Cyber Security Week 2015: Get involved and contribute
•Descargar como PPTX, PDF•
1 recomendación•1,332 vistas
Security Specialist, Adli Wahid, presented on the challenges faced by those who are new in the cyber security industry, and how they can get involved and be proactive.
Recomendados
Recomendados
Más contenido relacionado
La actualidad más candente
La actualidad más candente (20)
Similar a Cyber Security Week 2015: Get involved and contribute
Similar a Cyber Security Week 2015: Get involved and contribute (20)
Más de APNIC
Más de APNIC (20)
Último
Último (20)
Cyber Security Week 2015: Get involved and contribute
- 1. Issue Date: Revision: Get Involved and Contribute! Adli Wahid Security Specialist, APNIC adli@apnic.net
- 2. About Adli • Friend of Jacomo! • Lets connect! – @adliwahid (Twitter, LInkedIn) – Blog: https://blog.apnic.net • Security Specialist @ Asia Pacific Network Information Centre (APNIC) – www.apnic.net/security • Board Member of the Forum of Incident Response & Security Teams (FIRST) Jacomo! 2
- 3. APNIC’s Vision: A global, open, stable, and secure Internet that serves the entire Asia Pacific community. How we achieve this: • Serving Members • Supporting the Asia Pacific Region • Collaborating with the Internet Community 3
- 4. Security Outreach 4 Craig Ng Promoting security best practices in the APNIC community NOGs, CSIRTS and LEA events PK, CN, HK, KR, JP, PH SG, MY, ID, AU, TW Collaboration with JICA and KISA to deliver regional CERT training Geoff Huston member of ICANN SSAC Adli Wahid member of FIRST Board MoU with APCERT Interpol Global Cyber Crime Group Adli Wahid www.apnic.net/security
- 5. Security Response Community: Are We There Yet?
- 6. Responding to Security Incidents 6 National Cyber Security Agency National CERT / CSIRTs Enterprise CERTs/CSIRTs End-Users Critical Infrastructure, Network Providers, Hosting, Cloud, Government, Financial Services, SMEs=
- 7. Thinking about the the problem National Regional Global 7
- 8. Challenge #X Human Resources 8
- 10. Where or how do I start? Breaking down • Knowledge & skills • Access to threat intelligence – On to trusted communities • Access to people, expertise – Mentoring, coaching – Sharing of experience & lessons learned • Challenge – Trust – “Don’t know anyone” 10
- 11. Can we teach this faster?
- 13. Different communities • Open Source projects – Github! – Many security projects to join • Local communities – Activities – Sharing ideas – Mentoring • Special Interest Groups – FIRST (www.first.org) – Honeynet Project (www.honeynet.org) – OWASP (www.owasp.org) • Examples – Network Operators Group (NOGs) – New Zealand Internet Task Force (NZITF) 13
- 14. Can I trust you? Who are you? • Certain security groups are not easy to get involved with • What am I sharing? – Ongoing investigation – My data / access • Solutions – Trusted introducers – Web of trust – Traffic light protocol 14
- 16. What can you do? • Individual – Start now – Get together – Make introductions • Leaders – Encourage & motivate • Businesses & government – Support – Provide platform & resources • Law Enforcement – Awareness • Everyone has a role to play 16
- 17. APNIC’s approach • Capacity development – Internet Infrastructure – Cyber Security* • Online training – http://training.apnic.net • Strategic partnership – Various stakeholders – Regional & global – Shared goals 17
- 18. Get involved & contribute! 18
- 19. Internet Operational Research Grants 19 New fund supporting the Internet research community in the Asia Pacific Research aiming to improve availability, reliability, and security of the Internet in the Asia Pacific Network measurement and analysis IPv6 deployment BGP Routing Network Security
- 20. Issue Date: Revision: Be United, Be Secure! Adli Wahid www.apnic.net adli@apnic.net
Notas del editor
- Thank You! Evangelist Training & Workshops Security Initiatives for APNIC
- Security specialist Adli Wahid, is working with different teams within APNIC as well as building relationship with potential and new partners that APNIC can leverage. Adli was recently elected as a board member of the Forum of Incident and Security Response Teams Build capability through training, providing content on security at APNIC and LEA training Participation in NOGs, inter-governmental forums, CERTS etc. We take that knowledge and share it with Members to raise awareness Highlighting relevant initiatives to Members to improve security such as IRT objects in whois, RPKI, and SAVE (BCP 38) We also supported security community events such as the PHCERT & APCERT Conference this year MOU with APCERT in the area of promoting security awareness, improving incident response and supporting capacity development activities
- A lot of problems and attacks Moving Slower Than the Defender Public Sector is Behind Do we expect SLERT to do everything?
- We have to realize that different economies have different Cyber Security Environment. Some have frameworks, policies and institutions in place. But others don’t. Even if you have everything in place – there is a lot of dependencies. You need to look at the bigger picture
- At the end of the day who is going to fix this problem?
- Formal – preconditions, costly, etc takes time Conference happens once a year
- Win-win approach & through various means
- APNIC is the secretariat of ISIF (Internet Society Innovation Fund) Help spread the word about ISIF grant – covers IPv6 and Operational Network Security. Up to 60k AUD grant