Successfully reported this slideshow.
Your SlideShare is downloading. ×

CsecS3-p1-webling.ppt

Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Upcoming SlideShare
Unit-3 Cyber Crime PPT.pptx
Unit-3 Cyber Crime PPT.pptx
Loading in …3
×

Check these out next

1 of 23 Ad

More Related Content

Recently uploaded (20)

Advertisement

CsecS3-p1-webling.ppt

  1. 1. Achieving a just and secure society How can international cooperation secure the internet? An overview of bilateral/multilateral issues of security in the internet Alex Webling Director - NII Critical Infrastructure Protection Branch
  2. 2. Achieving a just and secure society What are the inherent problems? • The internet will never be totally secure AND • Everybody is your neighbour on the internet. That’s Nasty and Nice – Nice if you’re doing business with them – Nasty if they’re trying to attack you
  3. 3. Achieving a just and secure society More problems - Convergence • Technological Convergence – Seamless data, voice and video sharing – Reduces redundant paths for critical systems – Higher vulnerability – Higher threat
  4. 4. Achieving a just and secure society Convergence eg SCADA • Supervisory Control & Data Acquisition Systems (SCADA) – Used in energy sector for controlling processes – Increasingly becoming remotely controllable via the Internet / wireless! – Could scada be remotely hijacked? breaching dams, shutting down power grids, contaminating water supplies etc
  5. 5. Achieving a just and secure society Where are we?
  6. 6. Achieving a just and secure society Drivers • Reduced cost & increased availability of Internet access • New business uses & technologies – Bluetooth wireless – VoIP wireless • Use increasing in sensitive industries
  7. 7. Achieving a just and secure society What is being done now? What could be working? • Information sharing and Joint Response – CERT to CERT communications – Cybercrime 24/7 Network (G-8) – APCERT (Aust/Japan/South Korea etc) • Standards • Laws
  8. 8. Achieving a just and secure society Australian Participation in International Fora on E-sec APEC – APEC TEL Actively engaged with APEC Telecommunications Working Group; • E-Security Task Group • APEC Projects (more later)
  9. 9. Achieving a just and secure society International Fora (cont.) OECD – WPISP - Guidelines for the Security of Information Systems and Networks: Towards a Culture of Security, July 2002 – Working to promote the ‘Culture of Security’ Guidelines with other economies – Encouraging OECD economies to sponsor projects to strengthen e-security of developing economies in their regions.
  10. 10. Achieving a just and secure society International Fora (cont) Let’s not forget! • ITU – We’re here!
  11. 11. Achieving a just and secure society International fora • APCERT – CERTs in Asia-Pacific region working together in a partnership to share information on threats and vulnerabilities – AusCERT current chair, JPCERT secretariat
  12. 12. Achieving a just and secure society Multilaterals/Bilaterals • US/Australian bilaterals – Regular bilateral talks with the United States on broader CIP issues. • Discussions with Europeans eg GovCERT NL Symposium
  13. 13. Achieving a just and secure society Multilaterals cont. • Informal Multilateral discussions after AusCERT Conference. Government attendees invited to stay and discuss issues • Multilateral talks on NII issues with several European and Asian countries, as well as the UK, US, Canada and NZ • Additional bilateral CIP talks being considered with other Asia-Pacific regional countries.
  14. 14. Achieving a just and secure society Capacity Building / Awareness Raising • CERT capacity building projects funded by APEC and AusAID – AusAID project in Thailand, Vietnam, Philippines, Papua New Guinea, Indonesia, – APEC / US Govt funded project in Chile, Peru, Mexico and the Russian Federation.
  15. 15. Achieving a just and secure society Standards • Technical standards – security should be built in, not bolt on Vendor discussions • Best practice guidelines such as Standards Australia’s HB171-2003 – Guidelines for the management of IT evidence • ISO standards
  16. 16. Achieving a just and secure society Laws • Cybercrime Act 2001 (based on Council of Europe Convention) • Australia - updated existing criminal provisions – e.g. previous computer laws did not sufficiently address “denial of service attacks”. • Enhanced investigatory powers relating to electronically stored data. • Of course Laws which are similar across countries makes it easier for multinational law enforcement response!
  17. 17. Achieving a just and secure society Awareness Raising • CERT Awareness raising seminars being run in APECTEL on security issues. • Began in March 03, ongoing • Australia encourages developed economies to support developing economies’ CERTs eg through: – Training – in-country – Support for experts to attend conferences – Technical support
  18. 18. Achieving a just and secure society What is the future? • Because of the borderless nature of cyberspace, international cooperation is even more essential to secure a safe online environment. • More businesses and governments and business machinery online • A ‘target rich environment’
  19. 19. Achieving a just and secure society Longer term Governments and business who are the major users of the internet will be forced to work together to combat the worst elements Technology will provide some help – eventually
  20. 20. Achieving a just and secure society So maybe We might get closer to the end of the line!
  21. 21. Achieving a just and secure society Conclusions • Internet and the high seas (an analogy). – We need to be exiting the Swashbuckling days! Pirates, rogues etc (hopefully). But still, anybody can get a ship (computer) and sail the seas of the internet. – Islands of order, seas of chaos – Treasures to be pillaged and plundered!
  22. 22. Achieving a just and secure society Conclusions – Working together to coordinate the islands’ defences is a good way to bring order – Varying levels of order in different islands! – Parallel step, work within multilateral orgs and bilaterally to increase order – Eventually, we might aim to a law of the internet.
  23. 23. Achieving a just and secure society • Alex Webling • Director – National Information Infrastructure • Critical Infrastructure Protection Branch • alex.webling@ag.gov.au • cip@ag.gov.au (general email address for CIP matters) • www.tisn.gov.au (Web site on Trusted Information Sharing Network) • www.nationalsecurity.gov.au (AGD web site on National security)

×