Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2004 APCERT APCERT Activity Update Yurie Ito JPCERT/CC (On behalf of the APCERT Secretariat)

Published byDevin Lancaster Modified over 10 years ago

Similar presentations

Presentation on theme: "© 2004 APCERT APCERT Activity Update Yurie Ito JPCERT/CC (On behalf of the APCERT Secretariat)"— Presentation transcript:

1 © 2004 APCERT APCERT Activity Update Yurie Ito JPCERT/CC (On behalf of the APCERT Secretariat)

2 © 2004 APCERT Introduction APCERT (Asia Pacific Computer Emergency Response Team) is a coalition of the forum of CSIRTs (Computer Security Incident Response Teams). The organization was established to encourage and support the activity of CSIRTs in the Asia Pacific region.

3 © 2004 APCERT Membership The geographical boundary of APCERT activity is the same as that of APNIC. It comprises 62 economies in the Asia and Pacific region. http://www.apnic.net/info/reference/lookup_codes_text.html http://www.apnic.net/info/reference/lookup_codes_text.html 2 levels of membership Full membership General membership POC Scheme Membership opens to all CSIRTs being existing in AP region Current members: 15 teams from 12 economies

4 © 2004 APCERT 2003 Activities Representation to other Regional and International Bodies TF-CSIRT EGC FIRST APEC-TEL APNIC

5 © 2004 APCERT 2003 Events APSIRC 2003 Was held in conjunction with APRICOT conference, hosted by TWCERT/CC and TWSIRC in Taipei APSIRC 2004 Was held in conjunction with APRICOT conference, hosted by MyCERT in KL APCERT Information Day Organized in conjunction with the FIRST Technical Colloquium (TC) and hosted by JPCERT/CC in Tokyo APSIRC 2005 Will be holding in conjunction with APRICOT conference, will be hosted by JPCERT/CC in Kyoto, Japan, February 2005. Official face to face meeting with FIRST SC and APCERT SC FIRST conference 2005 in Singapore!!!

6 © 2004 APCERT Outcomes 2003

7 © 2004 APCERT APCERT membership Accreditation Scheme Accreditation scheme was accepted by the APCERT members at APSIRC 2004 Malaysia meeting. APCERT Member Requirements APCERT Application Form SC and Sponsors Check List Team Mission Criteria 1. Teams must do Incident Response or Security Research within Asia Pacific Area (APNIC boundary) 2. Teams must make a contribution to security community in Asia Pacific region.

8 © 2004 APCERT Application Process (1) General member: 1.Submit an application form to secretariat 2.Secretariat send an application to SC 3.SC member review the application form for a week and if no objection - acceptance (2) Full member: 1.Submit an application form to secretariat 2.Secretariat send an application to SC 3.SC votes for the general member 4.Candidate decide to upgrade the membership 5.Candidate submit an application form to secretariat 6.Candidate or SC assign a sponsor team from the full members for the candidate 7.Candidate goes though Sponsor Process to upgrade the membership 8.SC member vote for the Full member after the process – 2/3 majority

9 © 2004 APCERT Special Properties of Accreditation for the Full membership Check Items for a Sponsor and SC (for vote) 1. Relevance of organizations services to the security field i.e. Services such as IRT, Security Consulting, Security Research i.e. Staff skill-set requirements for each service [ ] Check all the items of service and skill-set on the application form to insure the APCERT requirements. 2. Contribution to the APCERT community/Expectation of the applicant team - What is the teams Focus, Mission, number of Resources. - Expectation of ROI from joining APCERT [ ] Check all the items of Mission statement of the application form to insure the APCERT requirements. [ ] Check the teams track record i.e. to see how many times does the team attends conferences? i.e. How many times the teams give presentations? [ ] What is their main contribution to the security committee? ( ) Writing papers ( ) documents ( ) developing security tools ( ) public announcements (alerts, advisories) ( ) holding a workshop if its own? [ ] Get a list of the teams expectation of APCERT

10 © 2004 APCERT Special Properties of Accreditation for the Full membership: Conti 3. Trust - APCERT should clarify its policy with regards to; [ ] Check the security policy how to handle the sensitive information. ( ) How is incoming information tagged or classified? ( ) How is information handled, especially with regards to exclusively? ( ) What considerations are adopted for the disclosure of information, especially incident related information passed on to other teams or to sites? ( ) Are there legal considerations to take into account with regards to the information handling? ( ) Policy on use of cryptography to shield exclusivity & integrity in archives and/or in data communication, specially email. [ ] Check track record of working relationship with other teams. [ ] Is the response quick? How many days it take to get the reply from them? ( ) Quick( ) Reasonable( ) Slow [ ] Check the applicants policies on: ( ) Type of incidents and level of support ( ) Co-operation, interaction and disclosure of information ( ) Communication and authentication Future Plan: -Integrate/standardize CSIRT accreditation globally. (Trusted Introducer, FIRST Sponsorship scheme, APCERT accreditation, etc) -Send liaison member to FIRST accreditation WG.

11 © 2004 APCERT Outreach to multiple sectors One important role of APCERT is education and training to raise awareness and encourage best practice. APEC-TEL: APCERT provided the recommendation/ advice to AP region intergovernmental initiative as security experts group in AP ASEAN: APCERT members provide CSIRT training and Outreach program to newcomer economies Future Plan: Support standard CSIRT training material, add regional modules on top of the core material. TRANSIT Program – from EU Cooperation with the FIRST

12 © 2004 APCERT Traffic Data Share Project in AP Traffic monitoring Workshop at APSIRC 2004 at KL. For the accuracy of the internet traffic trend – sharing traffic monitoring data within wide region is useful. For the accurate analysis of internet trend, sharing analysis methodology, techniques is useful. Kicked off Traffic monitoring data share WG – two projects will be planned to expand to APCERT members. IODEF Portal site Early warning scheme within the APCERT scheme

13 © 2004 APCERT Thank you. apcert-sec@apcert.org http://www.apcert.org Yurie Ito (office@jpcert.or.jp)office@jpcert.or.jp Tel: 81-3-3518-4600

Download ppt "© 2004 APCERT APCERT Activity Update Yurie Ito JPCERT/CC (On behalf of the APCERT Secretariat)"

Similar presentations

ICANN / NRO / WSIS Update APNIC Members Meeting Kyoto.

ICANN / NRO / WSIS Update APNIC Members Meeting Kyoto.
Kento Aida, Tokyo Institute of Technology Grid Working Group Meeting Aug. 27 th, 2003 Tokyo Institute of Technology Kento Aida.

Kento Aida, Tokyo Institute of Technology Grid Working Group Meeting Aug. 27 th, 2003 Tokyo Institute of Technology Kento Aida.
The International Technology Roadmap for Semiconductors

The International Technology Roadmap for Semiconductors
Major Activities in JPNIC Since APNIC17 Izumi Okutani Japan Network Information Center NIR 18, Fiji 31 August – 3 September, 2004.

Major Activities in JPNIC Since APNIC17 Izumi Okutani Japan Network Information Center NIR 18, Fiji 31 August – 3 September, 2004.
STRENGTHENING COOPERATION ON CYBER SECURITY WITHIN THE ASEAN REGION

STRENGTHENING COOPERATION ON CYBER SECURITY WITHIN THE ASEAN REGION
1 ASEAN Regional Forum Meeting 28 – 30 April 2010 Bandar Seri Begawan, Brunei CERT-Ins Initiative on International Information Security Dr A S Kamble Director.

1 ASEAN Regional Forum Meeting 28 – 30 April 2010 Bandar Seri Begawan, Brunei CERT-Ins Initiative on International Information Security Dr A S Kamble Director.
Anti-SPAM activities in Malaysia - Current Situation, Regulatory Environment and Future Developments ITU virtual conference on anti-spam regulation and.

Anti-SPAM activities in Malaysia - Current Situation, Regulatory Environment and Future Developments ITU virtual conference on anti-spam regulation and.
Computer Emergency Response Teams

Computer Emergency Response Teams
The Role of Governments Caribbean Telecommunications Union Ministerial Seminar May 29, 2012 Heather Dryden Chair - Governmental Advisory Committee, ICANN.

The Role of Governments Caribbean Telecommunications Union Ministerial Seminar May 29, 2012 Heather Dryden Chair - Governmental Advisory Committee, ICANN.
Internet Technical Training & Workshop in AP. Infrastructures Other technical trainings.

Internet Technical Training & Workshop in AP. Infrastructures Other technical trainings.
CLACKMANNANSHIRE COUNCIL Modernising the Planning Service in Clackmannanshire Stephen Bell Head of Development Services.

CLACKMANNANSHIRE COUNCIL Modernising the Planning Service in Clackmannanshire Stephen Bell Head of Development Services.
APNIC Update Paul Wilson Director General. Overview Priorities in 2009 IPv4 exhaustion IPv6 deployment Security Internet Governance Priorities in 2010.

APNIC Update Paul Wilson Director General. Overview Priorities in 2009 IPv4 exhaustion IPv6 deployment Security Internet Governance Priorities in 2010.
Security Education and Awareness Workshop January 15-16, 2004 Baltimore, MD.

Security Education and Awareness Workshop January 15-16, 2004 Baltimore, MD.
WIIFM? The LAI and You LAI Action Plan: Promoting Libraries, Supporting Members Philip Cohen, Vice President.

WIIFM? The LAI and You LAI Action Plan: Promoting Libraries, Supporting Members Philip Cohen, Vice President.
Handling Internet Network Abuse Reports at APNIC 21 October 2010 LAP-CNSA Workshop, Melbourne George Kuo.

Handling Internet Network Abuse Reports at APNIC 21 October 2010 LAP-CNSA Workshop, Melbourne George Kuo.
Joint efforts in incident response in AP region and future work with RIR Suguru Yamaguchi JPCERT/CC.

Joint efforts in incident response in AP region and future work with RIR Suguru Yamaguchi JPCERT/CC.
Collaborating and Communicating German Valdez, External Relations Program Director.

Collaborating and Communicating German Valdez, External Relations Program Director.
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E APNIC Overview AFRINIC Meeting Accra, Ghana, May 13th 2001 Anne Lord Asia Pacific.

A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E APNIC Overview AFRINIC Meeting Accra, Ghana, May 13th 2001 Anne Lord Asia Pacific.
German Valdez Communications Area Manager Communications Area Report.

German Valdez Communications Area Manager Communications Area Report.
JPCERT/CC May. 2003. Fixed-Point Auto Data Collecting System Getting more accurate Scan and Prove data to provide more accurate network traffic analysis.

JPCERT/CC May Fixed-Point Auto Data Collecting System Getting more accurate Scan and Prove data to provide more accurate network traffic analysis.

Similar presentations

Ads by Google