Stockholm Internet Forum 2017: Development of CERTs in the Asia PacificAPNIC
APNIC Foundation Program Director Sylvia Cadena participated at the Stockholm Internet Forum from 15 to 18 May 2017 and presented an overview of APNIC's support for CERT development in the region to help ensure the Internet remains secure and stable.
APEC TEL 62: APNIC Security Engagement ActivitiesAPNIC
APNIC Senior Security Specialist Adli Wahid gives an update on APNIC's security engagement activities at APEC TEL 62, held online from 3 to 4 March 2021.
Cyber Security Week 2015: Get involved and contributeAPNIC
Security Specialist, Adli Wahid, presented on the challenges faced by those who are new in the cyber security industry, and how they can get involved and be proactive.
Cyber Security Regional Forum: APNIC's cybersecurity work in the PacificAPNIC
Senior Security Specialist Adli Wahid gives an overview of APNIC's cybersecurity work in the Pacific at the Cyber Security Regional Forum in Sydney, Australia from 4 to 5 April 2019.
APNIC Senior Advisor - Strategic Engagement Joyce Chen gives an update of IPv6 deployment in the region at APEC TEL 62, held online from 3 to 4 March 2021.
Stockholm Internet Forum 2017: Development of CERTs in the Asia PacificAPNIC
APNIC Foundation Program Director Sylvia Cadena participated at the Stockholm Internet Forum from 15 to 18 May 2017 and presented an overview of APNIC's support for CERT development in the region to help ensure the Internet remains secure and stable.
APEC TEL 62: APNIC Security Engagement ActivitiesAPNIC
APNIC Senior Security Specialist Adli Wahid gives an update on APNIC's security engagement activities at APEC TEL 62, held online from 3 to 4 March 2021.
Cyber Security Week 2015: Get involved and contributeAPNIC
Security Specialist, Adli Wahid, presented on the challenges faced by those who are new in the cyber security industry, and how they can get involved and be proactive.
Cyber Security Regional Forum: APNIC's cybersecurity work in the PacificAPNIC
Senior Security Specialist Adli Wahid gives an overview of APNIC's cybersecurity work in the Pacific at the Cyber Security Regional Forum in Sydney, Australia from 4 to 5 April 2019.
APNIC Senior Advisor - Strategic Engagement Joyce Chen gives an update of IPv6 deployment in the region at APEC TEL 62, held online from 3 to 4 March 2021.
CNCERT Conference 2017: Capacity development in the Asia PacificAPNIC
APNIC Security Specialist Adli Wahid presented on APNIC's security outreach and capacity development activities at the CNCERT Conference 2017 in Qingdao, China from 22 to 24 May 2017.
Senior Advisor Policy and Community Development Sunny Chendi presents on the importance and benefit of CERTs to mitigate cyber threats at the 11th Asia Pacific Telecommunity Policy and Regulation Forum for Pacific (APT PRFP 11) from 27 to 29 November 2018 in Apia, Samoa.
18 September 2017 - ION Malta
What’s happening at the Internet Engineering Task Force (IETF)? What RFCs and Internet-Drafts are in progress related to IPv6, DNSSEC, Routing Security/Resiliency, and other key topics? We’ll give an overview of the ongoing discussions in several working groups and discuss the outcomes of recent Birds-of-a-Feather (BoF) sessions, and provide a preview of what to expect in future discussions.
New developments in cyber law - Singapore and beyondBenjamin Ang
New developments in the Computer Misuse and Cybersecurity Act, Singapore; actions by the Personal Data Protection Commission under the Personal Data Protection Act (PDPA); thought on the upcoming Cybersecurity Act 2017
Singapore's National Cyber Security StrategyBenjamin Ang
Singapore's National Cyber Security Strategy was launched by the Singapore government at the inaugural Singapore International Cyber Week 2016. This presentation gives an overview of the 4 pillars of the Strategy and some of its implementation steps so far, including the upcoming new Cybersecurity Act, and the SGD 10 million fund for capacity building in ASEAN. You can download the full Strategy at www.csa.gov.sg
18 September 2017 - Rick Lamb, ICANN, on DANE:
If you connect to a “secure” server using TLS/SSL (such as a web server, email server or xmpp server), how do you know you are using the correct certificate? With DNSSEC now being deployed, “DANE” (“DNS-Based Authentication of Named Entities”) has emerged allowing you to securely specify exactly which TLS/SSL certificate an application should use to connect to your site. DANE has great potential to make the Internet much more secure by marrying the strong integrity protection of DNSSEC with the confidentiality of SSL/TLS certificates. In this session, we will explain how DANE works and how you can use it to secure your websites, email, XMPP, VoIP, and other web services.
Singapore. industry 4.0 and cybersecurity Yuri Anisimov
For all critical sectors to establish robust and systematic cyber risk management processes and capabilities
Systematic cyber risk management framework
risk assessments, vulnerability assessments and system reviews;
well-informed and conscious trade-offs in security, cost and functionality
sound systems and procedures to mitigate and manage these risks, including disaster recovery and business continuity plans;
effective implementation that encompasses awareness building and training across the organisation
continuous measurement of performance through process audits and cyber-security exercises.
Jonathan Pollet and Mark Heard of Red Tiger Security at S4x15 OTDay.
The NIST Cybersecurity Framework (CSF) has been out for a year now, and some owner/operators have begun to use it to help create an ICS cyber security program. The Red Tiger Security team discusses what the CSF is and there experience in using it with real world clients.
Want to learn about the latest NIST Cybersecurity Framework (CSF) 2.0?
We've just uploaded a recording of our 2-hour training workshop organized by the ISC2 El Djazair Chapter and delivered by cybersecurity instructor Bachir Benyammi.
In this workshop, you'll gain insights on:
- NIST CSF 2.0 components (Core, Tiers, and Profiles)
- Implementing the framework for your specific needs
- Improving your organization's cybersecurity posture
- Assessing your cybersecurity maturity
- Examples of assessment tools
Watch the full workshop on our YouTube channel: https://lnkd.in/dXEbp8QM
CNCERT Conference 2017: Capacity development in the Asia PacificAPNIC
APNIC Security Specialist Adli Wahid presented on APNIC's security outreach and capacity development activities at the CNCERT Conference 2017 in Qingdao, China from 22 to 24 May 2017.
Senior Advisor Policy and Community Development Sunny Chendi presents on the importance and benefit of CERTs to mitigate cyber threats at the 11th Asia Pacific Telecommunity Policy and Regulation Forum for Pacific (APT PRFP 11) from 27 to 29 November 2018 in Apia, Samoa.
18 September 2017 - ION Malta
What’s happening at the Internet Engineering Task Force (IETF)? What RFCs and Internet-Drafts are in progress related to IPv6, DNSSEC, Routing Security/Resiliency, and other key topics? We’ll give an overview of the ongoing discussions in several working groups and discuss the outcomes of recent Birds-of-a-Feather (BoF) sessions, and provide a preview of what to expect in future discussions.
New developments in cyber law - Singapore and beyondBenjamin Ang
New developments in the Computer Misuse and Cybersecurity Act, Singapore; actions by the Personal Data Protection Commission under the Personal Data Protection Act (PDPA); thought on the upcoming Cybersecurity Act 2017
Singapore's National Cyber Security StrategyBenjamin Ang
Singapore's National Cyber Security Strategy was launched by the Singapore government at the inaugural Singapore International Cyber Week 2016. This presentation gives an overview of the 4 pillars of the Strategy and some of its implementation steps so far, including the upcoming new Cybersecurity Act, and the SGD 10 million fund for capacity building in ASEAN. You can download the full Strategy at www.csa.gov.sg
18 September 2017 - Rick Lamb, ICANN, on DANE:
If you connect to a “secure” server using TLS/SSL (such as a web server, email server or xmpp server), how do you know you are using the correct certificate? With DNSSEC now being deployed, “DANE” (“DNS-Based Authentication of Named Entities”) has emerged allowing you to securely specify exactly which TLS/SSL certificate an application should use to connect to your site. DANE has great potential to make the Internet much more secure by marrying the strong integrity protection of DNSSEC with the confidentiality of SSL/TLS certificates. In this session, we will explain how DANE works and how you can use it to secure your websites, email, XMPP, VoIP, and other web services.
Singapore. industry 4.0 and cybersecurity Yuri Anisimov
For all critical sectors to establish robust and systematic cyber risk management processes and capabilities
Systematic cyber risk management framework
risk assessments, vulnerability assessments and system reviews;
well-informed and conscious trade-offs in security, cost and functionality
sound systems and procedures to mitigate and manage these risks, including disaster recovery and business continuity plans;
effective implementation that encompasses awareness building and training across the organisation
continuous measurement of performance through process audits and cyber-security exercises.
Jonathan Pollet and Mark Heard of Red Tiger Security at S4x15 OTDay.
The NIST Cybersecurity Framework (CSF) has been out for a year now, and some owner/operators have begun to use it to help create an ICS cyber security program. The Red Tiger Security team discusses what the CSF is and there experience in using it with real world clients.
Want to learn about the latest NIST Cybersecurity Framework (CSF) 2.0?
We've just uploaded a recording of our 2-hour training workshop organized by the ISC2 El Djazair Chapter and delivered by cybersecurity instructor Bachir Benyammi.
In this workshop, you'll gain insights on:
- NIST CSF 2.0 components (Core, Tiers, and Profiles)
- Implementing the framework for your specific needs
- Improving your organization's cybersecurity posture
- Assessing your cybersecurity maturity
- Examples of assessment tools
Watch the full workshop on our YouTube channel: https://lnkd.in/dXEbp8QM
This webinar series is designed to help internal auditors looking to equip themselves with competencies and confidence to handle audit of IT controls and information security, and learn about the emerging technologies and their underlying risks
The series focuses on contemporary IT audit approaches relevant to Internal Auditors and the processes underlying risk based IT audits.
Session 10 of 10
This Webinar focuses on Advanced Persistent Threats and targeted cyber attacks:
• Advanced Persistent Threats – the shifting paradigm to targeted attacks
• Understanding Advanced Persistent threats
• Overview of popular types of APTs
• Impact of APTs on sensitive data as well as organisation reputation
• Characteristics and Attack sequence of APT attacks and the challenges in detecting APTs
• Assessing, Managing and Auditing APT Risks
• Data loss and Cyber intrusions
Securing Industrial Control Systems - CornCON II: The Wrath Of CornEric Andresen
This is the presentation I made at CornCON II: The Wrath OF Corn. The intent of this presentation is to put more tools in your toolbox to help protect Industrial Control Systems, SCADA or Distributed Control Systems from threats and vulnerabilities.
Introduction to Risk Management via the NIST Cyber Security FrameworkPECB
The cyber security profession has successfully established explicit guidance for practitioners to implement effective cyber security programs via the NIST Cyber Security Framework (CSF). The CSF provides both a roadmap and a measuring stick for effective cyber security. Application of the CSF within cyber is nothing new, but the resurgence of Enterprise Security Risk Management and Security Convergence highlight opportunities for expanded application for cyber, physical, and personnel security risks. This NIST CSF can help practitioners build a cross-pollenated understanding of holistic risk.
Main points covered:
• Understand the purpose, value, and application of the NIST CSF in familiar non-technical terms.
• Understand how the Functions and Categories of the NIST CSF (the CSF “Core”) and an organization's “current” and “target” profiles are relevant and valuable in a variety of sectors and environments.
• Understand how an organization’s physical and cyber security resources and stakeholders can align with the NIST CSF as a tool to achieve holistic security risk management.
Presenters:
David Feeney, CPP, PMP has 17 years of security industry experience assisting organizations with risk management matters specific to physical, personnel, and cyber security. He has 9 years of experience with service providers and 8 years of experience within enterprise security organizations. David has worked with industry leaders in the energy, technology, healthcare, and real estate sectors. Areas of specialization include Security Operations Center design and management, Security Systems design and implementation, and Enterprise Risk Management. David holds leadership positions in ASIS International and is also a member of the InfraGard FBI program. David holds Certification Protection Professional (CPP) and Project Management Professional (PMP) certifications.
Andrea LeStarge, MS has over ten years of experience in program management, risk analysis and curriculum development. Being specialized in Homeland Security, Andrea leverages her experience in formerly managing projects to support various Federal Government entities in identifying, detecting and responding to man-made, natural and cyber incidents. She has an established track record in recognizing security gaps and corrective risk mitigation options, while effectively communicating findings to stakeholders, private sector owners and operators, and first-responder personnel within tactical, operational and strategic levels. Overall, Andrea encompasses analytical tradecraft and demonstrates consistent, repeatable and defensible methodologies pertaining to risk and the elements of threat, vulnerability and consequence.
Recorded webinar: https://youtu.be/hxpuYtMQgf0
NIST Cybersecurity Framework is voluntary framework to support the emerging needs for having robust and effective cyber security practices across an enterprise. This presentation recaps the Framework 6 months into implementation and along with changes. Also, discusses the capabilities of TrustedAgent GRC to accelerate and strengthen the implementation of an effective cybersecurity program by automating or addressing many of the practices required by the framework.
Government Technology & Services Coalition & InfraGard NCR's Program: Cyber Security: Securing the Federal Cyber Domain by Strengthening Public-Private Partnership
Presentation: How do we Protect our Systems and Meet Compliance in a Rapidly Changing Environment
Presenter: Sean McCloskey, Program Manager, Cyber Security Evaluations Program, DHS
Description: With all the constant innovation in cyber, what is “cutting edge”? What constraints hinder innovation? How is technology being used to address the Executive Orders, comply to standards, and other meet other mandates? What areas still need resources, ideas and innovation? Join us to hear advances in cyber security technology and ways to protect and monitor systems that will provide for resilient infrastructures and incorporate new solutions.
Learn all about the Latest CompTIA Security+ SYO-701 Exam in 2 minutes! Swipe through the slides to discover the new updates in this latest version, its course content, target audience, exam details, career scope, and more.
𝐒𝐭𝐚𝐫𝐭 𝐲𝐨𝐮𝐫 𝐥𝐞𝐚𝐫𝐧𝐢𝐧𝐠 𝐣𝐨𝐮𝐫𝐧𝐞𝐲 𝐧𝐨𝐰! 👉 https://www.infosectrain.com/courses/comptia-security/
Similar to Fostering National Incident Response Capacity (20)
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024APNIC
Ellisha Heppner, Grant Management Lead, presented an update on APNIC Foundation to the PNG DNS Forum held from 6 to 10 May, 2024 in Port Moresby, Papua New Guinea.
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...APNIC
Chimi Dorji, Internet Resource Analyst at APNIC, presented on Registry Data Accuracy Improvements at SANOG 41 jointly held with INNOG 7 in Mumbai, India from 25 to 30 April 2024.
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC
Sunny Chendi, Senior Advisor, Membership and Policy at APNIC, presents 'APNIC Policy Roundup' at the 5th ICANN APAC-TWNIC Engagement Forum and 41st TWNIC OPM in Taipei, Taiwan from 23 to 24 April.
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024APNIC
Dave Phelan, Senior Network Analyst/Technical Trainer at APNIC, presents 'DDoS In Oceania and the Pacific' at NZNOG 2024 held in Nelson, New Zealand from 8 to 12 April 2024.
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...APNIC
Geoff Huston, Chief Scientist at APNIC deliver keynote presentation on the 'Future Evolution of the Internet' at the Everything Open 2024 conference in Gladstone, Australia from 16 to 18 April 2024.
IP addressing and IPv6, presented by Paul Wilson at IETF 119APNIC
Paul Wilson, Director General of APNIC delivers a presentation on IP addressing and IPv6 to the Policymakers Program during IETF 119 in Brisbane Australia from 16 to 22 March 2024.
draft-harrison-sidrops-manifest-number-01, presented at IETF 119APNIC
Tom Harrison, Product and Delivery Manager at APNIC presents at the Registration Protocols Extensions working group during IETF 119 in Brisbane, Australia from 16-22 March 2024
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...APNIC
Che-Hoo Cheng, Senior Director, Development at APNIC presents on the "Benefits of doing Internet peering and running an Internet Exchange (IX)" at the Communications Regulatory Commission of Mongolia's IPv6, IXP, Datacenter - Policy and Regulation International Trends Forum in Ulaanbaatar, Mongolia on 7 March 2024
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC
APNIC Senior Advisor, Membership and Policy, Sunny Chendi presented on APNIC updates and RIR Policies for ccTLDs at APTLD 85 in Goa, India from 19-22 February 2024.
Instagram has become one of the most popular social media platforms, allowing people to share photos, videos, and stories with their followers. Sometimes, though, you might want to view someone's story without them knowing.
2.Cellular Networks_The final stage of connectivity is achieved by segmenting...JeyaPerumal1
A cellular network, frequently referred to as a mobile network, is a type of communication system that enables wireless communication between mobile devices. The final stage of connectivity is achieved by segmenting the comprehensive service area into several compact zones, each called a cell.
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptxBrad Spiegel Macon GA
Brad Spiegel Macon GA’s journey exemplifies the profound impact that one individual can have on their community. Through his unwavering dedication to digital inclusion, he’s not only bridging the gap in Macon but also setting an example for others to follow.
Italy Agriculture Equipment Market Outlook to 2027harveenkaur52
Agriculture and Animal Care
Ken Research has an expertise in Agriculture and Animal Care sector and offer vast collection of information related to all major aspects such as Agriculture equipment, Crop Protection, Seed, Agriculture Chemical, Fertilizers, Protected Cultivators, Palm Oil, Hybrid Seed, Animal Feed additives and many more.
Our continuous study and findings in agriculture sector provide better insights to companies dealing with related product and services, government and agriculture associations, researchers and students to well understand the present and expected scenario.
Our Animal care category provides solutions on Animal Healthcare and related products and services, including, animal feed additives, vaccination
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdfFlorence Consulting
Quattordicesimo Meetup di Milano, tenutosi a Milano il 23 Maggio 2024 dalle ore 17:00 alle ore 18:30 in presenza e da remoto.
Abbiamo parlato di come Axpo Italia S.p.A. ha ridotto il technical debt migrando le proprie APIs da Mule 3.9 a Mule 4.4 passando anche da on-premises a CloudHub 1.0.
5. Establishment of CERT/CC
… CERT’s three main functions are to provide
• mechanisms for coordinating community response in
emergencies, such as virus attacks or rumors of attacks:
• a coordination point for dealing with information about
vulnerabilities and fixes; and
• a focal point for discussion of proactive security measures,
coordination, and security awareness among Internet users.
…CERT officials recognize the need to establish credibility and
support within the Internet community so that its recommendations
will be acted on...
-- GAO (1998) Computer Security: Virus Highlights Need for Improved Internet Management.
6. Core CERT functions
… CERT’s three main functions are to provide
• mechanisms for coordinating community response in
emergencies, such as virus attacks or rumors of attacks:
• a coordination point for dealing with information about
vulnerabilities and fixes; and
• a focal point for discussion of proactive security measures,
coordination, and security awareness among Internet users.
…CERT officials recognize the need to establish credibility and
support within the Internet community so that its recommendations
will be acted on...
Incident response
Coordination
Information Sharing
…TRUST...
11. • Defined Structure
• Mandate & Terms of Reference
CERT Establishment
…is a team that performs, coordinates, and supports the response to
security incidents that involve sites within a defined constituency
• Operational Capacity
• Establishing Relationships
-- RFC 2350
12. • Defined Structure
• Mandate & Terms of Reference
CERT Establishment
…is a team that performs, coordinates, and supports the response to
security incidents that involve sites within a defined constituency
• Operational Capacity
• Establishing Relationships
-- RFC 2350
13. • Defined Structure
• Mandate & Terms of Reference
CERT Establishment
…is a team that performs, coordinates, and supports the response to
security incidents that involve sites within a defined constituency
• Operational Capacity
• Establishing Relationships
-- RFC 2350
14. • Defined Structure
• Mandate & Terms of Reference
CERT Establishment
…is a team that performs, coordinates, and supports the response to
security incidents that involve sites within a defined constituency
• Operational Capacity
• Establishing Relationships
-- RFC 2350
15. • Defined Structure
• Mandate & Terms of Reference
CERT Establishment
…is a team that performs, coordinates, and supports the response to
security incidents that involve sites within a defined constituency
• Operational Capacity
• Establishing Relationships
-- RFC 2350
16. In brief…
• Incident response is a multistakeholder effort
• CERTs are a part of a wider ecosystem
• Trust is central
• Tailor approach to meet local needs
• Start small with quick wins
• Commit long term, grow with demand/capability
16