Top Banner
Governance in CyberCrime Investigation & Cyber Security Organizations CYBER ATTACK 2014, Mumbai Governance in CyberCrime Investigation & Cyber Security Organizations Presented At CyberAttack 2013 Security Conference On Dec. 07, 2013 At The Palladium, Mumbai By Dinesh O. Bareja Information Security & Management Advisor
56

Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Sep 14, 2014

Download

Technology

Cybersecurity and cybercrime organizations must be created with great planning but that is not happening anywhere. In India we have a plethora of organizations sprouting up in every domain and we all know too many cooks spoil the broth. I make a case for governance at the national and state level and make the case for having a planned structure that will ensure good security, good response and offense too, if needed.
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Page 1: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations

Presented At

CyberAttack 2013 Security Conference

On

Dec. 07, 2013

At

The Palladium, Mumbai

By

Dinesh O. Bareja

Information Security & Management Advisor

Page 2: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

Distribution Version

• This presentation has been optimized for distribution which means that animation panes have been deleted and expanded so that the slides with animation do not appear with unreadable clutter

• The images that have been used are sourced freely from the Internet using multiple search resources. Our logic is that if your creations are searchable then they are usable for representation AND we never use any such images in our commercial works

• All our works that are put up as ‘distribution’ versions are published under Creative Commons license and are non-commercial – these are available for download from common document sites on the internet or from our website

• If some images are deleted the slide will show the hyperlink to it and you can follow the link to see the image. This is done if I have received an objection or a take-down notice from the copyright owner

• I/We make every effort to include a link or name to the copyright owner of the image(s) that have been used in this presentation and please accept our sincere apologies in case any image has not been individually acknowledged

• Copyright notices or watermarks are not removed from images or text which are not purchased, however, we may say that practically all text is our own creation

• Inspite of all the above and other declarations, if you have objections to the use (as owner of any of the IP used in this presentation / paper) you may please send an email to us and we shall remove the same right away (please do remember to include your communication coordinates and the URL where you spotted this infringement

Page 3: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

A Brief Introduction

Dinesh O Bareja• Principal Advisor – Pyramid Cyber Security & Forensic Pvt Ltd

• Cyber Surveillance Advisor – Cyber Defense Research Centre (Jharkhand Police – Special Branch)

• Member IGRC – Bombay Stock Exchange

• COO – Open Security Alliance

Enterprise & Government Policy Development; Cyber Security Strategy and Design Architect; Current State Maturity Assessment & Optimization; Digital Forensics, Cloud Forensics and Security;

Page 4: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

Setting The Context..

Thinking .. Strategizing … Planning should be done when you are in square one

However it is better late than never:

Stop Take stock Create a going-ahead plan

Restart from where you stopped

Page 5: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

Context…

It is about time the Information Security community woke up to voice the weakness in governance in our government’s thinking on national cyber security

And

The increasing inability to control (cyber) related incidents with the looming threats of cyber war / terrorism / espionage / crime

Taking stock of our current situation:

Page 6: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

Or (in the near future)… Face

Annihilation

Page 7: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

Context

• Governance: That which defines expectations, grants power or verifies performance. Is a system by which entities are directed and controlled and a governance structure specifies the distribution of rights and responsibilities among different stakeholders. It is the process or a part of decision-making and the process by which leadership is established and decisions are implemented (or not implemented)

• Cybercrime Investigation Organizations: Are primarily law enforcement organizations and such bodies that are engaged in investigating and controlling cyber crime.

• Cybersecurity Organizations: Intelligence services, offensive and defensive solution development and delivery, sector specific entities like Telecom CERT etc, cyber command wings of defence forces and such organizations that are outside the ambit of being termed a LEA.

Defining the three key terms in our title to set the

context (from Wikipedia and Dinesh’speedia

Page 8: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

We

Need

To

Page 9: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

Why

don’t

we

My Plan is to Talk About

• Relevance and strengths of planned security organizations

• Why traditional security entities are not relevant against new-age challenges

• The demand and growth of know-it-alls and the ignorant experts

• Existing organization structure of Cyber Security Forces, Capability at national and state level

• Disadvantages and challenges arising out of present organization structures

• Way Ahead

Page 10: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

Why

don’t

we

Lets Talk About

• Relevance and strengths of planned security organizations

• Why traditional security entities are not relevant against new-age challenges

• The demand and growth of know-it-alls and the ignorant experts

• Existing organization structure of Cyber Security Forces, Capability at national and state level

• Disadvantages and challenges arising out of present organization structures

• Way Ahead

Page 11: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

Relevance and Strengths in Planned Security Organizations

Why do we need to structure a

centralized command governancefor Cyber Security across the nation(or states) when we already have ourCyber-thanas, CERTs, NTRO-NCIIPC,DIARA and more

Page 12: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

Relevance and Strengths

• Centralized system provides strategic, tactical, operational and administrative control

• Need-to-know Data Access and Distribution Policy

• Central Information Library and Knowledgebase

• Politics-free Inter-Disciplinary dependencies

• Common goals across all stakeholders

• Quick response capability

• Enhanced intelligence and capability sharing

Page 13: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

Relevance and Strengths

• Standardized response by organizations across the nation states provide harmony in operations

• Resources, capacities, capabilities can be shared

• Crisis communication is controlled and effective

Page 14: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

One Bright Example - CDRC

• Jointly setup by Jharkhand State and Jharkhand Police (special branch)

• Located in PHQ it is the authority in the state for cybercrime and cyber security related information, advisories, investigation – QUICK RESPONSE

• Engaged in citizen awareness outreach, critical infrastructure protection, training etc

• Connects with the InfoSec community, LEA and security establishments across the country …

Page 15: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

Change Gives No Choices

Period of

ignorance on

the power trip

Enlightenment

dawns on the

lawmakers

Hopefully

not a major

incident

http://socialmediastrategiessummit.com/blog/relevance-strategic-inflection/

Page 16: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

Why

don’t

we

Lets Talk About

• Relevance and strengths of planned security organizations

• Why traditional security entities are not relevant against new-age challenges

• The demand and growth of know-it-alls and the ignorant experts

• Existing organization structure of Cyber Security Forces, Capability at national and state level

• Disadvantages and challenges arising out of present organization structures

• Way Ahead

Page 17: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

Traditional Entities

• Cyber Thana, Cybercell, Cyber Lab, FSL

• Police, BSF, ITBP, CID, CBI, EOW, SFIO, IT

• CERT, Sectoral CERT, NTRO, NCSC, NIA, IB, NCIIPC

• Army, Air Force, Navy

• My personal list has a count of about 60 organizations which are (in some way or the other) connected to the aims of cybercrime / cybesecurity control

Page 18: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

But, we have..

• The same problems which face any traditional entity

• Lack of sharing

• Blame it on the enemy-of-the-day

• High spending

• Generally go around in circles do nothing

• Lack of capability / skills / resources

Page 19: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

If you don’t believe me I hope you will believe someone who was more intelligent than me !

Page 20: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

Why Traditional Can’t Survive

• Borders and jurisdictions are porous

• Speed of decision making and communication is the need of the hour second (it will soon be the need of he nanosecond)

• A single crime may be committed from multiple locations at the same time

• Attacks and malicious activity can be initiated by individuals, groups or nations…. Who attacks whom is unknown!

• Every one in the team has to be a hacker… etc!

Page 21: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

What is Needed

• Organization Agility

• Thought Leadership

• Planned Operations and Response

• Acceptance of knowledge as power

• Budget and support for growth

• Reality – a child can be the adversary

• … etc!

Page 22: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

Why

don’t

we

Lets Talk About

• Relevance and strengths of planned security organizations

• Why traditional security entities are not relevant against new-age challenges

• The demand and growth of know-it-alls and the ignorant experts

• Existing organization structure of Cyber Security Forces, Capability at national and state level

• Disadvantages and challenges arising out of present organization structures

• Way Ahead

Page 23: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

FUDsters Trolls Carpetbaggers and Scalawags abound

As with any new frontier one will find the settlers along with the charlatans, the con men, the criminal minded and others.

The internet is no different… there are scamsters, crackers, business people, phishers, bankers, bloggers, settlers etc…

http://horrorfilmaesthetics.blogspot.in/2011_06_01_archive.html

Page 24: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

FUDsters Trolls Carpetbaggers and Scalawags abound

• Organizations and Governments are shooting themselves in the foot

• False expectations are created to believe that the largest organization has the best solution (qualification - 200 crore turnover for past 3 years)

• Vendors present snazzy catalogs and are generally people who know everything about anything

• Analyst opinion is considered to be gold standard

• Auditors are trained to never give the true picture

Page 25: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

The Quantum of Riskgrows exponentially whenone is stuck in the past

Just hope to get unstuck quick!

Page 26: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

Buyers live in the old mindset

• Insurance company seeking Risk Management framework – QC is Rs 200 cr profit making company for past 3 years

• Bank seeking IS support services sets the QC at Rs 100cr .. profit making, in past 3 years

• Company hiring a Security Manager expects the person to have all certifications and skills in audit, technology, forensics, communication, application development, business continuity, malware etc

Page 27: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

Hiring Managers live in their personal heaven

Page 28: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

Where do they think they will get value

How do they expect to secure their organizations if they leave out the world

Just hope to get unstuck quick!

Page 29: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

Why

don’t

we

Now Lets Talk About

• Relevance and strengths of planned security organizations

• Why traditional security entities are not relevant against new-age challenges

• The demand and growth of know-it-alls and the ignorant experts

• Existing organization structure of Cyber Security Forces, Capability at national and state level

• Disadvantages and challenges arising out of present organization structures

• Way Ahead

Page 30: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

Current State of Cyber Security Governance - worldwide

• Multiple organizations are established by different departments of Government, Law Enforcement, Defence Forces, Large Enterprises

• Each of them is doing “their own thing” to protect their turf (assets, perimeter, technologies)

• Every one is a de facto expert claiming to have the most wonderful system in place after God’s creation

• Chaos and confusion reign supreme and it is evident in the continued bashing of the domain

Page 31: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

Current State of Cyber Security Governance - worldwide

• Each looks at cybersecurity as an extension of their own present function – so the Naval team looks at threats to their own naval installations and the Police is only concerned with cybercrime

• Capabilities are being created in silos which do not communicate or may do so at the MHA sponsored senior officer meetings

• And what do we have in the end..

Page 32: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

Silos

• Absence of Inter-State Information Sharing among LEA and others

• Everyone is going their own way

• State of the Art purchases

Page 33: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

Traditional Entities

• My personal list has a count of about 60 organizations which are (in some way or the other) connected to the aims of cybercrime / cybesecurity control

• A listing will come up in the next slide

• These organization names have been taken from news / media reports so it is in public domain (no secrets are disclosed!)

Page 34: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

What Org Structure

What We Have

What We Need

Page 35: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

Organization Soup

WESEE

General Weapons and

Electronics Systems

Engineering Establishment

DIARADefense Information and

Research Agency

DIA Defence Intelligence Agency

Special Operations

Command

Strategic Forces Command

CERT-Navy

CERT-Army

CERT-AirForce

Cyber Operations Centre

(NTRO with Armed Forces)

CERT-In Computer Emeregency Response Team

CHCIT Cyber and Hi-Tech Crime Investigation and Training Center

NIC National Informatics Center

NTRO National Technical Research Organization

Cyber Regulation Advisory Committee

NCSC National Cyber Security Commissioner

Cyber Coordination Center

CMS Central Monitoring System

NCSF National Cyber Security Framework

Cyber Security Board

Cyber Security Board - Cyber Security Coordinators

NCCC National Cyber Coordination Centre

NSCS National Security Council Secretariat

NCCC National Cyber Coordination Centre

NSAB National Security Advisory Board

National Information Security Authority

NCIIPC

National Critical Information Infrastructure Protection

Committee

Page 36: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

Organization Soup

CDRC Cyber Defence Research Centre, Jharkhand

Cyber Suraksha Cell, Guajarat

Special Operations Group, Gujarat

Cyberdome, Kerala Police

DSCI Data Security Council of India

IISc Indian Institute of Science, Bangalore

ISAC Information Sharing and Analysis Centre

CSI Computer Society of India

Deccan Hackers

Indian Cyber Army

National Security Database

IDRBT

Institute for Development and Research in

Banking Technology

IBA Indian Banks Association

RBI Reserve Bank of India

CBI's Bank Securities and Fraud Cell

National Intelligence Board

SSTCG Strategic Security Technology Coordination Group

MAC Multi Agency Centre

Joint Cipher Bureau

Scientific Advisory Group

Indian Stastistical Institute

Cipher Committee

Scientific Advisor to Raksha Mantri

Telecom Security Council of India

NATGRID National Intelligence Grid

CCTNS Crimes and Criminal Tracking Network and System

NCTC

NCTC was to weld together multiple intelligence

databases:

NJDG National Judicial Data Grid

TETC Telecom Testing and Security Certification Centre

TRAI

DOT

Page 37: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

Our Score = 60+

• The country should have been on the top of the Cyber capability index worldwide

• We would not having this conference.. Rather … the topic would have been different

• Nations and individuals would have to think twice to face up to us – no website defacements or data breach

What We Have

Page 38: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

• To respond to an attack by air the Air Force is called, on land it is the Army and the Navy at sea

Who do we call upon for an attack through the internet

• How do 60+ agencies coordinate with each other

• How can a planned response be launched in the absence of a central coordinator….

Page 39: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

Page 40: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

•Worldwide – other countries are no better

•No wonder attacks are on the rise and everyone is hurting bad

Page 41: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

Why

don’t

we

Taking a Look At

• Relevance and strengths of planned security organizations

• Why traditional security entities are not relevant against new-age challenges

• The demand and growth of know-it-alls and the ignorant experts

• Existing organization structure of Cyber Security Forces, Capability at national and state level

• Disadvantages and challenges arising out of present organization structures

• Way Ahead

Page 42: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

Disadvantages / Challenges

• Increased risk of incompetent response when faced with a challenge

• Uncontrolled purchases expenditure

• Head in the sand bliss

• Wasteful expenditure in the absence of competence or capability

• The only certainty – defeat at the hands of anyone with a computer and malicious intent

Page 43: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

Page 44: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

One Bright Example - NDMA

• Central Disaster Management agency

• Body of Knowledge and expertise

• Ensures regular drills and exercises

• Follows national level standard processes

• National mandate to coordinate and guide all states in their response and management setup

• Recent Success – Orissa (Phailin) and AP (Lehar)

• Challenge - communication, post-incident response

Page 45: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

One Bright Example - NDMA

• Before the NDMA -

• Many deaths

• Unorganized response

• Could we ever evacuate

• Of course NDMA did not spring up overnight – it was formed in December 2005 and has come a long way

Page 46: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

Page 47: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

Why

don’t

we

Taking a Look At

• Relevance and strengths of planned security organizations

• Why traditional security entities are not relevant against new-age challenges

• The demand and growth of know-it-alls and the ignorant experts

• Existing organization structure of Cyber Security Forces, Capability at national and state level

• Disadvantages and challenges arising out of present organization structures

• Way Ahead

Page 48: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

Way Ahead

• Cyber Security must be entrusted (at national level) to one authority and organization

• PMO / President should be designated as C-in-C as this is a frontier, a battleground

• Cybercrime, Terrorism, War, Attacks, Espionage, Reputation, Information Exchange, Development of Offensive Capabilities et al cannot be decided upon by the NCSC

Page 49: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

Second Line of Command (Operational and Strategic)

Commander in ChiefPM / President

NSA NCSCDefence

Chief of StaffHead of

IntelligenceMHACERT

LEA, Industry Rep & Bodies

Cyber Security Organizations and Organizations with Cyber Command Centers

State Cyber Security Centers

Sectoral CERTsNTRO(cyber)

NCIIPCIB, RAW, NIA,

DIADefense CERTs, DIA, DRDO etc

Academia Participants

CyberCrimePolice Stations

CCTNS, NATGRID

Information & Data Library

Online Battalions

General areas n.e.s.

Continuing Education &

Training

Control and Operational Areas (national and state level)

Capacity Building

Capability Building

Citizen Outreach

Sectoral Departments

Critical Infrastructure

Education and Training

International Relations

Policy & Regulations

Offensive and Defensive

Knowledge Repository

Domestic Relationships

Risk Advisories

Intelligence Gathering

Research and Development

Public Private Partnership

Public Relations

Security Clearance

Think Tank Testing Group

Talent Identification

Responsible Disclosure

Field Organizations and Teams

CERT Incident

Response

Awareness, Education,

TrainingDevelopers

Embedded Cyber

Patrollers

Reporting and Measurement

Skill Development

Audit, Risk, Technology

Page 50: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

Way Ahead

• Organization will be responsible for every aspect of cyber security• Policy and regulations

• Advisories and Information sharing systems

• State level organizations – mandate and operations

• Cyber Defense Command

• Armed Forces cyber security organizations

• National and sectoral CERT

• National Critical Infrastructure Protection

Page 51: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

Way Ahead

• Build capacity and capability

• Secure national and state infrastructure

• Raise awareness of cybersecurity needs

• Learn what is coming up – or what will come

• So who will own this defence organization ? MHA or MOD ?

Page 52: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

This is a peek into

the Future

what’s coming up

ahead

Page 53: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

BAD

Page 54: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

Page 55: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

• Professional Positions

• Pyramid Cyber Security & Forensics (Principal Advisor)

• Open Security Alliance (Principal and CEO)

• Jharkhand Police (Cyber Security Advisor)

• Indian Honeynet Project (Co Founder)

• Professional skills and special interest areas

• Security Consulting and Advisory services for IS Architecture, Analysis, Optimization..

• Technologies: SOC, DLP, IRM, SIEM…

• Practices: Incident Response, SAM, Forensics, Regulatory guidance..

• Community: mentoring, training, citizen outreach, India research..

• Opinioned Blogger, occasional columnist, wannabe photographer

Dinesh O. Bareja, CISA, CISM, ITIL, BS7799, Cert IPR, Cert ERM

Page 56: Governance in Cybercrime and Cybersecurity orgns - final distribution Organizations

Governance in CyberCrime Investigation

& Cyber Security OrganizationsCYBER ATTACK 2014, Mumbai

Governance in CyberCrime Investigation

& Cyber Security Organizations CYBER ATTACK 2014, Mumbai

Contact Information

Referenceshttp://socialmediastrategiessummit.com/blog/relevance-strategic-inflection/

Acknowledgements & Disclaimer

Various resources on the internet have been referred to contribute to the information presented. Images have been acknowledged (above) where possible. Any company names, brand names, trade marks are mentioned only to facilitate understanding of the message being communicated - no claim is made to establish any sort of relation (exclusive or otherwise) by the author(s), unless otherwise mentioned. Apologies for any infraction, as this would be wholly unintentional, and objections may please be communicated to us for remediation of the erroneous action(s).

E [email protected] +91.9769890505

@bizsprite dineshobareja

L: http://in.linkedin.com/in/dineshbareja dineshobareja