SlideShare a Scribd company logo

Fostering National Incident Response Capacity

Download as PPTX, PDF
APNIC
APNIC

Presented by Klee Aiken at the Commonwealth Broadband Pacific Forum 2017 held in Apia, Samo from 25 to 27 July.

Internet
1 of 17
Fostering National Incident Response Capacity Commonwealth Broadband Pacific Forum – Apia, Samoa 27 July 2017
Users Public Safety Regulators Operators Vendors Software CERTs Internet Security Ecosystem
Asia-Pacific CERTs
Morris Worm – 1988 Source: https://myindigolives.wordpress.com/2016/11/25/growth-of-the-early-internet-by-node/ Source: http://touque.ca/EC/students/KrishnaKumarNairG/mosaic/mosaic.html Source: https://www.flickr.com/people/intelfreepress/
Establishment of CERT/CC … CERT’s three main functions are to provide • mechanisms for coordinating community response in emergencies, such as virus attacks or rumors of attacks: • a coordination point for dealing with information about vulnerabilities and fixes; and • a focal point for discussion of proactive security measures, coordination, and security awareness among Internet users. …CERT officials recognize the need to establish credibility and support within the Internet community so that its recommendations will be acted on... -- GAO (1998) Computer Security: Virus Highlights Need for Improved Internet Management.
Core CERT functions … CERT’s three main functions are to provide • mechanisms for coordinating community response in emergencies, such as virus attacks or rumors of attacks: • a coordination point for dealing with information about vulnerabilities and fixes; and • a focal point for discussion of proactive security measures, coordination, and security awareness among Internet users. …CERT officials recognize the need to establish credibility and support within the Internet community so that its recommendations will be acted on... Incident response Coordination Information Sharing …TRUST...
1. Preparation – Preparing to handle Incidents – Preventing Incidents 2. Detection and Analysis Incident Response 3. Containment, Eradication & Recovery 4. Post Incident Activities - Lessons Learned & Improvement Source: NIST Computer Security Incident Handling Guide
Coordination Source: NIST Computer Security Incident Handling Guide
Information Sharing • Trusted Group • Sharing of threat intelligence • Co-ordinated Response • Reach out to the community
Asia-Pacific CERTs
• Defined Structure • Mandate & Terms of Reference CERT Establishment …is a team that performs, coordinates, and supports the response to security incidents that involve sites within a defined constituency • Operational Capacity • Establishing Relationships -- RFC 2350
• Defined Structure • Mandate & Terms of Reference CERT Establishment …is a team that performs, coordinates, and supports the response to security incidents that involve sites within a defined constituency • Operational Capacity • Establishing Relationships -- RFC 2350
• Defined Structure • Mandate & Terms of Reference CERT Establishment …is a team that performs, coordinates, and supports the response to security incidents that involve sites within a defined constituency • Operational Capacity • Establishing Relationships -- RFC 2350
• Defined Structure • Mandate & Terms of Reference CERT Establishment …is a team that performs, coordinates, and supports the response to security incidents that involve sites within a defined constituency • Operational Capacity • Establishing Relationships -- RFC 2350
• Defined Structure • Mandate & Terms of Reference CERT Establishment …is a team that performs, coordinates, and supports the response to security incidents that involve sites within a defined constituency • Operational Capacity • Establishing Relationships -- RFC 2350
In brief… • Incident response is a multistakeholder effort • CERTs are a part of a wider ecosystem • Trust is central • Tailor approach to meet local needs • Start small with quick wins • Commit long term, grow with demand/capability 16
Fa'afetai! Thank You! Klée Aiken klee@apnic.net

Recommended

Stockholm Internet Forum 2017: Development of CERTs in the Asia Pacific
Stockholm Internet Forum 2017: Development of CERTs in the Asia PacificStockholm Internet Forum 2017: Development of CERTs in the Asia Pacific
Stockholm Internet Forum 2017: Development of CERTs in the Asia Pacific
APNIC
 
PRFP-10: Cyber threats and security in the Pacific
PRFP-10: Cyber threats and security in the PacificPRFP-10: Cyber threats and security in the Pacific
PRFP-10: Cyber threats and security in the Pacific
APNIC
 
APNIC update PNG IXP Inauguration
APNIC update PNG IXP InaugurationAPNIC update PNG IXP Inauguration
APNIC update PNG IXP Inauguration
APNIC
 
APEC TEL 62: APNIC Security Engagement Activities
APEC TEL 62: APNIC Security Engagement ActivitiesAPEC TEL 62: APNIC Security Engagement Activities
APEC TEL 62: APNIC Security Engagement Activities
APNIC
 
Cyber Security Week 2015: Get involved and contribute
Cyber Security Week 2015: Get involved and contributeCyber Security Week 2015: Get involved and contribute
Cyber Security Week 2015: Get involved and contribute
APNIC
 
Cyber Security Regional Forum: APNIC's cybersecurity work in the Pacific
Cyber Security Regional Forum: APNIC's cybersecurity work in the PacificCyber Security Regional Forum: APNIC's cybersecurity work in the Pacific
Cyber Security Regional Forum: APNIC's cybersecurity work in the Pacific
APNIC
 
APEC TEL 62: IPv6 Deployment Update
APEC TEL 62: IPv6 Deployment UpdateAPEC TEL 62: IPv6 Deployment Update
APEC TEL 62: IPv6 Deployment Update
APNIC
 
Cybersecurity by the numbers
Cybersecurity by the numbersCybersecurity by the numbers
Cybersecurity by the numbers
APNIC
 

Recommended

Stockholm Internet Forum 2017: Development of CERTs in the Asia Pacific
Stockholm Internet Forum 2017: Development of CERTs in the Asia PacificStockholm Internet Forum 2017: Development of CERTs in the Asia Pacific
Stockholm Internet Forum 2017: Development of CERTs in the Asia Pacific
APNIC
 
PRFP-10: Cyber threats and security in the Pacific
PRFP-10: Cyber threats and security in the PacificPRFP-10: Cyber threats and security in the Pacific
PRFP-10: Cyber threats and security in the Pacific
APNIC
 
APNIC update PNG IXP Inauguration
APNIC update PNG IXP InaugurationAPNIC update PNG IXP Inauguration
APNIC update PNG IXP Inauguration
APNIC
 
APEC TEL 62: APNIC Security Engagement Activities
APEC TEL 62: APNIC Security Engagement ActivitiesAPEC TEL 62: APNIC Security Engagement Activities
APEC TEL 62: APNIC Security Engagement Activities
APNIC
 
Cyber Security Week 2015: Get involved and contribute
Cyber Security Week 2015: Get involved and contributeCyber Security Week 2015: Get involved and contribute
Cyber Security Week 2015: Get involved and contribute
APNIC
 
Cyber Security Regional Forum: APNIC's cybersecurity work in the Pacific
Cyber Security Regional Forum: APNIC's cybersecurity work in the PacificCyber Security Regional Forum: APNIC's cybersecurity work in the Pacific
Cyber Security Regional Forum: APNIC's cybersecurity work in the Pacific
APNIC
 
APEC TEL 62: IPv6 Deployment Update
APEC TEL 62: IPv6 Deployment UpdateAPEC TEL 62: IPv6 Deployment Update
APEC TEL 62: IPv6 Deployment Update
APNIC
 
Cybersecurity by the numbers
Cybersecurity by the numbersCybersecurity by the numbers
Cybersecurity by the numbers
APNIC
 
APAN 44: Security outreach at APNIC
APAN 44: Security outreach at APNICAPAN 44: Security outreach at APNIC
APAN 44: Security outreach at APNIC
APNIC
 
Introduction to CSIRTs
Introduction to CSIRTsIntroduction to CSIRTs
Introduction to CSIRTs
APNIC
 
APCERT Updates
APCERT UpdatesAPCERT Updates
APCERT Updates
APNIC
 
WHOIS Database for Incident Response & Handling
WHOIS Database for Incident Response & HandlingWHOIS Database for Incident Response & Handling
WHOIS Database for Incident Response & Handling
APNIC
 
CNCERT Conference 2017: Capacity development in the Asia Pacific
CNCERT Conference 2017: Capacity development in the Asia PacificCNCERT Conference 2017: Capacity development in the Asia Pacific
CNCERT Conference 2017: Capacity development in the Asia Pacific
APNIC
 
ION Malta - IPv6 Case Study: Finland
ION Malta - IPv6 Case Study: FinlandION Malta - IPv6 Case Study: Finland
ION Malta - IPv6 Case Study: Finland
Deploy360 Programme (Internet Society)
 
ION Malta - Opening Slides
ION Malta - Opening SlidesION Malta - Opening Slides
ION Malta - Opening Slides
Deploy360 Programme (Internet Society)
 
Michael Yakushev - ICANN accountability and IANA transition - ArmIGF2015
Michael Yakushev - ICANN accountability and IANA transition - ArmIGF2015Michael Yakushev - ICANN accountability and IANA transition - ArmIGF2015
Michael Yakushev - ICANN accountability and IANA transition - ArmIGF2015
Arm Igf
 
APT PRFP 11: CERTs
APT PRFP 11: CERTsAPT PRFP 11: CERTs
APT PRFP 11: CERTs
APNIC
 
ION Malta - IETF Update
ION Malta - IETF UpdateION Malta - IETF Update
ION Malta - IETF Update
Deploy360 Programme (Internet Society)
 
A Collaborative, Decentralized Internet Governance Ecosystem
A Collaborative, Decentralized Internet Governance EcosystemA Collaborative, Decentralized Internet Governance Ecosystem
A Collaborative, Decentralized Internet Governance Ecosystem
Andile Ngcaba
 
New developments in cyber law - Singapore and beyond
New developments in cyber law - Singapore and beyondNew developments in cyber law - Singapore and beyond
New developments in cyber law - Singapore and beyond
Benjamin Ang
 
Singapore's National Cyber Security Strategy
Singapore's National Cyber Security StrategySingapore's National Cyber Security Strategy
Singapore's National Cyber Security Strategy
Benjamin Ang
 
ION Malta - DANE: The Future of TLS
ION Malta - DANE: The Future of TLSION Malta - DANE: The Future of TLS
ION Malta - DANE: The Future of TLS
Deploy360 Programme (Internet Society)
 
TWNIC OPM 2015: Network Operator Groups
TWNIC OPM 2015: Network Operator GroupsTWNIC OPM 2015: Network Operator Groups
TWNIC OPM 2015: Network Operator Groups
APNIC
 
ION Hangzhou - Keynote: Collaborative Security and an Open Internet
ION Hangzhou - Keynote: Collaborative Security and an Open InternetION Hangzhou - Keynote: Collaborative Security and an Open Internet
ION Hangzhou - Keynote: Collaborative Security and an Open Internet
Deploy360 Programme (Internet Society)
 
Internet Governance: Why does it matter to Bangladesh?
Internet Governance: Why does it matter to Bangladesh?Internet Governance: Why does it matter to Bangladesh?
Internet Governance: Why does it matter to Bangladesh?
Bangladesh Network Operators Group
 
ION Durban - Opening Slides
ION Durban - Opening SlidesION Durban - Opening Slides
ION Durban - Opening Slides
Deploy360 Programme (Internet Society)
 
Singapore. industry 4.0 and cybersecurity
Singapore. industry 4.0 and cybersecurity Singapore. industry 4.0 and cybersecurity
Singapore. industry 4.0 and cybersecurity
Yuri Anisimov
 
Development of Jisc security programme - Networkshop44
Development of Jisc security programme - Networkshop44Development of Jisc security programme - Networkshop44
Development of Jisc security programme - Networkshop44
Jisc
 
Lessons Learned from the NIST CSF
Lessons Learned from the NIST CSFLessons Learned from the NIST CSF
Lessons Learned from the NIST CSF
Digital Bond
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 Workshop
Bachir Benyammi
 

More Related Content

What's hot

ION Malta - DANE: The Future of TLS
ION Malta - DANE: The Future of TLSION Malta - DANE: The Future of TLS
ION Malta - DANE: The Future of TLS
Deploy360 Programme (Internet Society)
 
TWNIC OPM 2015: Network Operator Groups
TWNIC OPM 2015: Network Operator GroupsTWNIC OPM 2015: Network Operator Groups
TWNIC OPM 2015: Network Operator Groups
APNIC
 

What's hot (20)

APAN 44: Security outreach at APNIC
APAN 44: Security outreach at APNICAPAN 44: Security outreach at APNIC
APAN 44: Security outreach at APNIC
 
Introduction to CSIRTs
Introduction to CSIRTsIntroduction to CSIRTs
Introduction to CSIRTs
 
APCERT Updates
APCERT UpdatesAPCERT Updates
APCERT Updates
 
WHOIS Database for Incident Response & Handling
WHOIS Database for Incident Response & HandlingWHOIS Database for Incident Response & Handling
WHOIS Database for Incident Response & Handling
 
CNCERT Conference 2017: Capacity development in the Asia Pacific
CNCERT Conference 2017: Capacity development in the Asia PacificCNCERT Conference 2017: Capacity development in the Asia Pacific
CNCERT Conference 2017: Capacity development in the Asia Pacific
 
ION Malta - IPv6 Case Study: Finland
ION Malta - IPv6 Case Study: FinlandION Malta - IPv6 Case Study: Finland
ION Malta - IPv6 Case Study: Finland
 
ION Malta - Opening Slides
ION Malta - Opening SlidesION Malta - Opening Slides
ION Malta - Opening Slides
 
Michael Yakushev - ICANN accountability and IANA transition - ArmIGF2015
Michael Yakushev - ICANN accountability and IANA transition - ArmIGF2015Michael Yakushev - ICANN accountability and IANA transition - ArmIGF2015
Michael Yakushev - ICANN accountability and IANA transition - ArmIGF2015
 
APT PRFP 11: CERTs
APT PRFP 11: CERTsAPT PRFP 11: CERTs
APT PRFP 11: CERTs
 
ION Malta - IETF Update
ION Malta - IETF UpdateION Malta - IETF Update
ION Malta - IETF Update
 
A Collaborative, Decentralized Internet Governance Ecosystem
A Collaborative, Decentralized Internet Governance EcosystemA Collaborative, Decentralized Internet Governance Ecosystem
A Collaborative, Decentralized Internet Governance Ecosystem
 
New developments in cyber law - Singapore and beyond
New developments in cyber law - Singapore and beyondNew developments in cyber law - Singapore and beyond
New developments in cyber law - Singapore and beyond
 
Singapore's National Cyber Security Strategy
Singapore's National Cyber Security StrategySingapore's National Cyber Security Strategy
Singapore's National Cyber Security Strategy
 
ION Malta - DANE: The Future of TLS
ION Malta - DANE: The Future of TLSION Malta - DANE: The Future of TLS
ION Malta - DANE: The Future of TLS
 
TWNIC OPM 2015: Network Operator Groups
TWNIC OPM 2015: Network Operator GroupsTWNIC OPM 2015: Network Operator Groups
TWNIC OPM 2015: Network Operator Groups
 
ION Hangzhou - Keynote: Collaborative Security and an Open Internet
ION Hangzhou - Keynote: Collaborative Security and an Open InternetION Hangzhou - Keynote: Collaborative Security and an Open Internet
ION Hangzhou - Keynote: Collaborative Security and an Open Internet
 
Internet Governance: Why does it matter to Bangladesh?
Internet Governance: Why does it matter to Bangladesh?Internet Governance: Why does it matter to Bangladesh?
Internet Governance: Why does it matter to Bangladesh?
 
ION Durban - Opening Slides
ION Durban - Opening SlidesION Durban - Opening Slides
ION Durban - Opening Slides
 
Singapore. industry 4.0 and cybersecurity
Singapore. industry 4.0 and cybersecurity Singapore. industry 4.0 and cybersecurity
Singapore. industry 4.0 and cybersecurity
 
Development of Jisc security programme - Networkshop44
Development of Jisc security programme - Networkshop44Development of Jisc security programme - Networkshop44
Development of Jisc security programme - Networkshop44
 

Similar to Fostering National Incident Response Capacity

Cyber security series advanced persistent threats
Cyber security series advanced persistent threats Cyber security series advanced persistent threats
Cyber security series advanced persistent threats
Jim Kaplan CIA CFE
 
Introduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkIntroduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security Framework
PECB
 
Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...
Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...
Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...
Government Technology and Services Coalition
 

Similar to Fostering National Incident Response Capacity (20)

Lessons Learned from the NIST CSF
Lessons Learned from the NIST CSFLessons Learned from the NIST CSF
Lessons Learned from the NIST CSF
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 Workshop
 
CIS20 CSCs+mapping to NIST+ISO.pdf
CIS20 CSCs+mapping to NIST+ISO.pdfCIS20 CSCs+mapping to NIST+ISO.pdf
CIS20 CSCs+mapping to NIST+ISO.pdf
 
CyberOps.pptx
CyberOps.pptxCyberOps.pptx
CyberOps.pptx
 
Science of Security: Cyber Ecosystem Attack Analysis Methodology
Science of Security: Cyber Ecosystem Attack Analysis MethodologyScience of Security: Cyber Ecosystem Attack Analysis Methodology
Science of Security: Cyber Ecosystem Attack Analysis Methodology
 
Cyber security series advanced persistent threats
Cyber security series advanced persistent threats Cyber security series advanced persistent threats
Cyber security series advanced persistent threats
 
NCCDC 2019 Standards Presentation.pptx
NCCDC 2019 Standards Presentation.pptxNCCDC 2019 Standards Presentation.pptx
NCCDC 2019 Standards Presentation.pptx
 
Securing Industrial Control Systems - CornCON II: The Wrath Of Corn
Securing Industrial Control Systems - CornCON II: The Wrath Of CornSecuring Industrial Control Systems - CornCON II: The Wrath Of Corn
Securing Industrial Control Systems - CornCON II: The Wrath Of Corn
 
Introduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkIntroduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security Framework
 
Nist cybersecurity framework isc2 quantico
Nist cybersecurity framework isc2 quanticoNist cybersecurity framework isc2 quantico
Nist cybersecurity framework isc2 quantico
 
Cybersecurity Careers - Step Up Skill Feb2023 (1).pdf
Cybersecurity Careers - Step Up Skill Feb2023 (1).pdfCybersecurity Careers - Step Up Skill Feb2023 (1).pdf
Cybersecurity Careers - Step Up Skill Feb2023 (1).pdf
 
Brochure - Jan 14
Brochure - Jan 14Brochure - Jan 14
Brochure - Jan 14
 
Cs cmaster
Cs cmasterCs cmaster
Cs cmaster
 
Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...
Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...
Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...
 
DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)
 
Contrast & Compare & Contrast Information Security Roles
Contrast & Compare & Contrast Information Security Roles Contrast & Compare & Contrast Information Security Roles
Contrast & Compare & Contrast Information Security Roles
 
BGA SOME/SOC Etkinliği - Kurumsal SOME’ler için SOC Modeli Nasıl Olmalı?
BGA SOME/SOC Etkinliği - Kurumsal SOME’ler için SOC Modeli Nasıl Olmalı?BGA SOME/SOC Etkinliği - Kurumsal SOME’ler için SOC Modeli Nasıl Olmalı?
BGA SOME/SOC Etkinliği - Kurumsal SOME’ler için SOC Modeli Nasıl Olmalı?
 
CSIRT_16_Jun
CSIRT_16_JunCSIRT_16_Jun
CSIRT_16_Jun
 
Risk Based Security and Self Protection Powerpoint
Risk Based Security and Self Protection PowerpointRisk Based Security and Self Protection Powerpoint
Risk Based Security and Self Protection Powerpoint
 
CompTIA_Security_plus_SY0-701_course_content.pdf
CompTIA_Security_plus_SY0-701_course_content.pdfCompTIA_Security_plus_SY0-701_course_content.pdf
CompTIA_Security_plus_SY0-701_course_content.pdf
 

More from APNIC

More from APNIC (20)

APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
 
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
 
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53
 
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOG
 
IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119
 
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
 
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
 
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
 
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
 
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
 
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
 
NANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonNANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff Huston
 
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonDNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
 
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
 
Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6
 
AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!
 
CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023
 

Recently uploaded

PowerDirector Explination Process...pptx
PowerDirector Explination Process...pptxPowerDirector Explination Process...pptx
PowerDirector Explination Process...pptx
galaxypingy
 
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
gajnagarg
 
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
ydyuyu
 
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
ayvbos
 
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
ayvbos
 
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi EscortsRussian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Monica Sydney
 
75539-Cyber Security Challenges PPT.pptx
75539-Cyber Security Challenges PPT.pptx75539-Cyber Security Challenges PPT.pptx
75539-Cyber Security Challenges PPT.pptx
Asmae Rabhi
 
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
pxcywzqs
 
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfpdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
JOHNBEBONYAP1
 

Recently uploaded (20)

PowerDirector Explination Process...pptx
PowerDirector Explination Process...pptxPowerDirector Explination Process...pptx
PowerDirector Explination Process...pptx
 
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
 
Microsoft Azure Arc Customer Deck Microsoft
Microsoft Azure Arc Customer Deck MicrosoftMicrosoft Azure Arc Customer Deck Microsoft
Microsoft Azure Arc Customer Deck Microsoft
 
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
 
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
 
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
 
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
 
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
 
Trump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts SweatshirtTrump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts Sweatshirt
 
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
 
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrStory Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
 
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi EscortsRussian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
 
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency""Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
 
Best SEO Services Company in Dallas | Best SEO Agency Dallas
Best SEO Services Company in Dallas | Best SEO Agency DallasBest SEO Services Company in Dallas | Best SEO Agency Dallas
Best SEO Services Company in Dallas | Best SEO Agency Dallas
 
75539-Cyber Security Challenges PPT.pptx
75539-Cyber Security Challenges PPT.pptx75539-Cyber Security Challenges PPT.pptx
75539-Cyber Security Challenges PPT.pptx
 
20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf
 
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
 
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfpdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
 
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac RoomVip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
 
Meaning of On page SEO & its process in detail.
Meaning of On page SEO & its process in detail.Meaning of On page SEO & its process in detail.
Meaning of On page SEO & its process in detail.
 

Fostering National Incident Response Capacity

  • 1. Fostering National Incident Response Capacity Commonwealth Broadband Pacific Forum – Apia, Samoa 27 July 2017
  • 4. Morris Worm – 1988 Source: https://myindigolives.wordpress.com/2016/11/25/growth-of-the-early-internet-by-node/ Source: http://touque.ca/EC/students/KrishnaKumarNairG/mosaic/mosaic.html Source: https://www.flickr.com/people/intelfreepress/
  • 5. Establishment of CERT/CC … CERT’s three main functions are to provide • mechanisms for coordinating community response in emergencies, such as virus attacks or rumors of attacks: • a coordination point for dealing with information about vulnerabilities and fixes; and • a focal point for discussion of proactive security measures, coordination, and security awareness among Internet users. …CERT officials recognize the need to establish credibility and support within the Internet community so that its recommendations will be acted on... -- GAO (1998) Computer Security: Virus Highlights Need for Improved Internet Management.
  • 6. Core CERT functions … CERT’s three main functions are to provide • mechanisms for coordinating community response in emergencies, such as virus attacks or rumors of attacks: • a coordination point for dealing with information about vulnerabilities and fixes; and • a focal point for discussion of proactive security measures, coordination, and security awareness among Internet users. …CERT officials recognize the need to establish credibility and support within the Internet community so that its recommendations will be acted on... Incident response Coordination Information Sharing …TRUST...
  • 7. 1. Preparation – Preparing to handle Incidents – Preventing Incidents 2. Detection and Analysis Incident Response 3. Containment, Eradication & Recovery 4. Post Incident Activities - Lessons Learned & Improvement Source: NIST Computer Security Incident Handling Guide
  • 8. Coordination Source: NIST Computer Security Incident Handling Guide
  • 9. Information Sharing • Trusted Group • Sharing of threat intelligence • Co-ordinated Response • Reach out to the community
  • 11. • Defined Structure • Mandate & Terms of Reference CERT Establishment …is a team that performs, coordinates, and supports the response to security incidents that involve sites within a defined constituency • Operational Capacity • Establishing Relationships -- RFC 2350
  • 12. • Defined Structure • Mandate & Terms of Reference CERT Establishment …is a team that performs, coordinates, and supports the response to security incidents that involve sites within a defined constituency • Operational Capacity • Establishing Relationships -- RFC 2350
  • 13. • Defined Structure • Mandate & Terms of Reference CERT Establishment …is a team that performs, coordinates, and supports the response to security incidents that involve sites within a defined constituency • Operational Capacity • Establishing Relationships -- RFC 2350
  • 14. • Defined Structure • Mandate & Terms of Reference CERT Establishment …is a team that performs, coordinates, and supports the response to security incidents that involve sites within a defined constituency • Operational Capacity • Establishing Relationships -- RFC 2350
  • 15. • Defined Structure • Mandate & Terms of Reference CERT Establishment …is a team that performs, coordinates, and supports the response to security incidents that involve sites within a defined constituency • Operational Capacity • Establishing Relationships -- RFC 2350
  • 16. In brief… • Incident response is a multistakeholder effort • CERTs are a part of a wider ecosystem • Trust is central • Tailor approach to meet local needs • Start small with quick wins • Commit long term, grow with demand/capability 16