Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

CERT Tonga - Two years on

148 views

Published on

Presentation by Siosaia Fatai Vaipuna and at APNIC 46 on Wednesday, 12 September 2018.

Published in: Internet
  • Login to see the comments

  • Be the first to like this

CERT Tonga - Two years on

  1. 1. “A safe and secure digital environment for the Kingdom of Tonga and its citizens” APNIC 46 New Caledonia September 2018
  2. 2. 2 Overview 1. Background on Tonga 2. Tonga connects to Internet (Fiber) 3. Budapest Convention Invitation 4. certTonga Launch 5. Progress So Far 6. Challenges 7. Q&A
  3. 3. 3 Tonga
  4. 4. 4 Tonga
  5. 5. 5 Tonga
  6. 6. 6 Tonga
  7. 7. 7 Tonga
  8. 8. 8 Tonga
  9. 9. 9 Tonga
  10. 10. 10 Tonga
  11. 11. 11 Background ● Population 107,797 (2017) – Tongatapu: 73% – Vava’u: 14% – Ha’apai: 6% – ‘Eua: 5% – Others: 2% ● Telecommunication Stats – Internet Penetration 46.2% – Facebook 43,000
  12. 12. 12 Background ● Telecomm Operators – Tonga Communication Cooperation (TCC - Government Owned) – Digicel (Mobile phone network operator Carribean, Central America and Oceania) ● ISP – TCC – FiberOptic and ADSL – Digicel - WiMax – OceanCel – 4G LTE ● Banks and Services – National Reserve Bank – Central Bank – ANZ Bank – Internet Banking, Visa Debit Cards, ATM, EFTPOS – BSP Bank – Internet Banking, Visa Debit Cards, Credit Cards, ATM, EFTPOS – MBF Bank – Bank Book – Tonga Development Bank – Bank Book, Internet Banking –
  13. 13. 13 Tonga Connects to the Submarine Cable
  14. 14. 14 Tonga Connects to the Submarine Cable ● Commissioned August 2013 ● Cyber Challenge Taskforce 2013 – To provide coordinated approach to technology – Partnership between Gov, NGOs, Private Sector – Terms Of Reference ● Regular reporting on cyber activities and trends ● Develop National Programmes ● Localization of awareness materials ● establishing of a national CERT
  15. 15. 15 Budapest Convention & GLACY Project ● Tonga invited to Acceded to the Budapest Convention 2014 ● Priority Country in GLACY Project – Build Capacity of priority countries in handling cyber crime ● Training Workshops and Conferences – Study Tour to Sri Lanka CERT – Study Tour to Mauritius CERT – Attachment to Australia AGD ● Reconised need for Domestic Digital Forensic Capability/Capacity
  16. 16. 16 APNIC Workshop ● APNIC Workshop (May 2016) – Stream 1: Governance and Mandate – Stream 2: Technical/Operational – Determined course of action for launch
  17. 17. 17 certTonga Terms of Reference ● Vision: – A safe and secure digital environment for the Kingdom of Tonga and its citizens ● Mission: – “To coordinate and collaborate among stakeholders to prevent through public awareness, detect and manage cyber threats in the Kingdom of Tonga” ● Activities/Roles – Computer Incident Handling – Contact point for cyber security issues – Collaborate with regional and international CERTs – Issuance of Security Warnings and Alerts – Security Awareness Campaigns – Digital evidence handling – Provide forensic services –
  18. 18. 18 certTonga Structure CERT.to Board Senior Information Security Analyst Information Security Analyst Interagency Liason Ofcers CERT.to Manager CERT.to Operation Specialist
  19. 19. 19 Cyber Challenges Division Policy Division CERT Tonga Innovation & Training Division Digital Technology Division Media Division That the relevant mechanisms are in place to address cyber challenges faced by the people of Tonga Department of Information Tonga CERT Board
  20. 20. 20 Cyber Challenges Division “That the relevant mechanisms are in place to address cyber challenges faced by the people of Tonga” 1. Provide Secretariat to CCTF and Working Groups 2. Proactive Services 3. Reactive Services 4. Forensics and Advisory Services 5. Management & Administrative
  21. 21. 21 Progress So Far 1. Secretariat to Tonga Cyber Challenge Task Force and Working Groups 1.Secretariat Duties 2. Proactive Services 1.Threat/Vulnerability Assessment 2.Advisories & Bulletins 3.Website, FB and Twitter + Media 4.Awareness & Outreach Workshops 5.Training for the ICT Community
  22. 22. 22 Progress So Far 3. Reactive Services – Incident Handling 4. Forensics and Advisory Services to Police -Working with Tonga Police and Carriers
  23. 23. 23 Progress So Far 5. Administrative 1.Funding 1.Government of Tonga – Salaries etc. 2.Information Society Innovation Fund (ISIF) – Set-up of CERT 3.Australia DFAT – Awareness Program and Capacity Building 4.Council of Europe – Workshops & Capacity Building 5.Others – Ofce Space, Website & Email (TCL), Server Rack (Digicel) 2.HR 1.Certifed Training 2.Attachments and Workshops
  24. 24. 24 Progress So Far 5. Administrative 3. Partnerships & Engagement 1.MOU 1.NetSafe Inc, 2.Waikato University (NZ), 3.CERT Australia 4.CERT NZ 2.Working Relationships 1.International – APNIC, Sri Lanka CERT, Mauritius CERT... 2.Domestic – Police, AGO, Telcos, Reserve Bank, Ministries, MPEs and Private Sector
  25. 25. 25 Challenges ● Stafng Capacity – Numbers – Technical Knowledge ● Equipment ● Awareness
  26. 26. 26 Thank You! Q & A

×