184 The NCSC organised and hosted several industry and government engagement
forums, held at regular intervals throughout the year.
3.3. TICSA Consultation
The NCSC completed a four month consultation process with New Zealand Network Operators on the TICSA. This included;
• presentations at the New Zealand Network Operators annual conference
• customer TICSA consultation meetings; and
• a final walk through of the TICSA guidance paper prior to the TICSA coming
into effect on 11 May 2014.
3.4. The New Zealand Information Security Manual NZISM
The NCSC released an updated version of the NZISM following: •
Significant research and development •
Consultation with NCSC customers •
Integration with the New Zealand Protective Security Requirements PSR. The Protective Security Requirements PSR outlines the Government’s
expectations for managing personnel, physical and information security. The PSR assists government agencies to manage business risks and assure
continuity of service delivery.
3.5. Training
The NCSC helped to prepare and participate in a number of training activities through the NZITF, Weltec and other forums.
3.6. Drills
The NCSC worked with other Government agencies in a cyber drill in preparation for the 2015 Cricket World Cup.
4.
Presentations Throughout 2014 the NCSC presented at andor participated in several forums,
both domestic and international including: •
AusCERT Conference, Australia •
Kiwicon, New Zealand
185 •
NZITF Conference, New Zealand •
Business groups including NZ Institute of Directors and various Boards
4.1. Publications
The NCSC publishes a number of security alerts and advisories via its website, through direct exchanges with customers and partners and on a bi-lateral basis
where appropriate.
5.
Future projects •
Expanded engagement with domestic and international partners •
Training and awareness programmes
6.
Conclusion The NCSC has been through a process of review while also maintaining a domestic
focus on engagement across a number of sectors and the introduction of the TICSA. It will now seek to build on the new foundation into a sustainable model enabling
additional expansion of personnel and expertise coupled with a growing customer set, including at the international level in 201516.
186
SingCERT Singapore Computer Emergency Response Team- Singapore
1. About SingCERT 1.1. Introduction
The Singapore Computer Emergency Response Team SingCERT is a one-stop centre for security incident response in Singapore. Besides providing assistance to
its constituency in incident resolution and co-ordination, SingCERT also broadcasts security alerts, advisories and security patches. To promote security awareness and
to educate the general public, SingCERT organises regular seminars, workshops and sharing sessions covering a wide range of security topics.
1.1.1. Establishment
SingCERT was set up in 1997 to facilitate the detection, resolution and prevention of security related incidents on the Internet. SingCERT is a government funded
national initiative, and is managed and driven by the Infocomm Development Authority of Singapore.
1.1.2. Constituency
SingCERT provides services primarily to the Singapore local constituency comprising of companies and end users.
2.
Activities Operations
2.1. Incident Reports
There is a increase in the total number of incidents reported to SingCERT in the year 2014 as compared to the year 2013.The significant increase in the reported
incidents were due to the reported defacement of websites incidents. The incidents included defacement both to the government and public sectors’ websites.
SingCERT continues to work with other CERTs and our Internet Service Providers ISPs to track down affected users and keep them informed on how to secure their
systems. On the regional and international fronts, collaboration and cooperation