Presentation is loading. Please wait.

Presentation is loading. Please wait.

An Overview to Information Security and Security Initiatives in India Anil Sagar Additional Director Indian Computer Emergency Response Team (CERT-In)

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "An Overview to Information Security and Security Initiatives in India Anil Sagar Additional Director Indian Computer Emergency Response Team (CERT-In)"— Presentation transcript:

1 An Overview to Information Security and Security Initiatives in India Anil Sagar Additional Director Indian Computer Emergency Response Team (CERT-In)

2 Objectives Why we need security To understand Information Security To know Security Initiatives in India

3 Why Security? Polish Teen Faces Charges for Allegedly Manipulating Train System (January 11, 2008) Barclays Chairman Victim of Identity Theft (January 10 & 11, 2008) Stolen Laptops Hold Nashville Voter Data ( 337,000 voters) (January 3, 2008)

4 Security: The Need The consequences of insufficient security –Identity theft –Compromised customer confidence; loss of business –Service interruption (e.g., e-mail) –Loss of competitive advantage –Equipment theft –Embarrassing media coverage –Substantial financial loss –Legal penalties

5 What’s at stake? When connecting to the Internet, three things are put at risk: –Data –Resources –Reputation

6 Facebook Widget Installing Spyware

7

8

9

10

11

12 Information Security – CIA Confidentiality –ensuring that information is accessible only to those authorized to have access Integrity –assurance of accuracy and reliability of information –unauthorized modification of data is prevented Availability –Information is being accessible and usable upon demand by an authorized entity Non Repudiation –Verification of the sender and the recipient were, in fact, the parties who claimed to send or receive the message, respectively

13 Threats to Information Security Confidentiality – Unauthorised Disclosure Integrity – Unauthorised Alteration Availability –Disruption

14 Threats An event, the occurrence of which could have an undesirable impact on the well-being of an asset. [ISC2] International Information Systems Security Certification Consortium Any circumstances or event that has the potential to cause harm to a system or network.That means, that even the existence of a(n unknown) vulnerability implies a threat by definition. [CERT]

15 Vulnerability A feature or bug in a system or program which enables an attacker to bypass security measures. An aspect of a system or network that leaves it open to attack. Absence or weakness of a risk-reducing safeguard. It is a condition that has the potential to allow a threat to occur with greater frequency, greater impact or both.

16 Threats

17 Current trend of cyber threats Targeted attacks Stealing of data/modification Identity theft (Phishing) Spread of malicious code Distributed Denial of service attacks Website Defacements

18 Rapid Development of Cyber Threats

19 Confidentiality INFORMATION SECURITY Integrity Availability Authenticity Security Policy People Process Technology Regulatory Compliance Access Control Security Audit User Awareness Program Incident Response Firewall, IPS/IDS Encryption, PKI Antivirus Information Security Management

20 What actions need to be taken User awareness –Security portals for user awareness –Ad campaigns Enterprise security –CSIRTs Sectoral cooperation and coordination –Sectoral CERTs National coordination –CERT-In Global coordination –APCERT, ASEAN, FIRST

21 Need for cooperation Users Organisations CSIRTs, CERTs ISPs Domain registrars DNS operators IT vendors Law enforcement agencies

22 Govt. Initiatives Formation of CERT-In (January, 2003) Nodal agency for –Responding to security incidents –Prevention of incidents by means of generating user awareness –Promotion of security best pratices Coordination at –Sectoral level –National level –International level

23 CERT-In initiatives Directives issued to Govt. and public sector organisations to –Implement ISO 27001 security standard –Perform regular security audits –Shifting of websites onto ‘.in’ name space –Hosting of websites within country Empanelment of IT Security auditors Creation of awareness by organising training programs for CISOs, System administrators Issuance of security guidelines

24 CERT-In initiatives Collaboration with security vendors like Microsoft, Redhat, Cisco, Symantec, McAfee, TrendMicro etc. Security surveys and reports Created forum on Phishing and Spam in collaboration with CII & other stakeholders Issued “Securing Home Computers” and “Web Server Security” Guidelines Informative Web Portals created in collaboration with Microsoft & Redhat for general user

25 25 Information Sharing: Stakeholders ISPs, Key Networks CERTs CSIRTs Vendors Media Law Enforcement Agencies Home Users CERT-In --- Government Sector -Critical Information Infrastructure - Corporate Sector International CERTs

26 International Cooperation FIRST APCERT CERT/CC US-CERT JPCERT Korean CERT

27 DIT initiatives Generation of trained manpower on Information security –Master trainers in Information Security (60) –Short-term/long-term courses in Information Security Certification, Vulnerability Assessment, training programs in the area of IT –STQC

28 DIT initiatives R&D projects –Cryptography –Steganography –Network Behavior Analysis –Biometric Authentication –Mobile Security –Cyber Forensics

29 Indian Website Defaced in Year 2007

30 Security Incidents handled by CERT-In during 2007

31 Latest attack vectors Compromise of popular websites and subsequent distribution of malware visiting the website Compromise of e-mail accounts and distribution of malicious attachments to contact list users Collection of user credentials through keyloggers

32 Activities of CERT-In Activities20032004200520062007 E-mail messages received -625182219483283 Incidents handled-232545521237 Security Alerts/ Incident Notes 420304844 Advisories1723255066 Vulnerability Notes1674120138163 Security Guidelines94211 White papers-3622 Trainings17676 Indian Website Defacement tracked 16871529470552115863 Open Proxy Servers tracked Bot Infected System tracked ---- 236 - 1156 - 1837 - 1805 25915

33 33 Communication channels CERT-In website –About 1460 users visiting the site per day –Significant increase of site visit during major events CERT-In Incident Response Help Desk –Toll free nos. 1800-11-4949 (Voice) 1800-11-6969 (FAX) CERT-In mailing list –About 1100 individuals from various national and international security organizations E-mail CIOs Database ISPs Postal mail

34 Conclusion Let us work together for a vision. Create an society in which spam, viruses and worms, the plagues of modern information technology are eliminated.

35 Thank you Incident Response HelpDesk Phone: 1800 11 4949 FAX: 1800 11 6969 e-mail: incident@cert-in.org.in http://www.cert-in.org.in

Download ppt "An Overview to Information Security and Security Initiatives in India Anil Sagar Additional Director Indian Computer Emergency Response Team (CERT-In)"

Similar presentations

1 ASEAN Regional Forum Meeting 28 – 30 April 2010 Bandar Seri Begawan, Brunei CERT-Ins Initiative on International Information Security Dr A S Kamble Director.

1 ASEAN Regional Forum Meeting 28 – 30 April 2010 Bandar Seri Begawan, Brunei CERT-Ins Initiative on International Information Security Dr A S Kamble Director.
Philippine Cybercrime Efforts

Philippine Cybercrime Efforts
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Breaking Trust On The Internet

Breaking Trust On The Internet
Networked Systems Survivability CERT ® Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213-3890 © 2002 Carnegie.

Networked Systems Survivability CERT ® Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA © 2002 Carnegie.
The Ecommerce Security Environment For most law-abiding citizens, the internet holds the promise of a global marketplace, providing access to people and.

The Ecommerce Security Environment For most law-abiding citizens, the internet holds the promise of a global marketplace, providing access to people and.
Security Controls – What Works

Security Controls – What Works
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Know the Client Own the Problem Share the Solution The 2005 Case for Information Technology Security October 14, 2004.

Know the Client Own the Problem Share the Solution The 2005 Case for Information Technology Security October 14, 2004.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.
1 Case Study ESTABLISHING NATIONAL CERT By Saleem Al-Balooshi Etisalat - AE.

1 Case Study ESTABLISHING NATIONAL CERT By Saleem Al-Balooshi Etisalat - AE.
Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.

Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.
(Geneva, Switzerland, September 2014)

(Geneva, Switzerland, September 2014)
Geneva, Switzerland, 15-16 September 2014 Overview of Kenya’s Cybersecurity Framework Michael K. Katundu Director, Information Technology Communications.

Geneva, Switzerland, September 2014 Overview of Kenya’s Cybersecurity Framework Michael K. Katundu Director, Information Technology Communications.
Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.

Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.

Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.
The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions 631-692-5175 Steve Katz, CISSP Security.

The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions Steve Katz, CISSP Security.
Cybercrime Outlook on African banks Adwo Heintjes Global Head IT Audit & Ops Rabobank.

Cybercrime Outlook on African banks Adwo Heintjes Global Head IT Audit & Ops Rabobank.

Similar presentations

Ads by Google