An Overview to Information Security and Security Initiatives in India - PowerPoint PPT Presentation

Faraday
slide1 l.
Skip this Video
Loading SlideShow in 5 Seconds..
An Overview to Information Security and Security Initiatives in India PowerPoint Presentation
Download Presentation
An Overview to Information Security and Security Initiatives in India

play fullscreen
1 / 35
Download Presentation
An Overview to Information Security and Security Initiatives in India
292 Views
Download Presentation

An Overview to Information Security and Security Initiatives in India

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. An Overview to Information Security and Security Initiatives in India Anil Sagar Additional Director Indian Computer Emergency Response Team (CERT-In)

  2. Objectives • Why we need security • To understand Information Security • To know Security Initiatives in India

  3. Why Security? • Polish Teen Faces Charges for Allegedly Manipulating Train System (January 11, 2008) • Barclays Chairman Victim of Identity Theft (January 10 & 11, 2008) • Stolen Laptops Hold Nashville Voter Data (337,000 voters) • (January 3, 2008)

  4. Security: The Need The consequences of insufficient security • Identity theft • Compromised customer confidence; loss of business • Service interruption (e.g., e-mail) • Loss of competitive advantage • Equipment theft • Embarrassing media coverage • Substantial financial loss • Legal penalties

  5. What’s at stake? When connecting to the Internet, three things are put at risk: • Data • Resources • Reputation

  6. Facebook Widget Installing Spyware

  7. Facebook Widget Installing Spyware

  8. Facebook Widget Installing Spyware

  9. Facebook Widget Installing Spyware

  10. Facebook Widget Installing Spyware

  11. Facebook Widget Installing Spyware

  12. Information Security – CIA • Confidentiality • ensuring that information is accessible only to those authorized to have access • Integrity • assurance of accuracy and reliability of information • unauthorized modification of data is prevented • Availability • Information is being accessible and usable upon demand by an authorized entity • Non Repudiation • Verification of the sender and the recipient were, in fact, the parties who claimed to send or receive the message, respectively

  13. Threats to Information Security • Confidentiality • Unauthorised Disclosure • Integrity • Unauthorised Alteration • Availability • Disruption

  14. Threats An event, the occurrence of which could have an undesirable impact on the well-being of an asset. [ISC2] International Information Systems Security Certification Consortium Any circumstances or event that has the potential to cause harm to a system or network .That means, that even the existence of a(n unknown) vulnerability implies a threat by definition. [CERT]

  15. Vulnerability • A feature or bug in a system or program which enables an attacker to bypass security measures. • An aspect of a system or network that leaves it open to attack. • Absence or weakness of a risk-reducing safeguard. It is a condition that has the potential to allow a threat to occur with greater frequency, greater impact or both.

  16. Threats

  17. Current trend of cyber threats • Targeted attacks • Stealing of data/modification • Identity theft (Phishing) • Spread of malicious code • Distributed Denial of service attacks • Website Defacements

  18. Rapid Development of Cyber Threats

  19. Information Security Management INFORMATION SECURITY Availability Confidentiality Integrity Authenticity Security Policy People Regulatory Compliance User Awareness Program Access Control Process Security Audit Incident Response Encryption, PKI Firewall, IPS/IDS Technology Antivirus

  20. What actions need to be taken • User awareness • Security portals for user awareness • Ad campaigns • Enterprise security • CSIRTs • Sectoral cooperation and coordination • Sectoral CERTs • National coordination • CERT-In • Global coordination • APCERT, ASEAN, FIRST

  21. Need for cooperation • Users • Organisations • CSIRTs, CERTs • ISPs • Domain registrars • DNS operators • IT vendors • Law enforcement agencies

  22. Govt. Initiatives • Formation of CERT-In (January, 2003) • Nodal agency for • Responding to security incidents • Prevention of incidents by means of generating user awareness • Promotion of security best pratices • Coordination at • Sectoral level • National level • International level

  23. CERT-In initiatives • Directives issued to Govt. and public sector organisations to • Implement ISO 27001 security standard • Perform regular security audits • Shifting of websites onto ‘.in’ name space • Hosting of websites within country • Empanelment of IT Security auditors • Creation of awareness by organising training programs for CISOs, System administrators • Issuance of security guidelines

  24. CERT-In initiatives • Collaboration with security vendors like Microsoft, Redhat, Cisco, Symantec, McAfee, TrendMicro etc. • Security surveys and reports • Created forum on Phishing and Spam in collaboration with CII & other stakeholders • Issued “Securing Home Computers” and “Web Server Security” Guidelines • Informative Web Portals created in collaboration with Microsoft & Redhat for general user

  25. Information Sharing: Stakeholders ISPs, Key Networks CERTs CSIRTs Vendors Law Enforcement Agencies CERT-In Media Home Users International CERTs ---Government Sector -Critical Information Infrastructure -Corporate Sector 25

  26. International Cooperation • FIRST • APCERT • CERT/CC • US-CERT • JPCERT • Korean CERT

  27. DIT initiatives • Generation of trained manpower on Information security • Master trainers in Information Security (60) • Short-term/long-term courses in Information Security • Certification, Vulnerability Assessment, training programs in the area of IT • STQC

  28. DIT initiatives • R&D projects • Cryptography • Steganography • Network Behavior Analysis • Biometric Authentication • Mobile Security • Cyber Forensics

  29. Indian Website Defaced in Year 2007

  30. Security Incidents handled by CERT-In during 2007

  31. Latest attack vectors • Compromise of popular websites and subsequent distribution of malware visiting the website • Compromise of e-mail accounts and distribution of malicious attachments to contact list users • Collection of user credentials through keyloggers

  32. Activities of CERT-In

  33. Communication channels CERT-In website About 1460 users visiting the site per day Significant increase of site visit during major events CERT-In Incident Response Help Desk Toll free nos. 1800-11-4949 (Voice) 1800-11-6969 (FAX) CERT-In mailing list About 1100 individuals from various national and international security organizations E-mail CIOs Database ISPs Postal mail 33

  34. Conclusion Let us work together for a vision. Create an society in which spam, viruses and worms, the plagues of modern information technology are eliminated.

  35. Thank you Incident Response HelpDesk Phone: 1800 11 4949 FAX: 1800 11 6969 e-mail: incident@cert-in.org.in http://www.cert-in.org.in