Cyber Attack Trends Mid Year Report 2021 - Security Delta ...
Global Security Trends : Technology, Business, and Social Perspective
-
Upload
perbanasinstitute -
Category
Documents
-
view
2 -
download
0
Transcript of Global Security Trends : Technology, Business, and Social Perspective
Prof. Richardus Eko Indrajit Chairman of ID-‐SIRTII and APTIKOM [email protected] www.eko-‐indrajit.com
Global Security Trends : Technology, Business, and Social Perspec�ve First Public Disclosure of A�ack Analysis on Indonesia Internet Infrastructure
Special Presenta�on on
About ID-‐SIRTII and APTIKOM
The Na�onal CSIRT/CERT of Indonesia (quasi government ins�tu�on)
Conduc�ng traffic monitoring and log management of the country’s internet infrastructure
Coordina�ng more than 300 ISPs all over the na�on
Responsible for safeguarding internet infrastructure used by mission cri�cal ins�tu�ons
Associa�on of IT colleges and universi�es in Indonesia
Consist of 750 higher-‐learning ins�tu�ons (more than 1,500 study programs)
Approximately 600,000 ac�ve student body, with 50,000 graduates per year
Join collabora�on for curriculum development and shared-‐resources/services ini�a�ves
“ building public awareness on internet security “
Two Way Rela�onship
relate relate
Cyber Space
Real World
real interaction real transaction real resources
real people
flow of information flow of product/services
flow of money
Two Way Rela�onship
Cyber Space
Real World Ethics
Law Rule of Conduct
Mechanism
Cyber Law
““Ruling Cyber Space interaction with Real World Penalty””
Classic Defini�on of War
WAR is here to stay… ““Can Cyber Law alone become the weapon for modern defense against 21st century Cyber Warfare & Cyber Crime?””
Two Way Rela�onship
Cyber Space
Real World
Poli�cal Incidents
Interna�onal Events
Published Books
Training Materials
Pirated Tools
Community of Interests
threaten
attack
crime
blackmail
destroy
penetrate
destroy disrupt terminate
ruin mess up
Two Way Rela�onship
Real World
Personal Blogs
Ci�zen Journalism
Anonymous Interac�on
Phishing and Forgery
Campaign and Provoca�on
Communi�es Reviews
Cyber Space
sue
investigate
suspect
sabotage
inspect examine
spy gossip
justify
perceive
condemn
The Paradox of Increasing Internet Value
internet users
transac�on value
interac�on frequency
communi�es spectrum
usage objec�ves
+ + + + =
The Internet Value
threats
it means…
a�acks crimes
Internet Security Issues Domain
INTERNET SECURITY
TECHNICAL ISSUES
BUSINESS ISSUES
SOCIAL ISSUES
Internet is formed through connec�ng a set of digital-‐based physical technology that follows a good number of standards and protocols All technical components (hardware and so�ware) interact to each other within a complex dependent…
It is a part of business system as transac�ons and interac�ons are being conducted accordingly As technology mimic, enable, drive, and transform the business, internet dependency is high For the ac�vi�es that rely on �me and space – where resources and processes can be digitalized -‐ the network is the business
What are interac�ng in the net are real people, not just a bunch of “intellectual machines” – by the end of the day, human mind, characters, behaviors, and values ma�er It is not an “isolated world” that does not have any rela�onship with the real physical world
Technical Trend Perspec�ve
malicious code vulnerabili�es
spam and spyware
phishing and iden�fy the�
�me to exploita�on
the phenomena…
the efforts…
Firewalls
An�spyware
An�Virus
So�ware Patches
Web and Email Security
Malware Blocking
Network Access Control
Intrusion Preven�on
Applica�on and Device Control
Encryp�on and PKI
Business Trend Perspec�ve
the context…
Risk Management Prac�ces
Cost Benefit Analysis
Regulatory Compliance
Governance Requirements
Digital Asset Management
Standard and Policy
Enforcement
the strategy…
IT Audit Technology Compliance
Disaster Recovery Center
Security Management
Backup and Recovery
ISO Compliance
Storage and Backup Management
Business Con�ngency Plan
Applica�on and Device Control
Archiving and Reten�on Management
Chief Security Officer
Standard Cer�fica�on
Social Trend Perspec�ve
the characteris�cs…
the choices…
Computer Savvy Society
Digital System Everywhere
Free World, Open Market
Borderless Geography
Internet as New Fron�er
policy vs. design enforcement vs. culture
regula�on vs. ethical behavior
preven�on vs. reac�on
top-‐down vs. bo�om-‐up
pressure vs. educa�on
standard vs. self control reward vs. punishment
The Core Rela�onships
People (Social Aspects)
Technology (Technical Aspects)
Context/Content Applica�ons (Business Aspects)
Internetworking Dependency
Since the strength of a chain depends on the weakest link,
then YOUR SECURITY is MY SECURITY…
Things to Do
1. Iden�fy your valuable assets 2. Define your security perimeter 3. Recognize all related par�es involved 4. Conduct risk analysis and mi�ga�on strategy 5. Ensure standard security system intact 6. Ins�tu�onalize the procedures and mechanism 7. Share the experiences among others 8. Con�nue improving security quality
Key ac�vi�es: use the THEORY OF CONSTRAINTS ! (Find the weakest link, and help them to increase their security performance and capabili�es…)
What should we do?
Monitoring the dynamic environment happening in real world and cyber world?
Building effec�ve procedures and mechanism among ins�tu�ons responsible for these two worlds?
Forming interna�onal framework for collabora�on and coopera�on to combat cyber crimes?
Finding the most fast and effec�ve methodology to educate society on cyber security?
Developing and adop�ng mul�-‐lateral cyber law conven�on? Ac�ng like intelligence agencies? Interpol? Detec�ves? CSIRTs/CERTs? ASEAN? United Na�ons?
Lessons Learned
As the value of internet increase, so does the risk of having it in our life.
Hackers and crackers help each others, why shouldn’t we collaborate?
Enough talking and planning, start execu�ng your risk management strategy…
Prof. Richardus Eko Indrajit Chairman of ID-‐SIRTII and APTIKOM [email protected] www.eko-‐indrajit.com
Thank You