The existing Digital Transformation is totally based on secure internet and its smooth availability till the last mile. Cyber Criminals are there to dislodge the smooth flow for their own reason and normally their targets are financial institutions, critical infrastructure and personal information etc. To control this we need incident response immediate steps normally taken by Computer Emergency Response Team (CERT). In Pakistan there is no National Cyber Emergency Response Team (CERT) which could built the capacity of other organizations to form their own CERTs. This job is normally performed by some CERTs coordination centers which perform the following functions:
To establish their own Cyber Emergency Response Team (CERT) which could respond in Cyber Emergencies.
To build the capacity of their member CERTs through trainings to understand the attacks and respond to these attacks in real time.
To issue latest and updated alerts and warnings of Cyber Threats from all around the world to the member of their organizations.
Act as coordinator for arranging Cyber Drills; National and International both.
What is a CERT Coordination Center?
CERT Coordination Center is the focal point of contact for many CERTs to develop the hierarchy of knowledge base of Cyber Threats, their response and keep it updated as & when threat perceptions are changed. CERT Coordination Center keeps regular liaison with its member CERTs locally and abroad to maintain the currency of this knowledge database.
Need of a CERT Coordination Center in Pakistan
Currently there is no focal point of contact in Pakistan which could assist/support the public and private sector organizations to establish their own CERTs, manage it as per International standards and to train their constituency. Center of Information Technology is managing PISA-CERT for the last twelve years and during the process has achieved certain standards in Pakistan and abroad in the area of Cyber Drills and has built/established its capability to form their own CERTs.
About Center of Information Technology
Center of Information Technology (CIT) is a private limited company working in Pakistan for the last 25 years in the area of IT education, Cyber Security and upcoming technologies. Since 2005 Center of Information Technology is supporting Pakistan Information Security Association (PISA) Pakistan and funding all its initiatives locally and abroad.
About CIT-CERT Coordination Center
With all past experience Center of Information Technology (CIT) decided to establish CIT-CERT Coordination Center on March 28th 2018 at inauguration ceremony under the supervision of Mr. Amir-ud-Din CEO Cyber Security Malaysia.
Since then CIT Team was working to put in place CIT-CERT Coordination Center.
Why your IT & Cyber Security Departments should Join Cyber Drill?
Time matters when it comes to breach resolution. When a security breach occurs, it is important to have the resiliency to keep the company’s core operation running smoothly. Organizing a regular Cyber Security Drill will allow you to impart knowledge into your team. They will learn from their mistakes and become familiar with the various types of threat they might face if a real security breach actually happens. With this knowledge, they will be able to isolate the threat, provide solution to it, and execute it to resolve the crisis. Response handling should not only be quick but also accurate. Cyber Security Drill will ensure that you have an accurate channel of communications to your customers, the industry regulators and the media. You need to explain what actually happened. Hour your company is addressing it, and what customers should do in the meantime. This will help you maintain the level of trust and interest your customers have in you as they will expect immediate disclosure of a serious data breach.
The main objectives of the Cyber Drill Exercise:
Train Cyber Security staff to successfully overcome a Cyber-Attack
Evaluate the Cyber Security Team’s response to Cyber-Attacks
Check the contingencies of their IT processes and procedures
Test technical competency in dealing with Cyber-Attacks.
Realization of overall attack and how they handle the situation
Test the communication contact points, internal team communication as well as with other departments in Cyber Emergencies.
How they successfully communicate with the media without affecting confidentiality
Encourage Coordination and information sharing between trusted parties/stakeholders and competitors to mitigate the attack.
Train the Senior Executives and Media Reps of the Company/Organizations to Respond to Media after any Cyber Attack.
Assembling a drill team gives you the opportunity to work with your partners to share experiences and develop best practices for Cyber Security scenarios involving multiple parties.
You will be able to conduct tests and understand the strength and weakness of the team, and also find ways of strengthening the Cyber Security team, so they can serve as the front line in the event that in actual incident happens.
It is important to have a stand by Cybersecurity team, but it is also vital for employees to have an understanding of how Cybersecurity works in case of emergencies
As an addition to the Cybersecurity team, there should be representatives from other departments such as communications and leadership teams.
This will help increase the chances of preventing cyber-attacks and coping with it if it does happen. The drill exercises can include role-playing, planned exercises, spot checks, and team work, planned exercise, spot checks, and team work. At first, the idea of Cybersecurity may feel more comfortable when faced with different Cybersecurity scenarios.