Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Cyber Security
Governance
www.icion-leadership.com
ICION 4th Annual Conference | Charles Lim, Msc., ECSA, ECSP, ECIH, CEH,...
Agenda
• About Honeynet
• Why Cyber Security Governance?
• Cyber Security Framework
• Framework Core
• Framework Profile
•...
About Honeynet
• Volunteer open source computer security
research organization since 1999 (US 501c3
non-profit)
• Mission:...
About Honeynet
• Share all of our tools, research and findings, at
no cost to the public – “Know Your Tools”
(KYT)
• “Know...
About Honeynet
Honeynet Project Workshop | 18-20 May 2015 | Stavanger, Norway
About Honeynet
CONPOT 0.5.0 Release | 13 November 2015
About Honeynet
55 Chapters and 37 Countries
About Indonesia Honeynet Project
• 15 passionate security
professionals, academicians
and government officials
met signed ...
About Indonesia Honeynet Project
• Yearly Seminar and Workshop since 2012
• Focus on Security Awareness and Security
Resea...
About Indonesia Honeynet Project
Honeynet Seminar & Workshop | 10-11 Juni 2015 | Lampung, Indonesia
Honeypots Research & Deployment
2009 2011 2013 2015
Learning
Period
Early
Period
Growing
Period
Expanding
Period
Honeypot:...
Our Contribution
http://public.honeynet.id
Our Contribution
Attacker Statistics: Attacker IP, Malware, Targeted Ports, Provinces attacked
Our Contribution
Attacker Statistics: Attacker IP, Malware, Targeted Ports, Provinces attacked
Other Research
Second Hand USB Forensics and Publications
Join Us
• Indonesia Honeynet Project
• idhoneynet
• http://www.honeynet.or.id
• http://groups.google.com/group/id-honeynet
Why Cyber Security Governance?
• We live in the interconnected world
• Constant security threats to individuals,
organizat...
Governance
Reference: http://www.mondaq.com/x/249550/Data+Protection+Privacy/Information+Security+Governance
Why Framework?
• Example: COBIT Framework
• Framework for the governance and
management of IT Enterprise
“a framework is a...
COBIT Framework
Benefits
• From chaos to order and organization
• Manageable practice
• From tools / mechanisms  architecture /
policy  ...
Cyber Security Framework
• Framework for Improving Critical Infrastructure Cybersecurity,
version 1.0, the National Instit...
Risk Management
NIST Cyber Security Framework
• Three parts:
– The Framework Core
– The Framework Profile
– The Framework Implementation T...
Framework Core
• Five concurrent and continuous Functions
– Identify
– Protect
– Detect
– Respond
– Recover
• (Altogether)...
Cyber Security Framework
Incident
Management
Functions and Categories
• Functions organize basic cybersecurity activities at their highest level.
• Categories are the ...
28
• Represents the outcomes based on business
needs that an organization has selected from the
Framework Categories and S...
29
• The Framework document does not prescribe
Profile templates, allowing for flexibility in
implementation.
• Example pr...
30
31
32
33
34
Coordination of Framework Implementation
Implementation Tiers
• Describe the degree to which an organization’s
cybersecurity risk management practices exhibit the
...
Challenges
• Governance begins at the top of the
organization  Executive need to lead
• Managing Cyber Security Challenge...
Thank you
Support the first cissp class training on 25 to 29 April 2016 in Jakarta www.indo-infosec.com
• Our ANNUAL ICION...
Upcoming SlideShare
Loading in …5
×
Upcoming SlideShare
Fadi Mutlak - Information security governance
Next
Download to read offline and view in fullscreen.

6

Share

Download to read offline

ICION 2016 - Cyber Security Governance

Download to read offline

Related Audiobooks

Free with a 30 day trial from Scribd

See all

ICION 2016 - Cyber Security Governance

  1. 1. Cyber Security Governance www.icion-leadership.com ICION 4th Annual Conference | Charles Lim, Msc., ECSA, ECSP, ECIH, CEH, CEI
  2. 2. Agenda • About Honeynet • Why Cyber Security Governance? • Cyber Security Framework • Framework Core • Framework Profile • Implementation Tiers • Framework Profile • Conclusion
  3. 3. About Honeynet • Volunteer open source computer security research organization since 1999 (US 501c3 non-profit) • Mission: ¨learn the tools, tactics and motives involved in computer and network attacks, and share the lessons learned¨ - http://www.honeynet.org
  4. 4. About Honeynet • Share all of our tools, research and findings, at no cost to the public – “Know Your Tools” (KYT) • “Know Your Enemy”(KYE) white papers regularly published on current research topics • Members release regular activity status reports • Committed to open source and creative commons • Partially funded by sponsors, nothing to sell!
  5. 5. About Honeynet Honeynet Project Workshop | 18-20 May 2015 | Stavanger, Norway
  6. 6. About Honeynet CONPOT 0.5.0 Release | 13 November 2015
  7. 7. About Honeynet 55 Chapters and 37 Countries
  8. 8. About Indonesia Honeynet Project • 15 passionate security professionals, academicians and government officials met signed a petition in 25 November 2011 • Indonesia Chapter officially recognized 9 January 2012 • Current members: 130 (20 active members)
  9. 9. About Indonesia Honeynet Project • Yearly Seminar and Workshop since 2012 • Focus on Security Awareness and Security Research • Honeynet communities: Jakarta, Semarang, Surabaya, Yogya, Denpasar, Palembang, Lampung • Research Topics: Incident handling, Vulnerability Analysis, Malware, Digital Forensics, Penetration Testing, Threats Intelligence
  10. 10. About Indonesia Honeynet Project Honeynet Seminar & Workshop | 10-11 Juni 2015 | Lampung, Indonesia
  11. 11. Honeypots Research & Deployment 2009 2011 2013 2015 Learning Period Early Period Growing Period Expanding Period Honeypot: Nepenthes Honeypot: Nepenthes, Dionaea Honeypot: Dionaea Honeypot: Dionaea, Kippo, Glastopf, Honeytrap Learning How to install and configure Deployed 1st Honeypot in SGU Target: Academic, Government, ISP Coverage: Java, Bali, Sumatera, # Honeypots deployed: None # Honeypots deployed: 1 # Honeypots deployed: 5 # Honeypots deployed: 17 Hardware: Client Hardware: Simple Client and Server Hardware: Mini PC and Server Hardware: Raspberry Pi and Dedicated servers
  12. 12. Our Contribution http://public.honeynet.id
  13. 13. Our Contribution Attacker Statistics: Attacker IP, Malware, Targeted Ports, Provinces attacked
  14. 14. Our Contribution Attacker Statistics: Attacker IP, Malware, Targeted Ports, Provinces attacked
  15. 15. Other Research Second Hand USB Forensics and Publications
  16. 16. Join Us • Indonesia Honeynet Project • idhoneynet • http://www.honeynet.or.id • http://groups.google.com/group/id-honeynet
  17. 17. Why Cyber Security Governance? • We live in the interconnected world • Constant security threats to individuals, organizations, or countries • Businesses continue to evolve to stay ahead • Governing these threats to our organizations is critical to survivability
  18. 18. Governance Reference: http://www.mondaq.com/x/249550/Data+Protection+Privacy/Information+Security+Governance
  19. 19. Why Framework? • Example: COBIT Framework • Framework for the governance and management of IT Enterprise “a framework is a real or conceptual structure intended to serve as a support or guide for the building of something that expands the structure into something useful.” Reference: http://whatis.techtarget.com/definition/framework
  20. 20. COBIT Framework
  21. 21. Benefits • From chaos to order and organization • Manageable practice • From tools / mechanisms  architecture / policy  strategy / governance
  22. 22. Cyber Security Framework • Framework for Improving Critical Infrastructure Cybersecurity, version 1.0, the National Institute of Standards and Technology (NIST), February 12, 2014. – A response to the President’s Executive Order 13636, “Improving Critical Infrastructure Cybersecurity” on February 12, 2013. • Critical infrastructure: “systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters.” • a voluntary risk-based Cybersecurity Framework – a set of industry standards and best practices to help organizations manage cybersecurity risks • The Framework is technology neutral
  23. 23. Risk Management
  24. 24. NIST Cyber Security Framework • Three parts: – The Framework Core – The Framework Profile – The Framework Implementation Tiers • Framework Core – A set of activities, outcomes, and informative references – Providing the detailed guidance for developing individual organizational Profiles
  25. 25. Framework Core • Five concurrent and continuous Functions – Identify – Protect – Detect – Respond – Recover • (Altogether) the functions provide a high-level, strategic view of the lifecycle of an organization’s management of cybersecurity risk.
  26. 26. Cyber Security Framework Incident Management
  27. 27. Functions and Categories • Functions organize basic cybersecurity activities at their highest level. • Categories are the subdivisions of a Function into groups of cybersecurity outcomes closely tied to programmatic needs and particular activities. o Example Categories: “Asset Management,” “Access Control,” “Detection Processes.”
  28. 28. 28 • Represents the outcomes based on business needs that an organization has selected from the Framework Categories and Subcategories • Aligning standards, guidelines, and practices to the Framework Core in a particular implementation scenario • “Current” profile  “Target” profile • Comparison of Profiles may reveal gaps to be addressed to meet cybersecurity risk management objectives. Framework Profile
  29. 29. 29 • The Framework document does not prescribe Profile templates, allowing for flexibility in implementation. • Example profiles can be found: http://www.nist.gov/itl/upload/discussion-draft_illustrative- examples-082813.pdf Example Profiles for Threat Mitigation: 1. Mitigating intrusions 2. Mitigating malware 3. Mitigating insider threats Framework Profile
  30. 30. 30
  31. 31. 31
  32. 32. 32
  33. 33. 33
  34. 34. 34 Coordination of Framework Implementation
  35. 35. Implementation Tiers • Describe the degree to which an organization’s cybersecurity risk management practices exhibit the characteristics defined in the Framework. • Characterize an organization’s practices over a range – from Partial (Tier 1) to Adaptive (Tier 4) • Partial: risks are managed in an ad hoc manner • Risk Informed: Risk management practices are approved by management but may not be established as organizational-wide policy. • Repeatable: Risk management practices are formally approved and expressed as policy. • Adaptive: The organization adapts its cybersecurity practices based on lessons learned and predictive indicators derived from previous and current cybersecurity activities. – Reflect a progression from informal, reactive responses to approaches that are agile and risk-informed. 35
  36. 36. Challenges • Governance begins at the top of the organization  Executive need to lead • Managing Cyber Security Challenges  Managing Risk continuously • Evolving Risks  Evolving Challenges
  37. 37. Thank you Support the first cissp class training on 25 to 29 April 2016 in Jakarta www.indo-infosec.com • Our ANNUAL ICION EVENT IN BALI • www.icion-leadership.com • Watch our last CISSP COMMUNITY VIDEO EVENT IN PONDOH INDAH • https://www.youtube.com/watch?v=fqUjXIlCcfM
  • Suvanasarn

    Oct. 27, 2020
  • jimmy2007

    Aug. 9, 2020
  • wanamira31

    Mar. 14, 2019
  • abdulrahmanh

    Jun. 11, 2017
  • gianlucaconte3

    Mar. 11, 2016
  • RayTeh

    Mar. 7, 2016

Views

Total views

2,521

On Slideshare

0

From embeds

0

Number of embeds

14

Actions

Downloads

120

Shares

0

Comments

0

Likes

6

×