Incident Handling Government Information Sharing and Analysis Center Training
2.1. Incident Handling
In 2014, TWNCERT published 1,528 notice advisories to government sectors. The categories were distributed as in Figure 1. Figure 1 Distribution of notice advisories 230 TWNCERT received 514 reports on computer information security incidents from Taiwan government sectors in 2014. The top 3 incident categories are Intrusion, Website Defacement and DDoS attacks. Figure 2 Security incidents from government sectors2.2. Government Information Sharing and Analysis Center
TWNCERT is intended for improving incident response and information security awareness and sharing in Taiwan. Therefore, we started operating the government ISAC since 2009, called G-ISAC Government Information Sharing and Analysis Center. TWNCERT is not only deal with government sectors information security relevant issues, but also sharing security information with Academic ISAC A-ISAC, National Communications Commission ISAC NCC-ISAC, which includes most major ISPs in Taiwan. In addition, major SOCs, law enforcement, CERTs such as TWCERTCC and EC-CERT Electronic Commerce CERT also are G-ISAC members. G-ISAC is using IODEF format and secure API system to make sure the information is correct, useful, in time and based on a trust membership. In 2014, 231 G-ISAC has covered over 98.97 IPs in Taiwan and has shared total of 112,514 security incident and critical information. Figure 3 Distribution of G-ISAC 3. Events OrganizedCo-Organized3.1. Training
In 2014, TWNCERT has joined the APCERT Steering Committee and is responsible for APCERT Education and Training program. The goal of the training program is to raise comprehensive cyber security technical skills and awareness of members, provide a channel for members to share and exchange valuable experiences with other member teams and thus creates a better cyber environment within Asia Pacific region. On November 5 th , APCERT had 10 member teams attend the first training course event, Malware Behavior Analysis and Detection, presented by TWNCERT.3.2 Drills
Parts
» Objectives and Scope of Activities
» APCERT Members APCERT Annual Report 2014
» Working Groups WG APCERT Website
» International Activities and Engagements
» BruCERT Establishment BruCERT Workforce BruCERT Constituents
» Encounter and infection rate trends
» Malicious websites Summary of BruCERT Honey Pot Project
» Establishment Workforce power Constituency
» Drills Meetings Presentations Publications – Cyber alerts, advisories and strategies
» Incident handling Reports Abuse Statistics Incident Trends
» Cyber Security Assurance initiatives Future projects
» Introduction Establishment Workforce power Constituency Contact Incident handling
» Internet Awareness 1. Malware Activities Website Security
» Mobile Awareness Conferences Achievements 1. Publications
» Introduction EC-CERT Services Achievements 1. Publications
» About ID-CERT Introduction APCERT Annual Report 2014
» Abuse Statistic New Service Etc
» Establishment Management and Staffs Constituencies and Stakeholders Main activities:
» Drills About JPCERTCC Establishment
» About KrCERTCC Introduction About MNCERTCC Introduction
» Statistics Activities Operations 1. Incident handling reports
» Drill Seminars Events organized co-organized 1. Competition
» Incident handling reports Abuse statistics
» Training Drills Seminars Publication. Sensors
» Activities About MOCERT Introduction
» Threats About MOCERT Introduction
» Incident trends About MOCERT Introduction
» Training Education Drills Seminars Presentations
» Future plan About MOCERT Introduction
» The Cyber999 Malware Research Centre MRC Constituency
» Cyber Drills Trainings Presentations Tools Developed Paper Publication
» MyCERT’s Activities Operation 1. Incident handling reports and abuse statistics Working Visits
» Memorandum of Understanding MoU New Partnership and Existing Cooperation
» Incident handling reports The Telecommunications Intercept Capability and Security Act TICSA
» Training Drills Publications About MOCERT Introduction
» Activity Summary About SingCERT Introduction
» Incident Handling Statistics About SingCERT Introduction
» Training Education Consultancy About SingCERT Introduction
» Seminars Workshops About SingCERT Introduction
» Publications Other Media Certification Membership MOUs
» Event Participation International Incident Coordination
» Future Plans Conclusion Activities Operations 1. Abuse statistics
» Security Vulnerability Announcement Spam Analysis Report Anti-Phishing Now
» MoU International Collaboration APCERT Annual Report 2014
» Establishment Workforce Power Mission and Constituency
» Incident Handling Government Information Sharing and Analysis Center Training
» Drills Conference Presentation Publication Incident Report
» International Organization Membership Participation to International Events MOU
Show more