cybercrime and cybersecurity differences
Post on 15-Jul-2015
88 Views
Preview:
TRANSCRIPT
Cybercrime vs Cybersecurity@bact
APC Meeting, Manila, 28 Mar 2015
Relationship
• Cybercrime - [Undesired] ACTIVITY
• Cybersecurity- [Desired] STATE
• Cybersecurity threats: criminals, terrorists, spies, malicious cyber actors
Different “Cybercrime”• Narrow sense: Computer crime
• “any illegal behaviour directed by means of electronic operations that target the security of computer systems and the data processed by them”
• Broader sense: Computer-related crime
• “any illegal behaviour committed by means of, or in relation to, a computer system ornetwork, including such crimes as illegal possession and offering or distributing information by means of acomputer system or network”
Different “Cybercrime”
• Narrow sense: Computer crime
• Computer as TARGET
• Broader sense: Computer-related crime
• Computer as TOOL
Strengthen “Cybersecurity”• Strategies/action plans aimed to strengthen
cybersecurity
• Government security
• Protection of critical information infrastructures
• Fight against cybercrime
• Awareness raising, Education
• Response (incident response team - CSIRT / CERT)
CII - Link to National Security• Critical information infrastructures (CII)
• “interconnected information systems and networks, the disruption or destruction of which would have a serious impact on the health, safety, security, or economic well being of citizens, or on the effective functioning of government or the economy” (OECD)
• National CII: Information components supporting critical infrastructures; Information infrastructures supporting essential components of government business; Information infrastructures essential to the national economy
• Critical infrastructure
• “systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters” (US)
Resources• [ITU] Understanding Cybercrime: Phenomena, Challenges and Legal Response http://
www.itu.int/ITU-D/cyb/cybersecurity/
• [OECD] Cybersecurity Policy Making at a Turning Point: Analysing a New Generation of National Cybersecurity Strategies for the Internet Economy http://oe.cd/security
• [EU] Digital Agenda for Europe: Cybersecurity http://ec.europa.eu/digital-agenda/en/cybersecurity
• [EU] EU International Cyberspace Policy http://eeas.europa.eu/policies/eu-cyber-security/
• [EU] Directive 2013/40/EU on attacks against information systems http://eur-lex.europa.eu/legal-content/EN/ALL/?uri=CELEX:32013L0040
• [Council of Europe] Convention on Crime http://conventions.coe.int/Treaty/Commun/QueVoulezVous.asp?NT=185&CM=8&DF=02/06/2010&CL=ENG
• [NATO] Cyber Security Strategy Documents https://ccdcoe.org/strategies-policies.html
Resources (2)• [US] US cybercrime: Rising risks, reduced readiness Key findings from the 2014 US
State of Cybercrime Survey http://www.pwc.com/cybersecurity
• [US] Executive Order (EO) 13636 Improving Critical Infrastructure Cybersecurity
• [US] Presidential Policy Directive (PPD)-21 Critical Infrastructure Security and Resilience
• [US] Presidential Policy Directive (PPD)-28 Signals Intelligence Activities
• [US] U.S. Code Title 42 Section 2000ee Privacy and Civil Liberties Oversight Board
• [Singapore] National Cyber Security Masterplan 2018 http://www.ida.gov.sg/Collaboration-and-Initiatives/Initiatives/Store/National-Cyber-Security-Masterplan-2018
• ASEAN ICT Masterplan 2015 http://www.asean.org/resources/publications/asean-publications/item/asean-ict-masterplan-2015
top related