Promoting Global Cybersecurity - PowerPoint PPT Presentation

Loading...

PPT – Promoting Global Cybersecurity PowerPoint presentation | free to view - id: 204d7-Mjk0N



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

Promoting Global Cybersecurity

Description:

We are all affected by recent email based phishing', scams... The Internet topography ... Without email, industry would collapse and sink into the Dark Ages ... – PowerPoint PPT presentation

Number of Views:62
Avg rating:3.0/5.0
Slides: 18
Provided by: MMun4
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: Promoting Global Cybersecurity


1
Promoting Global Cybersecurity
  • Grant Symons
  • Executive Manager, Converging Services Branch
  • Australian Communications and Media Authority
    (ACMA)

17 May 2006
2
Introduction - what is it ?
  • E-Security is a complex problem
  • Means different things to different people
  • Im responsible for e-security within my
    organisation
  • Has many aspects
  • Network integrity
  • Consumer education
  • Business systems processes
  • Technology
  • Criminal behaviour / fraud

3
Introduction Today
  • Why the sudden interest ?
  • Why is it so hard ?
  • What to do about it !
  • Comparisons with spam
  • An example of part of the solution ISI
  • Next steps

4
Why the sudden interest ?
  • In terms of fundamental network architecture
    there has been more change in the last five to
    ten years then there has been in the previous
    100.
  • We are more reliant on telecommunications than
    ever (finance, media, etc).
  • There have been some famous incidents of things
    going wrong (eg Korean Internet meltdown)
  • We are all affected by recent email based
    phishing, scams

5
The Internet topography
Country A
Country D
Country B
Point X
Country C
6
Circuit Switched Networks - topography
Country A
Country D
Local switches
Transit Switches
International gateway
Country B
Country C
7
Network integrity not default design
Sep. focus by Gov. depts on issues
Network integrity built in.
Government not involved
ITU, CCITT, ANSI, ETSI
IETF, defacto vendor standards
PCs
Internet
PSTN

I.T. World
Telecom World
The clash of cultures
Resistant to governments
Work with governments
No regulation of devices
Regulation of devices
No national boundaries
National focus with global co-op
Best effort reliability
5 nine uptime
8
Current Issues
  • Network Integrity
  • (Distributed) Denial of Service (D)DoS attacks
  • Compromised PCs used to relay spam
  • These factors and others lead to a distrust of
    the network
  • Information Security
  • Corporate espionage
  • Financially-motivated attacks (e.g. phishing)
  • International cyber-terrorism and espionage


9
An Increasing Concern
  • In the quarter ending December 2005, there was a
    16.1 increase in broadband Internet take-up
    across OECD countries
  • People are individually becoming more and more
    dependent upon e-commerce and the Internet in
    general
  • Without email, industry would collapse and sink
    into the Dark Ages
  • These trends have not been matched with an
    increase in security awareness

10
Why is E-Security Hard?
  • Crosses international boundaries
  • The internet is a peer-to-peer network, with
    little intelligence in the network itself, and
    poorly managed intelligent endpoints
  • Cross-discipline Network security is not
    transaction security, for instance
  • A relatively new area. No organization can claim
    to have a lot of experience

11
Public Education
  • Public education is vital
  • The dangers of compromised (infected) machines
    and phishing sites, and the importance of good
    security practice need to be communicated
  • Create an attitude change
  • Computer security is my responsibility
  • I can help reduce spam
  • Online transactions are not risk-free

12
Characteristics future networks
  • Crosses international boundaries
  • Technology could solve the problem overnight
  • Multiple parties involved
  • Real-time enforcement mechanisms required
  • Different legislative approaches definitions
  • Internet is effectively an economic commons
  • Dumb network, smart ends
  • Profiteering possible
  • Challenges in cooperation

13
So what is the solution ?
  • Technical Network end points
  • Educational Public businesses
  • Legal/Legislative prevention prosecution
  • Industry cooperation and action
  • International cooperation both strategic
    operational

14
An example The ISI
  • A system that encourages end users to secure
    their computers
  • Does this by
  • Passively detects insecure/compromised computers
  • Notifies the relevant ISP of affected customers
  • ISP then takes appropriate action.
  • Think of it as
  • Analogous to car roadworthy tests

15
The ISI (contd.)
  • Technical A technological solution
  • Educational Creates a public understanding of
    the need for security
  • Legal/Legislative Internet Industry Code of
    Practice
  • Industry cooperation and action Working closely
    with the Internet industry
  • International cooperation The potential to roll
    out to other economies

16
ISI diagram

17
Next steps Key message
  • There is no silver bullet to solve
    e-security.
  • It will be maintained and developed using the
    same five principles as used to solve spam
  • Technology
  • Education
  • Legislation
  • International cooperation
  • Industry Cooperation
About PowerShow.com