Keep Calm & Incident Response (+ Collaborate)

By on 3 Sep 2014

Category: Tech matters

Tags: ,

Blog home

I was at the Asia Pacific Computer Emergency Response Teams (APCERT) AGM & Conference around March this year. As usual, this gathering is pretty unique and one of my favorite events.

For those who do not know about APCERT, they are basically a group of CERTS/CSIRTS in our region helping to make the Internet a better safer place for everyone. Check out their Annual Report 2013   to get a better idea on who are the members and what they did last year.

A common misconception that people may have about APCERT or CERT/CSIRTs in general is that they only do security incident response. The fact is, because the CERTS/CSIRTs handle all kinds of incidents daily, they can translate their experience into lessons learned or security awareness materials for end-users.

So we have seen that in the the last couple of years, one of the interesting outcomes of many national CERTs project has been the cyber security awareness campaigns and messaging on different kinds of topics like malware, phishing, and best practices for keeping your social media accounts safe. Check out some of these cyber security awareness sites developed by the CERTs in  Malaysia  Brunei & Macau

Incident response co-ordination is something that many of the members of APCERT do as well. Even though the Incident Response Team (IRT) information for an IP address (or address range) can be queried from our WHOIS database, there are times when the national CERTS/CSIRTs can help make things happen faster.

APCERT serves also as a good example of  real regional technical collaboration. Since 2006, they have been organising ‘Cyber Security Drills’ where members work together to develop security incident scenarios and play them out with each other. Now, for those who are not familiar with the cyber security incidents exercises, these are not the same as the ‘Capture The Flag’ competitions at Security Conferences. The main objective is often to test the incident response plans and procedures.

From what I have heard, this year’s (2014) drill was a successful event with more than 20 CSIRTs participating from multiple economies. You can read their media release here. Well done APCERT!

apcert-book

 

 

Rate this article

The views expressed by the authors of this blog are their own and do not necessarily reflect the views of APNIC. Please note a Code of Conduct applies to this blog.

Leave a Reply

Your email address will not be published. Required fields are marked *

Top