cyber incident management national and regional lessons
play

Cyber Incident Management -National and Regional Lessons Learned- - PowerPoint PPT Presentation

Sep 19, 2022 •174 likes •229 views

ARF Seminar on Operationalizing Cyber CBMs at Singapore 21 22 October 2015 Cyber Incident Management -National and Regional Lessons Learned- Masanori Sasaki Deputy Counsellor, NISC, Cabinet Secretariat, Japan Our organization NISC : N

  1. ARF Seminar on Operationalizing Cyber CBMs at Singapore 21 ‐ 22 October 2015 Cyber Incident Management -National and Regional Lessons Learned- Masanori Sasaki Deputy Counsellor, NISC, Cabinet Secretariat, Japan

  2. Our organization… NISC : N ational center of I ncident readiness and S trategy for C ybersecurity • 6 groups Strategy and Policy Planning • Various project teams International Strategy Deputy Director-General Comprehensive Measures for Government Agencies Director-General of NISC Critical Information Infrastructure Protection Deputy Director-General Integration and Coordination of Cybersecurity Information Cybersecurity Advisers Incident Investigation and Analysis 1

  3. Information what NISC needs… Strategic level  Information on law, policy, and strategy • International • Domestic  Situational Information: • Incident reports • Threat trends Collecting, processing, • Information on actors in cyberspace analyzing, and utilizing information for the • Best practices and measures on cybersecurity national cybersecurity  Technical information: • Malware • Vulnerability Operational level 2

  4. Information Channels  Domestic: • GSOC [Government Security Operation Coordination team] • Each government agency’s CSIRT • JPCERT/CC and other partners • Law enforcement agencies • Private sector  International: • Formal communication channels e.g. bilateral cyber-dialogues • Multilateral frameworks e.g. FIRST • Informal meetings and communications • poc@nisc.go.jp 3

  5. Incident management framework and information sharing… Each Ministry’s CSIRT  Situational awareness and analysis  Incident response Used effectively?  Report to decision makers GSOC [Government Security Operation Coordination team]  Training and exercise  Real-time network monitoring Warnings & notifications  Information sharing and cooperation  Malware analysis and information gathering GSOC  Prompt warnings on threats Monitoring Sensor Reports Ministry A PoC CSIRT CYMAT [CYber incident Mobile Assistance Team] Timely & precisely?  Members: government officials with advanced Cooperation among experiences and knowledge on cybersecurity CSIRTs Timely & effectively?  Be mobilized for serious impact cyber incidents GSOC GSOC Sensor that require government-wide response Sensor Request for assistance  Provides technical assistance to the Ministry C Ministry B government bodies for: PoC CSIRT PoC CSIRT • Accurate situational awareness & analysis Technical assistance Response • Incident response and damage control and advice • Recovery from incidents Technical • Recurrence prevention Assistance • Exercises and Trainings Collaboration, • Private sector information sharing • International partners, etc . Work practically? 4

Recommend

CYBER INCIDENT MANAGEMENT: NATIONAL AND REGIONAL LESSONS LEARNED HARME MOHAMED 21 OCTOBER 2015

CYBER INCIDENT MANAGEMENT: NATIONAL AND REGIONAL LESSONS LEARNED HARME MOHAMED 21 OCTOBER 2015

CYBER INCIDENT MANAGEMENT: NATIONAL AND REGIONAL LESSONS LEARNED HARME MOHAMED 21 OCTOBER 2015 MALAYSIAN COMMUNICATIONS AND MULTIMEDIA COMMISSION MCMC is both the developer and the regulator for the C&M industry, established based on:

253 views • 9 slides
Cyber Incident Management: National and Regional Lessons Learned ANGELA MARIE M. DE GRACIA State

Cyber Incident Management: National and Regional Lessons Learned ANGELA MARIE M. DE GRACIA State

Cyber Incident Management: National and Regional Lessons Learned ANGELA MARIE M. DE GRACIA State Counsel Office of Cybercrime CYBERSECURITY STRATEGIES 1. Understanding the Risk; 2. Controlling the Risk; 3. Organizing and Mobilizing for

304 views • 14 slides
Vancouver 2010 Olympics Lessons Learned: Cyber Robert Pitcher, Cyber Incident Handler

Vancouver 2010 Olympics Lessons Learned: Cyber Robert Pitcher, Cyber Incident Handler

Vancouver 2010 Olympics Lessons Learned: Cyber Robert Pitcher, Cyber Incident Handler robert.pitcher@ps.gc.ca Public Safety Canada FIRST Conference 15 June 2011 Agenda Canadian Cyber Incident Response Centre Roles and Responsibilities

408 views • 21 slides
National Incident Management System National Incident Management System and and National

National Incident Management System National Incident Management System and and National

National Incident Management System National Incident Management System and and National Response Plan National Response Plan Overview March 2006 HSPD-5: Management of Domestic Incidents HSPD-5 Objectives: Single comprehensive

463 views • 21 slides
National Incident Management System National Incident Management System and and National

National Incident Management System National Incident Management System and and National

National Incident Management System National Incident Management System and and National Response Plan National Response Plan Overview March 2006 HSPD-5: Management of Domestic Incidents HSPD-5 Objectives: Single comprehensive

196 views • 17 slides
Incident Management Kevin ODonnell, PhD Sartans with N-nitrosamine impurities - Lessons Learnt

Incident Management Kevin ODonnell, PhD Sartans with N-nitrosamine impurities - Lessons Learnt

Incident Management Kevin ODonnell, PhD Sartans with N-nitrosamine impurities - Lessons Learnt Exercise Interested Parties Meeting, EMA, 4 November 2019 Typical Examples How the incident was triggered and managed EMA & Rapid

348 views • 13 slides
National Unified Goal For Traffic Incident Management Working Together for Improved Safety,

National Unified Goal For Traffic Incident Management Working Together for Improved Safety,

Proposed National Unified Goal For Traffic Incident Management Working Together for Improved Safety, Clearance and Communications What is Traffic Incident Management? Traffic Incident Management TIM refers to the Procedures and

150 views • 12 slides
Incident Management Team COVID-19 Incident Briefing Thursday, August 20, 2020 Bill Bullock

Incident Management Team COVID-19 Incident Briefing Thursday, August 20, 2020 Bill Bullock

Incident Management Team COVID-19 Incident Briefing Thursday, August 20, 2020 Bill Bullock Carbon County Commissioner Dr. Bill George Carbon County Public Health Officer Agenda National/ Regional/Carbon County Update County Risk Map

352 views • 8 slides
GE Incident Response Insight Awareness Advantage Sean Mason Director, Incident Response

GE Incident Response Insight Awareness Advantage Sean Mason Director, Incident Response

GE Incident Response Insight Awareness Advantage Sean Mason Director, Incident Response Investing in new talent & capabilities Incident response Cyber intelligence Digital forensics Security architecture Identity management

609 views • 42 slides
Lessons from the 10/5/2015 Emergency Incident The bomb threat incident of October 5 was truly a

Lessons from the 10/5/2015 Emergency Incident The bomb threat incident of October 5 was truly a

Prepared by Curtis Sommerfeld, 10/9/2015 Lessons from the 10/5/2015 Emergency Incident The bomb threat incident of October 5 was truly a cruel hoax, placing both the college community and emergency responders in harms way , causing much

373 views • 4 slides
GEORGIA INCIDENT MANAGEMENT PROGRAMS FHWA TALKING TIM WEBINAR DECEMBER 18, 2019 AGENDA

GEORGIA INCIDENT MANAGEMENT PROGRAMS FHWA TALKING TIM WEBINAR DECEMBER 18, 2019 AGENDA

GEORGIA INCIDENT MANAGEMENT PROGRAMS FHWA TALKING TIM WEBINAR DECEMBER 18, 2019 AGENDA National Incident Response Week HERO 25 th Anniversary Traffic Incident Management Enhancement (TIME) Task Force Georgias Towing and

251 views • 7 slides
CERT Symposium: Cyber Security Incident Management for Health Information Exchanges June 26, 2013

CERT Symposium: Cyber Security Incident Management for Health Information Exchanges June 26, 2013

Pennsylvania eHealth Partnership Authority Pennsylvanias Journey for Health Information Exchange CERT Symposium: Cyber Security Incident Management for Health Information Exchanges June 26, 2013 Pittsburgh, PA The Journey to the Triple AI

916 views • 33 slides
Incident Response & Evidence Incident Response & Evidence Incident Response &

Incident Response & Evidence Incident Response & Evidence Incident Response &

Incident Response & Evidence Incident Response & Evidence Incident Response & Evidence Incident Response & Evidence Management Management Management Management CIPS Brandon Chapter November 28 2002 Dr. Marc Rogers PhD,

629 views • 27 slides
Incident Management Incident Management Making sure things go right when they inevitably go

Incident Management Incident Management Making sure things go right when they inevitably go

Incident Management Incident Management Making sure things go right when they inevitably go wrong. Gareth Eason, HEAnet for TF-NOC, Zrich, 2011-06-29 Agenda HEAnet background: What do we do? Why manage incidents? How does

587 views • 33 slides
Process-based cyber incident response Mr Jorge Silveira Executive Director of Information

Process-based cyber incident response Mr Jorge Silveira Executive Director of Information

Code Yellow - Cybersecurity Process-based cyber incident response Mr Jorge Silveira Executive Director of Information Management & Chief Information Officer Northeast Health Wangaratta @HISA_HIC #HIC18 Introduction about

340 views • 18 slides
Canadian Cyber Incident Response Centre (CCIRC) UNCLASSIFIED Cyber in the News 1

Canadian Cyber Incident Response Centre (CCIRC) UNCLASSIFIED Cyber in the News 1

UNCLASSIFIED Briefing to Critical Infrastructure Sector Organizations on the Canadian Cyber Incident Response Centre (CCIRC) UNCLASSIFIED Cyber in the News 1 UNCLASSIFIED Tactics, Techniques and Procedures These observed tactics,

674 views • 25 slides
Regional Incident Management David Fink July 27, 2018 Goals and Objectives Implement a Quick

Regional Incident Management David Fink July 27, 2018 Goals and Objectives Implement a Quick

Regional Incident Management David Fink July 27, 2018 Goals and Objectives Implement a Quick Clearance Program that: Minimizes Congestion Reduces Secondary Vehicle crashes Increases Safety of Traveling Public Current Status

255 views • 9 slides
ITU- Arab Regional Cyber Security Centers Activities & Regional Threats landscape ENG.

ITU- Arab Regional Cyber Security Centers Activities & Regional Threats landscape ENG.

ITU- Arab Regional Cyber Security Centers Activities & Regional Threats landscape ENG. BADAR ALI ALSALEHI HEAD OF ITU-ARAB REGIONALCYBER SECURITY CENTER DG OF OMAN NATIONAL CERT Dar es Salaam November - 2017 2 3 2014 2015 April-

909 views • 29 slides
Cyber Security Incident Reporting Notice of Proposed Rulemaking Update --- Patricia Eke Energy

Cyber Security Incident Reporting Notice of Proposed Rulemaking Update --- Patricia Eke Energy

Supply Chain Risk Management Reliability Standard and Cyber Security Incident Reporting Notice of Proposed Rulemaking Update --- Patricia Eke Energy Industry Analyst Office of Electric Reliability June 7, 2018 6/7/2018 Disclaimer The

460 views • 12 slides
Emergency Management Forum Australian Airports Association Ms Rhonda Owen Pull quote Assistant

Emergency Management Forum Australian Airports Association Ms Rhonda Owen Pull quote Assistant

Emergency Management Forum Australian Airports Association Ms Rhonda Owen Pull quote Assistant Secretary Incident Control and Operations Branch National Incident Response Division www.health.gov.au The National Incident Room (NIR) in the

500 views • 11 slides
Cyber Threats Incident Response Model for CNII Organizations Dr. Aswami Ariffin Megat Mutalib

Cyber Threats Incident Response Model for CNII Organizations Dr. Aswami Ariffin Megat Mutalib

Cyber Threats Incident Response Model for CNII Organizations Dr. Aswami Ariffin Megat Mutalib Dr. Zahri Yunos Presentation Outline 1. Our Service: CyberDEF (Cyber Defence) 2. Our R&D Product: CMERP (Coordinated Malware Eradication &

605 views • 25 slides
Fighting Cyber Crime Introduction Regional Cyber Protect Officer for SEROCU To engage with, and

Fighting Cyber Crime Introduction Regional Cyber Protect Officer for SEROCU To engage with, and

Fighting Cyber Crime Introduction Regional Cyber Protect Officer for SEROCU To engage with, and develop relationships with companies and organisations within the region to promote cyber security and the role of the SEROCU CCU. The Regional

217 views • 18 slides
CYBER INCIDENT DETECTION AND RESPONSE DESK REFERENCE OVERVIEW Matt Masterson 1 February 4,

CYBER INCIDENT DETECTION AND RESPONSE DESK REFERENCE OVERVIEW Matt Masterson 1 February 4,

C I S A | C Y B E R S E C U R I T Y A N D I N F R A S T R U C T U R E S E C U R I T Y A G E N C Y CYBER INCIDENT DETECTION AND RESPONSE DESK REFERENCE OVERVIEW Matt Masterson 1 February 4, 2020 Cyber Incident Detection and Agenda 1

240 views • 9 slides
PRINT THE CYBER THREAT YOU'D NEVER EXPECT 1 2 Local, regional and national sales, service and

PRINT THE CYBER THREAT YOU'D NEVER EXPECT 1 2 Local, regional and national sales, service and

2/26/2020 PRINT THE CYBER THREAT YOU'D NEVER EXPECT 1 2 Local, regional and national sales, service and support Print Security Assessment, 2019 Marco serves over $ 35,000 clients nationwide from 64 locations Quocirca 3 4 1 2/26/2020

200 views • 5 slides

More recommend