1 / 17

Miho Naganuma

Session 4.2 Creation of national ICT security infrastructure for developing countries Industry-wide approach: Raising awareness for ICT security infrastructure. Miho Naganuma Little eArth Corporation Rapporteur Q3/17 Information Security Operators Group Japan (ISOG-J). Issues in Cybersecurity.

hayley
Download Presentation

Miho Naganuma

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Session 4.2 Creation of national ICT security infrastructure for developing countriesIndustry-wide approach: Raising awareness for ICT security infrastructure Miho Naganuma Little eArth CorporationRapporteur Q3/17Information Security Operators Group Japan (ISOG-J) Addressing security challenges on a global scale

  2. Issues in Cybersecurity • Together with rapid growth of economies, multi-rateral business relations are expanding and connected. • Meanwhile, it also raises issues for the necessity of secure network infrastructures with sophisticated cybersecurity services. • We are facing an urgent crisis in a continuing effort to raise awareness of cybersecurity • incident response planning against DDoS attacks, targeted attacks including Advanced Persistent Threat (APT) attacks with practice-based information • fast development of technologies for countermeasures Addressing security challenges on a global scale

  3. Issues in Cybersecurity (cont.) • Developing international recommendation/ standards in Cybersecurity and information exchange industry-wide/unique collaborationby Managed Security Service Providers Geneva, 6-7 December 2010 • Key issue :Information exchange • Cybersecurity information exchange and technical collaboration • Wide range of collaboration – International, regional, national level and industry level Addressing security challenges on a global scale 4

  4. Information Security Operators Group Japan • 1. Support for industry • Providing guideline for service users • Research for related legal, regulatory requirements • 2. Communications • Technical exchange and update • workshop and seminar Building trust in the community and enhance active collaboration http://www.jnsa.org/isog-j/e/ Geneva, 6-7 December 2010 Addressing security challenges on a global scale 5

  5. Organisation New WG: Security Operation Information sharing and collaboration Active involvement of related parties Government support Geneva, 6-7 December 2010 Addressing security challenges on a global scale 6

  6. Members organisations

  7. Security Operation information sharing and collaboration WG Geneva, 6-7 December 2010 • Seeking “effective” information sharing and collaboration by • Providing information and analysis methodologies • Review actions with management view • Support actions with research view • Involving SOC Operators/Analyst, specialist for process management etc. • Information transmission enjoying the nature of neutrality • Consideration on the requirements for cybersecurity operation collaboration • Obstacles toward the collaboration • Criteria of collaborating operations / sharing information • Actions to conquer the obstacles Addressing security challenges on a global scale 8

  8. Obstacles for information sharing Geneva, 6-7 December 2010 Differences between free-of-charge information and charged one Differences between contracted users and non-contracted ones Disadvantageous to offer information first? Difficulties to provide information even if the information is wanted Difficulties to acquire information due to separation of operational unit Addressing security challenges on a global scale 9

  9. Case 1 Geneva, 6-7 December 2010 • Failed to re-utilise the collected information • Failed to find the reason to share the information • Lack of sense of purpose to continue the sharing • Trap of money as a purpose • the information sharing will be terminated when the monetary relationship terminated • Failed to invoke any meaningful actions after gaining some information from the logs of the other companies • Value of Information possess Addressing security challenges on a global scale 10

  10. Case 2 Geneva, 6-7 December 2010 • Collaboration based on personal relationship disappears when the person moves to the other place • The information sharing is difficult if the boss/supervisor is not supportive to the activities • It is difficult to advance the collaboration actively if we cannot get any useful feedback for our customers • When the person in charge move to different department, the hand-over procedure is not good enough • If sharing information itself becomes the objective, the motivation of the operators at field will drop Addressing security challenges on a global scale 11

  11. Other obstacles Geneva, 6-7 December 2010 • Different view of Technologies, and operations among organizations • best to start from information sharing • collaboration will be next step • Internal relations vs External relations • Reluctant feeling to share information in Security-industry • Question what kind of information we want to share • Support from management level and department heads. • How does the information sharing and collaboration lead to the profit of the company? • Merit for each organization need to be considered Addressing security challenges on a global scale 12

  12. Advantage of information sharing in ISOG-J Geneva, 6-7 December 2010 • Members can • issue incident information with the name of ISOG-J • use both individual company name and ISOG-J name when disclosing information depending on the situation • share the practices of certain incidents among members • share some trend information or some notes on that instead of cybersecurity information itself • By disclosing information periodically from ISOG-J such information becomes a reference source • From the viewpoint of education, it is beneficial to analyze detection information over certain network collaboratively is a good first step Addressing security challenges on a global scale 13

  13. Candidate solutions Geneva, 6-7 December 2010 • Issuing threat analysis document for management figures • Information on what kind of threats against IT system we have, and what kind of business continuity risk they pose • Starting with sharing statistical information onlogs of IDS/IPS, NW appliances, servers etc. • Objective of sharing information and collaboration • Policy of the data handling • Manipulate the log so that sensitive information can be hidden (such as user name) • Log information sharing scheme • Standard log format • With considering how we can take best advantage of the log data of each company Addressing security challenges on a global scale 14

  14. Candidate solutions Geneva, 6-7 December 2010 • Quantative information of incidents that are detected • Gather incident information collected by SOCs • Member organisations get access to the information • Sharing Meta information instead of raw data • Sensitive information including threads information that is difficult to be disclosed can be shared • General information can be shared to customers Addressing security challenges on a global scale 15

  15. Highlights for raising awareness Geneva, 6-7 December 2010 • Industry–wide approach • Involving related parties for ICT infrastructure security (Gov, Gov. agencies, CIRT, ISP, MSSP, Security Vendors etc.) • “Neutral” organisation/association • Communication in industries • Encourage bottom-up approach • Analyse obstacles and make feasible scenarios and candidate solutions • Communication as education Addressing security challenges on a global scale 16

  16. www.jnsa.org/isog-j/en Thank you Contact: miho.naganuma@lac.co.jp Addressing security challenges on a global scale

More Related