Transcript COOPERATION ON CYBER SECURITY: A View of ARF and ASEAN
The 4 th ARF Seminar on Cyber Terrorism Busan, Korea, 16 – 19 October 2007
STRENGTHENING COOPERATION ON CYBER SECURITY WITHIN THE ASEAN REGION
The ASEAN Secretariat
ARF Cooperation on Cyber Security
First ARF Seminar on Cyber Terrorism, Jeju Island, October 2004 Second ARF Seminar on Cyber Terrorism, Cebu City, the Philippines, October 2005 Third ARF Workshop on Cyber Security, New Delhi, September 2006 Fourth ARF Seminar on Cyber Terrorism, Busan, October 2007
Previous recommendations
Promote International and Inter-agency’s information sharing and cross-sectoral measures/activities Networking and dialogue (contact person, web based, mailing list, phone/fax, etc.) Working on and sharing guiding principles/ reference paper, best practices, case studies, technologies and solutions, etc.
Public-Private Partnership, e.g. the Social Corporate Responsibility, especially for the cross-border matters
ARF Statement on Cooperation in Fighting Cyber Attack and Terrorist Misuse of Cyber Space
Progress
ASEAN Convention on Counter-terrorism Adopted by ASEAN Leaders in January 2007 in Cebu, the Philippines The Convention includes Cyber-Terrorism in the areas of cooperation ASEAN Focal Points for CERTs ARF is working on the List of Contact Points Network of Technical (Expert) Group ASEAN WG on Information Infrastructure Working on technical cooperation on N-SOC, Network Monitoring Centre Capacity and confidence building activities
Work in Progress
Compilation of the national legislation on cyber terrorism (cyber security issues) Mechanism for regional cooperation to combat cyber terrorism ARF Centre on Counter Cyber-terrorism
ASEAN Cooperation in Policy and Regulation on Network and Information Security
Cooperation in Policy
ASEAN Telecommunications and IT Ministers and Senior Officials Meetings (TELMIN/ TELSOM) Platform for cooperation initiatives amongst ASEAN Member Countries, Dialogue Partners/industries to further enhance the progress, readiness, and awareness of, amongst others, network and information security TELSOM Working Group on Information Infrastructure Technical knowledge and current challenges relating to the network and information security and available solutions Operational activities and policy implementation
Achievement
Adoption of suitable international standards (e.g., telecommunications and cyber-security standards) Put in place minimum performance guidelines for setting up National CERT Put in place guidelines for implementation of CERT cooperation in ASEAN Cooperation on Cyber-security skills Encourage the development of National Security Operation Centre (N-SOC) and/or cooperation of the Network Monitoring Centre to proactively manage, monitor and facilitate cross border information sharing
Cooperation in Regulation
ASEAN Telecommunication Regulators Council (ATRC) 2005 Framework on Cooperation of Network Security ATRC Action Plan ATRC Working Group on Network Security Evaluation of preparedness and right to enforce against any network abuse Establishment of an ASEAN liaison network ASEAN-wide user education and awareness raising programs, technical solutions, periodic assessment, and ATRC Internet Access Service Provider (IASP) Forum International and regional cooperation
Multiplatform Cooperation
ASEAN+ Dialogue Partners: CERT Incident Drills with Dialogue Partners An expanded exercise from the ASEAN-wide CID in 2006 The ASEAN + DPs CID on 16 July 2007 (ASEAN, China, Japan, Korea, India and Norway) Capacity Building Workshops, seminars and training courses and technical visits (China, Korea, Japan, and India) ASEAN helps ASEAN ASEAN+ other Organizations: ASEAN+ APEC Workshop on Network Security at TEL 35, Manila - The Philippines, 24 April 2007 Cooperation with ITU/APT ASEAN+ Industry (MS, IBM, etc)
Multiplatform Cooperation
ASEAN+ China: Emergency Response Contact Mechanism by end of 2007 1 st CERTS Incidents Drill in 2007 (or 2008) Coordination Framework for Network and Information Security Emergency Responses China to join the ATRC Network Security Liaison Network (Point of Contacts) ASEAN+ Japan: a high-level meeting on ICT security issues in 2008 ASEAN+ EU: Propose a Workshop to discuss and exchange views on the EU Cyber-crime Convention.
Disaster Relief Communications
A regional proposal on common frequency for disaster relief communications in ASEAN Region ATRC is working on common frequencies for disaster relief ATRC will consider to propose and/or submit the proposal on a common set of frequencies for ASEAN Telecoms and IT Ministers (TELMIN) to further consider and/or adopt
Future Work Program
Course of Actions
Conduct the Seminar on Cyber Terrorism on regular basis Exchange of views and knowledge on regulations, cyber laws, and ICT Security Masterplan (Roadmap) Establishment of the National Cyber Security Agency (NISA, KISA) Complete the List of Focal Points of the ARF National Cyber Security Agencies Further collaborate/cooperate within ARF Members and with other Int’l Organizations Conduct technical training on technology and solutions for counter-measures Sharing experience, model and benefit of the Public Private Partnership (Gov’t-Business Forum on Cyber Security)
Contact Points
ARF Unit: Mr. Pratap Parameswaran: [email protected]
Ms. Retno Astrini: [email protected]
ICT Unit: Mr. Nguyen Ky Anh: [email protected]