Cyber Endeavour Brunei Country Brief

Download Report

Transcript Cyber Endeavour Brunei Country Brief

Cyber Endeavour
Country Brief
Cpt Ashady Harris
Brunei
Content
• Brief Country Background
• National Policy
• Royal Brunei Armed Forces & MINDEF Brunei Cyber Security
–
–
–
–
–
Capacity Building on Cyber Security
Information Assurance Activities
Top Cyber Threats
Initiatives for Cyber Security
Current Security Posture
Brief Country Background
Brunei – “Abode of Peace”
Land Size : 5,765 sq km
Population : 393, 372 (2011)
Religion: Muslim Majority
Currency : Brunei Dollar (on par &
interchangeable with Singapore Dollar)
Language : Malay, English, Chinese
Legal System : British Common Law
Top 10 in Asia & Oceania
Human Development Index
(United Nations 2011)
Digital Literacy
ICT Savvy People.
More than 70% of population is online
#1 Facebook penetration rate in Asia
437,900
mobile subscribers
(111% mobile penetration)
International Network Connectivity
80% of Brunei’s internet capacity is under-utilised.
Brunei is currently connected to THREE
major submarine cables:
 Asia-America Gateway (AAG)
 Southeast Asia- Middle East- Western Europe
Cable (SEA-ME-WE)
 A third cable, the ‘South-East Asia-Japan Cable’
(SJC) is in operation from 2013.
National Cyber Policy
National Cyber Policy
• Computer Misuse Order 2000
• National Cyber Security Framework
(Under Implementation)
Computer Misuse Order 2000
BruCert
• Brunei National Computer Emergency Response Team (
BruCERT ) was established in May 2004.The nation’s first
trusted one-stop referral agency in dealing with computerrelated and internet-related security incidents in Brunei
Darussalam.
• BruCERT coordinate with local and international CSIRTs,
network service providers, security vendors, government
agencies, as well as other related organisation to facilitate the
detection, analysis and prevention of security incidents on the
Internet
Royal Brunei Armed Forces &
MINDEF Brunei Cyber Security
Cyber Security Responsibilities
• Defence Information Technology Unit
– Technical and Operational Level
• Defence Security Branch
– Policy Enforcer
RBAF/MINDEF Manual of Security
• Chapter 6 dictates aspects on information and digital
communication aspects.
• Covers definition, scope, responsibilities and actions to be
taken
• Regarded as the main document
Is supported by sub document
such as Standing Orders and IT
SOP for Security Operations
RBAF/MINDEF Manual of Security
National Cyber
Security
Framework
National Level
Policies
Ministerial Level /
Inter-Ministerial Policies
Ministry of Defence
Policies
Ministries
Brunei Computer
Emergency
Response Team
(BruCERT)
Computer
Misuse Order
2000 Law
Authority Info
Communication
(AiTi)
Ministry of Defence Manual of Security
(MINDEF/RBAF MOS)
Chapter 6 : ICT Security
ICT Standing Orders
(HKUTM)
SOP / Guidelines
(Garispandu)
Capacity Building
Capacity Building
UNIVERSITY BRUNEI DARUSSALAM (UBD)
Business, Science, Health Sciences and Arts
• Undergraduate and postgraduate degrees: Business, Science, Health Sciences & Arts
• Postgraduate degrees: Education, Science, Brunei Studies, Health Sciences, Arts and
Business, Economics & Policy Studies
INSTITUTE TECHNOLOGY BRUNEI (ITB)
Technical and Commercial Education.
• Undergraduate degrees, higher national diplomas and higher diplomas in Engineering.
• Undergraduate degrees and higher national diplomas in Business & Computing
OVERSEAS INSITUTION
Capacity Building
• Technical Training
– Technical Certifications
(CompTIA, Microsoft, Symantec)
– Security Appliances
(Malware Management, Unified Threat Management)
– Security Monitoring
(Real-time Events, Incidents, Vulnerability Scanners)
• Security Conferences
– Hacker Halted 2012
– OIC Cert 2011
Capacity Building
Information Assurance
• Information Classification Practices
– 4 classes with non-repudiation measures
• Physical backups
– Documents, archives, disk-to-tape
• Technical Tools
– Unified Threat Management, Monitoring
• Technical-level security up-keep
– Data Housekeeping
– configuration fine-tuning
Top Cyber Threats
Internal
External
Initiatives on Cyber Security
• National Level
– Involve with E-Government Initives
– Involvement with BruCERT
• Ministerial Level
– ADMM 2013 Cyber Security Agenda
• Departmental Level
– Collaborative efforts with Defense Authorities
Future Initiatives
• Established a dedicated Cyber Defence Unit
Cyber Endeavour
Thank you