Transcript CS/Q-CERT

2
ictQATAR
“ Information and Communication Technology (ICT)
improves how we live and work in countless ways.”
 The Ministry of Information Communication Technology - ictQATAR -
helps deliver on that promise for the people of Qatar.
 The program includes initiatives such as: eHealth, eGovernment,
eLearning and Cyber Security
3
CS/Q-CERT
 ICT is only beneficial if online activities are safe, resilient and
secure.
 To safeguard users, industry and government information and
systems, ictQATAR created CS/Q-CERT, the nations center for
information security.
 CS/Q-CERT:
●
●
●
Qatar's National Centre for Information Security
An ictQATAR initiative
Works with organizations who deliver critical services in Qatar
4
Partnerships
 Regional:
● MENOG, GCC-CERT, Arab League
 International:
● FIRST, ITU, MERIDIAN
 Qatar a “Botnet Free” nation by 2012
● Partnership with Service Providers
 ISA99/IEC-62443 SCADA Standards
● Voting Members
5
What do we do?
 National Information Assurance
 Critical Information Infrastructure Protection
 Incident Management
●
●
●
Threat Intelligence
Incident Response
Forensic
 Awareness
 Training
6
Critical Sectors
Sectors are deemed critical when their incapacitation or destruction
would have a debilitating impact on the national security and social
well-being of a nation
7
Key Elements to improve Cyber
Security
Collaboration
and Information
Exchange
Incident
Management
Legal
Framework
Culture of
Cybersecurity
8
Services for Sectors
Legislations and Regulations
●
Critical Information Infrastructure Protection Draft Law
●
Data Privacy Draft Law
Sector / Technology Specific Regulations-ICSv3
●
NIA (National Information Assurance Manual)
●
Banking Technologies Risk Governance (with QCB)
●
Blackberry security guidelines for government agencies
9
Services for Sectors
Policy and Compliance Services
●
Expert advice and consulting on implementing an
Information Security Management System (ISMS) using
GIA Policies
Incident Management
●
Assistance on managing Cyber Security Incidents
●
Expert Advice on setting up SOCs
10
Services for Sectors
Threat Intelligence
●
Threat Alerting
Trainings and Awareness
●
Trainings on NIA Implementation
●
Technical Trainings on Information Security (SANS)
●
Corporate Awareness programs
11
Reach Out
Service Catalog
●
We have revamped our services and offerings to our
stakeholders
●
The Service Catalog will help you assess how QCERT can assist you in your information security
program.
12
Reach Out
Website
We have revamped our website www.qcert.org
● This is inline with our strategy to reach out to our stakeholders
and provide the best services possible in the most effective
way.
● It provides you with an insight on our projects, offerings and a
lot of useful tools and articles.
● It will be our endeavor to keep it updated with tools, tips that
may be of value addition to our stakeholders.
●
THANK YOU
Khalid Al-Hashmi
www.qcert.org