MIC s Efforts on Cybersecurity Human Resource Development



Similar documents
The Policy Approaches to Strengthen Cyber Security in the Financial Sector (Summary) July 2, 2015 Financial Services Agency

Cyber Security in Japan (v.2)

Cyber Security Strategy(Information Security Policy Council, June 10, 2013)

Cybersecurity Strategy in Japan

Viewpoint: Implementing Japan s New Cyber Security Strategy*

How To Protect Critical Infrastructure

Trends in Security Incidents and Hitachi s Activities

Initiative for Cyber Security Information sharing Partnership of Japan (J-CSIP) Annual Activity Report FY2012

Cybersecurity: Thailand s and ASEAN s priorities. Soranun Jiwasurat

Combating a new generation of cybercriminal with in-depth security monitoring

Combating a new generation of cybercriminal with in-depth security monitoring. 1 st Advanced Data Analysis Security Operation Center

Cyber Security ( Lao PDR )

Cybersecurity Global status update. Dr. Hamadoun I. Touré Secretary-General, ITU

Current counter-measures and responses by CERTs

Korea s experience of massive DDoS attacks from Botnet

The trend of the Cyber Security and the efforts of NEC. December 9 th, 2015 NEC Corporation

Cyber Security & Role of CERT-In. Dr. Gulshan Rai Director General, CERT-IN Govt. of India grai@mit.gov.in

CAPACITY BUILDING TO STRENGTHEN CYBERSECURITY. Sazali Sukardi Vice President Research CyberSecurity Malaysia

POLICIES TO MITIGATE CYBER RISK

NTT R&D s anti-malware technologies

Security and Prosperity Steering Group Draft Report

Analytic and Predictive Modeling of Cyber Threat Entities J. Wesley Regian, Ph.D.

Information security education for students in Japan

International Strategy on Cybersecurity Cooperation

CERT Collaboration with ISP to Enhance Cybersecurity Jinhyun CHO, KrCERT/CC Korea Internet & Security Agency

U. S. Attorney Office Northern District of Texas March 2013

JUNIPER NETWORKS SPOTLIGHT SECURE THREAT INTELLIGENCE PLATFORM

As global mobile internet penetration increases the cybercrime and cyberterrorism vector is extended

What legal aspects are needed to address specific ICT related issues?

Brief self-introduction

Fujitsu Group s Information Security

2011 Cyber Security and the Advanced Persistent Threat A Holistic View

Cybersecurity and internal audit. August 15, 2014

WRITTEN TESTIMONY OF

Inter cloud computing: Use cases and requirements lessons learned 3.11

Lessons from Defending Cyberspace

2015 Michigan NASCIO Award Nomination. Cyber Security Initiatives: Michigan Cyber Disruption Response Strategy

The Importance of a Multistakeholder Approach to Cybersecurity Effectiveness

Policies and Practices on Network Security of MIIT

CYBER SECURITY INFORMATION SHARING & COLLABORATION

Capacity Building to Strengthen Cybersecurity: Thailand Update

DNS Firewalls with BIND: ISC RPZ and the IID Approach. Tuesday, 26 June 2012

Symantec's Secret Sauce for Mobile Threat Protection. Jon Dreyfus, Ellen Linardi, Matthew Yeo

Defending Against Cyber Security Threats to the Payment and Banking Systems

Protecting critical infrastructure from Cyber-attack

EC-Council. Certified Ethical Hacker. Program Brochure

NIST Cybersecurity Framework What It Means for Energy Companies

Auditing After a Cyber Attack JAX IIA Chapter Meeting Cybersecurity and Law Enforcement

KEY TRENDS AND DRIVERS OF SECURITY

First Step Guide for Building Cyber Threat Intelligence Team. Hitoshi ENDOH (NTT-CERT) Natsuko INUI (CDI-CIRT)

How To Prepare A Cyber Security Workshop In Asean

Over 20 years experience in Information Security Management, Risk Management, Third Party Oversight and IT Audit.

Partnership for Cyber Resilience

Promoting a cyber security culture and demand compliance with minimum security standards;

Network and Incident monitoring

Cyber/IT Risk: Threat Intelligence Countering Advanced Adversaries Jeff Lunglhofer, Principal, Booz Allen. 14th Annual Risk Management Convention

Internet Security and Resiliency: A Collaborative Effort

September 20, 2013 Senior IT Examiner Gene Lilienthal

Cybersecurity Awareness. Part 1

Next Generation Security Strategies. Marc Sarrias Regional Sales Manager

SCADA Security Training

APT Detection using Splunk

Testimony of. Doug Johnson. New York Bankers Association. New York State Senate Joint Public Hearing:

NEC Cyber Security Solutions

CYBER SECURITY AND CYBER DEFENCE IN THE EUROPEAN UNION OPPORTUNITIES, SYNERGIES AND CHALLENGES

Mustafa AYDINLI NLO CYBER SECURITY ADVISOR

How we see malware introduced Phishing Targeted Phishing Water hole Download (software (+ free ), music, films, serialz)

ICT Usage & Cyber Security Issues in Myanmar

Security A to Z the most important terms

Who Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence. AIBA Quarterly Meeting September 10, 2015

RLI PROFESSIONAL SERVICES GROUP PROFESSIONAL LEARNING EVENT PSGLE 123. Cybersecurity: A Growing Concern for Small Businesses

DNS Security, Stability and Resiliency

Release of the Draft Cybersecurity Procurement Language for Energy Delivery Systems

Ed McMurray, CISA, CISSP, CTGA CoNetrix

Cybersecurity: Protecting Your Business. March 11, 2015

National Cyber Security Strategy of Afghanistan (NCSA)

Design Your Security

Country Case Study on Incident Management Capabilities CERT-TCC, Tunisia

Transcription:

ASEAN-Japan Cyber Security International Symposium MIC s Efforts on Cybersecurity Human Resource Development October 9 th 2014 Yuji NAKAMURA Director for the ICT Security Strategy, Ministry of Internal Affairs and Communications (MIC), Japan

Today s Agenda 2 Overview of MIC s Information Security Policy MIC s efforts for enhancing cybersecurity capacity CYDER Project Japan-ASEAN Information Security Workshop (for ISPs)

5 Concept of MIC s Information Security Policy 3 1.Establishment of secure network environment (1)Sharing information with network operators (2)Strengthening public-private partnership to counter cyber-attacks (3)Organizing Information Security Advisory Board meeting (since March 2013) (4)Organizing conferences for proper countermeasures against cyber-attacks by 2.Assistance for information security measures (1)Conducting ACTIVE from FY2013 to FY 2017 (2)Conducting CYDER from FY2013 to FY 2017 (3)Sharing Information through Information Security Website for General Users 3.Promotion of developing technology (1)Conducting PRACTICE from FY2011 to FY2015 (2)R&D for analysis and detection of cyber-attacks from FY2013 in 5 years 4.Promotion of international collaboration Promoting international collaboration by sharing measures for information security. e.g. the Japan- ASEAN Information security workshop 5.Using and distributing personal data properly Promoting proper usage/distribution of personal data (which means information of individuals) taking into account protection of privacy, etc.

MIC s Ongoing Projects 4 Malware infection of individual computers Among individual Internet users, fraud such as unjust remittance of funds has appeared by way of malware infections through websites. Advanced Persistent Threat Leaking of classified information caused by sophisticated cyberattacks such as Advanced Persistent Threat (APT). Malicious attacks (e.g. DDoS) caused by Malwares Malicious activities such as DDoS etc. which are caused by Malwares have been frequently observed and have affected Japanese business. ACTIVE (Advanced Cyber Threats response InitiatiVE) CYDER (CYber Defense Exercise with Recurrence) PRACTICE (Proactive Response Against Cyberattacks Through International Collaborative Exchange) Comprehensive countermeasures for malware infections such as prevention of access to malware propagation websites by collaborating with ISPs and so on. Started in November 2013. Understanding of current status by analyzing APT, considering defensive models for APT and capacity building through practical defensive exercises participated in by the public and private sectors. Started in September 2013. R&D and field trials for grasping symptoms of attacks and acting quick response to cyber-attacks by deep analysis and constructing networks through international collaboration to exchange cyber-security information. Started in August 2011.

CYDER(CYber Defense Exercise with Recurrence) 5 Strengthen ability of LAN administrators in government agencies, large enterprises to tackle Advanced Persistent Threat. Develop a defensive model through experiences obtained by conducting CYDER repeatedly. Features Large scale emulated network of a thousand staff level organizations. Practical cyber exercise based on real Advanced Persistent Threat. 293 people from 33 organizations such as national government agencies(e.g., MOD, NISC, MOFA, MOJ), incorporated administrative agencies and private businesses (critical infrastructure sectors), etc. participated in groups of three or four people through ten CYDER session. Staff room Large scale emulated LAN LAN Staff to imitate attacker supporting imitation attack Secret Staff supporting operation Firewal l DC File AP DB DMZ server DNS E-mail Web Exercise venue Staff to imitate business operator or chief of participant supporting exercise Participants Participants Instructor and assistant

ASEAN-Japan Information Security Workshop (for ISPs) 6 1 st Jan, 2011, Tokyo 2 nd Mar, 2012, Tokyo 3 rd Feb, 2013, Bangkok 4 th Aug, 2013, Tokyo 5 th Oct, 2014, Manila The workshop aims to construct and enhance collaboration among ISPs by sharing information on cybersecurity threats and their countermeasures etc. Participated ISPs and ISP associations Telkom Indonesia(Id), PT Telkom Indonesia(Id), Asosiasi Penyelenggara Jasa Internet Indonesia /APJII(Id), Sky Telecom(La), Telekom Malaysia(My), TM net(my), Myanma Posts and Telecommunications(Mm), GLOBE(Ph), PLDT Philippine Long Distance Telecom Co.(Ph), True Move Company Limited(Th), Thai Internet Service Provider Association(Th), Information & Public relations Centre - VNPT(Vn), FPT Telecom(Vn), DST group(br), NTT Communications Corporation(J), KDDI Corporation(J), IIJ(J)

Thank you for your attention. Ministry of Internal Affairs and Communications (MIC) http://www.soumu.go.jp/english/index.html

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information