SlideShare une entreprise Scribd logo

Cert adli wahid_iisf2011

Directorate of Information Security | Ditjen Aptika
Directorate of Information Security | Ditjen Aptika
TechnologieFormation
1  sur  22
Télécharger pour lire hors ligne
Ministry of Science, Technology and Innovation Computer Emergency Response Team Co-ordination Centre (CERT/CC) Adli Wahid VP Cyber Security Response Service and Head of Malaysia CERT CyberSecurity Malaysia E: adli@cybersecurity.my T: adliwahid
Agenda •  Concepts •  The Case of a CERT/CC •  MyCERT Case Study •  Conclusion
Incident Response and Handling •  Incident Response is all of the technical components required in order to analyze and contain an incident. –  Required skills i.e. networking and log analysis, computer forensics, malware reverse engineering •  Incident Handling is the logistics, communications, coordination, and planning functions needed in order to resolve an incident in a calm and efficient manner –  Goals: protect and restore
Objectives of Incident Handling 1.  To mitigate or reduce risks associated to an incident 2.  To respond to all incidents and suspected incidents based on pre-determined process 3.  Provide unbiased investigations on all incidents 4.  Establish a 24x7 hotline/contact – to enable effective reporting of incidents. 5.  Control and contain an incident   Affected systems return to normal operation   Recommend solutions
6 Steps Of Incident Handling 1   6   Preparation 2   3   5   Eradication 4  
CERT/CSIRTs •  Components –  Constituency –  Mission –  Organization –  Funding –  Services –  Policies and Procedures •  This requires a TEAM
CERTs/CSIRTs Services Reac,ve   Proac,ve   1.  Incident  Response  and  Handling   1.  Watch  and  Warn    /  Threat   2.  Advisories   Monitoring   2.  Research  and  Development   3.  Training  and  Outreach/Awareness   4.  Cyber  Security  Crisis    
THE CASE FOR A CERT/CC
Good vs Evil Law   Sys   Bot   Enforcem Criminals   Admins   Herders   ent   VS   Providers   CSIRTs   Spammers   Phishers  
Motivation of a National CSIRT •  Point of contact of incidents reporting –  National (Trusted) PoC for Internal & External reporting –  Incident co-ordination (with LEs, Other CERTs/ CSIRTs –  Collaboration & Intel Exchanged •  Situational Awareness •  Improving laws and regulations •  Provide assistance to Internet users •  Protection of Critical Infrastructure
Different types of Incidents •  The ‘Usual’ Stuff –  Malware –  Denial of Service –  Online Fraud/Scams –  Identity Theft •  Cyber Crisis –  Anonymous Attack –  APT / Targetted Attacks –  Global Outbreaks
Handling Local Banks Phishing Incidents •  Things to do –  Prevent people from visiting phishing site •  Remove Block –  Recover stolen credentials •  Email account •  Database –  Assist Victim to make reports –  Co-ordinate with Bank and Law Enforcement –  Detect Phishing sites faster •  Do It yourself or Get others to feed you
Issues & Challenges •  Mandate & Constituencies –  Who should ‘report’ to ‘who’ –  Who should handle what •  End-to-End Resolution –  I have reported the incident, can we catch the bad guy? Can I have my money back –  One stop centre
MYCERT
Incident   Malware    Co-­‐ Handling  /   Research   ordinaNon   Cyber999       Centre   Centre  
•  MyCERT was established in 1997, deals mostly with technical teams, CSIRTs, LEs •  Cyber999 launched in 2008, allows the all to report to MyCERT •  A lot of incidents were affecting the Internet Users at large –  Phishing, Malware (botnets), Online Fraud, Harassment •  Cyber999 Provides a one stop centre for incidents reporting
•  Launched in 2009 •  Previously a ‘watch and warn’ or ‘early warning function’ •  Specializes in malware analysis / tracking •  Activities –  Operates the distributed honeynet project –  Produce tools / services –  Execute the national cyber security exercise –  Issues advisories and alerts , special reports
Tools from our Lab DNSWatch   MYPHPIPS   hOp://www.mycert.org.my/en/resources/security_tools/main/main/detail/768/index.html  
National Cyber Crisis Exercise (X-Maya) •  Led by the National Security Council since 2008 •  Improve readiness and situational awareness among CNII agencies –  National Threat Level –  Reporting structure in a crisis •  CyberSecurity Malaysia / MyCERT provide simulation of the cyber security incidents for the players
Conclusion •  Central co-ordination point is critical •  Help drives other national level initiatives i.e. awareness, training, critical infrastructure protection, certification programmes •  Working together is the best way forward
Questions •  CyberSecurity Malaysia http://www.cybersecurity.my •  MyCERT: http://www.mycert.org.my •  Email: adli@cybersecurity.my •  Twitter: adliwahid

Recommandé

Noah Maina: Computer Emergency Response Team (CERT)
Noah Maina: Computer Emergency Response Team (CERT)Noah Maina: Computer Emergency Response Team (CERT)
Noah Maina: Computer Emergency Response Team (CERT)Hamisi Kibonde
 
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]APNIC
 
CERT Certification
CERT CertificationCERT Certification
CERT CertificationConferencias FIST
 
Day 1 Enisa Setting Up A Csirt
Day 1 Enisa Setting Up A CsirtDay 1 Enisa Setting Up A Csirt
Day 1 Enisa Setting Up A Csirtvngundi
 
Setting up CSIRT
Setting up CSIRTSetting up CSIRT
Setting up CSIRTAPNIC
 
Building CSIRT and its competency
Building CSIRT and its competencyBuilding CSIRT and its competency
Building CSIRT and its competencyDidik Partono Rudiarto
 
Cyber Security Professionals Viewed via Supply Chain
Cyber Security Professionals Viewed via Supply ChainCyber Security Professionals Viewed via Supply Chain
Cyber Security Professionals Viewed via Supply Chainaletarw
 
CSIRT_16_Jun
CSIRT_16_JunCSIRT_16_Jun
CSIRT_16_JunCandan BOLUKBAS
 

Recommandé

Noah Maina: Computer Emergency Response Team (CERT)
Noah Maina: Computer Emergency Response Team (CERT)Noah Maina: Computer Emergency Response Team (CERT)
Noah Maina: Computer Emergency Response Team (CERT)Hamisi Kibonde
 
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]APNIC
 
CERT Certification
CERT CertificationCERT Certification
CERT CertificationConferencias FIST
 
Day 1 Enisa Setting Up A Csirt
Day 1 Enisa Setting Up A CsirtDay 1 Enisa Setting Up A Csirt
Day 1 Enisa Setting Up A Csirtvngundi
 
Setting up CSIRT
Setting up CSIRTSetting up CSIRT
Setting up CSIRTAPNIC
 
Building CSIRT and its competency
Building CSIRT and its competencyBuilding CSIRT and its competency
Building CSIRT and its competencyDidik Partono Rudiarto
 
Cyber Security Professionals Viewed via Supply Chain
Cyber Security Professionals Viewed via Supply ChainCyber Security Professionals Viewed via Supply Chain
Cyber Security Professionals Viewed via Supply Chainaletarw
 
CSIRT_16_Jun
CSIRT_16_JunCSIRT_16_Jun
CSIRT_16_JunCandan BOLUKBAS
 
Combating cyber crimes chinatu
Combating cyber crimes chinatuCombating cyber crimes chinatu
Combating cyber crimes chinatuChinatu Uzuegbu
 
A Strategy for Addressing Cyber Security Challenges
A Strategy for Addressing Cyber Security Challenges A Strategy for Addressing Cyber Security Challenges
A Strategy for Addressing Cyber Security Challenges Cybersecurity Education and Research Centre
 
001.itsecurity bcp v1
001.itsecurity bcp v1001.itsecurity bcp v1
001.itsecurity bcp v1Mohammad Ashfaqur Rahman
 
Cyber Resilience – Strengthening Cybersecurity Posture & Preparedness by Phil...
Cyber Resilience – Strengthening Cybersecurity Posture & Preparedness by Phil...Cyber Resilience – Strengthening Cybersecurity Posture & Preparedness by Phil...
Cyber Resilience – Strengthening Cybersecurity Posture & Preparedness by Phil...BCM Institute
 
Defending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber AttacksDefending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber AttacksTripwire
 
Meletis Belsis -CSIRTs
Meletis Belsis -CSIRTsMeletis Belsis -CSIRTs
Meletis Belsis -CSIRTsMeletis Belsis MPhil/MRes/BSc
 
2021 CNCERT International Partnership Conference: Increasing cybersecurity pr...
2021 CNCERT International Partnership Conference: Increasing cybersecurity pr...2021 CNCERT International Partnership Conference: Increasing cybersecurity pr...
2021 CNCERT International Partnership Conference: Increasing cybersecurity pr...APNIC
 
Cyber Security Awareness Month 2017-Wrap-Up
Cyber Security Awareness Month 2017-Wrap-UpCyber Security Awareness Month 2017-Wrap-Up
Cyber Security Awareness Month 2017-Wrap-UpChinatu Uzuegbu
 
Incident handling of cyber espionage
Incident handling of cyber espionageIncident handling of cyber espionage
Incident handling of cyber espionageMarie Elisabeth Gaup Moe
 
Need for Improved Critical Industrial Infrastructure Protection
Need for Improved Critical Industrial Infrastructure ProtectionNeed for Improved Critical Industrial Infrastructure Protection
Need for Improved Critical Industrial Infrastructure ProtectionWilliam McBorrough
 
Hunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systemsHunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systemsFidelis Cybersecurity
 
Information cyber security
Information cyber securityInformation cyber security
Information cyber securitySumanPramanik7
 
Cybersecurity - Introduction and Preventive Measures
Cybersecurity - Introduction and Preventive MeasuresCybersecurity - Introduction and Preventive Measures
Cybersecurity - Introduction and Preventive MeasuresAditya Ratnaparkhi
 
Part 1: Identifying Insider Threats with Fidelis EDR Technology
Part 1: Identifying Insider Threats with Fidelis EDR Technology Part 1: Identifying Insider Threats with Fidelis EDR Technology
Part 1: Identifying Insider Threats with Fidelis EDR Technology Fidelis Cybersecurity
 
Career Guidance on Cybersecurity by Mohammed Adam
Career Guidance on Cybersecurity by Mohammed AdamCareer Guidance on Cybersecurity by Mohammed Adam
Career Guidance on Cybersecurity by Mohammed AdamMohammed Adam
 
Security tools
Security toolsSecurity tools
Security toolsarfan shahzad
 
Cyber security landscape
Cyber security landscapeCyber security landscape
Cyber security landscapeJisc
 
National cyber security policy final
National cyber security policy finalNational cyber security policy final
National cyber security policy finalIndian Air Force
 
Challenges2013
Challenges2013Challenges2013
Challenges2013Lancope, Inc.
 
Ne Course Part Two
Ne Course Part TwoNe Course Part Two
Ne Course Part Twobackdoor
 
Bingoppt
BingopptBingoppt
BingopptShravani Nutalapati
 
Shravani bday
Shravani bdayShravani bday
Shravani bdayParasuram Ashok
 

Contenu connexe

Tendances

Combating cyber crimes chinatu
Combating cyber crimes chinatuCombating cyber crimes chinatu
Combating cyber crimes chinatuChinatu Uzuegbu
 
Cyber Resilience – Strengthening Cybersecurity Posture & Preparedness by Phil...
Cyber Resilience – Strengthening Cybersecurity Posture & Preparedness by Phil...Cyber Resilience – Strengthening Cybersecurity Posture & Preparedness by Phil...
Cyber Resilience – Strengthening Cybersecurity Posture & Preparedness by Phil...BCM Institute
 
Defending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber AttacksDefending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber AttacksTripwire
 
2021 CNCERT International Partnership Conference: Increasing cybersecurity pr...
2021 CNCERT International Partnership Conference: Increasing cybersecurity pr...2021 CNCERT International Partnership Conference: Increasing cybersecurity pr...
2021 CNCERT International Partnership Conference: Increasing cybersecurity pr...APNIC
 
Cyber Security Awareness Month 2017-Wrap-Up
Cyber Security Awareness Month 2017-Wrap-UpCyber Security Awareness Month 2017-Wrap-Up
Cyber Security Awareness Month 2017-Wrap-UpChinatu Uzuegbu
 
Need for Improved Critical Industrial Infrastructure Protection
Need for Improved Critical Industrial Infrastructure ProtectionNeed for Improved Critical Industrial Infrastructure Protection
Need for Improved Critical Industrial Infrastructure ProtectionWilliam McBorrough
 
Hunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systemsHunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systemsFidelis Cybersecurity
 
Information cyber security
Information cyber securityInformation cyber security
Information cyber securitySumanPramanik7
 
Cybersecurity - Introduction and Preventive Measures
Cybersecurity - Introduction and Preventive MeasuresCybersecurity - Introduction and Preventive Measures
Cybersecurity - Introduction and Preventive MeasuresAditya Ratnaparkhi
 
Part 1: Identifying Insider Threats with Fidelis EDR Technology
Part 1: Identifying Insider Threats with Fidelis EDR Technology Part 1: Identifying Insider Threats with Fidelis EDR Technology
Part 1: Identifying Insider Threats with Fidelis EDR Technology Fidelis Cybersecurity
 
Career Guidance on Cybersecurity by Mohammed Adam
Career Guidance on Cybersecurity by Mohammed AdamCareer Guidance on Cybersecurity by Mohammed Adam
Career Guidance on Cybersecurity by Mohammed AdamMohammed Adam
 
Cyber security landscape
Cyber security landscapeCyber security landscape
Cyber security landscapeJisc
 
National cyber security policy final
National cyber security policy finalNational cyber security policy final
National cyber security policy finalIndian Air Force
 
Ne Course Part Two
Ne Course Part TwoNe Course Part Two
Ne Course Part Twobackdoor
 

Tendances (20)

Combating cyber crimes chinatu
Combating cyber crimes chinatuCombating cyber crimes chinatu
Combating cyber crimes chinatu
 
A Strategy for Addressing Cyber Security Challenges
A Strategy for Addressing Cyber Security Challenges A Strategy for Addressing Cyber Security Challenges
A Strategy for Addressing Cyber Security Challenges
 
001.itsecurity bcp v1
001.itsecurity bcp v1001.itsecurity bcp v1
001.itsecurity bcp v1
 
Cyber Resilience – Strengthening Cybersecurity Posture & Preparedness by Phil...
Cyber Resilience – Strengthening Cybersecurity Posture & Preparedness by Phil...Cyber Resilience – Strengthening Cybersecurity Posture & Preparedness by Phil...
Cyber Resilience – Strengthening Cybersecurity Posture & Preparedness by Phil...
 
Defending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber AttacksDefending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber Attacks
 
Meletis Belsis -CSIRTs
Meletis Belsis -CSIRTsMeletis Belsis -CSIRTs
Meletis Belsis -CSIRTs
 
2021 CNCERT International Partnership Conference: Increasing cybersecurity pr...
2021 CNCERT International Partnership Conference: Increasing cybersecurity pr...2021 CNCERT International Partnership Conference: Increasing cybersecurity pr...
2021 CNCERT International Partnership Conference: Increasing cybersecurity pr...
 
Cyber Security Awareness Month 2017-Wrap-Up
Cyber Security Awareness Month 2017-Wrap-UpCyber Security Awareness Month 2017-Wrap-Up
Cyber Security Awareness Month 2017-Wrap-Up
 
Incident handling of cyber espionage
Incident handling of cyber espionageIncident handling of cyber espionage
Incident handling of cyber espionage
 
Need for Improved Critical Industrial Infrastructure Protection
Need for Improved Critical Industrial Infrastructure ProtectionNeed for Improved Critical Industrial Infrastructure Protection
Need for Improved Critical Industrial Infrastructure Protection
 
Hunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systemsHunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systems
 
Information cyber security
Information cyber securityInformation cyber security
Information cyber security
 
Cybersecurity - Introduction and Preventive Measures
Cybersecurity - Introduction and Preventive MeasuresCybersecurity - Introduction and Preventive Measures
Cybersecurity - Introduction and Preventive Measures
 
Part 1: Identifying Insider Threats with Fidelis EDR Technology
Part 1: Identifying Insider Threats with Fidelis EDR Technology Part 1: Identifying Insider Threats with Fidelis EDR Technology
Part 1: Identifying Insider Threats with Fidelis EDR Technology
 
Career Guidance on Cybersecurity by Mohammed Adam
Career Guidance on Cybersecurity by Mohammed AdamCareer Guidance on Cybersecurity by Mohammed Adam
Career Guidance on Cybersecurity by Mohammed Adam
 
Security tools
Security toolsSecurity tools
Security tools
 
Cyber security landscape
Cyber security landscapeCyber security landscape
Cyber security landscape
 
National cyber security policy final
National cyber security policy finalNational cyber security policy final
National cyber security policy final
 
Challenges2013
Challenges2013Challenges2013
Challenges2013
 
Ne Course Part Two
Ne Course Part TwoNe Course Part Two
Ne Course Part Two
 

En vedette

En vedette (20)

Bingoppt
BingopptBingoppt
Bingoppt
 
Shravani bday
Shravani bdayShravani bday
Shravani bday
 
What is CERT 1.22.2015
What is CERT 1.22.2015What is CERT 1.22.2015
What is CERT 1.22.2015
 
02. R U Sure U R Secure
02. R U Sure U R Secure02. R U Sure U R Secure
02. R U Sure U R Secure
 
Security Development Life Cycle
Security Development Life CycleSecurity Development Life Cycle
Security Development Life Cycle
 
Summary report cc brti
Summary report cc brtiSummary report cc brti
Summary report cc brti
 
Skema Akreditasi-Sertifikasi ISO 27001 Komite Akreditasi Nasional
Skema Akreditasi-Sertifikasi ISO 27001 Komite Akreditasi NasionalSkema Akreditasi-Sertifikasi ISO 27001 Komite Akreditasi Nasional
Skema Akreditasi-Sertifikasi ISO 27001 Komite Akreditasi Nasional
 
Protecting Data Privacy
Protecting Data PrivacyProtecting Data Privacy
Protecting Data Privacy
 
Telkom sigma keminfo materi
Telkom sigma keminfo materiTelkom sigma keminfo materi
Telkom sigma keminfo materi
 
Developing a Legal Framework for Privacy
Developing a Legal Framework for PrivacyDeveloping a Legal Framework for Privacy
Developing a Legal Framework for Privacy
 
Rusmanto - Pengantar PDF dan Aplikasi Open Source terkait PDF
Rusmanto - Pengantar PDF dan Aplikasi Open Source terkait PDFRusmanto - Pengantar PDF dan Aplikasi Open Source terkait PDF
Rusmanto - Pengantar PDF dan Aplikasi Open Source terkait PDF
 
Privacy and Data Protection
Privacy and Data ProtectionPrivacy and Data Protection
Privacy and Data Protection
 
20111214 iisf shinoda_
20111214 iisf shinoda_20111214 iisf shinoda_
20111214 iisf shinoda_
 
Personal security
Personal securityPersonal security
Personal security
 
Chuan weihoo_IISF2011
Chuan weihoo_IISF2011Chuan weihoo_IISF2011
Chuan weihoo_IISF2011
 
Sovereignty in Cyberspace
Sovereignty in CyberspaceSovereignty in Cyberspace
Sovereignty in Cyberspace
 
Tasdik Kinanto - Interoperabilitas Dokumen Perkantoran dalam e-Government
Tasdik Kinanto - Interoperabilitas Dokumen Perkantoran dalam e-GovernmentTasdik Kinanto - Interoperabilitas Dokumen Perkantoran dalam e-Government
Tasdik Kinanto - Interoperabilitas Dokumen Perkantoran dalam e-Government
 
04. SAKTTI Introduction
04. SAKTTI Introduction04. SAKTTI Introduction
04. SAKTTI Introduction
 
Information Security Governance
Information Security GovernanceInformation Security Governance
Information Security Governance
 
DR. Taufik Hasan - Aplikasi Pendukung Interoperabilitas Dokumen untuk Indonesia
DR. Taufik Hasan - Aplikasi Pendukung Interoperabilitas Dokumen untuk IndonesiaDR. Taufik Hasan - Aplikasi Pendukung Interoperabilitas Dokumen untuk Indonesia
DR. Taufik Hasan - Aplikasi Pendukung Interoperabilitas Dokumen untuk Indonesia
 

Similaire à Cert adli wahid_iisf2011

Cybersecurity Risk Governance
Cybersecurity Risk GovernanceCybersecurity Risk Governance
Cybersecurity Risk GovernanceDan Michaluk
 
Using Technology and People to Improve your Threat Resistance and Cyber Security
Using Technology and People to Improve your Threat Resistance and Cyber SecurityUsing Technology and People to Improve your Threat Resistance and Cyber Security
Using Technology and People to Improve your Threat Resistance and Cyber SecurityStephen Cobb
 
Dealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDonald Tabone
 
Incident Response in the age of Nation State Cyber Attacks
Incident Response in the age of Nation State Cyber AttacksIncident Response in the age of Nation State Cyber Attacks
Incident Response in the age of Nation State Cyber AttacksResilient Systems
 
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Joe Bartolo
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinarIntergen
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinarEmpired
 
Cyber Attacks aren't going away - including Cyber Security in your risk strategy
Cyber Attacks aren't going away - including Cyber Security in your risk strategyCyber Attacks aren't going away - including Cyber Security in your risk strategy
Cyber Attacks aren't going away - including Cyber Security in your risk strategyJames Mulhern
 
Today's Breach Reality, The IR Imperative, And What You Can Do About It
Today's Breach Reality, The IR Imperative, And What You Can Do About ItToday's Breach Reality, The IR Imperative, And What You Can Do About It
Today's Breach Reality, The IR Imperative, And What You Can Do About ItResilient Systems
 
Risk Factory Information Security Coordination Challenges & Best Practice
Risk Factory Information Security Coordination Challenges & Best PracticeRisk Factory Information Security Coordination Challenges & Best Practice
Risk Factory Information Security Coordination Challenges & Best PracticeRisk Crew
 
Cervone uof t - nist framework (1)
Cervone uof t - nist framework (1)Cervone uof t - nist framework (1)
Cervone uof t - nist framework (1)Stephen Abram
 
2015 Cyber Security
2015 Cyber Security2015 Cyber Security
2015 Cyber SecurityAllen Zhang
 
Cybersecurity mitigation strategies webinar AIG ecoDa FERMA 24 March 2016
Cybersecurity mitigation strategies webinar AIG ecoDa FERMA 24 March 2016Cybersecurity mitigation strategies webinar AIG ecoDa FERMA 24 March 2016
Cybersecurity mitigation strategies webinar AIG ecoDa FERMA 24 March 2016FERMA
 
CNIT 50: 9. NSM Operations
CNIT 50: 9. NSM OperationsCNIT 50: 9. NSM Operations
CNIT 50: 9. NSM OperationsSam Bowne
 
Cybersecurity by the numbers
Cybersecurity by the numbersCybersecurity by the numbers
Cybersecurity by the numbersAPNIC
 
DRC -- Cybersecurity concepts2015
DRC -- Cybersecurity concepts2015DRC -- Cybersecurity concepts2015
DRC -- Cybersecurity concepts2015T. J. Saotome
 
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...APNIC
 
NZISF Talk: Six essential security services
NZISF Talk: Six essential security servicesNZISF Talk: Six essential security services
NZISF Talk: Six essential security servicesHinne Hettema
 

Similaire à Cert adli wahid_iisf2011 (20)

Cybersecurity Risk Governance
Cybersecurity Risk GovernanceCybersecurity Risk Governance
Cybersecurity Risk Governance
 
Using Technology and People to Improve your Threat Resistance and Cyber Security
Using Technology and People to Improve your Threat Resistance and Cyber SecurityUsing Technology and People to Improve your Threat Resistance and Cyber Security
Using Technology and People to Improve your Threat Resistance and Cyber Security
 
Dealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber Resilience
 
Incident Response in the age of Nation State Cyber Attacks
Incident Response in the age of Nation State Cyber AttacksIncident Response in the age of Nation State Cyber Attacks
Incident Response in the age of Nation State Cyber Attacks
 
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinar
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinar
 
Managing security threats in today’s enterprise
Managing security threats in today’s enterpriseManaging security threats in today’s enterprise
Managing security threats in today’s enterprise
 
Cyber Attacks aren't going away - including Cyber Security in your risk strategy
Cyber Attacks aren't going away - including Cyber Security in your risk strategyCyber Attacks aren't going away - including Cyber Security in your risk strategy
Cyber Attacks aren't going away - including Cyber Security in your risk strategy
 
Today's Breach Reality, The IR Imperative, And What You Can Do About It
Today's Breach Reality, The IR Imperative, And What You Can Do About ItToday's Breach Reality, The IR Imperative, And What You Can Do About It
Today's Breach Reality, The IR Imperative, And What You Can Do About It
 
Internet safety and security strategies for building an internet safety wall
Internet safety and security strategies for building an internet safety wallInternet safety and security strategies for building an internet safety wall
Internet safety and security strategies for building an internet safety wall
 
Risk Factory Information Security Coordination Challenges & Best Practice
Risk Factory Information Security Coordination Challenges & Best PracticeRisk Factory Information Security Coordination Challenges & Best Practice
Risk Factory Information Security Coordination Challenges & Best Practice
 
Cervone uof t - nist framework (1)
Cervone uof t - nist framework (1)Cervone uof t - nist framework (1)
Cervone uof t - nist framework (1)
 
2015 Cyber Security
2015 Cyber Security2015 Cyber Security
2015 Cyber Security
 
Cybersecurity mitigation strategies webinar AIG ecoDa FERMA 24 March 2016
Cybersecurity mitigation strategies webinar AIG ecoDa FERMA 24 March 2016Cybersecurity mitigation strategies webinar AIG ecoDa FERMA 24 March 2016
Cybersecurity mitigation strategies webinar AIG ecoDa FERMA 24 March 2016
 
CNIT 50: 9. NSM Operations
CNIT 50: 9. NSM OperationsCNIT 50: 9. NSM Operations
CNIT 50: 9. NSM Operations
 
Cybersecurity by the numbers
Cybersecurity by the numbersCybersecurity by the numbers
Cybersecurity by the numbers
 
DRC -- Cybersecurity concepts2015
DRC -- Cybersecurity concepts2015DRC -- Cybersecurity concepts2015
DRC -- Cybersecurity concepts2015
 
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
 
NZISF Talk: Six essential security services
NZISF Talk: Six essential security servicesNZISF Talk: Six essential security services
NZISF Talk: Six essential security services
 

Plus de Directorate of Information Security | Ditjen Aptika

Plus de Directorate of Information Security | Ditjen Aptika (20)

Sosialisasi Keamanan Informasi_Sektor Kesehatan
Sosialisasi Keamanan Informasi_Sektor KesehatanSosialisasi Keamanan Informasi_Sektor Kesehatan
Sosialisasi Keamanan Informasi_Sektor Kesehatan
 
Sosialisasi Keamanan Informasi_Penyelenggaraan Telekomunikasi
Sosialisasi Keamanan Informasi_Penyelenggaraan TelekomunikasiSosialisasi Keamanan Informasi_Penyelenggaraan Telekomunikasi
Sosialisasi Keamanan Informasi_Penyelenggaraan Telekomunikasi
 
Sosialisasi Keamanan Informasi_Sektor Tranportasi
Sosialisasi Keamanan Informasi_Sektor TranportasiSosialisasi Keamanan Informasi_Sektor Tranportasi
Sosialisasi Keamanan Informasi_Sektor Tranportasi
 
Sosialisasi Keamanan Informasi_Bidang Perhubungan Udara
Sosialisasi Keamanan Informasi_Bidang Perhubungan UdaraSosialisasi Keamanan Informasi_Bidang Perhubungan Udara
Sosialisasi Keamanan Informasi_Bidang Perhubungan Udara
 
Sosialisasi Keamanan Informasi_Bidang Mineral dan Batubara
Sosialisasi Keamanan Informasi_Bidang Mineral dan BatubaraSosialisasi Keamanan Informasi_Bidang Mineral dan Batubara
Sosialisasi Keamanan Informasi_Bidang Mineral dan Batubara
 
Sosialisasi Keamanan Informasi_Bidang Ketenagalistrikan
Sosialisasi Keamanan Informasi_Bidang KetenagalistrikanSosialisasi Keamanan Informasi_Bidang Ketenagalistrikan
Sosialisasi Keamanan Informasi_Bidang Ketenagalistrikan
 
Sosialisasi Keamanan Informasi_Bidang Energi Baru, Terbarukan dan Konservasi ...
Sosialisasi Keamanan Informasi_Bidang Energi Baru, Terbarukan dan Konservasi ...Sosialisasi Keamanan Informasi_Bidang Energi Baru, Terbarukan dan Konservasi ...
Sosialisasi Keamanan Informasi_Bidang Energi Baru, Terbarukan dan Konservasi ...
 
Fetri Miftach_Uji publik rpm tata kelola
Fetri Miftach_Uji publik rpm tata kelolaFetri Miftach_Uji publik rpm tata kelola
Fetri Miftach_Uji publik rpm tata kelola
 
Hasyim Gautama_Tata kelola tik 20151118
Hasyim Gautama_Tata kelola tik 20151118Hasyim Gautama_Tata kelola tik 20151118
Hasyim Gautama_Tata kelola tik 20151118
 
Standar rujukan keamanan informasi sub sektor perangkat telekomunikasi
Standar rujukan keamanan informasi sub sektor perangkat telekomunikasiStandar rujukan keamanan informasi sub sektor perangkat telekomunikasi
Standar rujukan keamanan informasi sub sektor perangkat telekomunikasi
 
Diskusi Publik RPM Perangkat Lunak Sistem Elektronik_I Made Wiryawan
Diskusi Publik RPM Perangkat Lunak Sistem Elektronik_I Made WiryawanDiskusi Publik RPM Perangkat Lunak Sistem Elektronik_I Made Wiryawan
Diskusi Publik RPM Perangkat Lunak Sistem Elektronik_I Made Wiryawan
 
Diskusi Publik RPM Perangkat Lunak Sistem Elektronik_Junior Lazuardi
Diskusi Publik RPM Perangkat Lunak Sistem Elektronik_Junior LazuardiDiskusi Publik RPM Perangkat Lunak Sistem Elektronik_Junior Lazuardi
Diskusi Publik RPM Perangkat Lunak Sistem Elektronik_Junior Lazuardi
 
Diskusi Publik RPM Perangkat Lunak Sistem Elektronik_DR Hasyim Gautama
Diskusi Publik RPM Perangkat Lunak Sistem Elektronik_DR Hasyim GautamaDiskusi Publik RPM Perangkat Lunak Sistem Elektronik_DR Hasyim Gautama
Diskusi Publik RPM Perangkat Lunak Sistem Elektronik_DR Hasyim Gautama
 
Teguh arifiyadi ls skse
Teguh arifiyadi ls skseTeguh arifiyadi ls skse
Teguh arifiyadi ls skse
 
Konny sagala skema kelaikan se
Konny sagala skema kelaikan seKonny sagala skema kelaikan se
Konny sagala skema kelaikan se
 
Intan rahayu tata cara sertifikasi kelaikan sistem elektronik
Intan rahayu tata cara sertifikasi kelaikan sistem elektronikIntan rahayu tata cara sertifikasi kelaikan sistem elektronik
Intan rahayu tata cara sertifikasi kelaikan sistem elektronik
 
Uji Publik RPM SMPI Fetri Miftah
Uji Publik RPM SMPI Fetri MiftahUji Publik RPM SMPI Fetri Miftah
Uji Publik RPM SMPI Fetri Miftah
 
RPM SMPI 20150805 Hasim Gautama
RPM SMPI 20150805 Hasim GautamaRPM SMPI 20150805 Hasim Gautama
RPM SMPI 20150805 Hasim Gautama
 
SNI ISO 27001 Anwar Siregar
SNI ISO 27001 Anwar SiregarSNI ISO 27001 Anwar Siregar
SNI ISO 27001 Anwar Siregar
 
RPM SMPI
RPM SMPIRPM SMPI
RPM SMPI
 

Dernier

Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfIngrid Airi González
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 

Dernier (20)

Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 

Cert adli wahid_iisf2011

  • 1. Ministry of Science, Technology and Innovation Computer Emergency Response Team Co-ordination Centre (CERT/CC) Adli Wahid VP Cyber Security Response Service and Head of Malaysia CERT CyberSecurity Malaysia E: adli@cybersecurity.my T: adliwahid
  • 2. Agenda •  Concepts •  The Case of a CERT/CC •  MyCERT Case Study •  Conclusion
  • 3. Incident Response and Handling •  Incident Response is all of the technical components required in order to analyze and contain an incident. –  Required skills i.e. networking and log analysis, computer forensics, malware reverse engineering •  Incident Handling is the logistics, communications, coordination, and planning functions needed in order to resolve an incident in a calm and efficient manner –  Goals: protect and restore
  • 4. Objectives of Incident Handling 1.  To mitigate or reduce risks associated to an incident 2.  To respond to all incidents and suspected incidents based on pre-determined process 3.  Provide unbiased investigations on all incidents 4.  Establish a 24x7 hotline/contact – to enable effective reporting of incidents. 5.  Control and contain an incident   Affected systems return to normal operation   Recommend solutions
  • 5. 6 Steps Of Incident Handling 1   6   Preparation 2   3   5   Eradication 4  
  • 6. CERT/CSIRTs •  Components –  Constituency –  Mission –  Organization –  Funding –  Services –  Policies and Procedures •  This requires a TEAM
  • 7. CERTs/CSIRTs Services Reac,ve   Proac,ve   1.  Incident  Response  and  Handling   1.  Watch  and  Warn    /  Threat   2.  Advisories   Monitoring   2.  Research  and  Development   3.  Training  and  Outreach/Awareness   4.  Cyber  Security  Crisis    
  • 8. THE CASE FOR A CERT/CC
  • 9. Good vs Evil Law   Sys   Bot   Enforcem Criminals   Admins   Herders   ent   VS   Providers   CSIRTs   Spammers   Phishers  
  • 10. Motivation of a National CSIRT •  Point of contact of incidents reporting –  National (Trusted) PoC for Internal & External reporting –  Incident co-ordination (with LEs, Other CERTs/ CSIRTs –  Collaboration & Intel Exchanged •  Situational Awareness •  Improving laws and regulations •  Provide assistance to Internet users •  Protection of Critical Infrastructure
  • 11. Different types of Incidents •  The ‘Usual’ Stuff –  Malware –  Denial of Service –  Online Fraud/Scams –  Identity Theft •  Cyber Crisis –  Anonymous Attack –  APT / Targetted Attacks –  Global Outbreaks
  • 12. Handling Local Banks Phishing Incidents •  Things to do –  Prevent people from visiting phishing site •  Remove Block –  Recover stolen credentials •  Email account •  Database –  Assist Victim to make reports –  Co-ordinate with Bank and Law Enforcement –  Detect Phishing sites faster •  Do It yourself or Get others to feed you
  • 13. Issues & Challenges •  Mandate & Constituencies –  Who should ‘report’ to ‘who’ –  Who should handle what •  End-to-End Resolution –  I have reported the incident, can we catch the bad guy? Can I have my money back –  One stop centre
  • 15. Incident   Malware    Co-­‐ Handling  /   Research   ordinaNon   Cyber999       Centre   Centre  
  • 16. •  MyCERT was established in 1997, deals mostly with technical teams, CSIRTs, LEs •  Cyber999 launched in 2008, allows the all to report to MyCERT •  A lot of incidents were affecting the Internet Users at large –  Phishing, Malware (botnets), Online Fraud, Harassment •  Cyber999 Provides a one stop centre for incidents reporting
  • 17.
  • 18. •  Launched in 2009 •  Previously a ‘watch and warn’ or ‘early warning function’ •  Specializes in malware analysis / tracking •  Activities –  Operates the distributed honeynet project –  Produce tools / services –  Execute the national cyber security exercise –  Issues advisories and alerts , special reports
  • 19. Tools from our Lab DNSWatch   MYPHPIPS   hOp://www.mycert.org.my/en/resources/security_tools/main/main/detail/768/index.html  
  • 20. National Cyber Crisis Exercise (X-Maya) •  Led by the National Security Council since 2008 •  Improve readiness and situational awareness among CNII agencies –  National Threat Level –  Reporting structure in a crisis •  CyberSecurity Malaysia / MyCERT provide simulation of the cyber security incidents for the players
  • 21. Conclusion •  Central co-ordination point is critical •  Help drives other national level initiatives i.e. awareness, training, critical infrastructure protection, certification programmes •  Working together is the best way forward
  • 22. Questions •  CyberSecurity Malaysia http://www.cybersecurity.my •  MyCERT: http://www.mycert.org.my •  Email: adli@cybersecurity.my •  Twitter: adliwahid