SlideShare une entreprise Scribd logo

Creating a CERT at WARP Speed

Brian Honan
Brian Honan

My presentation at BruCON and Source Barcelona on how I set up the Irish CERT (IRISSCERT www.iriss.ie) using the WARP platform

Technologie
1  sur  41
Creating A CERT at WARP Speed
2004 – The Journey Begins Copyright © 2010 IRISS www.irissie 2
What’s Missing? 3 Copyright © 2010 IRISS www.irissie
Situation ,[object Object]
“Silicon Valley” Europe
Over 97% of Irish Businesses are SME
<50 Employees and Annual Turnover <€10m
Ever Increasing Dependence on ICT
No Independent Source of InfoSec information
Economy At Risk
National Security and CNI at Risk
Lack of Data for Law Enforcement
Soft Back Door to UK CNI4 Copyright © 2010 IRISS www.irissie
Not a Fair Fight ! 5 Copyright © 2010 IRISS www.irissie
Stakeholders 6 Copyright © 2010 IRISS www.irissie
Does Ireland Need a CERT? 7 Copyright © 2010 IRISS www.irissie
8 Job Complete? Copyright © 2010 IRISS www.irissie
9 Estonia Effect Copyright © 2010 IRISS www.irissie
10 Job Complete? Copyright © 2010 IRISS www.irissie
11 IRISS Is Born Copyright © 2010 IRISS www.irissie
Who is IRISS-CERT? ,[object Object]
Provide Services On Information Security
Services Provided Free of Charge
Not For Profit Organisation12 Copyright © 2010 IRISS www.irissie
Services Offered Irish Focused Alerts and Warnings Vulnerability Awareness Incident Awareness Sanitised Attack Notifications Coordination Service Irish Focused Research Trends and Metrics General Awareness Knowledge Sharing Informal discussion Information Sharing & Dissemination 13 Copyright © 2010 IRISS www.irissie
We Serve Government Bodies and Agencies Private Sector Companies SME Sector Industry Bodies Other CERTs 14 Copyright © 2010 IRISS www.irissie
15 IRISS Associations Copyright © 2010 IRISS www.irissie
16 Sponsors Copyright © 2010 IRISS www.irissie
Reaction 17 Copyright © 2010 IRISS www.irissie
The Future 18 Copyright © 2010 IRISS www.irissie
19 Planning Your CERT Copyright © 2010 IRISS www.irissie
20 Engage With Stakeholders Copyright © 2010 IRISS www.irissie
21 Identify Your Clients Copyright © 2010 IRISS www.irissie
22 Identify Services Copyright © 2010 IRISS www.irissie
23 Establish Your Requirements Copyright © 2010 IRISS www.irissie
24 Identify Tools Copyright © 2010 IRISS www.irissie
25 Get Funding & Support Copyright © 2010 IRISS www.irissie
26 Practise, Practise, Practise Copyright © 2010 IRISS www.irissie
27 Establish the IRT Copyright © 2010 IRISS www.irissie
28 Deliver Your Services Copyright © 2010 IRISS www.irissie
29 Be Prepared Copyright © 2010 IRISS www.irissie

Recommandé

The UK's Code of Practice for Security in Consumer IoT Products and Services ...
The UK's Code of Practice for Security in Consumer IoT Products and Services ...The UK's Code of Practice for Security in Consumer IoT Products and Services ...
The UK's Code of Practice for Security in Consumer IoT Products and Services ...44CON
 
Internet governance and corruption
Internet governance and corruptionInternet governance and corruption
Internet governance and corruptionEwan Sutherland
 
INTRO LETTER
INTRO LETTERINTRO LETTER
INTRO LETTERIshmael Oku
 
Cybersecurity Through Collaboration
Cybersecurity Through CollaborationCybersecurity Through Collaboration
Cybersecurity Through CollaborationColloqueRISQ
 
Oman Intellectual Property Rights Practice Group
Oman Intellectual Property Rights Practice GroupOman Intellectual Property Rights Practice Group
Oman Intellectual Property Rights Practice GroupAl Alawi and Co Advocates Legal Consultants
 
WatchU Company Profile
WatchU Company ProfileWatchU Company Profile
WatchU Company ProfileJustin Fisher
 
Security and Trust for Digital Transactions : Dictao presentation during the ...
Security and Trust for Digital Transactions : Dictao presentation during the ...Security and Trust for Digital Transactions : Dictao presentation during the ...
Security and Trust for Digital Transactions : Dictao presentation during the ...Dictao
 
Internet de Todo IoE
Internet de Todo IoEInternet de Todo IoE
Internet de Todo IoEschangan1
 

Recommandé

The UK's Code of Practice for Security in Consumer IoT Products and Services ...
The UK's Code of Practice for Security in Consumer IoT Products and Services ...The UK's Code of Practice for Security in Consumer IoT Products and Services ...
The UK's Code of Practice for Security in Consumer IoT Products and Services ...44CON
 
Internet governance and corruption
Internet governance and corruptionInternet governance and corruption
Internet governance and corruptionEwan Sutherland
 
INTRO LETTER
INTRO LETTERINTRO LETTER
INTRO LETTERIshmael Oku
 
Cybersecurity Through Collaboration
Cybersecurity Through CollaborationCybersecurity Through Collaboration
Cybersecurity Through CollaborationColloqueRISQ
 
Oman Intellectual Property Rights Practice Group
Oman Intellectual Property Rights Practice GroupOman Intellectual Property Rights Practice Group
Oman Intellectual Property Rights Practice GroupAl Alawi and Co Advocates Legal Consultants
 
WatchU Company Profile
WatchU Company ProfileWatchU Company Profile
WatchU Company ProfileJustin Fisher
 
Security and Trust for Digital Transactions : Dictao presentation during the ...
Security and Trust for Digital Transactions : Dictao presentation during the ...Security and Trust for Digital Transactions : Dictao presentation during the ...
Security and Trust for Digital Transactions : Dictao presentation during the ...Dictao
 
Internet de Todo IoE
Internet de Todo IoEInternet de Todo IoE
Internet de Todo IoEschangan1
 
Apani Ov V9
Apani Ov V9Apani Ov V9
Apani Ov V9ScottBreadmore
 
EU data protection laws and impacts on healthcare applications and health data
EU data protection laws and impacts on healthcare applications and health dataEU data protection laws and impacts on healthcare applications and health data
EU data protection laws and impacts on healthcare applications and health dataSpeck&Tech
 
Garantice la continuidad de su negocio Damian Prieto
Garantice la continuidad de su negocio Damian PrietoGarantice la continuidad de su negocio Damian Prieto
Garantice la continuidad de su negocio Damian PrietoCristian Garcia G.
 
Insurance Innovation Award-PolicyPal
Insurance Innovation Award-PolicyPalInsurance Innovation Award-PolicyPal
Insurance Innovation Award-PolicyPalThe Digital Insurer
 
RisingStarsOfCybersecurity
RisingStarsOfCybersecurityRisingStarsOfCybersecurity
RisingStarsOfCybersecurityIndy Dh
 
FCF June 2014 - 02 cyber case studies
FCF June 2014 - 02 cyber case studies FCF June 2014 - 02 cyber case studies
FCF June 2014 - 02 cyber case studies#TheFraudTube
 
What's Next in Cybersecurity Policy
What's Next in Cybersecurity PolicyWhat's Next in Cybersecurity Policy
What's Next in Cybersecurity PolicyEly Kahn
 
CyberSecurity: Protecting Law Firms - Vanderburg - JurInnov
CyberSecurity: Protecting Law Firms - Vanderburg - JurInnovCyberSecurity: Protecting Law Firms - Vanderburg - JurInnov
CyberSecurity: Protecting Law Firms - Vanderburg - JurInnovEric Vanderburg
 
Internet harvest starting to sour
Internet harvest starting to sourInternet harvest starting to sour
Internet harvest starting to sourcpscapitalaustralia
 
Getiss 16x9
Getiss 16x9Getiss 16x9
Getiss 16x9Vitaly Pochtar
 
FLI Newsletter - August 2015
FLI Newsletter - August 2015FLI Newsletter - August 2015
FLI Newsletter - August 2015First Law International
 
ICANN Engagement Update
ICANN Engagement UpdateICANN Engagement Update
ICANN Engagement UpdateBangladesh Network Operators Group
 
Newsletter - September 2013
Newsletter - September 2013Newsletter - September 2013
Newsletter - September 2013Intuit Consultancy
 
What changes with the EU Data Protection Regulation for Gambling Companies
What changes with the EU Data Protection Regulation for Gambling CompaniesWhat changes with the EU Data Protection Regulation for Gambling Companies
What changes with the EU Data Protection Regulation for Gambling CompaniesGiulio Coraggio
 
What changes for Internet of Things technologies with the EU Data Protection ...
What changes for Internet of Things technologies with the EU Data Protection ...What changes for Internet of Things technologies with the EU Data Protection ...
What changes for Internet of Things technologies with the EU Data Protection ...Giulio Coraggio
 
complinet history
complinet historycomplinet history
complinet historyPaul Edwards
 
Network as a sensor
Network as a sensorNetwork as a sensor
Network as a sensorCisco do Brasil
 
Employment law malta
Employment law maltaEmployment law malta
Employment law maltaEMD Advocates
 
DFARS compliance
DFARS complianceDFARS compliance
DFARS complianceLinqsGroup
 
Etude Statistique d'un mois de Vulnérabilités en Afrique
Etude Statistique d'un mois de Vulnérabilités en AfriqueEtude Statistique d'un mois de Vulnérabilités en Afrique
Etude Statistique d'un mois de Vulnérabilités en AfriqueValdes Nzalli
 
Collaboration Between Infosec Community and CERT Teams : Project Sonar case
Collaboration Between Infosec Community and CERT Teams : Project Sonar caseCollaboration Between Infosec Community and CERT Teams : Project Sonar case
Collaboration Between Infosec Community and CERT Teams : Project Sonar caseValdes Nzalli
 
NTT-CERT Activities by Yoshiki Sugiura [APRICOT 2015]
NTT-CERT Activities by Yoshiki Sugiura [APRICOT 2015]NTT-CERT Activities by Yoshiki Sugiura [APRICOT 2015]
NTT-CERT Activities by Yoshiki Sugiura [APRICOT 2015]APNIC
 

Contenu connexe

Tendances

EU data protection laws and impacts on healthcare applications and health data
EU data protection laws and impacts on healthcare applications and health dataEU data protection laws and impacts on healthcare applications and health data
EU data protection laws and impacts on healthcare applications and health dataSpeck&Tech
 
Garantice la continuidad de su negocio Damian Prieto
Garantice la continuidad de su negocio Damian PrietoGarantice la continuidad de su negocio Damian Prieto
Garantice la continuidad de su negocio Damian PrietoCristian Garcia G.
 
Insurance Innovation Award-PolicyPal
Insurance Innovation Award-PolicyPalInsurance Innovation Award-PolicyPal
Insurance Innovation Award-PolicyPalThe Digital Insurer
 
RisingStarsOfCybersecurity
RisingStarsOfCybersecurityRisingStarsOfCybersecurity
RisingStarsOfCybersecurityIndy Dh
 
FCF June 2014 - 02 cyber case studies
FCF June 2014 - 02 cyber case studies FCF June 2014 - 02 cyber case studies
FCF June 2014 - 02 cyber case studies#TheFraudTube
 
What's Next in Cybersecurity Policy
What's Next in Cybersecurity PolicyWhat's Next in Cybersecurity Policy
What's Next in Cybersecurity PolicyEly Kahn
 
CyberSecurity: Protecting Law Firms - Vanderburg - JurInnov
CyberSecurity: Protecting Law Firms - Vanderburg - JurInnovCyberSecurity: Protecting Law Firms - Vanderburg - JurInnov
CyberSecurity: Protecting Law Firms - Vanderburg - JurInnovEric Vanderburg
 
Internet harvest starting to sour
Internet harvest starting to sourInternet harvest starting to sour
Internet harvest starting to sourcpscapitalaustralia
 
What changes with the EU Data Protection Regulation for Gambling Companies
What changes with the EU Data Protection Regulation for Gambling CompaniesWhat changes with the EU Data Protection Regulation for Gambling Companies
What changes with the EU Data Protection Regulation for Gambling CompaniesGiulio Coraggio
 
What changes for Internet of Things technologies with the EU Data Protection ...
What changes for Internet of Things technologies with the EU Data Protection ...What changes for Internet of Things technologies with the EU Data Protection ...
What changes for Internet of Things technologies with the EU Data Protection ...Giulio Coraggio
 
Employment law malta
Employment law maltaEmployment law malta
Employment law maltaEMD Advocates
 
DFARS compliance
DFARS complianceDFARS compliance
DFARS complianceLinqsGroup
 

Tendances (19)

Apani Ov V9
Apani Ov V9Apani Ov V9
Apani Ov V9
 
EU data protection laws and impacts on healthcare applications and health data
EU data protection laws and impacts on healthcare applications and health dataEU data protection laws and impacts on healthcare applications and health data
EU data protection laws and impacts on healthcare applications and health data
 
Garantice la continuidad de su negocio Damian Prieto
Garantice la continuidad de su negocio Damian PrietoGarantice la continuidad de su negocio Damian Prieto
Garantice la continuidad de su negocio Damian Prieto
 
Insurance Innovation Award-PolicyPal
Insurance Innovation Award-PolicyPalInsurance Innovation Award-PolicyPal
Insurance Innovation Award-PolicyPal
 
RisingStarsOfCybersecurity
RisingStarsOfCybersecurityRisingStarsOfCybersecurity
RisingStarsOfCybersecurity
 
FCF June 2014 - 02 cyber case studies
FCF June 2014 - 02 cyber case studies FCF June 2014 - 02 cyber case studies
FCF June 2014 - 02 cyber case studies
 
What's Next in Cybersecurity Policy
What's Next in Cybersecurity PolicyWhat's Next in Cybersecurity Policy
What's Next in Cybersecurity Policy
 
CyberSecurity: Protecting Law Firms - Vanderburg - JurInnov
CyberSecurity: Protecting Law Firms - Vanderburg - JurInnovCyberSecurity: Protecting Law Firms - Vanderburg - JurInnov
CyberSecurity: Protecting Law Firms - Vanderburg - JurInnov
 
Internet harvest starting to sour
Internet harvest starting to sourInternet harvest starting to sour
Internet harvest starting to sour
 
Getiss 16x9
Getiss 16x9Getiss 16x9
Getiss 16x9
 
FLI Newsletter - August 2015
FLI Newsletter - August 2015FLI Newsletter - August 2015
FLI Newsletter - August 2015
 
ICANN Engagement Update
ICANN Engagement UpdateICANN Engagement Update
ICANN Engagement Update
 
Newsletter - September 2013
Newsletter - September 2013Newsletter - September 2013
Newsletter - September 2013
 
What changes with the EU Data Protection Regulation for Gambling Companies
What changes with the EU Data Protection Regulation for Gambling CompaniesWhat changes with the EU Data Protection Regulation for Gambling Companies
What changes with the EU Data Protection Regulation for Gambling Companies
 
What changes for Internet of Things technologies with the EU Data Protection ...
What changes for Internet of Things technologies with the EU Data Protection ...What changes for Internet of Things technologies with the EU Data Protection ...
What changes for Internet of Things technologies with the EU Data Protection ...
 
complinet history
complinet historycomplinet history
complinet history
 
Network as a sensor
Network as a sensorNetwork as a sensor
Network as a sensor
 
Employment law malta
Employment law maltaEmployment law malta
Employment law malta
 
DFARS compliance
DFARS complianceDFARS compliance
DFARS compliance
 

En vedette

Etude Statistique d'un mois de Vulnérabilités en Afrique
Etude Statistique d'un mois de Vulnérabilités en AfriqueEtude Statistique d'un mois de Vulnérabilités en Afrique
Etude Statistique d'un mois de Vulnérabilités en AfriqueValdes Nzalli
 
Collaboration Between Infosec Community and CERT Teams : Project Sonar case
Collaboration Between Infosec Community and CERT Teams : Project Sonar caseCollaboration Between Infosec Community and CERT Teams : Project Sonar case
Collaboration Between Infosec Community and CERT Teams : Project Sonar caseValdes Nzalli
 
NTT-CERT Activities by Yoshiki Sugiura [APRICOT 2015]
NTT-CERT Activities by Yoshiki Sugiura [APRICOT 2015]NTT-CERT Activities by Yoshiki Sugiura [APRICOT 2015]
NTT-CERT Activities by Yoshiki Sugiura [APRICOT 2015]APNIC
 
Crytek CSIRT CERT-EE Symposium 2016
Crytek CSIRT CERT-EE Symposium 2016Crytek CSIRT CERT-EE Symposium 2016
Crytek CSIRT CERT-EE Symposium 2016CrytekCSIRT
 
Setting up CSIRT
Setting up CSIRTSetting up CSIRT
Setting up CSIRTAPNIC
 
Day 1 Enisa Setting Up A Csirt
Day 1 Enisa Setting Up A CsirtDay 1 Enisa Setting Up A Csirt
Day 1 Enisa Setting Up A Csirtvngundi
 
Video Game Console
Video Game ConsoleVideo Game Console
Video Game Consolejudah43
 
Eurooppalainen verkosto OPS:n resurssina – esimerkkinä eTwinning
Eurooppalainen verkosto OPS:n resurssina – esimerkkinä eTwinningEurooppalainen verkosto OPS:n resurssina – esimerkkinä eTwinning
Eurooppalainen verkosto OPS:n resurssina – esimerkkinä eTwinningTiina Sarisalmi
 
Economic Control or Reform or Structural Change : Occupy the 1?
Economic Control or Reform or Structural Change : Occupy the 1?Economic Control or Reform or Structural Change : Occupy the 1?
Economic Control or Reform or Structural Change : Occupy the 1?ANM Farukh
 
Formative Capitalism
Formative CapitalismFormative Capitalism
Formative CapitalismANM Farukh
 
How to add a canvas to your image
How to add a canvas to your imageHow to add a canvas to your image
How to add a canvas to your imageSirron Carrector
 
Sustainable and Responsible Investing
Sustainable and Responsible InvestingSustainable and Responsible Investing
Sustainable and Responsible InvestingScott Sadler
 
Ic Sconf2010presentation Dp Bh
Ic Sconf2010presentation Dp BhIc Sconf2010presentation Dp Bh
Ic Sconf2010presentation Dp BhBrian Honan
 
KMUTNB - Internet Programming 5/7
KMUTNB - Internet Programming 5/7KMUTNB - Internet Programming 5/7
KMUTNB - Internet Programming 5/7phuphax
 
Cineas Corso Taylor Made Per Zurich 27 Aprile 2010 Mattina
Cineas Corso Taylor Made Per Zurich 27 Aprile 2010 MattinaCineas Corso Taylor Made Per Zurich 27 Aprile 2010 Mattina
Cineas Corso Taylor Made Per Zurich 27 Aprile 2010 MattinaMarco Contini
 
Hot Topics For 2010
Hot Topics For 2010Hot Topics For 2010
Hot Topics For 2010Brian Honan
 
Monitoring Student Work In Moodle Delise Fathers April 2009
Monitoring Student Work In Moodle Delise Fathers April 2009Monitoring Student Work In Moodle Delise Fathers April 2009
Monitoring Student Work In Moodle Delise Fathers April 2009yeske.patricia
 

En vedette (20)

Etude Statistique d'un mois de Vulnérabilités en Afrique
Etude Statistique d'un mois de Vulnérabilités en AfriqueEtude Statistique d'un mois de Vulnérabilités en Afrique
Etude Statistique d'un mois de Vulnérabilités en Afrique
 
Collaboration Between Infosec Community and CERT Teams : Project Sonar case
Collaboration Between Infosec Community and CERT Teams : Project Sonar caseCollaboration Between Infosec Community and CERT Teams : Project Sonar case
Collaboration Between Infosec Community and CERT Teams : Project Sonar case
 
NTT-CERT Activities by Yoshiki Sugiura [APRICOT 2015]
NTT-CERT Activities by Yoshiki Sugiura [APRICOT 2015]NTT-CERT Activities by Yoshiki Sugiura [APRICOT 2015]
NTT-CERT Activities by Yoshiki Sugiura [APRICOT 2015]
 
Crytek CSIRT CERT-EE Symposium 2016
Crytek CSIRT CERT-EE Symposium 2016Crytek CSIRT CERT-EE Symposium 2016
Crytek CSIRT CERT-EE Symposium 2016
 
Setting up CSIRT
Setting up CSIRTSetting up CSIRT
Setting up CSIRT
 
Day 1 Enisa Setting Up A Csirt
Day 1 Enisa Setting Up A CsirtDay 1 Enisa Setting Up A Csirt
Day 1 Enisa Setting Up A Csirt
 
Video Game Console
Video Game ConsoleVideo Game Console
Video Game Console
 
Eurooppalainen verkosto OPS:n resurssina – esimerkkinä eTwinning
Eurooppalainen verkosto OPS:n resurssina – esimerkkinä eTwinningEurooppalainen verkosto OPS:n resurssina – esimerkkinä eTwinning
Eurooppalainen verkosto OPS:n resurssina – esimerkkinä eTwinning
 
Economic Control or Reform or Structural Change : Occupy the 1?
Economic Control or Reform or Structural Change : Occupy the 1?Economic Control or Reform or Structural Change : Occupy the 1?
Economic Control or Reform or Structural Change : Occupy the 1?
 
Formative Capitalism
Formative CapitalismFormative Capitalism
Formative Capitalism
 
How to add a canvas to your image
How to add a canvas to your imageHow to add a canvas to your image
How to add a canvas to your image
 
Sustainable and Responsible Investing
Sustainable and Responsible InvestingSustainable and Responsible Investing
Sustainable and Responsible Investing
 
Ic Sconf2010presentation Dp Bh
Ic Sconf2010presentation Dp BhIc Sconf2010presentation Dp Bh
Ic Sconf2010presentation Dp Bh
 
KMUTNB - Internet Programming 5/7
KMUTNB - Internet Programming 5/7KMUTNB - Internet Programming 5/7
KMUTNB - Internet Programming 5/7
 
Springtime in Orivesi
Springtime in OrivesiSpringtime in Orivesi
Springtime in Orivesi
 
East Side Rising
East Side RisingEast Side Rising
East Side Rising
 
Cineas Corso Taylor Made Per Zurich 27 Aprile 2010 Mattina
Cineas Corso Taylor Made Per Zurich 27 Aprile 2010 MattinaCineas Corso Taylor Made Per Zurich 27 Aprile 2010 Mattina
Cineas Corso Taylor Made Per Zurich 27 Aprile 2010 Mattina
 
Greek Travel Guide
Greek Travel GuideGreek Travel Guide
Greek Travel Guide
 
Hot Topics For 2010
Hot Topics For 2010Hot Topics For 2010
Hot Topics For 2010
 
Monitoring Student Work In Moodle Delise Fathers April 2009
Monitoring Student Work In Moodle Delise Fathers April 2009Monitoring Student Work In Moodle Delise Fathers April 2009
Monitoring Student Work In Moodle Delise Fathers April 2009
 

Similaire à Creating a CERT at WARP Speed

Future-proofing the IPBill
Future-proofing the IPBillFuture-proofing the IPBill
Future-proofing the IPBillGraham Smith
 
Barclays uk innovation_keynote_final
Barclays uk innovation_keynote_finalBarclays uk innovation_keynote_final
Barclays uk innovation_keynote_finalSumon Sadhu
 
Ireland Gateway To Europe | Your Set Up in Ireland Team
Ireland Gateway To Europe | Your Set Up in Ireland TeamIreland Gateway To Europe | Your Set Up in Ireland Team
Ireland Gateway To Europe | Your Set Up in Ireland TeamJamie Harnett
 
Innovation conference 26.05.2011
Innovation conference 26.05.2011Innovation conference 26.05.2011
Innovation conference 26.05.2011FP Logue Solicitors
 
Internet of Things in 10 slides
Internet of Things in 10 slides Internet of Things in 10 slides
Internet of Things in 10 slides Francisco Maroto
 
Fundamentals of Information Systems Security Chapter 2
Fundamentals of Information Systems Security Chapter 2 Fundamentals of Information Systems Security Chapter 2
Fundamentals of Information Systems Security Chapter 2 Dr. Ahmed Al Zaidy
 
CCET-GBC Fueling Innovation for Construction and Real Estate with IoE
CCET-GBC Fueling Innovation for Construction and Real Estate with IoECCET-GBC Fueling Innovation for Construction and Real Estate with IoE
CCET-GBC Fueling Innovation for Construction and Real Estate with IoERick Huijbregts
 
Webinar: That's the Way the Network Perimeter Crumbles - Cybersecurity for th...
Webinar: That's the Way the Network Perimeter Crumbles - Cybersecurity for th...Webinar: That's the Way the Network Perimeter Crumbles - Cybersecurity for th...
Webinar: That's the Way the Network Perimeter Crumbles - Cybersecurity for th...Cyren, Inc
 
George Beaton: Outside Investment in Law Firms from ClioCloud9 Conference
George Beaton: Outside Investment in Law Firms from ClioCloud9 ConferenceGeorge Beaton: Outside Investment in Law Firms from ClioCloud9 Conference
George Beaton: Outside Investment in Law Firms from ClioCloud9 ConferenceBeatonCapital
 
GDPR aneb jak umí Veritas pomoci být v souladu s tímto nařízením
GDPR aneb jak umí Veritas pomoci být v souladu s tímto nařízenímGDPR aneb jak umí Veritas pomoci být v souladu s tímto nařízením
GDPR aneb jak umí Veritas pomoci být v souladu s tímto nařízenímMarketingArrowECS_CZ
 
Protecting your Organisation from the Internet of Evil Things
Protecting your Organisation from the Internet of Evil ThingsProtecting your Organisation from the Internet of Evil Things
Protecting your Organisation from the Internet of Evil ThingsZeshan Sattar
 
Accenture - How Will Policing and Justice Be Affected By the Data Protection ...
Accenture - How Will Policing and Justice Be Affected By the Data Protection ...Accenture - How Will Policing and Justice Be Affected By the Data Protection ...
Accenture - How Will Policing and Justice Be Affected By the Data Protection ...techUK
 
2019 11-13 how to comply with ccpa as part of a global privacy strategy
2019 11-13 how to comply with ccpa as part of a global privacy strategy2019 11-13 how to comply with ccpa as part of a global privacy strategy
2019 11-13 how to comply with ccpa as part of a global privacy strategyTrustArc
 
Built on talent published version
Built on talent published versionBuilt on talent published version
Built on talent published versionAisling Mc Niffe
 
IRISSCON 2014 Privacy Cloud Computing
IRISSCON 2014 Privacy Cloud ComputingIRISSCON 2014 Privacy Cloud Computing
IRISSCON 2014 Privacy Cloud ComputingPaul Hogan
 
Webinar: CYREN WebSecurity for Enterprise
Webinar: CYREN WebSecurity for EnterpriseWebinar: CYREN WebSecurity for Enterprise
Webinar: CYREN WebSecurity for EnterpriseCyren, Inc
 
Webinar: CYREN WebSecurity for Healthcare
Webinar: CYREN WebSecurity for HealthcareWebinar: CYREN WebSecurity for Healthcare
Webinar: CYREN WebSecurity for HealthcareCyren, Inc
 
Cloud Services As An Enabler: the Strategic, Legal & Pragmatic Approach
Cloud Services As An Enabler: the Strategic, Legal & Pragmatic ApproachCloud Services As An Enabler: the Strategic, Legal & Pragmatic Approach
Cloud Services As An Enabler: the Strategic, Legal & Pragmatic ApproachSLA-Ready Network
 

Similaire à Creating a CERT at WARP Speed (20)

Future-proofing the IPBill
Future-proofing the IPBillFuture-proofing the IPBill
Future-proofing the IPBill
 
Barclays uk innovation_keynote_final
Barclays uk innovation_keynote_finalBarclays uk innovation_keynote_final
Barclays uk innovation_keynote_final
 
Ireland Gateway To Europe | Your Set Up in Ireland Team
Ireland Gateway To Europe | Your Set Up in Ireland TeamIreland Gateway To Europe | Your Set Up in Ireland Team
Ireland Gateway To Europe | Your Set Up in Ireland Team
 
Innovation conference 26.05.2011
Innovation conference 26.05.2011Innovation conference 26.05.2011
Innovation conference 26.05.2011
 
Internet of Things in 10 slides
Internet of Things in 10 slides Internet of Things in 10 slides
Internet of Things in 10 slides
 
Fundamentals of Information Systems Security Chapter 2
Fundamentals of Information Systems Security Chapter 2 Fundamentals of Information Systems Security Chapter 2
Fundamentals of Information Systems Security Chapter 2
 
CCET-GBC Fueling Innovation for Construction and Real Estate with IoE
CCET-GBC Fueling Innovation for Construction and Real Estate with IoECCET-GBC Fueling Innovation for Construction and Real Estate with IoE
CCET-GBC Fueling Innovation for Construction and Real Estate with IoE
 
LES 9 september 2011
LES 9 september 2011LES 9 september 2011
LES 9 september 2011
 
Webinar: That's the Way the Network Perimeter Crumbles - Cybersecurity for th...
Webinar: That's the Way the Network Perimeter Crumbles - Cybersecurity for th...Webinar: That's the Way the Network Perimeter Crumbles - Cybersecurity for th...
Webinar: That's the Way the Network Perimeter Crumbles - Cybersecurity for th...
 
George Beaton: Outside Investment in Law Firms from ClioCloud9 Conference
George Beaton: Outside Investment in Law Firms from ClioCloud9 ConferenceGeorge Beaton: Outside Investment in Law Firms from ClioCloud9 Conference
George Beaton: Outside Investment in Law Firms from ClioCloud9 Conference
 
GDPR aneb jak umí Veritas pomoci být v souladu s tímto nařízením
GDPR aneb jak umí Veritas pomoci být v souladu s tímto nařízenímGDPR aneb jak umí Veritas pomoci být v souladu s tímto nařízením
GDPR aneb jak umí Veritas pomoci být v souladu s tímto nařízením
 
Protecting your Organisation from the Internet of Evil Things
Protecting your Organisation from the Internet of Evil ThingsProtecting your Organisation from the Internet of Evil Things
Protecting your Organisation from the Internet of Evil Things
 
Accenture - How Will Policing and Justice Be Affected By the Data Protection ...
Accenture - How Will Policing and Justice Be Affected By the Data Protection ...Accenture - How Will Policing and Justice Be Affected By the Data Protection ...
Accenture - How Will Policing and Justice Be Affected By the Data Protection ...
 
A Futurist Perspective
A Futurist Perspective A Futurist Perspective
A Futurist Perspective
 
2019 11-13 how to comply with ccpa as part of a global privacy strategy
2019 11-13 how to comply with ccpa as part of a global privacy strategy2019 11-13 how to comply with ccpa as part of a global privacy strategy
2019 11-13 how to comply with ccpa as part of a global privacy strategy
 
Built on talent published version
Built on talent published versionBuilt on talent published version
Built on talent published version
 
IRISSCON 2014 Privacy Cloud Computing
IRISSCON 2014 Privacy Cloud ComputingIRISSCON 2014 Privacy Cloud Computing
IRISSCON 2014 Privacy Cloud Computing
 
Webinar: CYREN WebSecurity for Enterprise
Webinar: CYREN WebSecurity for EnterpriseWebinar: CYREN WebSecurity for Enterprise
Webinar: CYREN WebSecurity for Enterprise
 
Webinar: CYREN WebSecurity for Healthcare
Webinar: CYREN WebSecurity for HealthcareWebinar: CYREN WebSecurity for Healthcare
Webinar: CYREN WebSecurity for Healthcare
 
Cloud Services As An Enabler: the Strategic, Legal & Pragmatic Approach
Cloud Services As An Enabler: the Strategic, Legal & Pragmatic ApproachCloud Services As An Enabler: the Strategic, Legal & Pragmatic Approach
Cloud Services As An Enabler: the Strategic, Legal & Pragmatic Approach
 

Plus de Brian Honan

Brian honan ipexpo keynote
Brian honan ipexpo keynoteBrian honan ipexpo keynote
Brian honan ipexpo keynoteBrian Honan
 
GDPR & Brexit - What Does the Future Hold?
GDPR & Brexit - What Does the Future Hold?GDPR & Brexit - What Does the Future Hold?
GDPR & Brexit - What Does the Future Hold?Brian Honan
 
Ransomware Prevention Guide
Ransomware Prevention GuideRansomware Prevention Guide
Ransomware Prevention GuideBrian Honan
 
The dark side of the internet
The dark side of the internetThe dark side of the internet
The dark side of the internetBrian Honan
 
Data security brian honan
Data security brian honanData security brian honan
Data security brian honanBrian Honan
 
Presentation on EU Directives Impacting Cyber Security for Information Securi...
Presentation on EU Directives Impacting Cyber Security for Information Securi...Presentation on EU Directives Impacting Cyber Security for Information Securi...
Presentation on EU Directives Impacting Cyber Security for Information Securi...Brian Honan
 
Incident Response in the Cloud
Incident Response in the CloudIncident Response in the Cloud
Incident Response in the CloudBrian Honan
 
How to Like Social Media Network Security
How to Like Social Media Network SecurityHow to Like Social Media Network Security
How to Like Social Media Network SecurityBrian Honan
 
Bridging the air gap
Bridging the air gapBridging the air gap
Bridging the air gapBrian Honan
 
Proactive incident response
Proactive incident responseProactive incident response
Proactive incident responseBrian Honan
 
Learning from History
Learning from HistoryLearning from History
Learning from HistoryBrian Honan
 
Incident response cloud
Incident response cloudIncident response cloud
Incident response cloudBrian Honan
 
Preparing for Failure - Best Practise for Incident Response
Preparing for Failure - Best Practise for Incident ResponsePreparing for Failure - Best Practise for Incident Response
Preparing for Failure - Best Practise for Incident ResponseBrian Honan
 
Best practises for log management
Best practises for log managementBest practises for log management
Best practises for log managementBrian Honan
 
Layer 8 Security - Securing the Nut Between the Keyboard & Screen
Layer 8 Security - Securing the Nut Between the Keyboard & ScreenLayer 8 Security - Securing the Nut Between the Keyboard & Screen
Layer 8 Security - Securing the Nut Between the Keyboard & ScreenBrian Honan
 
The Case for Mandatory Data Breach Disclosure Laws
The Case for Mandatory Data Breach Disclosure LawsThe Case for Mandatory Data Breach Disclosure Laws
The Case for Mandatory Data Breach Disclosure LawsBrian Honan
 
Knowing Me Knowing You
Knowing Me Knowing YouKnowing Me Knowing You
Knowing Me Knowing YouBrian Honan
 
Scare Ware From Ireland
Scare Ware From IrelandScare Ware From Ireland
Scare Ware From IrelandBrian Honan
 

Plus de Brian Honan (20)

Brian honan ipexpo keynote
Brian honan ipexpo keynoteBrian honan ipexpo keynote
Brian honan ipexpo keynote
 
GDPR & Brexit - What Does the Future Hold?
GDPR & Brexit - What Does the Future Hold?GDPR & Brexit - What Does the Future Hold?
GDPR & Brexit - What Does the Future Hold?
 
Ransomware Prevention Guide
Ransomware Prevention GuideRansomware Prevention Guide
Ransomware Prevention Guide
 
Brian honan
Brian honanBrian honan
Brian honan
 
The dark side of the internet
The dark side of the internetThe dark side of the internet
The dark side of the internet
 
Data security brian honan
Data security brian honanData security brian honan
Data security brian honan
 
Presentation on EU Directives Impacting Cyber Security for Information Securi...
Presentation on EU Directives Impacting Cyber Security for Information Securi...Presentation on EU Directives Impacting Cyber Security for Information Securi...
Presentation on EU Directives Impacting Cyber Security for Information Securi...
 
Incident Response in the Cloud
Incident Response in the CloudIncident Response in the Cloud
Incident Response in the Cloud
 
How to Like Social Media Network Security
How to Like Social Media Network SecurityHow to Like Social Media Network Security
How to Like Social Media Network Security
 
Bridging the air gap
Bridging the air gapBridging the air gap
Bridging the air gap
 
Proactive incident response
Proactive incident responseProactive incident response
Proactive incident response
 
Learning from History
Learning from HistoryLearning from History
Learning from History
 
Incident response cloud
Incident response cloudIncident response cloud
Incident response cloud
 
Preparing for Failure - Best Practise for Incident Response
Preparing for Failure - Best Practise for Incident ResponsePreparing for Failure - Best Practise for Incident Response
Preparing for Failure - Best Practise for Incident Response
 
Best practises for log management
Best practises for log managementBest practises for log management
Best practises for log management
 
Cloud security
Cloud securityCloud security
Cloud security
 
Layer 8 Security - Securing the Nut Between the Keyboard & Screen
Layer 8 Security - Securing the Nut Between the Keyboard & ScreenLayer 8 Security - Securing the Nut Between the Keyboard & Screen
Layer 8 Security - Securing the Nut Between the Keyboard & Screen
 
The Case for Mandatory Data Breach Disclosure Laws
The Case for Mandatory Data Breach Disclosure LawsThe Case for Mandatory Data Breach Disclosure Laws
The Case for Mandatory Data Breach Disclosure Laws
 
Knowing Me Knowing You
Knowing Me Knowing YouKnowing Me Knowing You
Knowing Me Knowing You
 
Scare Ware From Ireland
Scare Ware From IrelandScare Ware From Ireland
Scare Ware From Ireland
 

Dernier

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 

Dernier (20)

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 

Creating a CERT at WARP Speed

Notes de l'éditeur

  1. 2004 I identified that Ireland had no CERT. I felt that this was a major weakness in our security infrastructure at both an economic and national security point of view. In 2004 I took the decision to pursue the reasons why we had no CERT and based on the responses determine if we needed one. If it was determined we should have one then outline a way forward for Ireland to have a CERT
  2. ISSA &amp; UCD “CyberCrime Survey 2006”98% of all Companies Impacted90% impacted by computer virus infection20% suffered losses &gt; €100,00033% suffered losses &gt; €50,00052% of incidents resulted in 10 man days to recover25% of incidents resulted in 50 man days to recover55% lost data as a direct result90% suffered loss in productivity12% of internal misuse resulted in criminal cases
  3. I met with the various stakeholders;Department of Communications responsible for Internet securitySubsequent meetings withAn Garda Siochana (Irish Police)Chambers IrelandIrish Business and Employers Confederation Enterprise IrelandIrish Small &amp; Medium Enterprises Association Internet Service Provider Association of Ireland Science Foundation IrelandHEAnet CERTCenter for Cybercrime Investigation - University College Dublin ISSA IrelandIrish Information Systems Security ForumThe SANS Institute EuropeENISA (the European Network and Information Security Agency )Numerous Organisations of Varying Sizes
  4. I conducted a survey to elicit people’s requirements from a CERT.That information was invaluable to the project
  5. Based on the feedback I got and the results of the survey the resounding response is that Ireland did need a CERT.Centre for Cybercrime in UCD were willing to host the CERTI developed a business plan which was presented to the Dept outlining the research, the reasons behind the recommendations and suggested costs. I felt my work here was done and now a CERT would certainly happen.However, nothing happened. Despite numerous calls and emails progress was very, very slow.
  6. Until the summer of 2007 and the DDOS attacks on Estonia.Now the phone calls and emails were coming to me!!Concern in Irish government sources that Ireland could be impacted in a similar fashion.
  7. But then progress ground back to its usual pace.I got very frustrated with what I saw as a lack of progress. This was capped off when a member of a CERT team in another country told me that within the CSIRT community it was felt that China was more responsive to cyber crime issues than Ireland.
  8. So I set up IRISS.IRISS is a registered not for profit company. Business Day coverageContactable by email &amp; web.Part Time Volunteer StaffIrish Focused Security Information
  9. In the main has been very positiveBy membersBy PressOther CERTsSome telco providers have been very positive and responsive to working with us.Others not so cooperative.
  10.  Depending on FundingPromote services so more people are aware of us.Promote community involvement – online discussion forumsBlogTwitterConduct more research on Irish information security issuesExpand range of servicesBecome more involved in International CERT communityTF-CSIRTListedNow seeking accreditationFIRSTAnnual conference
  11. Who are your key stakeholders?Internal to your organisations Senior Management IT Business ManagersExternal Clients Partners Vendors
  12. Who will be your constituency?Internal users?By community type?By industry type?By geographical location?
  13. Incident ResponseForensicsIncident Co-ordinationAlertingTraining &amp; AwarenessMalware analysisVulnerability ManagementAuditingResearchBest PractisesProviding Guidelines
  14. What will you need to make your CSIRT successful?LocationEquipmentCommunications Email? Phone? Fax? IM?StaffTrainingLegal expertiseDocumentationToolsAuthority and Autonomy Can you shut systems/networks down? If so what are the repercussions?
  15. Secure EmailCall logging and incident tracking systemMonitoring toolsMalware handling toolsVulnerability managementForensics and investigative toolsProcesses and ProceduresTrainingCERT NetSA Security Suitehttp://tools.netsa.cert.org/Clearinghouse for Incident Handling Toolshttp://www.enisa.europa.eu/act/cert/support/chiht
  16. StaffingHostingPremisesSoftware &amp; HardwareTelecomsInsuranceLegal CounselTraining &amp; ResearchTravel &amp; Seminars
  17. Run drills on staffDesktop exercisesSimulate incidentsTake part in national and international exercises
  18. Be Easily AccessibleEnsure Staff Are Trained Properly.Remember Soft Skills are Essential !!Market the IRT and its ServicesCreate and Maintain RelationshipsLaw EnforcementOther CERTsLegal CounselGovernment Departments and AgenciesRepresentative Bodies
  19. Be Easily AccessibleEnsure Staff Are Trained Properly.Remember Soft Skills are Essential !!Market the IRT and its ServicesCreate and Maintain RelationshipsLaw EnforcementOther CERTsLegal CounselGovernment Departments and AgenciesRepresentative Bodies
  20. Remember - You Will be NeededLearn from MistakesHighlight the PositivesMeasure Your EffectivenessNumber of incidentsType of IncidentsCostsReducing over timeCommunicate RegularlyClients &amp; Stakeholders
  21. Patience is a VirtueFunding or Lack ofBe Aware of Vested InterestsThe CERT Community is Close KnitManagement IndifferenceYour Reputation Could be at Stake
  22. I did not have the funds outlined in the original proposal. I needed a solution that;Was cost effective – remember I had no money could be tailored to suit the requirements of the communityWould provide support for a virtual teamCould get the services up and running quickly.Would support a community based approach