National Cybersecurity a multi-stakeholder approach Wednesday, 11 th - - PowerPoint PPT Presentation

ISACA-KENYA ANNUAL CONFERENCE 2018

National Cybersecurity

a multi-stakeholder approach

Wednesday, 11th April 2018

By: Vincent Ngundi HEAD OF NATIONAL KE-CIRT/CC & CYBERSECURITY

1)

National Cybersecurity Policy Framework

2)

National Cybersecurity Governance Framework

3)

National KE-CIRT/CC Operational Framework

4)

National KE-CIRT/CC Vision & Mandate

5)

National KE-CIRT/CC Collaboration Framework

6)

National Cyber Threat Landscape

7)

Collaboration: A Whole-of-Society Approach

2

CONTENT

3

NATIONAL CYBERSECURITY FRAMEWORK

Policy + Governance + Operations

VISION 2030

ICT Sector Policy

National Cyber Security Strategy

Kenya Information & Communications Act + Regulations

National KE-CIRT/CC

4

National Cybersecurity: Policy Framework

Law Enforcement

NATIONAL CYBERSECURITY CENTRE (NCC)

NATIONAL SECURITY COUNCIL (NSC)

[Chaired by the President]

National Security Advisory Committee (NSAC)

[Chaired by the Head of Public Service]

National Cybersecurity Steering Committee (NCSC)

[Chaired by the Cabinet Secretary/MoICT]

National KE-CIRT/CC

[Multi-agency Collaboration]

Communications Authority of Kenya

Law Enforcement

[DCI | KDF | NIS]

National Cybersecurity: Governance Framework

NATIONAL KE-CIRT/CC

[CA + Law Enforcement]

Multi-agency Collaboration Framework

National KE-CIRT/CC Cybersecurity Committee (NKCC)

[multi-agency + multi-stakeholder] e-Govt. Sector CIRT Telcom Sector CIRT Financial Sector CIRT Academia Sector CIRT Critical Info. Infrastructure International Partners

National Cybersecurity: Operational Framework

NATIONAL KE-CIRT/CC

Implement National Cybersecurity Policies, Laws & Regulations National Cybersecurity Awareness & Capacity Building Technical Co-ordination & Response to Cyber Incidents (24/7) Early Warning & Technical Advisories (24/7) Development & Implementation

• f a NPKI

R&D on Cybersecurity Establish Collaborations

• n Cybersecurity

[PPP]

National KE-CIRT/CC: Vision & Mandate

VISION Provision of comprehensive cybersecurity services to protect the Nation’s cyberspace in order to promote access to and use of Information and Communication services in Kenya MISSION Responding to cybersecurity incidences in a timely fashion and building a national culture of cybersecurity LAW KICA Part VIA, Section 83C: Develop a framework for facilitating the investigation and prosecution

• f

cybercrime offenses

8

National KE-CIRT/CC: Collaboration Framework

9

NATIONAL CYBER THREAT LANDSCAPE

Statistics + Threat Vectors

10

National Cyber Threat Landscape

43 78 65 346 488 1700 1000000 2000000 3000000 4000000 5000000 6000000 7000000 8000000 200 400 600 800 1000 1200 1400 1600 1800 Q3(2016) Q1(2017) Q2(2017) Q3(2017) Q4(2017) Q1(2018)

CYBER THREATS & RESPONSE

11

National Cyber Threat Landscape

Malware 41% Systems Misconfig 39% Impersonation 9% Brute Force 5% Web-application 2% Botnet/DDoS 2% Online Abuse 2%

CYBER THREAT ATTACK VECTORS

Malware Systems Misconfig Impersonation Brute Force Web-application Botnet/DDoS Online Abuse

12

COLLABORATION

A Whole-of-Society Approach

13

Background: Challenges in Collaboration CYBER- INSECURITY

Just for Techies Complex Environment Silo-based Culture Everyone for Themselves

(one-of-society)

Banks Finance Public Utility Government Telco Business

Backroom Boardroom Situation Room People Processes Technology OT+IT Public Busines s Gov.

14

Whole-of-Society Approach

SILO APPROACH

Fragmented security and risk management CONVERGENCE RISK-BASED APPROACH

Converged approach highlights vulnerabilities in 3 key areas: People + Processes + Physical (OT+IT)

15

Whole-of-Society Approach

SILO APPROACH

Fragmented security and risk management CONVERGENCE RISK-BASED APPROACH

Converged approach highlights vulnerabilities in 3 key areas: People + Processes + Physical (OT+IT)

CULTURAL BARRIERS TO SECURITY

Challenge has been internal cross- departmental cultures with limited communication between physical and IT security for instance

16

Whole-of-Society Approach

SILO APPROACH

Fragmented security and risk management CONVERGENCE RISK-BASED APPROACH

Converged approach highlights vulnerabilities in 3 key areas: People + Processes + Physical (OT+IT)

CULTURAL BARRIERS TO SECURITY

Challenge has been internal cross- departmental cultures with limited communication between physical and IT security for instance MAPPING ASSETS & PROCESSES

Organizations should develop an integrated security risk framework: tech + processes + safeguards + systems + management

17

Whole-of-Society Approach

SILO APPROACH

Fragmented security and risk management CONVERGENCE RISK-BASED APPROACH

Converged approach highlights vulnerabilities in 3 key areas: People + Processes + Physical (OT+IT)

CULTURAL BARRIERS TO SECURITY

Challenge has been internal cross- departmental cultures with limited communication between physical and IT security for instance MAPPING ASSETS & PROCESSES

Organizations should develop an integrated security risk framework: tech + processes + safeguards + systems + management

STAKEHOLDER BUY-IN

Develop a culture of cybersecurity: processes + training + awareness + assessment/audit

18

Whole-of-Society Approach

SILO APPROACH

Fragmented security and risk management CONVERGENCE RISK-BASED APPROACH

Converged approach highlights vulnerabilities in 3 key areas: People + Processes + Physical (OT+IT)

CULTURAL BARRIERS TO SECURITY

Challenge has been internal cross- departmental cultures with limited communication between physical and IT security for instance MAPPING ASSETS & PROCESSES

Organizations should develop an integrated security risk framework: tech + processes + safeguards + systems + management

STAKEHOLDER BUY-IN

Develop a culture of cybersecurity: processes + training + awareness + assessment/audit

EVOLVING THREATS

monitoring + capability review + share

19

Whole-of-Society Approach

SILO APPROACH

Fragmented security and risk management CONVERGENCE RISK-BASED APPROACH

Converged approach highlights vulnerabilities in 3 key areas: People + Processes + Physical (OT+IT)

CULTURAL BARRIERS TO SECURITY

Challenge has been internal cross- departmental cultures with limited communication between physical and IT security for instance MAPPING ASSETS & PROCESSES

Organizations should develop an integrated security risk framework: tech + processes + safeguards + systems + management

STAKEHOLDER BUY-IN

Develop a culture of cybersecurity: processes + training + awareness + assessment/audit

EVOLVING THREATS

monitoring + capability review + share

COMMUNICATION

frequency + audience + content more vs less & push vs pull

20

Whole-of-Society Approach

SILO APPROACH

Fragmented security and risk management CONVERGENCE RISK-BASED APPROACH

Converged approach highlights vulnerabilities in 3 key areas: People + Processes + Physical (OT+IT)

CULTURAL BARRIERS TO SECURITY

Challenge has been internal cross- departmental cultures with limited communication between physical and IT security for instance MAPPING ASSETS & PROCESSES

Organizations should develop an integrated security risk framework: tech + processes + safeguards + systems + management

STAKEHOLDER BUY-IN

Develop a culture of cybersecurity: processes + training + awareness + assessment/audit

EVOLVING THREATS

monitoring + capability review + share

COMMUNICATION

frequency + audience + content more vs less & push vs pull

COLLABORATION

internal + external

• Govt. + Business + Public + Intl.

.Thank You.

21