National Cybersecurity a multi-stakeholder approach Wednesday, 11 th - PowerPoint PPT Presentation

ISACA-KENYA ANNUAL CONFERENCE 2018 National Cybersecurity a multi-stakeholder approach Wednesday, 11 th April 2018 By: Vincent Ngundi HEAD OF NATIONAL KE-CIRT/CC & CYBERSECURITY

CONTENT National Cybersecurity Policy Framework 1) National Cybersecurity Governance Framework 2) National KE-CIRT/CC Operational Framework 3) National KE-CIRT/CC Vision & Mandate 4) National KE-CIRT/CC Collaboration Framework 5) National Cyber Threat Landscape 6) Collaboration: A Whole-of-Society Approach 7) 2

NATIONAL CYBERSECURITY FRAMEWORK Policy + Governance + Operations 3

National Cybersecurity: Policy Framework VISION 2030 ICT Sector Policy National Cyber Security Strategy Kenya Information & Communications Act + Regulations NATIONAL CYBERSECURITY CENTRE Law Enforcement National KE-CIRT/CC (NCC) 4

National Cybersecurity: Governance Framework NATIONAL SECURITY COUNCIL (NSC) [Chaired by the President] National Security Advisory Committee (NSAC) [Chaired by the Head of Public Service] National Cybersecurity Steering Committee (NCSC) [Chaired by the Cabinet Secretary/MoICT] National KE-CIRT/CC [Multi-agency Collaboration] Law Enforcement Communications Authority of Kenya [DCI | KDF | NIS]

National Cybersecurity: Operational Framework NATIONAL KE-CIRT/CC [CA + Law Enforcement] Multi-agency Collaboration Framework National KE-CIRT/CC Cybersecurity Committee (NKCC) [multi-agency + multi-stakeholder] e-Govt. Sector CIRT Telcom Sector CIRT Financial Sector CIRT Academia Sector CIRT Critical Info. Infrastructure International Partners

National KE-CIRT/CC: Vision & Mandate VISION Provision of comprehensive cybersecurity Implement National services to protect the Nation’s Cybersecurity Policies, Laws & cyberspace in order to promote access to Regulations and use of Information and Communication National Establish Cybersecurity Collaborations services in Kenya Awareness & on Cybersecurity Capacity [PPP] Building MISSION Responding to cybersecurity incidences in a timely fashion and building a national NATIONAL KE-CIRT/CC culture of cybersecurity Technical Co-ordination & R&D on Response to Cybersecurity Cyber Incidents LAW (24/7) KICA Part VIA, Section 83C : Develop a framework for facilitating the investigation and prosecution of Early Warning & Development & Technical cybercrime offenses Implementation Advisories of a NPKI (24/7)

National KE-CIRT/CC: Collaboration Framework 8

NATIONAL CYBER THREAT LANDSCAPE Statistics + Threat Vectors 9

National Cyber Threat Landscape CYBER THREATS & RESPONSE 1800 8000000 1700 1600 7000000 1400 6000000 1200 5000000 1000 4000000 800 3000000 600 488 2000000 400 346 1000000 200 78 65 43 0 0 Q3(2016) Q1(2017) Q2(2017) Q3(2017) Q4(2017) Q1(2018) 10

National Cyber Threat Landscape CYBER THREAT ATTACK VECTORS Online Abuse Botnet/DDoS Web-application 2% 2% 2% Brute Force 5% Impersonation 9% Malware 41% Systems Misconfig 39% Malware Systems Misconfig Impersonation Brute Force Web-application Botnet/DDoS Online Abuse 11

COLLABORATION A Whole-of-Society Approach 12

Background: Challenges in Collaboration Banks Finance Complex Silo-based Public Government People Processes Technology OT+IT Utility Environment Culture Telco Business Everyone for Themselves Just for Techies (one-of-society) CYBER- INSECURITY Backroom Gov. Busines Boardroom s Public Situation Room 13

Whole-of-Society Approach SILO APPROACH CONVERGENCE RISK-BASED APPROACH Converged approach highlights vulnerabilities in 3 key areas: Fragmented security and risk management People + Processes + Physical (OT+IT) 14

Whole-of-Society Approach SILO APPROACH CONVERGENCE RISK-BASED APPROACH Converged approach highlights vulnerabilities in 3 key areas: Fragmented security and risk management People + Processes + Physical (OT+IT) CULTURAL BARRIERS TO SECURITY Challenge has been internal cross- departmental cultures with limited communication between physical and IT security for instance 15

Whole-of-Society Approach SILO APPROACH CONVERGENCE RISK-BASED APPROACH Converged approach highlights vulnerabilities in 3 key areas: Fragmented security and risk management People + Processes + Physical (OT+IT) CULTURAL BARRIERS TO SECURITY MAPPING ASSETS & PROCESSES Organizations should develop an integrated security risk framework: Challenge has been internal cross- tech + processes + safeguards + systems + management departmental cultures with limited communication between physical and IT security for instance 16

Whole-of-Society Approach SILO APPROACH CONVERGENCE RISK-BASED APPROACH Converged approach highlights vulnerabilities in 3 key areas: Fragmented security and risk management People + Processes + Physical (OT+IT) CULTURAL BARRIERS TO SECURITY MAPPING ASSETS & PROCESSES Organizations should develop an integrated security risk framework: Challenge has been internal cross- tech + processes + safeguards + systems + management departmental cultures with limited communication between physical and IT security for instance STAKEHOLDER BUY-IN Develop a culture of cybersecurity: processes + training + awareness + assessment/audit 17

Whole-of-Society Approach SILO APPROACH CONVERGENCE RISK-BASED APPROACH Converged approach highlights vulnerabilities in 3 key areas: Fragmented security and risk management People + Processes + Physical (OT+IT) CULTURAL BARRIERS TO SECURITY MAPPING ASSETS & PROCESSES Organizations should develop an integrated security risk framework: Challenge has been internal cross- tech + processes + safeguards + systems + management departmental cultures with limited communication between physical and IT security for instance STAKEHOLDER BUY-IN Develop a culture of cybersecurity: processes + training + awareness + assessment/audit EVOLVING THREATS monitoring + capability review + share 18

Whole-of-Society Approach SILO APPROACH CONVERGENCE RISK-BASED APPROACH Converged approach highlights vulnerabilities in 3 key areas: Fragmented security and risk management People + Processes + Physical (OT+IT) CULTURAL BARRIERS TO SECURITY MAPPING ASSETS & PROCESSES Organizations should develop an integrated security risk framework: Challenge has been internal cross- tech + processes + safeguards + systems + management departmental cultures with limited communication between physical and IT security for instance STAKEHOLDER BUY-IN Develop a culture of cybersecurity: processes + training + awareness + assessment/audit COMMUNICATION EVOLVING THREATS frequency + audience + content monitoring + capability review + share more vs less & push vs pull 19

Whole-of-Society Approach SILO APPROACH CONVERGENCE RISK-BASED APPROACH Converged approach highlights vulnerabilities in 3 key areas: Fragmented security and risk management People + Processes + Physical (OT+IT) CULTURAL BARRIERS TO SECURITY MAPPING ASSETS & PROCESSES Organizations should develop an integrated security risk framework: Challenge has been internal cross- tech + processes + safeguards + systems + management departmental cultures with limited communication between physical and IT security for instance STAKEHOLDER BUY-IN Develop a culture of cybersecurity: processes + training + awareness + assessment/audit COMMUNICATION EVOLVING THREATS COLLABORATION internal + external frequency + audience + content monitoring + capability review + share Govt. + Business + Public + Intl. more vs less & push vs pull 20

.Thank You. 21