SlideShare a Scribd company logo

ARM 7: Securing e-Government of Thailand in Action

APNIC
APNIC

Kitisak Jirawannakool from the Thai e-Government Agency outlines the work the agency is undertaking in the area of cyber crime.

Internet
1 of 23
Download to read offline
Securing E- Gov of Thailand in action Kitisak Jirawannakool E-Government Agency (Public Organization) kitisak.jirawannakool@ega.or.th 1
About EGA ❖ First established in 1997 as Government Information Technology Services (GITS) ❖ ~ 200 staffs ❖ Services ❖ Government Information Network (GIN) ❖ Government Cloud Services (G-Cloud) ❖ MailgoThai service ❖ Government Computer Emergency and Readiness Team (G-CERT) ❖ More details : http://www.ega.or.th 2
Smart Thailand 2014-2015 3 Smart Network Smart Cloud Cyber Security TH e-GIF ICT Academy GIN    G-Cloud  - G-SaaS  - Mobile Application  - e-CMS2.0  - Saraban as   a Service  - มาตรฐาน  สารบรรณ  Smart Citizen Info.  - Gov. API  - Smart Box   Gov. Access Channel  - e-Portal  - Gov.App.Center  - data.go.th  Government Secure Monitoring  ICT Training  - e-GCEO  - e-GEP  - Technical   Training  Data Center Consolidation (77 Provinces ) e-Service for e-Gov : •  MOI •  MOE •  MOPH •  MOAG
4
E-Government services 5 24x7 Helpdesk and Contact Center EGA Contact Center Other Government’s services Services Cloud Provider Cloud Provider Cloud Provider Inter Cloud SaaS PaaS IaaS Government AgencyGIN Government Agency Government Computer Emergency and Readiness 
 Team (G-CERT) Risk Assessment Incident Monitoring Information Analysis Response Team Awareness Raising
Government Information Network (GIN) ❖ Government Information Network 6 Gov.  Orgs  User Network NSW GFMIS 0GSMS CABNET ทะเบียนราษฎร  Common0Service Gov.  Orgs  GIN  User Network Standard  - GDX  Security  - Encryption  - CA  NSW GFMIS GSMS CABNET ทะเบียนราษฎร  Common0Service Before! A<er!
GIN ❖ More than 2,000 links (subscribers) ❖ For government only ❖ Intranet for all government organizations ❖ Added-on services ❖ Intranet system ❖ GIN Conferences ❖ Other services integration ❖ DNSSEC implementation ❖ IPV6 implementation 7
Government Cloud Service (G-Cloud) 8 Ministry A Ministry B Ministry C
Government Cloud Service (G-Cloud) ❖ Focus on IaaS (initial phrase) ❖ 214 Systems are running on G-Cloud ❖ Serve Government, Collaborate with Partners, and Work with Communities ❖ Next move for G-Cloud ❖ Back office system - “e-Saraban” (PaaS/SaaS) ❖ Government Application Center (SaaS) 9
G-Cloud 10
Security on G-Cloud ❖ Firewall (Hi-speed firewall/Application firewall) ❖ SSL-VPN for Cloud Management ❖ Two factors Authentication ❖ Vulnerability Assessment and Penetration Testing ❖ ISO/IEC 27001:2005 implementation ❖ Security monitoring ❖ Security training courses for customers 11
G-CERT’s Roadmap 12 Education (Training and Awareness Raising) Policy and Standard Start in 2014 Start in 2015 Start in 2016 Media Relations (PR and Contents producer) G-CERT
G-CERT ’s constituencies ❖ EGA Internal ❖ EGA ’s customers ❖ G-Cloud ❖ GIN ❖ other services ❖ Critical Infrastructures ❖ Other Government 13
Services ❖ Incident Response ❖ Government Security Monitoring ❖ IT Security Awareness Raising ❖ Quarterly Training ❖ Anual Conference ❖ Incident Drill ❖ Risk and Vulnerability Assessment ❖ IT Security Consultants 14
Our Concept ❖ Public - help the government ❖ Private - by working with vendors ❖ Partnership - collaborate with other IT communities 15
Other IT security related activities ❖ Cloud Security Alliance Thailand Chapter - CSA ❖ Open Web Application Security Project Thailand Chapter - OWASP 16
Cloud Security Activities in Thailand ❖ Cloud Security Alliance (CSA) Thailand Chapter ❖ Cloud Security Audit for providers ❖ Cloud Security Experts building (Certified of Cloud Security Knowledge - CCSK) ❖ ASEAN CSA and OWASP Summit ❖ Many areas (Security, Providers, Education, Governance, Audit, Licensing, crisis and etc) ❖ Cloud R&D ❖ Cloud Control Matrix (for security auditing) ❖ Cloud Security Guideline for operators ❖ Cloud Interoperation (Integrating Cloud Infrastructure) ❖ Securing Cloud infrastructure and Application 17
EGA Cloud Control Self Assessment 18
ASEAN CSA Summit 2013 & 2014 19
OWASP Thailand’s working concepts ❖ PPP - Public, Private, and Partnership ❖ Public ❖ Contribute how to secure web app for Government organizations ❖ Private ❖ Collaborate with SIPA and SW Park ❖ Guide the software houses to do secure coding ❖ Partnership ❖ Working with other IT and Security communities in Thailand 20
OWASP Thailand Chapter ❖ Arrange monthly meetings ❖ Prepare many courses for web app security ❖ Web Application Security ❖ Web application testing ❖ Secure coding ❖ Translate some documents into Thai ❖ OWASP Top 10 2013 ❖ Organize annual event : 2014 OWASP ASIA TOUR 21
Conclusion ❖ Even we contribute a lot of security, however it ‘s still not enough ❖ Lacking of experts is one of the biggest problems ❖ Collaboration is the key factor ❖ Looking for new collaborations 22 Source : http://www.openpages.com/blog/index.php/2010-grc-wish-list-collaborate
Contact me 23 Contact me kitisak.jirawannakool@ega.or.th http://www.ega.or.th

Recommended

Securing E-Gov of Thailand
Securing E-Gov of ThailandSecuring E-Gov of Thailand
Securing E-Gov of Thailand
APNIC
 
Leveraging internet of things in malaysia
Leveraging internet of things in malaysiaLeveraging internet of things in malaysia
Leveraging internet of things in malaysia
Karen Woo
 
Eclipse kura
Eclipse kuraEclipse kura
Eclipse kura
Isham Mohamed Iqbal
 
MyIX Updates by Raja Mohan
MyIX Updates by Raja MohanMyIX Updates by Raja Mohan
MyIX Updates by Raja Mohan
MyNOG
 
INTTRA CEO Presentation Opening Singapore 2018 (INTTRA Technology Summit 2018...
INTTRA CEO Presentation Opening Singapore 2018 (INTTRA Technology Summit 2018...INTTRA CEO Presentation Opening Singapore 2018 (INTTRA Technology Summit 2018...
INTTRA CEO Presentation Opening Singapore 2018 (INTTRA Technology Summit 2018...
Vivien Cheong
 
IDNIC Update by Valens Riyadi [APRICOT 2015]
IDNIC Update by Valens Riyadi [APRICOT 2015]IDNIC Update by Valens Riyadi [APRICOT 2015]
IDNIC Update by Valens Riyadi [APRICOT 2015]
APNIC
 
Cybersecurity nexus vision
Cybersecurity nexus visionCybersecurity nexus vision
Cybersecurity nexus vision
Marc Vael
 
Cybersecurity governance existing frameworks (nov 2015)
Cybersecurity governance existing frameworks (nov 2015)Cybersecurity governance existing frameworks (nov 2015)
Cybersecurity governance existing frameworks (nov 2015)
Marc Vael
 

Recommended

Securing E-Gov of Thailand
Securing E-Gov of ThailandSecuring E-Gov of Thailand
Securing E-Gov of Thailand
APNIC
 
Leveraging internet of things in malaysia
Leveraging internet of things in malaysiaLeveraging internet of things in malaysia
Leveraging internet of things in malaysia
Karen Woo
 
Eclipse kura
Eclipse kuraEclipse kura
Eclipse kura
Isham Mohamed Iqbal
 
MyIX Updates by Raja Mohan
MyIX Updates by Raja MohanMyIX Updates by Raja Mohan
MyIX Updates by Raja Mohan
MyNOG
 
INTTRA CEO Presentation Opening Singapore 2018 (INTTRA Technology Summit 2018...
INTTRA CEO Presentation Opening Singapore 2018 (INTTRA Technology Summit 2018...INTTRA CEO Presentation Opening Singapore 2018 (INTTRA Technology Summit 2018...
INTTRA CEO Presentation Opening Singapore 2018 (INTTRA Technology Summit 2018...
Vivien Cheong
 
IDNIC Update by Valens Riyadi [APRICOT 2015]
IDNIC Update by Valens Riyadi [APRICOT 2015]IDNIC Update by Valens Riyadi [APRICOT 2015]
IDNIC Update by Valens Riyadi [APRICOT 2015]
APNIC
 
Cybersecurity nexus vision
Cybersecurity nexus visionCybersecurity nexus vision
Cybersecurity nexus vision
Marc Vael
 
Cybersecurity governance existing frameworks (nov 2015)
Cybersecurity governance existing frameworks (nov 2015)Cybersecurity governance existing frameworks (nov 2015)
Cybersecurity governance existing frameworks (nov 2015)
Marc Vael
 
ICT as an infrastructure for investment in Iraq
ICT as an infrastructure for investment in IraqICT as an infrastructure for investment in Iraq
ICT as an infrastructure for investment in Iraq
OECDglobal
 
Cloud South East Asia Forum
Cloud South East Asia ForumCloud South East Asia Forum
Cloud South East Asia Forum
kgraham32
 
Introduction to III
Introduction to IIIIntroduction to III
Introduction to III
Agence du Numérique (AdN)
 
E-Development for a Smart Sri Lanka
E-Development for a Smart Sri LankaE-Development for a Smart Sri Lanka
E-Development for a Smart Sri Lanka
Jaffna IT Week
 
LMKT - An advanced technology company
LMKT - An advanced technology companyLMKT - An advanced technology company
LMKT - An advanced technology company
LMKT Private Limited
 
My apps comprehensive corporate overview
My apps comprehensive corporate overviewMy apps comprehensive corporate overview
My apps comprehensive corporate overview
myApps-Solutions
 
Leveraging Singapore's Experience for Digital Development
Leveraging Singapore's Experience for Digital Development Leveraging Singapore's Experience for Digital Development
Leveraging Singapore's Experience for Digital Development
Randeep Sudan
 
SanjayKumarSinha-CV
SanjayKumarSinha-CVSanjayKumarSinha-CV
SanjayKumarSinha-CV
S.K. Sinha
 
La visión de Smart Nation de Singapur: Lecciones para aprender
La visión de Smart Nation de Singapur: Lecciones para aprenderLa visión de Smart Nation de Singapur: Lecciones para aprender
La visión de Smart Nation de Singapur: Lecciones para aprender
Comisión de Regulación de Comunicaciones
 
Digital Communities and the Internet of Everything
Digital Communities and the Internet of EverythingDigital Communities and the Internet of Everything
Digital Communities and the Internet of Everything
Connected Futures
 
Mr. Hassan al Sayed's presentation at QITCOM 2011
Mr. Hassan al Sayed's presentation at QITCOM 2011Mr. Hassan al Sayed's presentation at QITCOM 2011
Mr. Hassan al Sayed's presentation at QITCOM 2011
QITCOM
 
[e-Government Program City Paper : Muscat, Oman]
[e-Government Program City Paper : Muscat, Oman][e-Government Program City Paper : Muscat, Oman]
[e-Government Program City Paper : Muscat, Oman]
shrdcinfo
 
Implementing Infrastructure for Effective e-Government Service in Nigeria
Implementing Infrastructure for Effective e-Government Service in NigeriaImplementing Infrastructure for Effective e-Government Service in Nigeria
Implementing Infrastructure for Effective e-Government Service in Nigeria
Commonwealth Telecommunications Organisation
 
Teknologi untuk mea
Teknologi untuk meaTeknologi untuk mea
Teknologi untuk mea
Prasetyo Adi
 
EasyStack True Private Cloud | Quek Keng Oei
EasyStack True Private Cloud | Quek Keng OeiEasyStack True Private Cloud | Quek Keng Oei
EasyStack True Private Cloud | Quek Keng Oei
Vietnam Open Infrastructure User Group
 
CV_Piriya_Utamachant_2016
CV_Piriya_Utamachant_2016CV_Piriya_Utamachant_2016
CV_Piriya_Utamachant_2016
Piriya Utamachant
 
Pi-Technologies Company Profile
Pi-Technologies Company ProfilePi-Technologies Company Profile
Pi-Technologies Company Profile
Mohammed Ibrahim
 
Smart goverment summit singapore 28th 29th april
Smart goverment summit singapore 28th 29th aprilSmart goverment summit singapore 28th 29th april
Smart goverment summit singapore 28th 29th april
Youssouf Djire
 
Presentation, Khater, Jordan, ENP South webinar 12 April 2022
Presentation, Khater, Jordan, ENP South webinar 12 April 2022Presentation, Khater, Jordan, ENP South webinar 12 April 2022
Presentation, Khater, Jordan, ENP South webinar 12 April 2022
Support for Improvement in Governance and Management SIGMA
 
IYF Building Nextgen Infotainment & Telematics Systems
IYF Building Nextgen Infotainment & Telematics SystemsIYF Building Nextgen Infotainment & Telematics Systems
IYF Building Nextgen Infotainment & Telematics Systems
Information Services Group (ISG)
 
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC
 
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC
 

More Related Content

Similar to ARM 7: Securing e-Government of Thailand in Action

SanjayKumarSinha-CV
SanjayKumarSinha-CVSanjayKumarSinha-CV
SanjayKumarSinha-CV
S.K. Sinha
 

Similar to ARM 7: Securing e-Government of Thailand in Action (20)

ICT as an infrastructure for investment in Iraq
ICT as an infrastructure for investment in IraqICT as an infrastructure for investment in Iraq
ICT as an infrastructure for investment in Iraq
 
Cloud South East Asia Forum
Cloud South East Asia ForumCloud South East Asia Forum
Cloud South East Asia Forum
 
Introduction to III
Introduction to IIIIntroduction to III
Introduction to III
 
E-Development for a Smart Sri Lanka
E-Development for a Smart Sri LankaE-Development for a Smart Sri Lanka
E-Development for a Smart Sri Lanka
 
LMKT - An advanced technology company
LMKT - An advanced technology companyLMKT - An advanced technology company
LMKT - An advanced technology company
 
My apps comprehensive corporate overview
My apps comprehensive corporate overviewMy apps comprehensive corporate overview
My apps comprehensive corporate overview
 
Leveraging Singapore's Experience for Digital Development
Leveraging Singapore's Experience for Digital Development Leveraging Singapore's Experience for Digital Development
Leveraging Singapore's Experience for Digital Development
 
SanjayKumarSinha-CV
SanjayKumarSinha-CVSanjayKumarSinha-CV
SanjayKumarSinha-CV
 
La visión de Smart Nation de Singapur: Lecciones para aprender
La visión de Smart Nation de Singapur: Lecciones para aprenderLa visión de Smart Nation de Singapur: Lecciones para aprender
La visión de Smart Nation de Singapur: Lecciones para aprender
 
Digital Communities and the Internet of Everything
Digital Communities and the Internet of EverythingDigital Communities and the Internet of Everything
Digital Communities and the Internet of Everything
 
Mr. Hassan al Sayed's presentation at QITCOM 2011
Mr. Hassan al Sayed's presentation at QITCOM 2011Mr. Hassan al Sayed's presentation at QITCOM 2011
Mr. Hassan al Sayed's presentation at QITCOM 2011
 
[e-Government Program City Paper : Muscat, Oman]
[e-Government Program City Paper : Muscat, Oman][e-Government Program City Paper : Muscat, Oman]
[e-Government Program City Paper : Muscat, Oman]
 
Implementing Infrastructure for Effective e-Government Service in Nigeria
Implementing Infrastructure for Effective e-Government Service in NigeriaImplementing Infrastructure for Effective e-Government Service in Nigeria
Implementing Infrastructure for Effective e-Government Service in Nigeria
 
Teknologi untuk mea
Teknologi untuk meaTeknologi untuk mea
Teknologi untuk mea
 
EasyStack True Private Cloud | Quek Keng Oei
EasyStack True Private Cloud | Quek Keng OeiEasyStack True Private Cloud | Quek Keng Oei
EasyStack True Private Cloud | Quek Keng Oei
 
CV_Piriya_Utamachant_2016
CV_Piriya_Utamachant_2016CV_Piriya_Utamachant_2016
CV_Piriya_Utamachant_2016
 
Pi-Technologies Company Profile
Pi-Technologies Company ProfilePi-Technologies Company Profile
Pi-Technologies Company Profile
 
Smart goverment summit singapore 28th 29th april
Smart goverment summit singapore 28th 29th aprilSmart goverment summit singapore 28th 29th april
Smart goverment summit singapore 28th 29th april
 
Presentation, Khater, Jordan, ENP South webinar 12 April 2022
Presentation, Khater, Jordan, ENP South webinar 12 April 2022Presentation, Khater, Jordan, ENP South webinar 12 April 2022
Presentation, Khater, Jordan, ENP South webinar 12 April 2022
 
IYF Building Nextgen Infotainment & Telematics Systems
IYF Building Nextgen Infotainment & Telematics SystemsIYF Building Nextgen Infotainment & Telematics Systems
IYF Building Nextgen Infotainment & Telematics Systems
 

More from APNIC

More from APNIC (20)

APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
 
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53
 
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOG
 
IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119
 
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
 
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
 
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
 
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
 
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
 
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
 
NANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonNANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff Huston
 
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonDNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
 
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
 
Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6
 
AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!
 
CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023
 
AFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet developmentAFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet development
 

Recently uploaded

Yerawada ] Independent Escorts in Pune - Book 8005736733 Call Girls Available...
Yerawada ] Independent Escorts in Pune - Book 8005736733 Call Girls Available...Yerawada ] Independent Escorts in Pune - Book 8005736733 Call Girls Available...
Yerawada ] Independent Escorts in Pune - Book 8005736733 Call Girls Available...
SUHANI PANDEY
 
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
Delhi Call girls
 
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
Escorts Call Girls
 
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort ServiceBusty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Delhi Call girls
 
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
SUHANI PANDEY
 
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Call Girls in Nagpur High Profile
 
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
nirzagarg
 
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
soniya singh
 
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
SUHANI PANDEY
 
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
tanu pandey
 
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
@Chandigarh #call #Girls 9053900678 @Call #Girls in @Punjab 9053900678
 
Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵
Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵
Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵
Chandigarh Call girls 9053900678 Call girls in Chandigarh
 
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
dharasingh5698
 
💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
nirzagarg
 
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
SUHANI PANDEY
 
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Delhi Call girls
 

Recently uploaded (20)

Yerawada ] Independent Escorts in Pune - Book 8005736733 Call Girls Available...
Yerawada ] Independent Escorts in Pune - Book 8005736733 Call Girls Available...Yerawada ] Independent Escorts in Pune - Book 8005736733 Call Girls Available...
Yerawada ] Independent Escorts in Pune - Book 8005736733 Call Girls Available...
 
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
 
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
 
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort ServiceBusty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
 
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
 
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
 
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
 
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
 
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
 
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
 
Russian Call Girls in %(+971524965298 )# Call Girls in Dubai
Russian Call Girls in %(+971524965298 )# Call Girls in DubaiRussian Call Girls in %(+971524965298 )# Call Girls in Dubai
Russian Call Girls in %(+971524965298 )# Call Girls in Dubai
 
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
 
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
 
Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵
Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵
Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵
 
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableCall Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
 
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
 
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency""Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
 
💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
 
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
 
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
 

ARM 7: Securing e-Government of Thailand in Action

  • 1. Securing E- Gov of Thailand in action Kitisak Jirawannakool E-Government Agency (Public Organization) kitisak.jirawannakool@ega.or.th 1
  • 2. About EGA ❖ First established in 1997 as Government Information Technology Services (GITS) ❖ ~ 200 staffs ❖ Services ❖ Government Information Network (GIN) ❖ Government Cloud Services (G-Cloud) ❖ MailgoThai service ❖ Government Computer Emergency and Readiness Team (G-CERT) ❖ More details : http://www.ega.or.th 2
  • 3. Smart Thailand 2014-2015 3 Smart Network Smart Cloud Cyber Security TH e-GIF ICT Academy GIN    G-Cloud  - G-SaaS  - Mobile Application  - e-CMS2.0  - Saraban as   a Service  - มาตรฐาน  สารบรรณ  Smart Citizen Info.  - Gov. API  - Smart Box   Gov. Access Channel  - e-Portal  - Gov.App.Center  - data.go.th  Government Secure Monitoring  ICT Training  - e-GCEO  - e-GEP  - Technical   Training  Data Center Consolidation (77 Provinces ) e-Service for e-Gov : •  MOI •  MOE •  MOPH •  MOAG
  • 4. 4
  • 5. E-Government services 5 24x7 Helpdesk and Contact Center EGA Contact Center Other Government’s services Services Cloud Provider Cloud Provider Cloud Provider Inter Cloud SaaS PaaS IaaS Government AgencyGIN Government Agency Government Computer Emergency and Readiness 
 Team (G-CERT) Risk Assessment Incident Monitoring Information Analysis Response Team Awareness Raising
  • 6. Government Information Network (GIN) ❖ Government Information Network 6 Gov.  Orgs  User Network NSW GFMIS 0GSMS CABNET ทะเบียนราษฎร  Common0Service Gov.  Orgs  GIN  User Network Standard  - GDX  Security  - Encryption  - CA  NSW GFMIS GSMS CABNET ทะเบียนราษฎร  Common0Service Before! A<er!
  • 7. GIN ❖ More than 2,000 links (subscribers) ❖ For government only ❖ Intranet for all government organizations ❖ Added-on services ❖ Intranet system ❖ GIN Conferences ❖ Other services integration ❖ DNSSEC implementation ❖ IPV6 implementation 7
  • 8. Government Cloud Service (G-Cloud) 8 Ministry A Ministry B Ministry C
  • 9. Government Cloud Service (G-Cloud) ❖ Focus on IaaS (initial phrase) ❖ 214 Systems are running on G-Cloud ❖ Serve Government, Collaborate with Partners, and Work with Communities ❖ Next move for G-Cloud ❖ Back office system - “e-Saraban” (PaaS/SaaS) ❖ Government Application Center (SaaS) 9
  • 11. Security on G-Cloud ❖ Firewall (Hi-speed firewall/Application firewall) ❖ SSL-VPN for Cloud Management ❖ Two factors Authentication ❖ Vulnerability Assessment and Penetration Testing ❖ ISO/IEC 27001:2005 implementation ❖ Security monitoring ❖ Security training courses for customers 11
  • 12. G-CERT’s Roadmap 12 Education (Training and Awareness Raising) Policy and Standard Start in 2014 Start in 2015 Start in 2016 Media Relations (PR and Contents producer) G-CERT
  • 13. G-CERT ’s constituencies ❖ EGA Internal ❖ EGA ’s customers ❖ G-Cloud ❖ GIN ❖ other services ❖ Critical Infrastructures ❖ Other Government 13
  • 14. Services ❖ Incident Response ❖ Government Security Monitoring ❖ IT Security Awareness Raising ❖ Quarterly Training ❖ Anual Conference ❖ Incident Drill ❖ Risk and Vulnerability Assessment ❖ IT Security Consultants 14
  • 15. Our Concept ❖ Public - help the government ❖ Private - by working with vendors ❖ Partnership - collaborate with other IT communities 15
  • 16. Other IT security related activities ❖ Cloud Security Alliance Thailand Chapter - CSA ❖ Open Web Application Security Project Thailand Chapter - OWASP 16
  • 17. Cloud Security Activities in Thailand ❖ Cloud Security Alliance (CSA) Thailand Chapter ❖ Cloud Security Audit for providers ❖ Cloud Security Experts building (Certified of Cloud Security Knowledge - CCSK) ❖ ASEAN CSA and OWASP Summit ❖ Many areas (Security, Providers, Education, Governance, Audit, Licensing, crisis and etc) ❖ Cloud R&D ❖ Cloud Control Matrix (for security auditing) ❖ Cloud Security Guideline for operators ❖ Cloud Interoperation (Integrating Cloud Infrastructure) ❖ Securing Cloud infrastructure and Application 17
  • 18. EGA Cloud Control Self Assessment 18
  • 19. ASEAN CSA Summit 2013 & 2014 19
  • 20. OWASP Thailand’s working concepts ❖ PPP - Public, Private, and Partnership ❖ Public ❖ Contribute how to secure web app for Government organizations ❖ Private ❖ Collaborate with SIPA and SW Park ❖ Guide the software houses to do secure coding ❖ Partnership ❖ Working with other IT and Security communities in Thailand 20
  • 21. OWASP Thailand Chapter ❖ Arrange monthly meetings ❖ Prepare many courses for web app security ❖ Web Application Security ❖ Web application testing ❖ Secure coding ❖ Translate some documents into Thai ❖ OWASP Top 10 2013 ❖ Organize annual event : 2014 OWASP ASIA TOUR 21
  • 22. Conclusion ❖ Even we contribute a lot of security, however it ‘s still not enough ❖ Lacking of experts is one of the biggest problems ❖ Collaboration is the key factor ❖ Looking for new collaborations 22 Source : http://www.openpages.com/blog/index.php/2010-grc-wish-list-collaborate