Information Security Summit 2005



Similar documents
立 法 會 Legislative Council

Legislative Council Panel on Information Technology and Broadcasting. Information Security

OCT Training & Technology Solutions Training@qc.cuny.edu (718)

Promoting Network Security (A Service Provider Perspective)

Malware & Botnets. Botnets

Commonwealth IT Threat Management: Keeping Out the Cyber Villains Category: Cyber Security Initiatives. Initiation date: January 2012

Network Security and the Small Business

Top 10 Tips to Keep Your Small Business Safe

3 day Workshop on Cyber Security & Ethical Hacking

Legislative Council Panel on Information Technology and Broadcasting. Information Security

For Discussion Paper No. 9/2011 on 3 November 2011 DIGITAL 21 STRATEGY ADVISORY COMMITTEE. Cyber Security

The FBI Cyber Program. Bauer Advising Symposium //UNCLASSIFIED

Who s Doing the Hacking?

The Impact of Cybercrime on Business

Category: Title of Nomination. Project Manager: Job Title: Agency: Department: Address: City: State:

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

NEW ZEALAND S CYBER SECURITY STRATEGY

Anthony Minnaar Dept of Criminology & Security Science School of Criminal Justice College of Law University of South Africa

Microsoft s cybersecurity commitment

Hong Kong Information Security Outlook 2015 香 港 資 訊 保 安 展 望

Cyber Security & Role of CERT-In. Dr. Gulshan Rai Director General, CERT-IN Govt. of India grai@mit.gov.in

Managed Security Services

Cyber Security Strategy

Statistical Analysis of Internet Security Threats. Daniel G. James

ONLINE BANKING SECURITY TIPS FOR OUR BUSINESS CLIENTS

WEBTHREATS. Constantly Evolving Web Threats Require Revolutionary Security. Securing Your Web World

GEARS Cyber-Security Services

New York State Department of Financial Services. Report on Cyber Security in the Insurance Sector

Cyber Security Solutions for Small Businesses Comparison Report: A Sampling of Cyber Security Solutions Designed for the Small Business Community

A Database Security Management White Paper: Securing the Information Business Relies On. November 2004

ITSC Training Courses Student IT Competence Programme SIIS1 Information Security

Internet Safety and Security: Strategies for Building an Internet Safety Wall

2015 Michigan NASCIO Award Nomination. Cyber Security Initiatives: Michigan Cyber Disruption Response Strategy

Countermeasures against Bots

Don t Fall Victim to Cybercrime:

Who Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence. AIBA Quarterly Meeting September 10, 2015

When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking.

Middle Class Economics: Cybersecurity Updated August 7, 2015

Stopping zombies, botnets and other - and web-borne threats

ecommercial SAT ecommercial Security Awareness Training Version 3.0

Policies and Practices on Network Security of MIIT

7 PRACTICES FOR SAFER COMPUTING

INFOCOMM SEC RITY. is INCOMPLETE WITHOUT. Be aware, responsible. secure!

Executive Overview...4. Importance to Citizens, Businesses and Government...5. Emergency Management and Preparedness...6

Cybersecurity Academies roundtable Tina Allison

GLOBAL BUSINESS DIALOGUE ON ELECTRONIC COMMERCE CYBER SECURITY AND CYBER CRIME SEPTEMBER 26, CEO EDS Corporation

Cybercrime in Canadian Criminal Law

Protecting your business from fraud

Almost 400 million people 1 fall victim to cybercrime every year.

Security workshop Protection against botnets. Belnet Aris Adamantiadis Brussels 18 th April 2013

The Attacker s Target: The Small Business

Cyber Security in Taiwan's Government Institutions: From APT To. Investigation Policies

100% Malware-Free A Guaranteed Approach

Course 4202: Fraud Awareness and Cyber Security Workshop (3 days)

IIABSC Spring Conference

Your Personal Information: Protecting it from Exploitation

COMMISSION OF THE EUROPEAN COMMUNITIES

Keynote. Professor Russ Davis Chairperson IC4MF & Work Shop Coordinator for Coordinator for Technology, Innovation and Exploitation.

Table of Contents. Introduction 2. Beware of Hackers 3. Protection against Malicious Software 9. Self Defence for Cyber Security 14

Practical guide for secure Christmas shopping. Navid

Primer TROUBLE IN YOUR INBOX 5 FACTS EVERY SMALL BUSINESS SHOULD KNOW ABOUT -BASED THREATS

Cyber Security. A professional qualification awarded in association with University of Manchester Business School

Internet threats: steps to security for your small business

OIG Fraud Alert Phishing

Top tips for improved network security

Security - A Holistic Approach to SMBs

FORBIDDEN - Ethical Hacking Workshop Duration

ITU WSIS Thematic Meeting on Countering Spam: The Scope of the problem. Mark Sunner, Chief Technical Officer MessageLabs

9. Information Assurance and Security, Protecting Information Resources. Janeela Maraj. Tutorial 9 21/11/2014 INFO 1500

Trust the Innovator to Simplify Cloud Security

資 通 安 全 產 品 研 發 與 驗 證 (I) ICT Security Overview. Prof.. Albert B. Jeng ( 鄭 博 仁 教 授 ) 景 文 科 技 大 學 資 訊 工 程 系

Alexander Nikov. 9. Information Assurance and Security, Protecting Information Resources. Learning Objectives. You re on Facebook? Watch Out!

Practical Steps To Securing Process Control Networks

Beyond the Hype: Advanced Persistent Threats

WRITTEN TESTIMONY BEFORE THE HEARING ON FEBRUARY 4, 2014 TESTIMONY OF JOHN MULLIGAN TARGET

Spyware: Securing gateway and endpoint against data theft

Welcome to this ACT webinar

White Paper A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK. A balancing act

Country Case Study on Incident Management Capabilities CERT-TCC, Tunisia

Indian Computer Emergency Response Team (CERT-In) Annual Report (2010)

TYPES, PREVALENCE, AND PREVENTION OF CYBERCRIME. Haya Fetais & Mohammed Shabana. Saint Leo University COM- 510

Tax-Related Identity Theft: IRS Efforts to Assist Victims and Combat IDT Fraud

Cyber Security Breakout Session. Ed Rosenberg, Vice President & Chief Security Officer, BMO Financial Group Legal, Corporate & Compliance Group

Cyber Security Solutions:

The Key to Secure Online Financial Transactions

Defending Against Data Beaches: Internal Controls for Cybersecurity

Investigating Computer Crime. Professor Carsten Maple University of Bedfordshire 8th February 2013

Manage the unexpected

for businesses with more than 25 seats

The Leading Provider of Endpoint Security Solutions

How To Protect Yourself From Cyber Threats


Infocomm Sec rity is incomplete without U Be aware,

Loophole+ with Ethical Hacking and Penetration Testing

Statement for the Record. Richard Bejtlich. Chief Security Strategist. FireEye, Inc. Before the. U.S. House of Representatives

Cyber Security. John Leek Chief Strategist

Advanced Threat Protection with Dell SecureWorks Security Services

Better protection for customers, and recurring revenue for you!

Top five strategies for combating modern threats Is anti-virus dead?

WEB ATTACKS AND COUNTERMEASURES

Transcription:

Information Security Summit 2005 Forensically Sound Information Security Management in a Risk Compliance Era Keynote Opening Address by Mr. Howard C Dickson Government Chief Information Officer Government of the Hong Kong Special Administrative Region 8 November 2005 1 Distinguished Guests, Ladies and Gentlemen, Good morning. I have great pleasure to be invited to address you at the Information Security Summit 2005 this morning. 1

Beware of : Cyber Security Threats Computer Viruses Spyware Phishing Scam Botnet Ransom Fake Website Credential Theft and new tricks 140,000 Viruses since 1986 2 Nowadays, people seldom question the benefits of using the Internet for communication and doing business. Business executives are now concerned about the rising trend of cyber security threats such as computer virus attack, spyware, phishing, scam, botnet, ransom, fake website, credential theft and other tricks. Since the first virus was discovered in 1986, more than 140,000 viruses have been found exploiting software vulnerabilities and disrupting computer networks and systems worldwide. At the same time, hackers keep finding ways to intrude into networks and computer systems, implant unwanted program codes in victim computers or hijack Internet access to bogus websites. IT executives are angry at spyware that leaks out their company information stealthily, or slows down their systems. 2

Spam Nuisance Email, Fax, SMS/MMS, Telephone Call and etc. 67% of Email Traffic Unsolicited Mobile Phone Calls 3 Internet users also face rising intrusive spam nuisance. Spam is disseminated in various forms, such as email, fax, SMS/MMS and telephone call. In September, the global ratio of spam in email traffic was 67%. There is also a rapid rise in unsolicited mobile phone calls where the recipients have to pay for taking such nuisance calls. 3

Cyber Crimes 560 Cases in 2004 in HK Including Hacking Obscene Articles Criminal Damage to Data Internet Shopping Fraud 4 The increase of cyber crimes is another concern. In Hong Kong, computer related crimes have climbed from 34 cases in 1998 to 560 cases in 2004. These crime cases include hacking, publication of obscene articles, criminal damage in relation to data, and Internet shopping fraud. Is the cyber space so unfriendly? My answer is Certainly Not. Instead of viewing these threats as impediments to moving into the information age, we should treat them as reasons for having a good information security posture so that we can continue to reap the benefits of the Internet era. 4

Cracking down Cyber Crimes Robust ICT infrastructure Security Policy and Measures Computer Forensics Facilities Expertise Collaboration 5 Over the past years, the Government has taken successful steps to establish a robust ICT infrastructure to facilitate the conduct of electronic commerce in Hong Kong. Today, we have a robust Internet infrastructure with many excellent Internet service providers as well as an emergency response support mechanism. To safeguard our information systems, computer users have to implement effective measures to guard against various types of cyber attacks. It is advisable for businesses to formulate a set of security policy, guidelines and good practices. In our fight against cyber crimes, the Government has established computer forensics facilities, developed expertise and collaborated with the industry, which has enabled the successful crack down of many cyber crime cases in recent years. 5

The STEPS Anti-Spam Campaign Five Key Initiatives of STEPS : Strengthening Existing Regulatory Measures Technical Solutions Education Partnerships Statutory Measures 6 Realizing the damaging effects of spamming activities, the Government has launched a campaign entitled STEPS to fight the spam epidemic. STEPS tackles the spam problem by means of five key initiatives. They are Strengthening Existing Regulatory Measures, Technical Solutions, Education, Partnerships and Statutory Measures. Before the anti-spam law is put in place, the Government is seeking telephone operators cooperation in providing their customers with services to filter unwanted promotional telephone calls. It is important to appreciate that Information Security is about people, process and technology, with the latter contributing about 20%. Incidents such as Web Defacement, Denial of Service, Hacking and Virus Attack will occur on the Internet because this is the nature of doing business in an open environment. 6

Cyber Security for MC6 High Profile International Event to be held in Hong Kong between 13-18 December Cyber Security an Issue Must ensure high standard of information security to Protect, Detect, React and Restore Respond to Security Incidents Execute Contingency Plans 7 Government has taken serious steps to ensure cyber security for the MC6 to be held between 13 th and 18 th December. The best practices and effective mitigation measures to combat against large scale cyber attacks are to get prepared and practise responding to such incidents through tabletop or mock exercises. Loopholes discovered are corrected quickly. We train our folks and have them ready to counter malicious activities. If necessary, business continuity plans will be activated to provide service through alternate means. Our top priority is to minimize the impact on operations by isolating the incident and blocking the attack so that the MC6 as well as the Government s operation can continue. To ensure maximum information security in the community, the Government is currently working together with the major Internet Service Providers to develop guidelines and procedures for responding to the various cyber attacks. We will ensure proactive public affairs to update the public and manage their expectations. 7

Public Education and Awareness InfoSec Website (www.infosec.gov.hk) Education Programmes Promotion Campaigns 8 To facilitate the development of a reliable and secure e-community, we need the concerted efforts from everyone in our community and be a good citizen of the cyber world. Government is committed to raising public awareness and promoting ethics on information security through launching the InfoSec website (www.infosec.gov.hk), education programmes and promotion campaigns. 8

Hong Kong Clean PC Day Clean your PCs on 25 November 2005 Scan your PCs with Anti-virus Software Protect your PCs with Personal Firewall Apply Security Patches 9 We have set 25 November 2005 as the Hong Kong Clean PC Day to arouse the community on the importance of information security and how to protect their information from cyber attacks. You are cordially invited to participate in this meaningful campaign. Please visit the OGCIO website to find out more details. 9

For Your Concerted Efforts to Ensure Cyber Security 10 I wish the Summit a great success. Thank you. 10

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information