Professional Documents
Culture Documents
May 2010
Counter-eCrime Operations Summit (CeCOS) IV
Sao Paulo, Brasil
Creating the Enterprise CSIRT: Building the eCrime Response Platform
2010
Agenda
- Reaction Time
2
Creating the Enterprise CSIRT: Building the eCrime Response Platform
Experiences in Incident Handling in Latinamerica
2010
(*) Jan-Apr
Do nothing (85%)
6
Creating the Enterprise CSIRT: Building the eCrime Response Platform
Experiences in Incident Handling in Latinamerica
2010
Current regulations
- Colombia: Circ. Ext. 52/2007 Superintendencia Financiera.
- Argentina: A4609 of BCRA.
- Paraguay: MCIIEF of BCP.
- Chile: SBIF regulations.
- etc
7
Creating the Enterprise CSIRT: Building the eCrime Response Platform
Experiences in Incident Handling in Latinamerica
2010
Current regulations
- ISO 27001/2
- OAS / OEA
Help Member States establish national 24/7 "alert, watch, and warning" teams, also
known as Computer Security Incident Response Teams (CSIRT) through technical
assistance and training; build the capacity of CSIRT personnel in Member States to
comply effectively with the requirements established in the OAS Comprehensive Inter-
American Strategy to Combat Threats to Cyber Security, and facilitate the creation and
maintenance of a hemispheric network of CSIRT to promote the sharing of information
and best practices.
8
Creating the Enterprise CSIRT: Building the eCrime Response Platform
Experiences in Incident Handling in Latinamerica
2010
9
Creating the Enterprise CSIRT: Building the eCrime Response Platform
Reaction Time
2010
120
100 0 hs
% Nivel de Atencin
80 12 hs
60
24 hs
40
20 48 hs
72 hs
0 96 hs
Tiempo
10
Creating the Enterprise CSIRT: Building the eCrime Response Platform
Building of an Internal CSIRT in Latinamerican Companies
2010
11
Creating the Enterprise CSIRT: Building the eCrime Response Platform
Building of an Internal CSIRT in Latinamerican Companies
2010
Operational testing.
13
Creating the Enterprise CSIRT: Building the eCrime Response Platform
Building of an Internal CSIRT in Latinamerican Companies
2010
Topics to considerate:
14
Creating the Enterprise CSIRT: Building the eCrime Response Platform
Building of an Internal CSIRT in Latinamerican Companies
2010
Responsibilities
- Users
- Internal Audit
- Human Resources
- Management
- Legal Affairs
- Phisical Security
- Help Desk
- System Administrator
- Information Security
- Others areas
15
Creating the Enterprise CSIRT: Building the eCrime Response Platform
Building of an Internal CSIRT in Latinamerican Companies
2010
16
Creating the Enterprise CSIRT: Building the eCrime Response Platform
Building of an Internal CSIRT in Latinamerican Companies
2010
17
(*) http://www.cert.org/csirts/action_list.html
Creating the Enterprise CSIRT: Building the eCrime Response Platform
Building of an Internal CSIRT in Latinamerican Companies
2010
18
(*) http://www.cert.org/csirts/action_list.html
Creating the Enterprise CSIRT: Building the eCrime Response Platform
Conclusions
2010
19
Thank You!!! / Obrigado!!! / Gracias!!!
May 2010
Counter-eCrime Operations Summit (CeCOS) IV
Sao Paulo, Brasil