Addressing the threat of cybercrimewww.ncso.ph

Agenda

Policy, Strategy, Plans and Programs

Cybersecurity Organizations

Issues and Concerns

“This National Cyber Security Plan shall be the cornerstone of the country’s Cyber Security Policy.

It is a necessary instrument to guide us in creating a more secure and stable environment for our country’s growth”

Cybersecurity Strategy reinforces current policy and

operational measures to reduce vulnerability in the cyberspace under Philippine jurisdiction;

nurtures a culture of cyber security amongst users and critical sectors; and

strengthens self-reliance in terms of information security technologies and human resources.

CICT established the Cybersecurity

Coordinator in order to address cyber related

vulnerabilities and oversee the full

implementation of the Cyber Security Plan

National Coordination for Cyberspace Security

National Cyberspace Security Coordination

Industries(DTI)

Telecom(NTC)

Banking(BSP)

NCC(Govt CERT)

NBIPNPAFP

Transport(DOTC)

Power(Meralco)

Law(DOJ/SC)

Coordination Center(PhCERT)

Forensic Cyber Warfare

Knowledge Database(OP)

Risk Assessment/Honeynet(NSC/NICA/NEDA)

Training/Advocacy(NCC/ISSSP)

SECTORAL CERT

(DOE)

(N-CERT)

NCSO-CICT

Govt CERT

(NCC)

Industries(DTI)

Telecom(NTC)

Banking(BSP)

NCC(Govt CERT)

NBIPNPAFP

Transport(DOTC)

Power(Meralco)

Law(DOJ/SC)

Coordination Center(PhCERT)

Forensic Cyber Warfare

Knowledge Database(OP)

Risk Assessment/Honeynet(NSC/NICA/NEDA)

Training/Advocacy(NCC/ISSSP)

SECTORAL CERT

(DOE)

(N-CERT)

NCSO-CICT

Govt CERT

(NCC)

Cyber Security Center

Cyber Security Center

Cyber Crime Unit and Computer Forensic Labs

Zamboanga City General Santos CityDavao City

Police Training Courses on Cyber Crime EnCase Intermediate Analysis and Reporting Cyber Incident Response Train the Trainer Cell Phone Forensic Advance Computer Forensic Investigation and Seizure of Digital Evidence Digital Forensic Investigation

PNP-CIDG serves as: Asia Pacific Economic Countries (APEC)

24 x 7 Contact Person on Cyber Crimes Interpol Asia – South Pacific Working

Party on Information Technology Crimes INTERPOL 24/7 Contact person on High

Tech Crimes.

PNP partners in investigating cybercrimes: U.S. – High Technology Crime Consortium International – High Technology Crime Investigation

Associations U.S – National White Collar Crime Center (NW3C) Asia – Pacific Computer Emergency Response Team (AP –

CERT) Cyber Crime Technology Information Network system

(CTINS) Asia Pacific Economic Countries (APEC) Interpol Asia – South Pacific Working Party on Information

Technology Crimes INTERPOL

Government Security Program

Cyber Security Training

Top 10 Source Attacks

Canada 3%

Hong Kong 2%

Taiwan 3%

India 3%

Philippines 3%

Thailand 4%

Korea-KR 7%

Japan 10%

United States 30%

China 35%

CN (China) US (United States) JP (Japan) KR (Korea-KR)

TH (Thailand) PH (Philippines) IN (India) TW (Taiwan)

CA (Canada) HK (Hong Kong)

Cyber Security Assessment

Legislation

• create a safe IT environment for Children

• launch information campaign to the industry and government to take responsibility for making online and interactive technologies safe.

Child Online Protection

Cyber Security Awareness

Cyber Defense Capability Building

Issues that confront law enforcers: Non-cooperation from the Internet Service Providers Non-cooperation from the Internet Service Providers

(ISPs) and Telcos(ISPs) and Telcos

Lack of computer forensic equipments and computer Lack of computer forensic equipments and computer forensic applicationforensic application

Absence of computer literate judges and prosecutorsAbsence of computer literate judges and prosecutors

Lack of specialized training for law enforcers to address Lack of specialized training for law enforcers to address cyber crimecyber crime

The existing cyber crime law is insufficient to cover the The existing cyber crime law is insufficient to cover the vast area of cyber crimevast area of cyber crime

Strategic Issues and ConcernsON POLCY AND LEGAL REGIME

There is still a need to pass / enact a law that shall institutionalize and empower the current initiatives or ad hoc organizations

There is a need to increase the effort to educate the legislators, regulators and administrator in order to facilitate the passage of relevant policies, regulations and laws to address cybercrime

ON RESOURCE PLANNING

There is a need to complement the policies with the necessary resources to implement such policies and ensure compliance among stakeholders

There is a need to develop a technology research management capability in order to address the required innovation and adaptation

Strategic Issues and Concerns

Issues and Concerns

INCIDENT RESPONSE

There is still a need to standardize the policies, technical platforms, and operational procedures in order to facilitate the required information exchange between and among the incident responders

There is a need to develop a education and certification mechanism in order to create a critical mass of local cyber security experts

Strategic Issues and Concerns

Issues and Concerns

CAPABILITY DEVELOPMENT

There is a need for the government to empower its human resources in order to become competitive based on industry standards in order for the government to acquire and maintain skilled required cyber specialists

Strategic Issues and Concerns

Issues and Concerns

ON EDUCATION AND INFORMATION CAMPAIGN

There is need to institutionalize and sustain the development, production, dissemination of related information materials

There is a need to escalate to the relevant policy-making bodies the need for the adoption of global standards and its customization to local settings in addressing cybercrime such as, among others: EU Convention on Cybercrime; Interpol Cybercrime Manual.

Strategic Issues and Concerns

Issues and Concerns

PUBLIC AND PRIVATE COOPERATION

There is a need to further establish a confidence building amongst the CII regulators and stakeholders in terms of sharing experiences in encountering and handling cyber incidents with an end view of comprehensively understand and assess the impact of cybercrime to the national economy and security.

There is need to enhance the Public and Private sector partnership in inculcating the cyber security culture

Strategic Issues and Concerns

Cybersecurity : Addressing the threat of cybercrime

Office of the National Cyber security Coordinationcenter@ncso.cict.gov.ph

www.ncso.ph