SlideShare a Scribd company logo

Cybersecurity Hub & Operations - Dr. Kiru Pillay

Download as PPTX, PDF
D
dotZADNA

Cyber security Hub & Cyber security Operations presentation at iWeek2017 by Dr. Kiru Pillay, Department of Telecommunications & Postal Services (Dtps)

Internet
1 of 33
Kiru Pillay Department of Telecommunications and Postal Services Cybersecurity Operations & Cybersecurity Hub iWeek 2017 5th September 2017 Cybersecurity Hub
Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 2 Cybersecurity Hub 01
Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 3 Cybersecurity Hub • Acts as National point of contact for the coordination of Cybersecurity incidents • Receives and analyses Cybersecurity incidents, trends, vulnerabilities and threats • Facilitates the establishment of sector, regional and continental CSIRT’s • Disseminates alerts and warnings to its constituents • Initiate national Cybersecurity awareness campaigns National Cybersecurity Policy Framework "Cybersecurity Hub" means a CSIRT established to pool public and private sector threat information for the purposes of processing and disseminating such information to relevant stakeholders including the Cybersecurity centre.
 "Computer Security Incident Response Team (CSIRT)" is a team of dedicated information security specialists that prepares for and responds to Cybersecurity breaches or Cybersecurity incidents.  There is no globally accepted definition of what a “National CSIRT” except that it is a security team with a national responsibilities  Resolution 58 of the ITU – Encourages the creation of national CSIRTs particularly for developing countries  There exist various abbreviations for this entity like: CERT (Computer Emergency Response Team) IRT (Incident Response Team) CIRT (Computer Incident Response Team) SERT (Security Emergency Response Team National Cybersecurity Policy Framework
CSIRT Peer Relationships CSIRT HANDBOOK National Cybersecurity Policy Framework
National CSIRTs Services ALGERIA, BURKINA FASO, CAMEROON, COTE D’IVOIRE, EGYPT, ETHIOPIA, GHANA, KENYA, NIGERIA, RWANDA, SOUTH AFRICA, SUDAN, TANZANIA, TUNISIA, UGANDA, ZAMBIA 16 countries with National CSIRTs in Africa 103 countries with National CSIRTs worldwide
Cybersecurity Hub Launch – October 2015 Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 7 To report a cybersecurity incident: Visit : https://www.cybersecurityhub.gov.za Email: incident@cybersecurityhub.gov.za
Cybersecurity Hub Implementation Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 8 The DTPS has been mandated by NCPF to establish a National CSIRT (Cybersecurity Hub) in consultation with the Justice Crime Prevention and Security (JCPS) cluster departments, the private sector and civil society as well as the sector CSIRTs - Phase 1(Nov’14-Mar’15) - Phase 2(Apr’15-Sep’15) Phase 3(From Oct’15) Ultimate Goal Fully Capacitated Cybersecurity Hub Basic Cybersecurity Hub
Cybersecurity Hub Responsibilities as per NCPF Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 9 Sector CSIRT Establishment, public-private partnerships, increasing collaboration, Coordinate Responses to threats at a national level and Resolve (1) 6. 3.1 Coordinate general Cybersecurity activities; identifying stakeholders and developing public-private relationships and collaborating with any sector CSIRTs that may be established. 6.3.6.1 Be a point of contact for that specific sector. 6.3.6.2 Coordinate Cybersecurity incident response activities within that sector Information Dissemination, Best practice Guidelines, Audits, Readiness Exercises, Standards Compliance (2) 6.3.2; 6.3.6.3 and 6.3.6.4 Disseminate relevant information to sector CSIRTs, vendors, technology experts. 6. 3.3 and 6.3.6.8 Provide best practice guidance on ICT security for Government, business and civil society. 6.3.5 and 6.3.6.5 Promote compliance with standards, procedures and policy and best practices. 6.3.6.7 Conduct Cybersecurity audits, assessments and readiness exercises for the sector Cybersecurity Awareness (3) 6.3.4 Initiate Cybersecurity awareness campaigns
National CSIRTs Services Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 10 REACTIVE SERVICES • Alerts and warnings • Incident handling • Vulnerability handling • Artifact handling PROACTIVE SERVICES • Announcements • Technology watch • Security audits or assessments • Configuration and maintenance of tools, applications • Development of security tools • Intrusion detection services • Security-related information dissemination QUALITY MANAGEMENT SERVICES • Risk Analysis • Business continuity and disaster recovery planning • Security consulting • Awareness building • Education training • Product evaluation or certification "Computer Security Incident Response Team (CSIRT)” Team of dedicated information security specialists that prepares for and responds to Cybersecurity breaches or Cybersecurity incidents. Over the years CSIRTs extended their capacities and increase their service offerings. CSIRTs go from being a reaction force to a complete security service provider.
FIRST Membership 1 2 3 4 Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 11 FIRST membership initiative is currently underway with the CSIR being the strategic partner • Infrastructure upgrades are being undertaken to the Cybersecurity Hub, which ism physically housed at the CSIR • Policies and Standards Operating Procedures (SOPs) are being validated and verified. • The Cybersecurity Hub’s network is being upgraded in line with FIRST requirements Application for membership will be made in the 2017 calendar year
International, Regional & National Frameworks Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 12 • Regional Harmonization of policies, legal frameworks and good practices • SADC 2012 Model Law on Computer Crime and Cybercrime to guide development of cybersecurity laws in SADC Member States • African Union 2014 Convention on Cyber Security and Personal Data Protection, which aims to harmonize the laws of African States on electronic commerce, data protection, cyber security promotion and cyber crime control. • International Cooperation frameworks and exchange of information • Resolution 58 of the ITU – Encourages the creation of National Computer Security Incident Response Teams (CSIRTs) particularly for developing countries • SA 2012 NCPF to set out an aligned and coherent approach to Cybersecurity by outlining broad policy guidelines on Cybersecurity • Cybercrimes and Cybersecurity Bill is currently before Parliament Cybersecurity is trans-border in nature and demands cooperation between countries and law enforcement agencies
Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 13 Coordination & Consultation 02 • The Cybersecurity Hub needs to ensure appropriate consultation between the JCPS cluster departments, the private sector and civil society regarding Cybersecurity matters Consultation • Coordinate general Cybersecurity activities; identifying stakeholders and developing public- private relationships and collaborating with any sector CSIRTs that may be established Co-ordination
Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 14 Sector CSIRTs as at end 2015- 2016 financial year • At the end of the 2015-2016 financial year, the Finance sector was well represented with respect to sector-based CSIRTs with at least four active CSIRTs, with others being planned. • The Higher education sector also has an effective CSIRT responsible for universities, museums and research councils SABRIC CSIRT ASISA CSIRT FMI CSIRT SAIA PASA CSIRT SSA Cyber Response Committee FINANCE SECTOR-CSIRT Cybersecurity Hub RETAIL SECTOR-CSIRT LOGISTICS SECTOR-CSIRT HEALTH SECTOR-CSIRT TELECOMMS SECTOR-CSIRT EDUCATION SECTOR-CSIRT LEGEND SABRIC: South African Banking Risk Information Centre ASISA: Association of Savings and Investments South Africa PASA: Payments Association of South Africa SAIA: South African Insurance Association FMI: Financial Markets Institutions (JSE, Reserve Bank, Bankserv, STRATE) Other Finance CSIRTs SANREN/ TENET
Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 15 Sector CSIRT Establishment SSA Cyber Response Committee FINANCE SECTOR-CSIRT Cybersecurity Hub RETAIL SECTOR-CSIRT LOGISTICS SECTOR-CSIRT HEALTH SECTOR-CSIRT TELECOMMS SECTOR-CSIRT Consumer Goods Retail sector-CSIRT Internet Service Providers Association sector- CSIRT Since April 2017 two new sector-based CSIRTs are in the process of being established - The retail sector CSIRT being spearheaded by the Consumer Goods Council (CGC) - The Consumer Goods Council represents the interests of more than 12, 000 member companies engaged in the manufacture, retail, wholesale and distribution of consumer goods, which has a combined value of R707 billion - The Internet Service providers CSIRT being spearheaded by the Internet Service Providers Association (ISPA). - ISPA currently has many members, comprised of large, medium and small Internet service and access providers in South Africa. EDUCATION SECTOR-CSIRT
Cybercrimes and Cybersecurity Bill
Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 17 Establishment of a CSIRT Forum SABRIC CSIRT ASISA CSIRT FMI CSIRT SAIA PASA CSIRT FINANCE SECTOR-CSIRT RETAIL SECTOR-CSIRT TELECOMMS SECTOR-CSIRT … Other Finance CSIRTs • Established what has been termed the CSIRT Forum in April 2017 in response to increasing number of sector-based CSIRTs being established • Made up of representatives from the established and soon-to-be established CSIRTs • The intention of the CSIRT forum is to coordinate activities amongst the various CSIRTs. • Initiatives identified at the launch included: • Information Sharing between sector-CSIRTs • Skills Development / Capacity Building • Promoting of uniform Standards ISP CSIRT RETAIL CSIRT
Improved Consultation Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 18 • Regular interactions with various Stakeholders including: • The South African Communications Forum • The Consumer Goods Council • Financial Sector Continuity Forum Cyber and Information Security Working Group (Reserve Bank, STRATE, Bankserv, JSE). • National ICT Forum Working Group on Cybersecurity • Vendors • Research institutions • South African Bureau of Standards
Cybersecurity Incident Response ‘War Room’: Improving coordination Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development • Imperative to be able to engage with all stakeholders when responding to Threats and Incidents at a National level • The ‘War Room’ will give the Hub the ability to respond in real-time and to coordinate responses to Cybersecurity threats and incidents • A set of secure collaborative communications tools • A Business Intelligence (BI) capability that allows stakeholders to take decisions to resolve threats • ‘Proof of Concept’ are being undertaken by various vendors • The processes and workflow that support the ‘War Room’ are being developed in conjunction with Law Enforcement Agencies and other constituents • Use of Skype for Business and open-source collaborative tools • Request for the appointment of service providers is being finalised
Investigate the development of ‘home-grown’ Cybersecurity tools Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 20 Initiated a research project to get a baseline understanding of the Cybersecurity sector in South Africa. Problem Statement: • Investigate the cyber security landscape within South Africa for the private and public sector and determine the cyber related software applications, tools and other capabilities that are being developed and available respectively. Rationale for the Study: • Cybersecurity is a national imperative for countries, and is largely reliant on the use of software tools in order to identify and resolve cybersecurity incidents and threats. • The need for locally developed tools have become an imperative for many countries • In South Africa there is an urgent need for the establishment of sector CSIRTS / SOCs and for the promotion of public-private partnerships in order to counter cybersecurity breaches and incidents. • South Africa also has an associated strategic objective of encouraging the local software development sector. • Expected Outputs (November 2017): • Overview of the Cyber security landscape of South Africa and expected growth trajectory • A report which identifies the various in-house developed or developing cyber security related software applications and tools within the private and public sector in South Africa.
Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 21 Dissemination of Information 03 • Disseminate relevant information to sector CSIRTs, vendors, technology experts. Disseminate Information
Communicating with Sector-CSIRTs Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 22 Communicate with our Stakeholders and Sector-based CSIRTs via the Cybersecurity Hub website using secure logins. Provide relevant documentation and security directives via the Website
Global Ransomware attacks & Security Directives Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 23 Alert Name Petya Ransomware Security Advisory Overview of vulnerability There is an outbreak of a ransomware attack called Petya already making chaos worldwide, with massive disruption in countries such as Europe, Unites States (US), India, France, and Russia. This ransomware infects Windows systems by encrypting the hard drive’s master file table (MFT) and renders the master boot record (MBR) inoperable. The MRB is then replaced with the Petya’s malicious code that displays the ransom note and leaves the computer unable to boot. The ransomware takes over computers and demands $300, paid in Bitcoin, which is a cryptocurrency. The Petya ransomware spreads rapidly across an organization once a computer is infected using the EternalBlue vulnerability in Microsoft Windows. Unlike the recent WannaCry, this attack is very persistent in nature and has better spreading mechanisms; it tries one option and if it doesn’t work, it tries another one. The Cybersecurity Hub advices the infected users not to pay the ransom. Date 27 June 2017 Systems affected Microsoft Windows Risk (Risk e.g. in terms of simple rating (low, medium, high). High X Medium Low The risk for this attack is high. impact/ potential damage High X Medium Low The severity for this ransomware is high; organisations could lose a lot of money by paying the ransom. Recommendations All Microsoft Windows users are advised to do the following:  Install required Windows updates (MS17-10): https://technet.microsoft.com/en-us/library/security/ms17-010.aspx  Turn of SMB1: https://support.microsoft.com/en- us/help/2696547/how-to-enable-and-disable-smbv1-smbv2-and-smbv3- in-windows-and-windows  It is also advised to block the execution of «PSEXEC.EXE» software on potentially compromised machines and block remote access to WMI. References  http://thehackernews.com/2017/06/petya-ransomware-attack.html  https://www.theguardian.com/technology/2017/jun/27/petya- ransomware-cyber-attack-who-what-why-how  http://www.wired.co.uk/article/petya-malware-ransomware-attack- outbreak-june-2017 The Hub had knowledge of the attacks and raised the alarm with its Stakeholders. The Hub developed and released Security Directives aimed at countering these attacks, which were distributed to our Stakeholders. Key to this was the use of the recently established CSIRT forum for dissemination of information The Security Directives were both technical in nature for the consumption by the CSIRTs and a general Awareness directive for the general public No large-scale breaches were reported in South Africa
Piloting of a Business Intelligence solution Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 24 • Piloting a Business Intelligence (BI) solution • The BI solution is meant to develop a capacity to identify threats prior to them turning into actual incidents • Inputs various open-source and proprietary threat feeds, and also incidents from the CSIRTs in order to develop trends and patters of incidents • Requested threat information from stakeholders including Microsoft, Kaspersky, Intel and CISCO • Output will be a South Africa specific Incident and Threat feed which will be distributed to Stakeholders
Business Intelligence Pilot: Examples of Visualisations Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 25
Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 26 Provide Guidance, Promote Compliance 04 • Provide best practice guidance on ICT security for Government, business and civil society Provide Guidance • Promote compliance with standards, procedures and policy and best practices Promote compliance
Sector-specific Readiness Survey Current Initiative Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 27 • The National Readiness survey was the first national survey aimed at understanding: • The status of strategic Cybersecurity plans within organisations; • Governance relating to the Cybersecurity function within organisations; • Potential Cybersecurity vulnerabilities and risks which have been identified within organisations; • The capability of organisations to respond and recover after a Cybersecurity related attack. • The survey closed at the end of July and analysis is currently under way • The results and the report will be available in October 2017 • Sectors that responded included • Higher education • State-owned enterprises • The IT Sector • The finance sector including the banks, investment houses and the FMIs
Development of National Standards and Guidelines Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 28 • Development of national standards and guidelines • Assist in the standardization and in the exchange of threat and vulnerability information • Assist in developing a minimum levels of operations for CSIRTs • Include • National Cybersecurity Standards e.g. ISO, NIST, CoBIT • Threat Information Standardisation • Identification of open source and proprietary tools • Maturity Models in order to evaluate CSIRT maturity
Development of a national Cybersecurity Skills framework Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 29 • Developed a national Cybersecurity Skills Framework • Based on international best practice model - National Initiative for Cybersecurity Education (NICE) • Customised for South Africa • Developed in collaboration with SABRIC and the BANK SETA • Has been socialised with various other SETAs • Development of Organising Framework for Occupations (OFO) Codes in progress • Once OFO codes have been registered and the framework finalised, standardised curriculum content can be developed The development of the national Skills Framework, once finalised, is a significant breakthrough in addressing the issue of the shortage of Cybersecurity skills
Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 30 National Awareness Strategy05
Development of a national Awareness Portal Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 31 • Awareness Portal currently under development • Scheduled to ‘go-live’ in September 2017 • Incorporates social media platforms and digital artefacts (mobile apps, videos, etc.) • Regular cybersecurity campaigns e.g. Cyberbullying will be run jointly with Stakeholders e.g. CISCO, SABRIC, Reserve Bank, SITA, ISPA, Microsoft etc.
Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 32 Conclusion06
ITU Global Cybersecurity Index (GCI) 2017 Situated on the southern tip of Africa, South Africa established the national cyber security hub to serve as a central point for collaboration between industry, government and civil society on all cyber security incidents. The cyber security hub is mandated by the National Cybersecurity Policy Framework (NCPF) that was passed by Cabinet in 2012. The country is ranked eighth in the continent and 58th globally, with an overall score of 0.502. http://www.itnewsafrica.com/2017/07/top-10-african-countries- committed-to-cybersecurity/ Extracts from ITU Global Cybersecurity Index (GCI 2017’

Recommended

Lessons learned from the SingHealth Data Breach COI Report
Lessons learned from the SingHealth Data Breach COI ReportLessons learned from the SingHealth Data Breach COI Report
Lessons learned from the SingHealth Data Breach COI Report
Benjamin Ang
 
APCERT Updates
APCERT UpdatesAPCERT Updates
APCERT Updates
APNIC
 
Development of National Cybersecurity Strategy and Organisation
Development of National Cybersecurity Strategy and OrganisationDevelopment of National Cybersecurity Strategy and Organisation
Development of National Cybersecurity Strategy and Organisation
Dr David Probert
 
Cyber Vardzia - Integrated Physical and Cyber Security Systems for Georgia
Cyber Vardzia - Integrated Physical and Cyber Security Systems for GeorgiaCyber Vardzia - Integrated Physical and Cyber Security Systems for Georgia
Cyber Vardzia - Integrated Physical and Cyber Security Systems for Georgia
Dr David Probert
 
The Present and the Future ISAC in Taiwan
The Present and the Future ISAC in TaiwanThe Present and the Future ISAC in Taiwan
The Present and the Future ISAC in Taiwan
APNIC
 
Protection of critical information infrastructure
Protection of critical information infrastructureProtection of critical information infrastructure
Protection of critical information infrastructure
Neha Agarwal
 
CTO-CyberSecurityForum-2010-Anders Johanson
CTO-CyberSecurityForum-2010-Anders JohansonCTO-CyberSecurityForum-2010-Anders Johanson
CTO-CyberSecurityForum-2010-Anders Johanson
segughana
 
CEO-CTO-Cybersecurity-2010
CEO-CTO-Cybersecurity-2010CEO-CTO-Cybersecurity-2010
CEO-CTO-Cybersecurity-2010
segughana
 

Recommended

Lessons learned from the SingHealth Data Breach COI Report
Lessons learned from the SingHealth Data Breach COI ReportLessons learned from the SingHealth Data Breach COI Report
Lessons learned from the SingHealth Data Breach COI Report
Benjamin Ang
 
APCERT Updates
APCERT UpdatesAPCERT Updates
APCERT Updates
APNIC
 
Development of National Cybersecurity Strategy and Organisation
Development of National Cybersecurity Strategy and OrganisationDevelopment of National Cybersecurity Strategy and Organisation
Development of National Cybersecurity Strategy and Organisation
Dr David Probert
 
Cyber Vardzia - Integrated Physical and Cyber Security Systems for Georgia
Cyber Vardzia - Integrated Physical and Cyber Security Systems for GeorgiaCyber Vardzia - Integrated Physical and Cyber Security Systems for Georgia
Cyber Vardzia - Integrated Physical and Cyber Security Systems for Georgia
Dr David Probert
 
The Present and the Future ISAC in Taiwan
The Present and the Future ISAC in TaiwanThe Present and the Future ISAC in Taiwan
The Present and the Future ISAC in Taiwan
APNIC
 
Protection of critical information infrastructure
Protection of critical information infrastructureProtection of critical information infrastructure
Protection of critical information infrastructure
Neha Agarwal
 
CTO-CyberSecurityForum-2010-Anders Johanson
CTO-CyberSecurityForum-2010-Anders JohansonCTO-CyberSecurityForum-2010-Anders Johanson
CTO-CyberSecurityForum-2010-Anders Johanson
segughana
 
CEO-CTO-Cybersecurity-2010
CEO-CTO-Cybersecurity-2010CEO-CTO-Cybersecurity-2010
CEO-CTO-Cybersecurity-2010
segughana
 
Are you the I in CII? Cybersecurity Bill public consultation by Internet Soci...
Are you the I in CII? Cybersecurity Bill public consultation by Internet Soci...Are you the I in CII? Cybersecurity Bill public consultation by Internet Soci...
Are you the I in CII? Cybersecurity Bill public consultation by Internet Soci...
Benjamin Ang
 
Cybersecurity Event 2010
Cybersecurity Event 2010Cybersecurity Event 2010
Cybersecurity Event 2010
segughana
 
ID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security Framework
ID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security FrameworkID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security Framework
ID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security Framework
IGF Indonesia
 
The Proactive Approach to Cyber Security
The Proactive Approach to Cyber SecurityThe Proactive Approach to Cyber Security
The Proactive Approach to Cyber Security
Nathan Desfontaines
 
Global CyberSecurity Index and Cyberwellness Profiles
Global CyberSecurity Index and Cyberwellness ProfilesGlobal CyberSecurity Index and Cyberwellness Profiles
Global CyberSecurity Index and Cyberwellness Profiles
ICT Watch
 
APrIGF 2015: Security and the Internet of Things
APrIGF 2015: Security and the Internet of ThingsAPrIGF 2015: Security and the Internet of Things
APrIGF 2015: Security and the Internet of Things
APNIC
 
PRFP-10: Cyber threats and security in the Pacific
PRFP-10: Cyber threats and security in the PacificPRFP-10: Cyber threats and security in the Pacific
PRFP-10: Cyber threats and security in the Pacific
APNIC
 
Defending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber AttacksDefending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber Attacks
Tripwire
 
09 blockchain-security-information-sharing
09 blockchain-security-information-sharing09 blockchain-security-information-sharing
09 blockchain-security-information-sharing
Christos Laganas
 
InfoShare Sri Lanka - Technology for social transformation
InfoShare Sri Lanka - Technology for social transformationInfoShare Sri Lanka - Technology for social transformation
InfoShare Sri Lanka - Technology for social transformation
Sanjana Hattotuwa
 
National Cybersecurity - Roadmap and Action Plan
National Cybersecurity - Roadmap and Action PlanNational Cybersecurity - Roadmap and Action Plan
National Cybersecurity - Roadmap and Action Plan
Dr David Probert
 
Crossing the streams: How security professionals can leverage the NZ Privacy ...
Crossing the streams: How security professionals can leverage the NZ Privacy ...Crossing the streams: How security professionals can leverage the NZ Privacy ...
Crossing the streams: How security professionals can leverage the NZ Privacy ...
Chris Hails
 
ISOC Update
ISOC UpdateISOC Update
ISOC Update
APNIC
 
The ever increasing threat of cyber crime
The ever increasing threat of cyber crimeThe ever increasing threat of cyber crime
The ever increasing threat of cyber crime
Nathan Desfontaines
 
How to Build a Winning Cybersecurity Team
How to Build a Winning Cybersecurity TeamHow to Build a Winning Cybersecurity Team
How to Build a Winning Cybersecurity Team
Global Knowledge Training
 
National_Cyber_Security_Strategy.pdf
National_Cyber_Security_Strategy.pdfNational_Cyber_Security_Strategy.pdf
National_Cyber_Security_Strategy.pdf
Alexandre Pinheiro
 
Cybercrime Risks Eu
Cybercrime Risks EuCybercrime Risks Eu
Cybercrime Risks Eu
manelmedina
 
Yet another cybersecurity framework for Financial Services
Yet another cybersecurity framework for Financial ServicesYet another cybersecurity framework for Financial Services
Yet another cybersecurity framework for Financial Services
Olivier Busolini
 
Facebook
FacebookFacebook
Facebook
BabelNews
 
nistspecialpublication800-86.pdf
nistspecialpublication800-86.pdfnistspecialpublication800-86.pdf
nistspecialpublication800-86.pdf
Alexandre Pinheiro
 
Singapore. industry 4.0 and cybersecurity
Singapore. industry 4.0 and cybersecurity Singapore. industry 4.0 and cybersecurity
Singapore. industry 4.0 and cybersecurity
Yuri Anisimov
 
National policy and strategy
National policy and strategyNational policy and strategy
National policy and strategy
Bright Boateng
 

More Related Content

What's hot

Are you the I in CII? Cybersecurity Bill public consultation by Internet Soci...
Are you the I in CII? Cybersecurity Bill public consultation by Internet Soci...Are you the I in CII? Cybersecurity Bill public consultation by Internet Soci...
Are you the I in CII? Cybersecurity Bill public consultation by Internet Soci...
Benjamin Ang
 
Cybersecurity Event 2010
Cybersecurity Event 2010Cybersecurity Event 2010
Cybersecurity Event 2010
segughana
 
ID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security Framework
ID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security FrameworkID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security Framework
ID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security Framework
IGF Indonesia
 
The Proactive Approach to Cyber Security
The Proactive Approach to Cyber SecurityThe Proactive Approach to Cyber Security
The Proactive Approach to Cyber Security
Nathan Desfontaines
 
Global CyberSecurity Index and Cyberwellness Profiles
Global CyberSecurity Index and Cyberwellness ProfilesGlobal CyberSecurity Index and Cyberwellness Profiles
Global CyberSecurity Index and Cyberwellness Profiles
ICT Watch
 
APrIGF 2015: Security and the Internet of Things
APrIGF 2015: Security and the Internet of ThingsAPrIGF 2015: Security and the Internet of Things
APrIGF 2015: Security and the Internet of Things
APNIC
 
PRFP-10: Cyber threats and security in the Pacific
PRFP-10: Cyber threats and security in the PacificPRFP-10: Cyber threats and security in the Pacific
PRFP-10: Cyber threats and security in the Pacific
APNIC
 
Defending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber AttacksDefending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber Attacks
Tripwire
 
09 blockchain-security-information-sharing
09 blockchain-security-information-sharing09 blockchain-security-information-sharing
09 blockchain-security-information-sharing
Christos Laganas
 
InfoShare Sri Lanka - Technology for social transformation
InfoShare Sri Lanka - Technology for social transformationInfoShare Sri Lanka - Technology for social transformation
InfoShare Sri Lanka - Technology for social transformation
Sanjana Hattotuwa
 
National Cybersecurity - Roadmap and Action Plan
National Cybersecurity - Roadmap and Action PlanNational Cybersecurity - Roadmap and Action Plan
National Cybersecurity - Roadmap and Action Plan
Dr David Probert
 
Crossing the streams: How security professionals can leverage the NZ Privacy ...
Crossing the streams: How security professionals can leverage the NZ Privacy ...Crossing the streams: How security professionals can leverage the NZ Privacy ...
Crossing the streams: How security professionals can leverage the NZ Privacy ...
Chris Hails
 
ISOC Update
ISOC UpdateISOC Update
ISOC Update
APNIC
 
The ever increasing threat of cyber crime
The ever increasing threat of cyber crimeThe ever increasing threat of cyber crime
The ever increasing threat of cyber crime
Nathan Desfontaines
 
How to Build a Winning Cybersecurity Team
How to Build a Winning Cybersecurity TeamHow to Build a Winning Cybersecurity Team
How to Build a Winning Cybersecurity Team
Global Knowledge Training
 
National_Cyber_Security_Strategy.pdf
National_Cyber_Security_Strategy.pdfNational_Cyber_Security_Strategy.pdf
National_Cyber_Security_Strategy.pdf
Alexandre Pinheiro
 
Cybercrime Risks Eu
Cybercrime Risks EuCybercrime Risks Eu
Cybercrime Risks Eu
manelmedina
 
Yet another cybersecurity framework for Financial Services
Yet another cybersecurity framework for Financial ServicesYet another cybersecurity framework for Financial Services
Yet another cybersecurity framework for Financial Services
Olivier Busolini
 
Facebook
FacebookFacebook
Facebook
BabelNews
 
nistspecialpublication800-86.pdf
nistspecialpublication800-86.pdfnistspecialpublication800-86.pdf
nistspecialpublication800-86.pdf
Alexandre Pinheiro
 

What's hot (20)

Are you the I in CII? Cybersecurity Bill public consultation by Internet Soci...
Are you the I in CII? Cybersecurity Bill public consultation by Internet Soci...Are you the I in CII? Cybersecurity Bill public consultation by Internet Soci...
Are you the I in CII? Cybersecurity Bill public consultation by Internet Soci...
 
Cybersecurity Event 2010
Cybersecurity Event 2010Cybersecurity Event 2010
Cybersecurity Event 2010
 
ID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security Framework
ID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security FrameworkID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security Framework
ID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security Framework
 
The Proactive Approach to Cyber Security
The Proactive Approach to Cyber SecurityThe Proactive Approach to Cyber Security
The Proactive Approach to Cyber Security
 
Global CyberSecurity Index and Cyberwellness Profiles
Global CyberSecurity Index and Cyberwellness ProfilesGlobal CyberSecurity Index and Cyberwellness Profiles
Global CyberSecurity Index and Cyberwellness Profiles
 
APrIGF 2015: Security and the Internet of Things
APrIGF 2015: Security and the Internet of ThingsAPrIGF 2015: Security and the Internet of Things
APrIGF 2015: Security and the Internet of Things
 
PRFP-10: Cyber threats and security in the Pacific
PRFP-10: Cyber threats and security in the PacificPRFP-10: Cyber threats and security in the Pacific
PRFP-10: Cyber threats and security in the Pacific
 
Defending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber AttacksDefending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber Attacks
 
09 blockchain-security-information-sharing
09 blockchain-security-information-sharing09 blockchain-security-information-sharing
09 blockchain-security-information-sharing
 
InfoShare Sri Lanka - Technology for social transformation
InfoShare Sri Lanka - Technology for social transformationInfoShare Sri Lanka - Technology for social transformation
InfoShare Sri Lanka - Technology for social transformation
 
National Cybersecurity - Roadmap and Action Plan
National Cybersecurity - Roadmap and Action PlanNational Cybersecurity - Roadmap and Action Plan
National Cybersecurity - Roadmap and Action Plan
 
Crossing the streams: How security professionals can leverage the NZ Privacy ...
Crossing the streams: How security professionals can leverage the NZ Privacy ...Crossing the streams: How security professionals can leverage the NZ Privacy ...
Crossing the streams: How security professionals can leverage the NZ Privacy ...
 
ISOC Update
ISOC UpdateISOC Update
ISOC Update
 
The ever increasing threat of cyber crime
The ever increasing threat of cyber crimeThe ever increasing threat of cyber crime
The ever increasing threat of cyber crime
 
How to Build a Winning Cybersecurity Team
How to Build a Winning Cybersecurity TeamHow to Build a Winning Cybersecurity Team
How to Build a Winning Cybersecurity Team
 
National_Cyber_Security_Strategy.pdf
National_Cyber_Security_Strategy.pdfNational_Cyber_Security_Strategy.pdf
National_Cyber_Security_Strategy.pdf
 
Cybercrime Risks Eu
Cybercrime Risks EuCybercrime Risks Eu
Cybercrime Risks Eu
 
Yet another cybersecurity framework for Financial Services
Yet another cybersecurity framework for Financial ServicesYet another cybersecurity framework for Financial Services
Yet another cybersecurity framework for Financial Services
 
Facebook
FacebookFacebook
Facebook
 
nistspecialpublication800-86.pdf
nistspecialpublication800-86.pdfnistspecialpublication800-86.pdf
nistspecialpublication800-86.pdf
 

Similar to Cybersecurity Hub & Operations - Dr. Kiru Pillay

Singapore. industry 4.0 and cybersecurity
Singapore. industry 4.0 and cybersecurity Singapore. industry 4.0 and cybersecurity
Singapore. industry 4.0 and cybersecurity
Yuri Anisimov
 
National policy and strategy
National policy and strategyNational policy and strategy
National policy and strategy
Bright Boateng
 
Session 5.3 Alexander Ntoko
Session 5.3 Alexander NtokoSession 5.3 Alexander Ntoko
Session 5.3 Alexander Ntoko
Commonwealth Telecommunications Organisation
 
Protecting Critical Infrastructure: a multi-layered approach
Protecting Critical Infrastructure: a multi-layered approachProtecting Critical Infrastructure: a multi-layered approach
Protecting Critical Infrastructure: a multi-layered approach
ITU
 
INDIAN NATIONAL CYBER SECURITY POLICY (NCSP-2013)
INDIAN NATIONAL CYBER SECURITY POLICY (NCSP-2013)INDIAN NATIONAL CYBER SECURITY POLICY (NCSP-2013)
INDIAN NATIONAL CYBER SECURITY POLICY (NCSP-2013)
Santosh Khadsare
 
ITU Cybersecurity Capabilities
ITU Cybersecurity CapabilitiesITU Cybersecurity Capabilities
ITU Cybersecurity Capabilities
ITU
 
Singapore's National Cyber Security Strategy
Singapore's National Cyber Security StrategySingapore's National Cyber Security Strategy
Singapore's National Cyber Security Strategy
Benjamin Ang
 
Cyber Security India & Cyber Crime
Cyber Security India & Cyber CrimeCyber Security India & Cyber Crime
Cyber Security India & Cyber Crime
Deepak Kumar (D3)
 
Cyber Security Strategies and Approaches
Cyber Security Strategies and ApproachesCyber Security Strategies and Approaches
Cyber Security Strategies and Approaches
vngundi
 
Final national cyber security strategy november 2014
Final national cyber security strategy november 2014Final national cyber security strategy november 2014
Final national cyber security strategy november 2014
vikawotar
 
CTO Cybersecurity Forum 2013 Jean Jacques Massima-landji
CTO Cybersecurity Forum 2013 Jean Jacques Massima-landjiCTO Cybersecurity Forum 2013 Jean Jacques Massima-landji
CTO Cybersecurity Forum 2013 Jean Jacques Massima-landji
Commonwealth Telecommunications Organisation
 
Singapore Cybersecurity Strategy and Legislation (2018)
Singapore Cybersecurity Strategy and Legislation (2018)Singapore Cybersecurity Strategy and Legislation (2018)
Singapore Cybersecurity Strategy and Legislation (2018)
Benjamin Ang
 
Achieving Caribbean Cybersecuirty
Achieving Caribbean CybersecuirtyAchieving Caribbean Cybersecuirty
Achieving Caribbean Cybersecuirty
Shiva Bissessar
 
National Cyber Security Policy-2013
National Cyber Security Policy-2013National Cyber Security Policy-2013
National Cyber Security Policy-2013
Vidushi Singh
 
Creating cyber forensic readiness in your organisation
Creating cyber forensic readiness in your organisationCreating cyber forensic readiness in your organisation
Creating cyber forensic readiness in your organisation
Jacqueline Fick
 
cybersecurity- A.Abutaleb
cybersecurity- A.Abutalebcybersecurity- A.Abutaleb
cybersecurity- A.Abutaleb
Fahmi Albaheth
 
Curbing Cyber Menace BY: Kenneth Adu Amanfoh Deputy Director IT,NCA
Curbing Cyber Menace BY: Kenneth Adu Amanfoh Deputy Director IT,NCACurbing Cyber Menace BY: Kenneth Adu Amanfoh Deputy Director IT,NCA
Curbing Cyber Menace BY: Kenneth Adu Amanfoh Deputy Director IT,NCA
Francis Amaning
 
National Strategies against Cyber Attacks - Philip Victor
National Strategies against Cyber Attacks - Philip VictorNational Strategies against Cyber Attacks - Philip Victor
National Strategies against Cyber Attacks - Philip Victor
Knowledge Group
 
Cybersecurity isaca
Cybersecurity isacaCybersecurity isaca
Cybersecurity isaca
Antoine Vigneron
 
npCert Initiatives in Nepal (Nepal Computer Emergency Response Team)
npCert Initiatives in Nepal (Nepal Computer Emergency Response Team)npCert Initiatives in Nepal (Nepal Computer Emergency Response Team)
npCert Initiatives in Nepal (Nepal Computer Emergency Response Team)
OneCoverNepal
 

Similar to Cybersecurity Hub & Operations - Dr. Kiru Pillay (20)

Singapore. industry 4.0 and cybersecurity
Singapore. industry 4.0 and cybersecurity Singapore. industry 4.0 and cybersecurity
Singapore. industry 4.0 and cybersecurity
 
National policy and strategy
National policy and strategyNational policy and strategy
National policy and strategy
 
Session 5.3 Alexander Ntoko
Session 5.3 Alexander NtokoSession 5.3 Alexander Ntoko
Session 5.3 Alexander Ntoko
 
Protecting Critical Infrastructure: a multi-layered approach
Protecting Critical Infrastructure: a multi-layered approachProtecting Critical Infrastructure: a multi-layered approach
Protecting Critical Infrastructure: a multi-layered approach
 
INDIAN NATIONAL CYBER SECURITY POLICY (NCSP-2013)
INDIAN NATIONAL CYBER SECURITY POLICY (NCSP-2013)INDIAN NATIONAL CYBER SECURITY POLICY (NCSP-2013)
INDIAN NATIONAL CYBER SECURITY POLICY (NCSP-2013)
 
ITU Cybersecurity Capabilities
ITU Cybersecurity CapabilitiesITU Cybersecurity Capabilities
ITU Cybersecurity Capabilities
 
Singapore's National Cyber Security Strategy
Singapore's National Cyber Security StrategySingapore's National Cyber Security Strategy
Singapore's National Cyber Security Strategy
 
Cyber Security India & Cyber Crime
Cyber Security India & Cyber CrimeCyber Security India & Cyber Crime
Cyber Security India & Cyber Crime
 
Cyber Security Strategies and Approaches
Cyber Security Strategies and ApproachesCyber Security Strategies and Approaches
Cyber Security Strategies and Approaches
 
Final national cyber security strategy november 2014
Final national cyber security strategy november 2014Final national cyber security strategy november 2014
Final national cyber security strategy november 2014
 
CTO Cybersecurity Forum 2013 Jean Jacques Massima-landji
CTO Cybersecurity Forum 2013 Jean Jacques Massima-landjiCTO Cybersecurity Forum 2013 Jean Jacques Massima-landji
CTO Cybersecurity Forum 2013 Jean Jacques Massima-landji
 
Singapore Cybersecurity Strategy and Legislation (2018)
Singapore Cybersecurity Strategy and Legislation (2018)Singapore Cybersecurity Strategy and Legislation (2018)
Singapore Cybersecurity Strategy and Legislation (2018)
 
Achieving Caribbean Cybersecuirty
Achieving Caribbean CybersecuirtyAchieving Caribbean Cybersecuirty
Achieving Caribbean Cybersecuirty
 
National Cyber Security Policy-2013
National Cyber Security Policy-2013National Cyber Security Policy-2013
National Cyber Security Policy-2013
 
Creating cyber forensic readiness in your organisation
Creating cyber forensic readiness in your organisationCreating cyber forensic readiness in your organisation
Creating cyber forensic readiness in your organisation
 
cybersecurity- A.Abutaleb
cybersecurity- A.Abutalebcybersecurity- A.Abutaleb
cybersecurity- A.Abutaleb
 
Curbing Cyber Menace BY: Kenneth Adu Amanfoh Deputy Director IT,NCA
Curbing Cyber Menace BY: Kenneth Adu Amanfoh Deputy Director IT,NCACurbing Cyber Menace BY: Kenneth Adu Amanfoh Deputy Director IT,NCA
Curbing Cyber Menace BY: Kenneth Adu Amanfoh Deputy Director IT,NCA
 
National Strategies against Cyber Attacks - Philip Victor
National Strategies against Cyber Attacks - Philip VictorNational Strategies against Cyber Attacks - Philip Victor
National Strategies against Cyber Attacks - Philip Victor
 
Cybersecurity isaca
Cybersecurity isacaCybersecurity isaca
Cybersecurity isaca
 
npCert Initiatives in Nepal (Nepal Computer Emergency Response Team)
npCert Initiatives in Nepal (Nepal Computer Emergency Response Team)npCert Initiatives in Nepal (Nepal Computer Emergency Response Team)
npCert Initiatives in Nepal (Nepal Computer Emergency Response Team)
 

More from dotZADNA

SA CDTP Content Development and Translation Project
SA CDTP Content Development and Translation Project SA CDTP Content Development and Translation Project
SA CDTP Content Development and Translation Project
dotZADNA
 
.ZA DNSSEC Implementation - iWeek2017
.ZA DNSSEC Implementation - iWeek2017.ZA DNSSEC Implementation - iWeek2017
.ZA DNSSEC Implementation - iWeek2017
dotZADNA
 
Cyber security awareness - iWeek2017
Cyber security awareness - iWeek2017Cyber security awareness - iWeek2017
Cyber security awareness - iWeek2017
dotZADNA
 
ICANN Presentation - iWeek2017
ICANN Presentation - iWeek2017ICANN Presentation - iWeek2017
ICANN Presentation - iWeek2017
dotZADNA
 
Digital Opportunities for SMMEs
Digital Opportunities for SMMEs Digital Opportunities for SMMEs
Digital Opportunities for SMMEs
dotZADNA
 
State of .ZA Report - iWeek2017
State of .ZA Report - iWeek2017State of .ZA Report - iWeek2017
State of .ZA Report - iWeek2017
dotZADNA
 

More from dotZADNA (6)

SA CDTP Content Development and Translation Project
SA CDTP Content Development and Translation Project SA CDTP Content Development and Translation Project
SA CDTP Content Development and Translation Project
 
.ZA DNSSEC Implementation - iWeek2017
.ZA DNSSEC Implementation - iWeek2017.ZA DNSSEC Implementation - iWeek2017
.ZA DNSSEC Implementation - iWeek2017
 
Cyber security awareness - iWeek2017
Cyber security awareness - iWeek2017Cyber security awareness - iWeek2017
Cyber security awareness - iWeek2017
 
ICANN Presentation - iWeek2017
ICANN Presentation - iWeek2017ICANN Presentation - iWeek2017
ICANN Presentation - iWeek2017
 
Digital Opportunities for SMMEs
Digital Opportunities for SMMEs Digital Opportunities for SMMEs
Digital Opportunities for SMMEs
 
State of .ZA Report - iWeek2017
State of .ZA Report - iWeek2017State of .ZA Report - iWeek2017
State of .ZA Report - iWeek2017
 

Recently uploaded

manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaalmanuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
wolfsoftcompanyco
 
留学学历(UoA毕业证)奥克兰大学毕业证成绩单官方原版办理
留学学历(UoA毕业证)奥克兰大学毕业证成绩单官方原版办理留学学历(UoA毕业证)奥克兰大学毕业证成绩单官方原版办理
留学学历(UoA毕业证)奥克兰大学毕业证成绩单官方原版办理
bseovas
 
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
zoowe
 
Search Result Showing My Post is Now Buried
Search Result Showing My Post is Now BuriedSearch Result Showing My Post is Now Buried
Search Result Showing My Post is Now Buried
Trish Parr
 
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdfMeet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
Florence Consulting
 
Gen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needsGen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needs
Laura Szabó
 
Azure EA Sponsorship - Customer Guide.pdf
Azure EA Sponsorship - Customer Guide.pdfAzure EA Sponsorship - Customer Guide.pdf
Azure EA Sponsorship - Customer Guide.pdf
AanSulistiyo
 
Ready to Unlock the Power of Blockchain!
Ready to Unlock the Power of Blockchain!Ready to Unlock the Power of Blockchain!
Ready to Unlock the Power of Blockchain!
Toptal Tech
 
[HUN][hackersuli] Red Teaming alapok 2024
[HUN][hackersuli] Red Teaming alapok 2024[HUN][hackersuli] Red Teaming alapok 2024
[HUN][hackersuli] Red Teaming alapok 2024
hackersuli
 
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
vmemo1
 
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
uehowe
 
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
cuobya
 
假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理
假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理
假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理
cuobya
 
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
fovkoyb
 
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
cuobya
 
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
ysasp1
 
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
xjq03c34
 
Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?
Paul Walk
 
7 Best Cloud Hosting Services to Try Out in 2024
7 Best Cloud Hosting Services to Try Out in 20247 Best Cloud Hosting Services to Try Out in 2024
7 Best Cloud Hosting Services to Try Out in 2024
Danica Gill
 
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
uehowe
 

Recently uploaded (20)

manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaalmanuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
 
留学学历(UoA毕业证)奥克兰大学毕业证成绩单官方原版办理
留学学历(UoA毕业证)奥克兰大学毕业证成绩单官方原版办理留学学历(UoA毕业证)奥克兰大学毕业证成绩单官方原版办理
留学学历(UoA毕业证)奥克兰大学毕业证成绩单官方原版办理
 
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
国外证书(Lincoln毕业证)新西兰林肯大学毕业证成绩单不能毕业办理
 
Search Result Showing My Post is Now Buried
Search Result Showing My Post is Now BuriedSearch Result Showing My Post is Now Buried
Search Result Showing My Post is Now Buried
 
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdfMeet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
 
Gen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needsGen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needs
 
Azure EA Sponsorship - Customer Guide.pdf
Azure EA Sponsorship - Customer Guide.pdfAzure EA Sponsorship - Customer Guide.pdf
Azure EA Sponsorship - Customer Guide.pdf
 
Ready to Unlock the Power of Blockchain!
Ready to Unlock the Power of Blockchain!Ready to Unlock the Power of Blockchain!
Ready to Unlock the Power of Blockchain!
 
[HUN][hackersuli] Red Teaming alapok 2024
[HUN][hackersuli] Red Teaming alapok 2024[HUN][hackersuli] Red Teaming alapok 2024
[HUN][hackersuli] Red Teaming alapok 2024
 
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
重新申请毕业证书(RMIT毕业证)皇家墨尔本理工大学毕业证成绩单精仿办理
 
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
 
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
 
假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理
假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理
假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理
 
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
 
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
 
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
 
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
 
Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?
 
7 Best Cloud Hosting Services to Try Out in 2024
7 Best Cloud Hosting Services to Try Out in 20247 Best Cloud Hosting Services to Try Out in 2024
7 Best Cloud Hosting Services to Try Out in 2024
 
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
 

Cybersecurity Hub & Operations - Dr. Kiru Pillay

  • 1. Kiru Pillay Department of Telecommunications and Postal Services Cybersecurity Operations & Cybersecurity Hub iWeek 2017 5th September 2017 Cybersecurity Hub
  • 2. Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 2 Cybersecurity Hub 01
  • 3. Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 3 Cybersecurity Hub • Acts as National point of contact for the coordination of Cybersecurity incidents • Receives and analyses Cybersecurity incidents, trends, vulnerabilities and threats • Facilitates the establishment of sector, regional and continental CSIRT’s • Disseminates alerts and warnings to its constituents • Initiate national Cybersecurity awareness campaigns National Cybersecurity Policy Framework "Cybersecurity Hub" means a CSIRT established to pool public and private sector threat information for the purposes of processing and disseminating such information to relevant stakeholders including the Cybersecurity centre.
  • 4.  "Computer Security Incident Response Team (CSIRT)" is a team of dedicated information security specialists that prepares for and responds to Cybersecurity breaches or Cybersecurity incidents.  There is no globally accepted definition of what a “National CSIRT” except that it is a security team with a national responsibilities  Resolution 58 of the ITU – Encourages the creation of national CSIRTs particularly for developing countries  There exist various abbreviations for this entity like: CERT (Computer Emergency Response Team) IRT (Incident Response Team) CIRT (Computer Incident Response Team) SERT (Security Emergency Response Team National Cybersecurity Policy Framework
  • 5. CSIRT Peer Relationships CSIRT HANDBOOK National Cybersecurity Policy Framework
  • 6. National CSIRTs Services ALGERIA, BURKINA FASO, CAMEROON, COTE D’IVOIRE, EGYPT, ETHIOPIA, GHANA, KENYA, NIGERIA, RWANDA, SOUTH AFRICA, SUDAN, TANZANIA, TUNISIA, UGANDA, ZAMBIA 16 countries with National CSIRTs in Africa 103 countries with National CSIRTs worldwide
  • 7. Cybersecurity Hub Launch – October 2015 Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 7 To report a cybersecurity incident: Visit : https://www.cybersecurityhub.gov.za Email: incident@cybersecurityhub.gov.za
  • 8. Cybersecurity Hub Implementation Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 8 The DTPS has been mandated by NCPF to establish a National CSIRT (Cybersecurity Hub) in consultation with the Justice Crime Prevention and Security (JCPS) cluster departments, the private sector and civil society as well as the sector CSIRTs - Phase 1(Nov’14-Mar’15) - Phase 2(Apr’15-Sep’15) Phase 3(From Oct’15) Ultimate Goal Fully Capacitated Cybersecurity Hub Basic Cybersecurity Hub
  • 9. Cybersecurity Hub Responsibilities as per NCPF Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 9 Sector CSIRT Establishment, public-private partnerships, increasing collaboration, Coordinate Responses to threats at a national level and Resolve (1) 6. 3.1 Coordinate general Cybersecurity activities; identifying stakeholders and developing public-private relationships and collaborating with any sector CSIRTs that may be established. 6.3.6.1 Be a point of contact for that specific sector. 6.3.6.2 Coordinate Cybersecurity incident response activities within that sector Information Dissemination, Best practice Guidelines, Audits, Readiness Exercises, Standards Compliance (2) 6.3.2; 6.3.6.3 and 6.3.6.4 Disseminate relevant information to sector CSIRTs, vendors, technology experts. 6. 3.3 and 6.3.6.8 Provide best practice guidance on ICT security for Government, business and civil society. 6.3.5 and 6.3.6.5 Promote compliance with standards, procedures and policy and best practices. 6.3.6.7 Conduct Cybersecurity audits, assessments and readiness exercises for the sector Cybersecurity Awareness (3) 6.3.4 Initiate Cybersecurity awareness campaigns
  • 10. National CSIRTs Services Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 10 REACTIVE SERVICES • Alerts and warnings • Incident handling • Vulnerability handling • Artifact handling PROACTIVE SERVICES • Announcements • Technology watch • Security audits or assessments • Configuration and maintenance of tools, applications • Development of security tools • Intrusion detection services • Security-related information dissemination QUALITY MANAGEMENT SERVICES • Risk Analysis • Business continuity and disaster recovery planning • Security consulting • Awareness building • Education training • Product evaluation or certification "Computer Security Incident Response Team (CSIRT)” Team of dedicated information security specialists that prepares for and responds to Cybersecurity breaches or Cybersecurity incidents. Over the years CSIRTs extended their capacities and increase their service offerings. CSIRTs go from being a reaction force to a complete security service provider.
  • 11. FIRST Membership 1 2 3 4 Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 11 FIRST membership initiative is currently underway with the CSIR being the strategic partner • Infrastructure upgrades are being undertaken to the Cybersecurity Hub, which ism physically housed at the CSIR • Policies and Standards Operating Procedures (SOPs) are being validated and verified. • The Cybersecurity Hub’s network is being upgraded in line with FIRST requirements Application for membership will be made in the 2017 calendar year
  • 12. International, Regional & National Frameworks Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 12 • Regional Harmonization of policies, legal frameworks and good practices • SADC 2012 Model Law on Computer Crime and Cybercrime to guide development of cybersecurity laws in SADC Member States • African Union 2014 Convention on Cyber Security and Personal Data Protection, which aims to harmonize the laws of African States on electronic commerce, data protection, cyber security promotion and cyber crime control. • International Cooperation frameworks and exchange of information • Resolution 58 of the ITU – Encourages the creation of National Computer Security Incident Response Teams (CSIRTs) particularly for developing countries • SA 2012 NCPF to set out an aligned and coherent approach to Cybersecurity by outlining broad policy guidelines on Cybersecurity • Cybercrimes and Cybersecurity Bill is currently before Parliament Cybersecurity is trans-border in nature and demands cooperation between countries and law enforcement agencies
  • 13. Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 13 Coordination & Consultation 02 • The Cybersecurity Hub needs to ensure appropriate consultation between the JCPS cluster departments, the private sector and civil society regarding Cybersecurity matters Consultation • Coordinate general Cybersecurity activities; identifying stakeholders and developing public- private relationships and collaborating with any sector CSIRTs that may be established Co-ordination
  • 14. Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 14 Sector CSIRTs as at end 2015- 2016 financial year • At the end of the 2015-2016 financial year, the Finance sector was well represented with respect to sector-based CSIRTs with at least four active CSIRTs, with others being planned. • The Higher education sector also has an effective CSIRT responsible for universities, museums and research councils SABRIC CSIRT ASISA CSIRT FMI CSIRT SAIA PASA CSIRT SSA Cyber Response Committee FINANCE SECTOR-CSIRT Cybersecurity Hub RETAIL SECTOR-CSIRT LOGISTICS SECTOR-CSIRT HEALTH SECTOR-CSIRT TELECOMMS SECTOR-CSIRT EDUCATION SECTOR-CSIRT LEGEND SABRIC: South African Banking Risk Information Centre ASISA: Association of Savings and Investments South Africa PASA: Payments Association of South Africa SAIA: South African Insurance Association FMI: Financial Markets Institutions (JSE, Reserve Bank, Bankserv, STRATE) Other Finance CSIRTs SANREN/ TENET
  • 15. Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 15 Sector CSIRT Establishment SSA Cyber Response Committee FINANCE SECTOR-CSIRT Cybersecurity Hub RETAIL SECTOR-CSIRT LOGISTICS SECTOR-CSIRT HEALTH SECTOR-CSIRT TELECOMMS SECTOR-CSIRT Consumer Goods Retail sector-CSIRT Internet Service Providers Association sector- CSIRT Since April 2017 two new sector-based CSIRTs are in the process of being established - The retail sector CSIRT being spearheaded by the Consumer Goods Council (CGC) - The Consumer Goods Council represents the interests of more than 12, 000 member companies engaged in the manufacture, retail, wholesale and distribution of consumer goods, which has a combined value of R707 billion - The Internet Service providers CSIRT being spearheaded by the Internet Service Providers Association (ISPA). - ISPA currently has many members, comprised of large, medium and small Internet service and access providers in South Africa. EDUCATION SECTOR-CSIRT
  • 17. Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 17 Establishment of a CSIRT Forum SABRIC CSIRT ASISA CSIRT FMI CSIRT SAIA PASA CSIRT FINANCE SECTOR-CSIRT RETAIL SECTOR-CSIRT TELECOMMS SECTOR-CSIRT … Other Finance CSIRTs • Established what has been termed the CSIRT Forum in April 2017 in response to increasing number of sector-based CSIRTs being established • Made up of representatives from the established and soon-to-be established CSIRTs • The intention of the CSIRT forum is to coordinate activities amongst the various CSIRTs. • Initiatives identified at the launch included: • Information Sharing between sector-CSIRTs • Skills Development / Capacity Building • Promoting of uniform Standards ISP CSIRT RETAIL CSIRT
  • 18. Improved Consultation Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 18 • Regular interactions with various Stakeholders including: • The South African Communications Forum • The Consumer Goods Council • Financial Sector Continuity Forum Cyber and Information Security Working Group (Reserve Bank, STRATE, Bankserv, JSE). • National ICT Forum Working Group on Cybersecurity • Vendors • Research institutions • South African Bureau of Standards
  • 19. Cybersecurity Incident Response ‘War Room’: Improving coordination Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development • Imperative to be able to engage with all stakeholders when responding to Threats and Incidents at a National level • The ‘War Room’ will give the Hub the ability to respond in real-time and to coordinate responses to Cybersecurity threats and incidents • A set of secure collaborative communications tools • A Business Intelligence (BI) capability that allows stakeholders to take decisions to resolve threats • ‘Proof of Concept’ are being undertaken by various vendors • The processes and workflow that support the ‘War Room’ are being developed in conjunction with Law Enforcement Agencies and other constituents • Use of Skype for Business and open-source collaborative tools • Request for the appointment of service providers is being finalised
  • 20. Investigate the development of ‘home-grown’ Cybersecurity tools Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 20 Initiated a research project to get a baseline understanding of the Cybersecurity sector in South Africa. Problem Statement: • Investigate the cyber security landscape within South Africa for the private and public sector and determine the cyber related software applications, tools and other capabilities that are being developed and available respectively. Rationale for the Study: • Cybersecurity is a national imperative for countries, and is largely reliant on the use of software tools in order to identify and resolve cybersecurity incidents and threats. • The need for locally developed tools have become an imperative for many countries • In South Africa there is an urgent need for the establishment of sector CSIRTS / SOCs and for the promotion of public-private partnerships in order to counter cybersecurity breaches and incidents. • South Africa also has an associated strategic objective of encouraging the local software development sector. • Expected Outputs (November 2017): • Overview of the Cyber security landscape of South Africa and expected growth trajectory • A report which identifies the various in-house developed or developing cyber security related software applications and tools within the private and public sector in South Africa.
  • 21. Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 21 Dissemination of Information 03 • Disseminate relevant information to sector CSIRTs, vendors, technology experts. Disseminate Information
  • 22. Communicating with Sector-CSIRTs Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 22 Communicate with our Stakeholders and Sector-based CSIRTs via the Cybersecurity Hub website using secure logins. Provide relevant documentation and security directives via the Website
  • 23. Global Ransomware attacks & Security Directives Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 23 Alert Name Petya Ransomware Security Advisory Overview of vulnerability There is an outbreak of a ransomware attack called Petya already making chaos worldwide, with massive disruption in countries such as Europe, Unites States (US), India, France, and Russia. This ransomware infects Windows systems by encrypting the hard drive’s master file table (MFT) and renders the master boot record (MBR) inoperable. The MRB is then replaced with the Petya’s malicious code that displays the ransom note and leaves the computer unable to boot. The ransomware takes over computers and demands $300, paid in Bitcoin, which is a cryptocurrency. The Petya ransomware spreads rapidly across an organization once a computer is infected using the EternalBlue vulnerability in Microsoft Windows. Unlike the recent WannaCry, this attack is very persistent in nature and has better spreading mechanisms; it tries one option and if it doesn’t work, it tries another one. The Cybersecurity Hub advices the infected users not to pay the ransom. Date 27 June 2017 Systems affected Microsoft Windows Risk (Risk e.g. in terms of simple rating (low, medium, high). High X Medium Low The risk for this attack is high. impact/ potential damage High X Medium Low The severity for this ransomware is high; organisations could lose a lot of money by paying the ransom. Recommendations All Microsoft Windows users are advised to do the following:  Install required Windows updates (MS17-10): https://technet.microsoft.com/en-us/library/security/ms17-010.aspx  Turn of SMB1: https://support.microsoft.com/en- us/help/2696547/how-to-enable-and-disable-smbv1-smbv2-and-smbv3- in-windows-and-windows  It is also advised to block the execution of «PSEXEC.EXE» software on potentially compromised machines and block remote access to WMI. References  http://thehackernews.com/2017/06/petya-ransomware-attack.html  https://www.theguardian.com/technology/2017/jun/27/petya- ransomware-cyber-attack-who-what-why-how  http://www.wired.co.uk/article/petya-malware-ransomware-attack- outbreak-june-2017 The Hub had knowledge of the attacks and raised the alarm with its Stakeholders. The Hub developed and released Security Directives aimed at countering these attacks, which were distributed to our Stakeholders. Key to this was the use of the recently established CSIRT forum for dissemination of information The Security Directives were both technical in nature for the consumption by the CSIRTs and a general Awareness directive for the general public No large-scale breaches were reported in South Africa
  • 24. Piloting of a Business Intelligence solution Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 24 • Piloting a Business Intelligence (BI) solution • The BI solution is meant to develop a capacity to identify threats prior to them turning into actual incidents • Inputs various open-source and proprietary threat feeds, and also incidents from the CSIRTs in order to develop trends and patters of incidents • Requested threat information from stakeholders including Microsoft, Kaspersky, Intel and CISCO • Output will be a South Africa specific Incident and Threat feed which will be distributed to Stakeholders
  • 25. Business Intelligence Pilot: Examples of Visualisations Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 25
  • 26. Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 26 Provide Guidance, Promote Compliance 04 • Provide best practice guidance on ICT security for Government, business and civil society Provide Guidance • Promote compliance with standards, procedures and policy and best practices Promote compliance
  • 27. Sector-specific Readiness Survey Current Initiative Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 27 • The National Readiness survey was the first national survey aimed at understanding: • The status of strategic Cybersecurity plans within organisations; • Governance relating to the Cybersecurity function within organisations; • Potential Cybersecurity vulnerabilities and risks which have been identified within organisations; • The capability of organisations to respond and recover after a Cybersecurity related attack. • The survey closed at the end of July and analysis is currently under way • The results and the report will be available in October 2017 • Sectors that responded included • Higher education • State-owned enterprises • The IT Sector • The finance sector including the banks, investment houses and the FMIs
  • 28. Development of National Standards and Guidelines Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 28 • Development of national standards and guidelines • Assist in the standardization and in the exchange of threat and vulnerability information • Assist in developing a minimum levels of operations for CSIRTs • Include • National Cybersecurity Standards e.g. ISO, NIST, CoBIT • Threat Information Standardisation • Identification of open source and proprietary tools • Maturity Models in order to evaluate CSIRT maturity
  • 29. Development of a national Cybersecurity Skills framework Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 29 • Developed a national Cybersecurity Skills Framework • Based on international best practice model - National Initiative for Cybersecurity Education (NICE) • Customised for South Africa • Developed in collaboration with SABRIC and the BANK SETA • Has been socialised with various other SETAs • Development of Organising Framework for Occupations (OFO) Codes in progress • Once OFO codes have been registered and the framework finalised, standardised curriculum content can be developed The development of the national Skills Framework, once finalised, is a significant breakthrough in addressing the issue of the shortage of Cybersecurity skills
  • 30. Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 30 National Awareness Strategy05
  • 31. Development of a national Awareness Portal Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 31 • Awareness Portal currently under development • Scheduled to ‘go-live’ in September 2017 • Incorporates social media platforms and digital artefacts (mobile apps, videos, etc.) • Regular cybersecurity campaigns e.g. Cyberbullying will be run jointly with Stakeholders e.g. CISCO, SABRIC, Reserve Bank, SITA, ISPA, Microsoft etc.
  • 32. Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 32 Conclusion06
  • 33. ITU Global Cybersecurity Index (GCI) 2017 Situated on the southern tip of Africa, South Africa established the national cyber security hub to serve as a central point for collaboration between industry, government and civil society on all cyber security incidents. The cyber security hub is mandated by the National Cybersecurity Policy Framework (NCPF) that was passed by Cabinet in 2012. The country is ranked eighth in the continent and 58th globally, with an overall score of 0.502. http://www.itnewsafrica.com/2017/07/top-10-african-countries- committed-to-cybersecurity/ Extracts from ITU Global Cybersecurity Index (GCI 2017’