PUBLIC DATA AT RISK: CYBER THREATS TO THE NETWORKED GOVERNMENT



Similar documents
The Attacker s Target: The Small Business

Cyber security standard

Cybersecurity. Are you prepared?

How To Write An Article On The European Cyberspace Policy And Security Strategy

External Supplier Control Requirements

MODULES FOR TRAINING PROGRAMMES ON CYBER SECURITY

Finnish Cyber Security Strategy. Permanent Secretary, LTG Arto Räty Chairman of the Security Committee , Geneva

Cybersecurity and internal audit. August 15, 2014

Cybercrime: risks, penalties and prevention

Addressing Cyber Risk Building robust cyber governance

National Cyber Security Policy -2013

2012 NCSA / Symantec. National Small Business Study

Cybersecurity Report on Small Business: Study Shows Gap between Needs and Actions

Open an attachment and bring down your network?

Security & SMEs. An Introduction by Jan Gessin. Introduction to the problem

CYBER EXPOSURES OF SMALL AND MIDSIZE BUSINESSES A DIGITAL PANDEMIC. October Sponsored by:

SOMEBODY'S WATCHING YOU! Maritime Cyber Security White Paper. Safeguarding data through increased awareness

NATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA

Don t Fall Victim to Cybercrime:

Identifying Cyber Risks and How they Impact Your Business

Cyber Risk Mitigation via Security Monitoring. Enhanced by Managed Services

Cyber Security Strategy(Information Security Policy Council, June 10, 2013)

Evolution of Cyber Security and Cyber Threats with focus on Cloud Computing

Cyber Security. An Executive Imperative for Business Owners. 77 Westport Plaza, St. Louis, MO p f

Building a Business Case:

Government Decision No. 1139/2013 (21 March) on the National Cyber Security Strategy of Hungary

Managing Web Security in an Increasingly Challenging Threat Landscape

Software that provides secure access to technology, everywhere.

EU policy on Network and Information Security and Critical Information Infrastructure Protection

How To Get A New Computer For Your Business

Five Trends to Track in E-Commerce Fraud

Central Asian Information Security Survey Results (2014) Insight into the information security maturity of organisations, with a

Opportunities in Indian IT Security Market

2011 NATIONAL SMALL BUSINESS STUDY

Cybersecurity: Considerations for Internal Audit. IIA Atlanta Chapter Meeting January 9, 2015

CAPACITY BUILDING TO STRENGTHEN CYBERSECURITY. Sazali Sukardi Vice President Research CyberSecurity Malaysia

Introduction (Contd )

Cyber Threats Insights from history and current operations. Prepared by Cognitio May 5, 2015

10 Smart Ideas for. Keeping Data Safe. From Hackers

Internet threats: steps to security for your small business

The Education Fellowship Finance Centralisation IT Security Strategy

Demystifying Cyber Insurance. Jamie Monck-Mason & Andrew Hill. Introduction. What is cyber? Nomenclature

Government Decision No. 1139/2013 (21 March) on the National Cyber Security Strategy of Hungary

CYBER SECURITY. ADVISORY SERVICES Governance Risk & Compliance. Shemrick Rodney IT Specialist Consultant Antigua & St. Kitts

Purpose. Service Model SaaS (Applications) PaaS (APIs) IaaS (Virtualization) Use Case 1: Public Use Case 2: Use Case 3: Public.

Today s Cybersecurity Technology: Is Your Business Getting Full Protection?

Internet Security Protecting Your Business. Hayden Johnston & Rik Perry WYSCOM

Jort Kollerie SonicWALL

Cybersecurity for the C-Level

Information Security Seminar 2013

Insurance Considerations Related to Data Security and Breach in Outsourcing Agreements

How To Protect Your Business From A Cyber Attack

Security & privacy in the cloud; an easy road?

2009 Antispyware Coalition Public Workshop

Microsoft s cybersecurity commitment

Security Intelligence

Dealer Member Cyber-security

Cyber Security Market by Solution - Global Forecast to 2020

Network that Know. Rasmus Andersen Lead Security Sales Specialist North & RESE

DON T BE A VICTIM! IS YOUR INVESTMENT PROGRAM PROTECTED FROM CYBERSECURITY THREATS?

Malware, Spyware, Adware, Viruses. Gracie White, Scott Black Information Technology Services

Network Security and the Small Business

Internet Safety and Security: Strategies for Building an Internet Safety Wall

Cyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft

Auditing After a Cyber Attack JAX IIA Chapter Meeting Cybersecurity and Law Enforcement

Knowing Your Enemy How Your Business is Attacked. Andrew Rogoyski June 2014

CYSPA - EC projects supporting NIS

Cyber Security Metrics Dashboards & Analytics

Cyber Risks in the Boardroom

EY Cyber Security Hacktics Center of Excellence

future data and infrastructure

Transcription:

PUBLIC DATA AT RISK: CYBER THREATS TO THE NETWORKED GOVERNMENT Ms LIM May-Ann, Managing Director, TRPC Pte Ltd, & Executive Director, Asia Cloud Computing Association (ACCA) mayann@trpc.biz @eilonwy @accacloud

Govt Dependence on IT Systems E-government Infrastructure National broadband connectivity Management Optimization Public Management Systems Online Services E-taxes, license and fine payments E-voting Public tender system Applications for public services Citizen email Public Utilities and Critical Information Infrastructure Electricity Gas Water Communications Media Open platforms, interconnection, and interoperability have become some of the most important development issues facing government information technology officers.

Types of Info stored by Govts on IT Systems Public Documents and Information Sensitive Public Data Internal Government Communications, Documentation, Email Exchange Data National Security and Defence Information INTRINSIC DATA information created, mined and collated by the government and its agencies COMMERCIAL DATA created as a result of transactions and communications between government and the private sector PERSONAL DATA public data submitted to the government to comply with regulations or to avail of social benefits

Types of Info stored by Govts on IT Systems When large amounts of private government correspondence are released by unauthorized sources such as in the case of WikiLeaks or the Snowden NSA revelations the repercussions can be highly damaging to governments involved.

IT Spending by Governments 120 100 80 60 40 20 0 USD47.4 billion IaaS SaaS PaaS USD107.2 billion 2013 2017 There is a growing understanding that some of these resources must be focused on cyber security issues, especially since state-sponsored and state-targeted cyber attacks have been projected to rise.

Two problems arise for procurement professionals in Asia the rise of infected computers and the lack of experience in dealing with actual threats... (and) most organisations... are not taking enough precautions against the threat of an Advanced Persistent Threat (APT) attack.

Types of Cyber Security Threats to National Security and Defence Information Sensitive Public Data Networked Government Systems Public Documents and Information Internal Government Communications, Documentation, Email Exchange Data Govt

Malware Malware is software intended to damage or disable computers and computer systems often found on counterfeit or pirated software. These programs create opportunities for hackers by loading malicious code onto computers to gain information and sometimes take control over computers. Spyware Tracking Cookies Adware Trojan Virus Keylogger

Cybercrime targeted on individuals Industrial Cybercrime Critical Information Infrastructure Cyber Threat Targets

Roadmap to Creating a Cyber Security Strategy: Five Components of a Robust Cyber Security Policy Readiness Response Awareness Prevention Mitigation Education Training SMB Focus CERTs National Plan Inter- and Intra-Agency Coordination and Cooperation Genuine Software Maintenance and Upgrades Best Practices and Standards for Procurement Cloud for Security Regulation Anti-Virus Software Updating and Upgrading Communication Alliances Collaborative capacity-building

Cyber Security Checklist for Govt What should governments consider or focus on when building a cybersecurity plan? Awareness and Public Education Have a cyber wellness programme in place for citizens, larger businesses, and SMBs. Provide regular training on cyber hygiene to government civil servants. Review the training curriculum regularly (at least once a year) to refresh and keep them up-to-date. Review and input to school curriculum, ensuring a basic level of cyber literacy and cyber protection amongst all citizens. Readiness Crisis Management Plan Have an agency responsible for coordinating cyber security preparedness and prevention messages. Have a single agency responsible for coordinating cyber security responses in the event of a state-targeted attack. Establish a Computer Emergency Response Team (CERT). Create or join a network of CERT partners to share information, and to work with in mobilisation and mock attack exercises. Have a national plan for cyber security in place. Identify, meet with and connect critical infrastructure providers (utilities such as power, water, networks) with each other, so as to enable smooth communications and quick responses during a cyber attack. Prevention Safe and Protected Network Infrastructure Have a procurement policy (e.g. whitelisting) for authentic software and malware protection in place for government procurement. Develop best practices for procurement in place for the private sector, for larger businesses and SMEs. Develop cyber security standards for vendors to adhere to before they are eligible to bid for public sector projects. Consider the use of cloud computing for best cyber security. Response Regulation and Defence Establish domestic, regional and international legal avenues for pursuing redress following a cyber attack. Develop best practices for recommended timeframes and standards for constant upgrading and updating software used in the public sector. Mitigation Controlling the effects of a Security Breach Establish a cyber forensic team in place which can work alongside the CERT to investigate security breaches. Develop or join a cyber security network of other government or international organisations for information and alliance-building purposes.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information