda Number 7. Report on CAP Cybersecurity November 5, 2015 Phil Cook CISSP, CISM Manager, Information Technologies Risk #1 External Attacks PR 81 Protect and secure CAP's Information Technology assets
Designing and Developing an Application for Incident Response Teams
Designing and Developing an Application for Incident Response Teams Kees Leune and Sebastiaan Tesink Tilburg University, The Netherlands FIRST 2006, Baltimore, MD, USA High-quality Internet for higher
Sourcefire Customer Case Study Nokia Siemens Networks: Creating Actionable Security Intelligence for Global IT Infrastructures
Sourcefire Customer Case Study Nokia Siemens Networks: Creating Actionable Security Intelligence for Global IT Infrastructures Tim Larson Host Integrity Systems Inc. 1 Agenda Introduction of Case Study
Implementing an Incident Response Team (IRT)
1.0 Questions about this Document CSIRT 2362 Kanegis Dr Waldorf, MD 20603 Tel: 1-301-275-4433 - USA 24x7 Incident Response: Martinez@csirt.org Text Message: Text@csirt.org Implementing an Incident Response
New Zealand Security Incident Management Guide for Computer Security Incident Response Teams (CSIRTs)
New Zealand Security Incident Management Guide for Computer Security Incident Response Teams (CSIRTs) Robin Ruefle Ken van Wyk Lana Tosic May 2013 New Zealand National Cyber Security Centre Government
Romanian National Computer Security Incident Response Team CERT-RO. dan.tofan@cert-ro.eu http://www.cert-ro.eu
Romanian National Computer Security Incident Response Team CERT-RO dan.tofan@cert-ro.eu http://www.cert-ro.eu About A Digital Agenda for Europe, Pillar : Trust and Security, Action 38 Member States to
Cyber security Country Experience: Establishment of Information Security Projects.
Cyber security Country Experience: Establishment of Information Security Projects. Mr. Vincent Museminali vincent.museminali@rura.rw Internet and New media regulations Rwanda Utilities Regulatory Authority
The FBI Cyber Program. Bauer Advising Symposium //UNCLASSIFIED
The FBI Cyber Program Bauer Advising Symposium October 11, 2012 Today s Agenda What is the threat? Who are the adversaries? How are they attacking you? What can the FBI do to help? What can you do to stop
aecert Roadmap Eng. Mohammed Gheyath Director, Technical Affairs TRA
aecert Roadmap Eng. Mohammed Gheyath Director, Technical Affairs TRA Agenda Introduction aecert Vision & Mission The need to establish a UAE National CERT Constituent Framework & Service Catalog National
Hong Kong Information Security Outlook 2015 香 港 資 訊 保 安 展 望
Hong Kong Information Security Outlook 2015 香 港 資 訊 保 安 展 望 Agenda Information Security Trends Year 2014 in Review Outlook for 2015 Advice to the Public Hong Kong Computer Emergency Response Team Coordination
DANCERT RFC2350 Description Date: 10-10-2014 Dissemination Level:
10-10-2014 Date: 10-10-2014 Dissemination Level: Owner: Authors: Public DANCERT DANTE Document Revision History Version Date Description of change Person 1.0 10-10-14 First version issued Jan Kohlrausch
Identity Fraud: Presented by: MOHD ZABRI ADIL TALIB Head, Digital Forensics CyberSecurity Malaysia zabri@cybersecurity.my
Identity Fraud: Platform for Cybercrime Presented by: MOHD ZABRI ADIL TALIB Head, Digital Forensics CyberSecurity Malaysia zabri@cybersecurity.my Introduction of Digital Forensics Department, CyberSecurity
Vulnerability handling DK-CERT
Vulnerability handling DK-CERT TF-CSIRT, Heraklion, 21. May 2010 Shehzad Ahmad, DK-CERT Email: shehzad.ahmad@uni-c.dk Agenda Introduction of DK-CERT Background, today and the future DK-CERT Services Vulnerability
Information Technology Policy
ITP Number ITP-SEC024 Category Security Contact RA-ITCentral@pa.gov Information Technology Policy IT Security Incident Policy Effective Date August 2, 2012 Supersedes Scheduled Review Annual 1. Purpose
RFC 2350 CSIRT-TEHTRIS [CERT-TEHTRIS]
![RFC 2350 CSIRT-TEHTRIS [CERT-TEHTRIS]](/thumbs/38/17892307.jpg "RFC 2350 CSIRT-TEHTRIS [CERT-TEHTRIS]")
RFC 2350 CSIRT-TEHTRIS [CERT-TEHTRIS] 1 Document information... 2 1.1 Date of Last Update... 2 1.2 Distribution List for Notifications... 2 1.3 Locations where this Document May Be Found... 2 1.4 Authenticating
Mendix ExpertDesk, Change and Incident Management. Customer Support
Mendix ExpertDesk, Change and Incident Management Customer Support Mendix Customer Support Defined roles 0, 1st, 2nd and 3rd Tier Support Support level Description Role Tier 0 Online Forum: https://mxforum.mendix.com
Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model
Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model Stéphane Hurtaud Partner Governance Risk & Compliance Deloitte Laurent De La Vaissière Director Governance Risk & Compliance
Incident Management Process: Strategies, tools and techniques
Incident Management Process: Strategies, tools and techniques Jacques Schuurman jacques.schuurman@surfnet.nl Riga, LV 14 April, 2008 Agenda - Introduction into Incident Management - How to devise a strategy
Business & Finance Information Security Incident Response Policy
Business & Finance Information Security Incident Response Policy University of Michigan http://www.umich.edu/~busfin/ Document Version: 10 Effective Date: 6/1/2006 Review Date: 7/31/2009 Responsible: Approval
Cyber security trends & strategy for business (digital?)
Cyber security trends & strategy for business (digital?) Presentation by Anwer Yusoff Head, Industry & Business Development C y b e r S e c u r i t y M a l a y s i a NATIONAL CYBERSECURITY TECHNICAL SPECIALIST
Information Security Incident Management Guidelines
Information Security Incident Management Guidelines INFORMATION TECHNOLOGY SECURITY SERVICES http://safecomputing.umich.edu Version #1.0, June 21, 2006 Copyright 2006 by The Regents of The University of
Protecting critical infrastructure from Cyber-attack
Protecting critical infrastructure from Cyber-attack ACI-NA BIT Workshop, Session 6 (Cybersecurity) Long Beach, California October 4, 2015 Ben Trethowan Aviation Systems & Security Architect The scale
Symantec Cyber Threat Analysis Program Program Overview. Symantec Cyber Threat Analysis Program Team
Symantec Cyber Threat Analysis Program Symantec Cyber Threat Analysis Program Team White Paper: Symantec Security Intelligence Services Symantec Cyber Threat Analysis Program Contents Overview...............................................................................................
Global Cybersecurity Index Good Practices
AUSTRALIA Global Cybersecurity Index Good Practices LEGAL Australia has acceded to the Council of Europe Convention on Cybercrime. The convention came into force on 1 March 2013. Cybercrime Legislation
Incident Reporting Guidelines for Constituents (Public)
Incident Reporting Guidelines for Constituents (Public) Version 3.0-2016.01.19 (Final) Procedure (PRO 301) Department: GOVCERT.LU Classification: PUBLIC Contents 1 Introduction 3 1.1 Overview.................................................
University of Colorado at Denver and Health Sciences Center HIPAA Policy. Policy: 9.2 Latest Revision: 04/17/2005 Security Incidents Page: 1 of 9
Security Incidents Page: 1 of 9 I. Purpose, Reference, and Responsibility A. Purpose The purpose of this policy is to define a security incident and to provide the procedures for notification, investigation,
GEARS Cyber-Security Services
Florida Department of Management Services Division of State Purchasing Table of Contents Introduction... 1 About GEARS... 2 1. Pre-Incident Services... 3 1.1 Incident Response Agreements... 3 1.2 Assessments
University of Central Florida Class Specification Administrative and Professional. Information Security Officer
Information Security Officer Job Code: 2534 Serve as the information security officer for the University. Develop and computer security system standards, policies, and procedures. Serve as technical team
Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown
Cyber Resilience Implementing the Right Strategy Grant Brown specialist, CISSP @TheGrantBrown 1 2 Network + Technology + Customers = $$ 3 Perfect Storm? 1) Increase in Bandwidth (extended reach) 2) Available
Product Maintenance Services. General Terms for Product Maintenance
Product Maintenance Services Product Maintenance Services General Terms for Product Maintenance 2 Contents Product Maintenance Services General Terms for Product Maintenance Terminology Product Life Cycle
Supporting CSIRTs in the EU Marco Thorbruegge Head of Unit Operational Security European Union Agency for Network and Information Security
Supporting CSIRTs in the EU Marco Thorbruegge Head of Unit Operational Security European Union Agency for Network and Information Security www.enisa.europa.eu European Union Agency for Network and Information
Effective Threat Management. Building a complete lifecycle to manage enterprise threats.
Effective Threat Management Building a complete lifecycle to manage enterprise threats. Threat Management Lifecycle Assimilation of Operational Security Disciplines into an Interdependent System of Proactive
Service Delivery Framework
Service Delivery Framework 1 Delivery Manager Team Hierarchy CRM HR SPOC Operations Manager Finance Resource Team Team Lead Unix Team Lead DBA Shift Lead Unix SA Shift Lead Oracle Team Member Unix SA Team
CERT Polska. Przemyslaw Jaroszewski, Miroslaw Maj CERT POLSKA. info@cert.pl. TF-CSIRT Meeting, Copenhagen, 23 May 2002. http://www.cert.
CERT Polska Przemyslaw Jaroszewski, Miroslaw Maj CERT POLSKA info@cert.pl http://www.cert.pl/ TF-CSIRT Meeting, Copenhagen, 23 May 2002 Agenda A bit of history Who are we? What do we do and for whom? Who
Indian Computer Emergency Response Team (CERT-In) Annual Report (2010)
Indian Computer Emergency Response Team (CERT-In) Annual Report (2010) Indian Computer Emergency Response Team (CERT-In) Department of Information Technology Ministry of Communications & Information Technology
Incident categories. Version 2.0-04.02.2013 (final version) Procedure (PRO 303)
Version 2.0-04.02.2013 (final version) Procedure (PRO 303) Classification: PUBLIC / Department: GOVCERT.LU Table Contents Table Contents... 2 1 Introduction... 3 1.1 Overview... 3 1.2 Purpose... 3 1.3
BSM for IT Governance, Risk and Compliance: NERC CIP
BSM for IT Governance, Risk and Compliance: NERC CIP Addressing NERC CIP Security Program Requirements SOLUTION WHITE PAPER Table of Contents INTRODUCTION...................................................
OTRS: Issue Management System Meets Workflow of Security Team Pavel Kácha, 2007 CESNET, z. s. p. o.
HOMO Vulnerabilis Aghast Awarensis Dexterous Securis OTRS: Issue Management System Meets Workflow of Security Team Pavel Kácha, 2007 CESNET, z. s. p. o. History postmaster@, hostmaster@, abuse@ Mailbox
Digital Forensics Institute in Malaysia: The Way Forward
Digital Forensics Institute in Malaysia: The Way Forward Digital forensics initiatives in Malaysia are progressing well. Proficiency as a practitioner is acknowledged since 2000 and for research there
An Overview of Large US Military Cybersecurity Organizations
An Overview of Large US Military Cybersecurity Organizations Colonel Bruce D. Caulkins, Ph.D. Chief, Cyber Strategy, Plans, Policy, and Exercises Division United States Pacific Command 2 Agenda United
How To Manage Security On A Networked Computer System
Unified Security Reduce the Cost of Compliance Introduction In an effort to achieve a consistent and reliable security program, many organizations have adopted the standard as a key compliance strategy
Cyber Security. John Leek Chief Strategist
Cyber Security John Leek Chief Strategist AGENDA The Changing Business Landscape Acknowledge cybersecurity as an enterprise-wide risk management issue not just an IT issue How to develop a cybersecurity
ISE Northeast Executive Forum and Awards
ISE Northeast Executive Forum and Awards October 3, 2013 Company Name: Project Name: Presenter: Presenter Title: University of Massachusetts Embracing a Security First Approach Larry Wilson Chief Information
Unifying Incident Response Teams Via Multi Lateral Cyber Exercise for Mitigating Cros Border Incidents: Malaysia CERT Case Study
Unifying Incident Response Teams Via Multi Lateral Cyber Exercise for Mitigating Cros Border Incidents: Malaysia CERT Case Study Sharifah Roziah Mohd Kassim MyCERT CyberSecurity Malaysia Agenda Introduction
(BDT) BDT/POL/CYB/Circular-002. +41 22 730 6057 +41 22 730 5484 cybersecurity@itu.int
2011 15 (BDT) BDT/POL/CYB/Circular-002 +41 22 730 6057 +41 22 730 5484 cybersecurity@itu.int 2008 2010 2010 International Telecommunication Union Place des Nations CH-1211 Geneva 20 Switzerland Tel: +41
Managed Incident Lightweight Exchange (MILE)
Managed Incident Lightweight Exchange (MILE) Overview and Particpation Kathleen Moriarty Global Lead Security Architect EMC Corporate CTO Office 1 Agenda IETF s Managed Incident Lightweight Exchange (MILE)
Data Breach Response Planning: Laying the Right Foundation
Data Breach Response Planning: Laying the Right Foundation September 16, 2015 Presented by Paige M. Boshell and Amy S. Leopard babc.com ALABAMA I DISTRICT OF COLUMBIA I FLORIDA I MISSISSIPPI I NORTH CAROLINA
FIREWALL CHECKLIST. Pre Audit Checklist. 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review.
1. Obtain previous workpapers/audit reports. FIREWALL CHECKLIST Pre Audit Checklist 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review. 3. Obtain current network diagrams
Guidelines for Website Security and Security Counter Measures for e-e Governance Project
and Security Counter Measures for e-e Governance Project Mr. Lalthlamuana PIO, DoICT Background (1/8) Nature of Cyber Space Proliferation of Information Technology Rapid Growth in Internet Increasing Online
SIRIOS the Framework for CERTs
SIRIOS the Framework for CERTs Thomas Klingmüller Federal Office for Information Security (BSI) Germany 17th FIRST Conference 2005 - Singapore June 26 July 1, 2005 Abstract SIRIOS Framework for CERTs BSI
Incident Categories (Public) Version 3.0-2016.01.19 (Final)
Incident Categories (Public) Version 3.0-2016.01.19 (Final) Procedures (PRO 303) Department: GOVCERT.LU Classification: PUBLIC Contents 1 Introduction 3 1.1 Overview.................................................
Information Sharing Use Cases
Information Sharing Use Cases Effective Information Sharing: Lessons learned from Operator Experience Kathleen M. Moriarty Global Lead Security Architect EMC Office of CTO 1 What s New Text Is Title Case
Solution Briefing. Integrating the LogLogic API with NSN s Remediation & Escalation Mgmt. System
Solution Briefing Integrating the LogLogic API with NSN s Remediation & Escalation Mgmt. System Tim Larson August 2009 Introduction Nokia Siemens Network s environment Company: Leading provider of mobile
Threat Information Sharing; Perspectives, Strategies, and Scenarios
Threat Information Sharing; Perspectives, Strategies, and Scenarios 15 June 2015 Tim Grance,, Sarah Brown, Fox-IT, Luc Dandurand, ITU Thomas Millar, US CERT, Pawel Pawlinski, CERT.PL 1 Information Sharing
North American Electric Reliability Corporation (NERC) Cyber Security Standard
North American Electric Reliability Corporation (NERC) Cyber Security Standard Symantec Managed Security Services Support for CIP Compliance Overviewview The North American Electric Reliability Corporation
Introduction. Helpdesk System
Introduction The User Guide is intended for Perridot Customer (mentioned as Customer ) who has contractual maintenance license agreement signed with Perridot. It provides our customer with some insights
Mustafa AYDINLI NLO CYBER SECURITY ADVISOR
Mustafa AYDINLI NLO CYBER SECURITY ADVISOR AGENDA Introduction to Cyber Security Establishment & History of TR-CERT Responsibilities of TR-CERT Competencies of TR-CERT CYBER SECURITY Cyber security is
By: Gerald Gagne. Community Bank Auditors Group Cybersecurity What you need to do now. June 9, 2015
Community Bank Auditors Group Cybersecurity What you need to do now June 9, 2015 By: Gerald Gagne MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2015 Wolf & Company, P.C. Cybersecurity
Spyders Managed Security Services
Spyders Managed Security Services To deliver world-class Managed Security Services, Spyders must maintain and invest in a strong Security Operations Centre (SOC) capability. Spyders SOC capability is built
The STAGEnet Security Model
NDSU 2015 Cyber Security Conference The STAGEnet Security Model Peeling Away the Layers March 17, 2015 NDSU Memorial Union Rose Room NDSU 2015 Cyber Security Conference Art Bakke Enterprise Information
Malware isn t The only Threat on Your Endpoints
Malware isn t The only Threat on Your Endpoints Key Themes The cyber-threat landscape has Overview Cybersecurity has gained a much higher profile over the changed, and so have the past few years, thanks
Malicious Email Mitigation Strategy Guide
CYBER SECURITY OPERATIONS CENTRE Malicious Email Mitigation Strategy Guide Introduction (UPDATED) SEPTEMBER 2012 1. Socially engineered emails containing malicious attachments and embedded links are commonly
Incident Response Procedures
Table of Contents Procedures Tony Arnold 26/11/06 1. Introduction...1 2. Organisation...1 3. Reported Incidents...2 3.1 Reporting...2 3.2 Incidents...2 3.3 Blocking...3 3.4 Investigations...3 3.5 Resolving...3
SapphireIMS Service Desk Feature Specification
SapphireIMS Service Desk Feature Specification All rights reserved. COPYRIGHT NOTICE AND DISCLAIMER No parts of this document may be reproduced in any form without the express written permission of Tecknodreams
CAPACITY BUILDING TO STRENGTHEN CYBERSECURITY. Sazali Sukardi Vice President Research CyberSecurity Malaysia
CAPACITY BUILDING TO STRENGTHEN CYBERSECURITY by Sazali Sukardi Vice President Research CyberSecurity Malaysia SCOPE INTRODUCTION CYBER SECURITY INCIDENTS IN MALAYSIA CAPACITY BUILDING The Council For
Building a Cyber Security Emergency Response Team (CERT) for the NREN Community The case of KENET CERT
Building a Cyber Security Emergency Response Team (CERT) for the NREN Community The case of KENET CERT Peter MUIA 1, Meoli KASHORDA 1, Kennedy ASEDA 1, Ronald OSURE 1, Martin NJAU 1 1 Kenya Education Network,
TECHNICAL SUPPORT GUIDE
TECHNICAL SUPPORT GUIDE Copyright 2009 Fiberlink Corporation. All rights reserved. Information in this document is subject to change without notice. The software described in this document is furnished
Cyber Security ( Lao PDR )
ITU Cyber security Forum and Cyber Drill 9-11 December 2013,Lao Plaza Hotel, Vientiane, Lao PDR Country updates on Cyber Security ( Lao PDR ) By Khamla Sounnalat Deputy head of LaoCERT Ministry of Posts
BAE Systems PCI Essentail. PCI Requirements Coverage Summary Table
BAE Systems PCI Essentail PCI Requirements Coverage Summary Table Introduction BAE Systems PCI Essential solution can help your company significantly reduce the costs and complexity of meeting PCI compliance
Iowa Health Information Network (IHIN) Security Incident Response Plan
Iowa Health Information Network (IHIN) Security Incident Response Plan I. Scope This plan identifies the responsible parties and action steps to be taken in response to Security Incidents. IHIN Security
CERT.AZ description as per RfC 2350
CERT.AZ description as per RfC 2350 Contact Cyber Security Center (CSC) Computer Emergency Response Team (CERT) Address Block 702, Drogal lane Baku, Azerbaijan Telephone: +99412 4932056 +99412 4932057
The Role of Threat Intelligence and Layered Security for Intrusion Prevention in the Post-Target Breach Era
The Role of Threat Intelligence and Layered Security for Intrusion Prevention in the Post-Target Breach Era Dave Plzak Security Evangelist Sentinel IPS davep@econet.com * Agenda Review of the current Network
ESKISP6064.03 Conducts vulnerability assessment under supervision
Conducts vulnerability assessment under supervision Overview This standard covers the competencies required to conduct vulnerability assessments under supervision. This includes following processes for
Tunisia s experience in building an ISAC. Haythem EL MIR Technical Manager NACS Head of the Incident Response Team cert-tcc
Tunisia s experience in building an ISAC Haythem EL MIR Technical Manager NACS Head of the Incident Response Team cert-tcc 1 Agenda Introduction ISAC objectives and benefits Tunisian approach SAHER system
SapphireIMS 4.0 Service Desk Feature Specification
SapphireIMS 4.0 Service Desk Feature Specification v1.4 All rights reserved. COPYRIGHT NOTICE AND DISCLAIMER No parts of this document may be reproduced in any form without the express written permission
OCIE CYBERSECURITY INITIATIVE
Topic: Cybersecurity Examinations Key Takeaways: OCIE will be conducting examinations of more than 50 registered brokerdealers and registered investment advisers, focusing on areas related to cybersecurity.
Critical Controls for Cyber Security. www.infogistic.com
Critical Controls for Cyber Security www.infogistic.com Understanding Risk Asset Threat Vulnerability Managing Risks Systematic Approach for Managing Risks Identify, characterize threats Assess the vulnerability
Cybersecurity The role of Internal Audit
Cybersecurity The role of Internal Audit Cyber risk High on the agenda Audit committees and board members are seeing cybersecurity as a top risk, underscored by recent headlines and increased government
SPSP Phase III Recruiting, Selecting, and Developing Secure Power Systems Professionals: Job Profiles
PNNL-24138 SPSP Phase III Recruiting, Selecting, and Developing Secure Power Systems Professionals: Job Profiles March 2015 LR O Neil TJ Conway DH Tobey FL Greitzer AC Dalton PK Pusey Prepared for the
The Role of Threat Intelligence and Layered Security for Intrusion Prevention in the Post-Target Breach Era
The Role of Threat Intelligence and Layered Security for Intrusion Prevention in the Post-Target Breach Era Ted Gruenloh Director of Operations Sentinel IPS * Agenda! Review of the current Network Security
UMHLABUYALINGANA MUNICIPALITY PATCH MANAGEMENT POLICY/PROCEDURE
UMHLABUYALINGANA MUNICIPALITY PATCH MANAGEMENT POLICY/PROCEDURE Originator Patch Management Policy Approval and Version Control Approval Process: Position or Meeting Number: Date: Recommended by Director
Cyber intelligence exchange in business environment : a battle for trust and data
Cyber intelligence exchange in business environment : a battle for trust and data Experiences of a cyber threat information exchange research project and the need for public private collaboration Building
ICBA Summary of FFIEC Cybersecurity Assessment Tool
ICBA Summary of FFIEC Cybersecurity Assessment Tool July 2015 Contact: Jeremy Dalpiaz Assistant Vice President Cyber Security and Data Security Policy Jeremy.Dalpiaz@icba.org www.icba.org ICBA Summary
Attachment A. Identification of Risks/Cybersecurity Governance
Attachment A Identification of Risks/Cybersecurity Governance 1. For each of the following practices employed by the Firm for management of information security assets, please provide the month and year
Policies of the University of North Texas Health Science Center
Policies of the University of North Texas Health Science Center 14.650 UNT Health IT Change Policy Chapter 14 UNT Health Policy Statement. It is the standard operating policy of UNT Health, UNTHSC Academic
Stepping Through the Info Security Program. Jennifer Bayuk, CISA, CISM
Stepping Through the Info Security Program Jennifer Bayuk, CISA, CISM Infosec Program How to: compose an InfoSec Program cement a relationship between InfoSec program and IT Governance design roles and
Towards closer EU-ASEAN collaboration in cybersecurity
Supporting European Union and Southeast Asia ICT strategic partnership and policy dialogue: Connecting ICT EU-SEA Research, Development and Innovation Knowledge Networks Towards closer EU-ASEAN collaboration
Information Technology General Controls And Best Practices
Paul M. Perry, FHFMA, CITP, CPA Alabama CyberNow Conference April 5, 2016 Information Technology General Controls And Best Practices 1. IT General Controls - Why? 2. IT General Control Objectives 3. Documentation
Principles of Information Security, Fourth Edition. Chapter 12 Information Security Maintenance
Principles of Information Security, Fourth Edition Chapter 12 Information Security Maintenance Learning Objectives Upon completion of this material, you should be able to: Discuss the need for ongoing
Microsoft s cybersecurity commitment
Microsoft s cybersecurity commitment Published January 2015 At Microsoft, we take the security and privacy of our customers data seriously. This focus has been core to our culture for more than a decade
MONITORING AND VULNERABILITY MANAGEMENT PCI COMPLIANCE JUNE 2014
MONITORING AND VULNERABILITY MANAGEMENT PCI COMPLIANCE JUNE 2014 COMPLIANCE SCHEDULE REQUIREMENT PERIOD DESCRIPTION REQUIREMENT PERIOD DESCRIPTION 8.5.6 As Needed 11.1 Monthly 1.3 Quarterly 1.1.6 Semi-Annually
Module 1: Overview. Module 2: AlienVault USM Solution Deployment. Module 3: AlienVault USM Basic Configuration
Module 1: Overview This module provides an overview of the AlienVault Unified Security Management (USM) solution. Upon completing this module, you will meet these objectives: Describe the goal of network