1 / 13

PREPAREDNESS AND RESPONSE TO CYBER THREATS REQUIRE A CSIRT

By Jaco Robertson, Marthie Lessing and Simon Nare*. PREPAREDNESS AND RESPONSE TO CYBER THREATS REQUIRE A CSIRT. Agenda. Introduction Why a CSIRT in the Military Typical threats to information infrastructure What is a CSIRT Benefits of a CSIRT Conclusion. Introduction.

tavita
Download Presentation

PREPAREDNESS AND RESPONSE TO CYBER THREATS REQUIRE A CSIRT

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. By Jaco Robertson, Marthie Lessing and Simon Nare* PREPAREDNESS AND RESPONSE TO CYBER THREATS REQUIRE A CSIRT

  2. © CSIR 2007 www.csir.co.za Agenda Introduction Why a CSIRT in the Military Typical threats to information infrastructure What is a CSIRT Benefits of a CSIRT Conclusion

  3. © CSIR 2007 www.csir.co.za Introduction Civilian infrastructure is under constant threat Increasingly the millitary relies on commercial and civil systems The threats are similar The civilian approach is a CSIRT – equally necessary for the military

  4. © CSIR 2007 www.csir.co.za Why a CSIRT in the Military (1)‏ The use of commercial software The use of common information infrastructure (e.g. hardware systems)‏ Microsoft systems are actively targeted Threat of class breaks “Class break in simple terms means vulnerability because of commonality” The growing market of vulnerability exploits is also a threat

  5. © CSIR 2007 www.csir.co.za Current situation… No more security through obscurity Lack of close cooperation with civil society Lack of trust and human network of relationships Military CSIRT leads to… Trust and collaboration International cooperation “My security depends on your security” mindset Attraction of qualified and skilled professionals Why a CSIRT in the Military (2)‏

  6. © CSIR 2007 www.csir.co.za Typical threats and risks to information infrastructure Viruses and worms Trojans Botnets and Distributed Denial of Service (DDoS) attacks Vulnerability and exploits Spam Targeted attacks agains the systems

  7. © CSIR 2007 www.csir.co.za Then... What is a CSIRT (1)‏ Team of experts focused on IT security Provides services and support for preventing, handling and responding to IT security incidents Collaboration and networking with the CSIRT community

  8. © CSIR 2007 www.csir.co.za What is a CSIRT (2)‏ The role Reactive services Proactive services Security quality management

  9. © CSIR 2007 www.csir.co.za What is a CSIRT (3)‏ Constituency User base that needs protection against incidents Needs to be clearly defined Services tailored to their needs

  10. © CSIR 2007 www.csir.co.za Benefits of a CSIRT in the military Military focuses on its core function CSIRT focuses on security issues Inspires confidence by having an internally safe infrastructure A stable infrastructure even in warfare times Centralised incident response coordination Access to and building technical expertise

  11. © CSIR 2007 www.csir.co.za Conclusion No more security through obscurity Military infrastructure exposed to the same risk as civilian infrastructure Civillian counter-measure is a CSIRT We propose the Military follow suite

  12. © CSIR 2007 www.csir.co.za Conclusion “Africa, and hence South Africa (and the South African National Defence Force) cannot escape the impact of the Information Age. It is therefore both a national and military strategic objective to leverage the advantage posed by modern communication, computer and information systems, and to mitigate the vulnerability introduced by the presence and use of these systems.” - SANDF Philosophy for Information Warfare

  13. © CSIR 2007 www.csir.co.za I thank you Any questions welcome

More Related