OWASP EG-CERT is charged with providing computer and information security incident response, support, defence and analysis against cyber attacks and collaboration with government, financial entities and any other critical information infrastructure sectors scoped to Egypt.
OWASP Established 0n April Under Egyptian National Telecom Regulatory Authority (NTRA)
OWASP July 2009, 24/7 Monitoring & Incident Response. September 2009, Forensics Analysis Service..
OWASP April 2011, Malware analysis & Reverse Engineering.
OWASP March 2012, Full member in FIRST (Forum of Incident Response and Security Teams). September 2013, EG-CERT has it’s own premises.
Cyber Security Awareness Started operations in Small scale operations. Preparation for launching a full scale awareness campaign.
OWASP Why do we need awareness The target is simply providing the most possible level of protection to both the Egyptian critical information infrastructure and the Egyptian ordinary computer users.
OWASP Why do we need awareness It is fairly known for cyber security professional that humans are the weakest link in the whole ecosystem of cyber security.
OWASP Why does Egypt need awareness Percentage of computers running Microsoft software reporting malware infections in Egypt.
OWASP Why does Egypt need awareness
OWASP Infection rates Many elements can affect the infection rates:- - OS type(It takes a relatively long time to switch to open source, or to develop domestic operating systems ).
OWASP Infection rates Many elements can affect the infection rates:- - Lack of antimalware software - Pirated software - Lack of awareness.
OWASP What’s the Plan
OWASP Fresh ideas How to Spread awareness of online threats and making it a culture ? Looking for more creative ways to make it happen.
OWASP Awareness targets The targets for the awareness campaign can be categorized into three categories each has its proper communication channels and method:- -Organizations. - Public. -Technical
OWASP Organizations : Which is the most critical We should start by trying to define what is critical. We define the proper communication channels and methods. We handle the critical targets.
OWASP Organizations : Which is the most critical Examples for most critical assets :- - Ministries and governmental entities. - Banking sector. -Telecom infrastructure.
OWASP Organizations : Which is the most critical Examples for less critical assets :- - Universities. - Private sector organizations.
OWASP Public scope The main issue regarding the public scope of the campaign is communication channels and methods.