Cyber threats and concerns International level National level Organisational level Individual level• Cyber crime & cyber • Cyber crime & terrorism • Website intrusion/ • Social Engineering terrorism • Attacks on Critical defacement • Email hacking &• Deliberate and Infrastructure • Domain stalking misuse anonymous use of • Web defacements • Malicious Code • Identity theft & ICTs for attacks on • Website intrusion and • Scanning and probing phishing critical Infrastructure malware propagation • Financial scams • Denial of Service &• Unhindered growth • Malicious Code & spread • Abuse through Distributed Denial of of botnets of botnets Service emails• Absence of • Scanning and probing for • Targeted attacks • Abuse through Social international Cyber espionage • Phishing Networking sites mechanism to • Denial of Service & • Data theft • Laptop theft facilitate information sharing & counter Distributed Denial of • Insider threats action Service attacks • Financial frauds• Risk of attack • Supply chain integrity misperception due • Technical & legal inability to uncertainty of for positive attack positive attack attribution attribution
Actions for Cyber Security Level Actions Impact Security Strategy, ICT Enabler for security,Perspectives for effective Government policies & laws, CMP, compliance & assurance,security of cyber space level Assurance framework adequacy of investment Strategic Posture improvement, Critical CMP, Security Policy, enhancing capability to Sector level Drills, TVM Legal detect & resist attacks Protection Threat monitoring, Rapid Prevention of occurrence & ISP/TSP level response, preventive & reoccurrence of attacks Crisis response and quarantine resolution Adequacy of skills & Professional Security skills and competence for cyber Compliance level competence security Education & Awareness Honey pots, sensors, Actionable security Enforcement Technical intrusion detectors, intelligence for proactive & level preventive actions perspective traffic scanning, etc. Collaboration Individual Awareness campaign, Enhanced user awareness, trainings, security responsible behavior & Data Security and level messaging actions Privacy International UNGGE, CSCAP, Trusted Security ecosystem through Computing, ITU a set of cooperative & level collaborative actions
Crisis Management & Emergency Response - Role of CERT Level Actions ImpactCERT- Agency for incident Incident Alert, advice, MoU, & Timely alert for preventiveresponse prevention collaboration & proactive actions Collection, analysis & Tailored advice for specific Incident Honey pots, sensors, dissemination of prediction filters, etc actions by critical sector information Response & Incident reporting, Forecast and alerts of Helpdesk, incident recovery assistance, knowledge tracking mechanism incidents assistance repository Emergency measures Crisis mgmt & CMP implementation & Improved readiness of for incident handling emergency drill critical sectors response Coordination of response activities Policy & Policy, best practices, Improved security posture, assurance assurance over minimal audits & assessments Guidelines, advisories, framework security baseline vulnerability notes, Investigation, Forensic support, Investigation support, research/white papers analysis & pattern analysis, LEA speedier trial of criminal & practices forensic support cases Better preparedness, Training & Training of security adequacy & sufficiency of awareness professionals competence
Security of Cyber Space - Stakeholders NIB NCMC NSCS MHA MOD DIT DOT NIIPC NDMA NIC STQC CCA CERT-In Sectoral CERTS of key critical sectors TSP/ISPs Incident response teams of critical sector organisations (CSIRTs) General user community
Security collaboration efforts Detection Analysis Dissemination & Support Department of Department of Information ISP Hot Liners Information Technology Technology Major ISPs Foreign partners Private Sectors Home Users Analysis Dissemination Detect Press & TV / Radio Recovery
Cyber Security – Force multiplier effect Conformity assessment framework 4 Training and Skill 6 Security cooperation 3 Development (PPP model) with industry(NASSCOM Security and other such agencies Test bed ISO 27001 ISO 15408 IT manpower security ISMS Process Product training posture /system security And Verification certification Testing Cyber Forensic Awareness qualification Skill development Of critical LEA (PPP Model) Security cooperation Short Term & Mass education & partnership sectors Technical security against compliance courses With industry latest verification Security portals threats Creation of skills? & E-forums Reporting & analysis Of incidentsTest bed for cyber Security survey &security drills Research Awareness Empanelment of IT& empanelment Security auditingsupport organizations How do we reach all ? Enabling Trust through Cyber Are we doing right ? security Assurance CERT-IN : Enabling protection & Security compliance Resistance to cyber attacks thro’ 2 5 1 Cyber Laws – IT Act support and research Security incident prediction, compliance and enforcement & development Core and thrust areas Development MoU with Info sharing Tech security guidelines of tools vendors & & international , alerts, advicesIT Act 43A other CERTs Co-operation Mitigation Cybercompliance Compliance Annual incidentsRequirement on guidelines compliance ISMS implementation and compliance Crisis management & Auditing Securitydata security & & standards & reporting Assessment tool development & emergency response training,privacy protection 70B, 70, 70A deployment security tools portal What need to be done ? How do we implement ISMS ? Are we safe ? What if something goes wrong ?
Security Assurance LadderSecurity assurance emphasis depends on the kind ofenvironment • Low risk : ‘Awareness’ – know your security concerns and follow best practices • Medium risk: ‘Awareness & Action’ – Proactive strategies leave you better prepared to handle security threats and incidents • High risk: ‘Awareness, Action and Assurance’ – Since security failures could be disastrous and may lead to unaffordable consequences, assurance (basis of trust & confidence) that the security controls work when needed most is essential.
Cyber Security - Final Message“Failure is not when we fall down, but when we fail to get up”