Title: State Government ICT Security
1State Government ICT Security
Sabah State Government CIO Conference 2004
- Presented by
- Dr Mingu Jumaan
- Director
- Jabatan Perkhidmatan Komputer Negeri
22 June 2004
2Background
- Recognised ICT as a strategic tool
- Established SITC on 23 July 1996
- to spearhead ICT deployment and development in
the State - Modelled along the NITC
3Background
Sabah IT Council (SITC)
Chairman
Chief Minister
Deputy Chairman
Minister of Resource Development and IT
Secretariat
State IT Unit
Members
Public, Private and Third sectors
4Functions of SITC
Background
- Formulates policies
- Monitors ICT projects
- Advises State Government
- Liases with Federal Government
- Promotes use of ICT
- Strategies ICT development
5Background
- Launched Electronic Government and SabahNet on
23rd September 1997. - One of the desired features of an electronic
government is to guarantee that - confidential data held in the system is fully
protected. - network be protected from unauthorized access,
malicious attack and loss of data integrity - External and internal threats on ICT security
- Poor ICT Security can leads to inability to
function and lose of data, incur more cost to fix
and recover data, disruption to government
operation, and damage reputation.
6Background
- Security policy needs to be defined to protect
the government ICT assets as well as to provide
better and faster response to security incidents. - SITC endorsed the formation of a Working
Committee on State Government ICT Security on
29th May 2002.
7State Government ICT Security Working Committee
- State Chief Information Officer (CIO) - Chairman
- State Chief Security Officer (CSO) - Head of
secretariat - Setiausaha Tetap Kementerian Kewangan - member
- Pengarah Jabatan Perkhidmatan Awam Negeri
member - Pengarah Unit Kemajuan IT - member
- Pegawai Keselamatan Malaysia, Negeri Sabah -
member - Setiausaha Hal Ehwal Dalam Negeri dan
Penyelidikan -member
8Terms of Reference
State Government ICT Security Working Committee
- To recommend specific measures in addressing ICT
security issues to SITC - Prepare reports and present findings for the
deliberation of SITC
9Objectives of Working Committee
State Government ICT Security Working Committee
- To minimize the adverse effect of security
incidents - To educate users of ICT assets security measures
- To provide a mechanism for reporting of security
incidents so that remedy / action can be taken
quickly - To ensure that ICT security measures/guidelines
are adhered to by users
10Functions of Working Committee
State Government ICT Security Working Committee
- To formulate and review policies, goals,
strategies, standard and operational guidelines
pertaining to ICT security of the state
government - To advise the state government on the development
of human resources to ensure successful
implementation of ICT security measures - To liaise with the federal government on national
ICT security policies and plans
11Functions (cont)
State Government ICT Security Working Committee
- To monitor, review and co-ordinate the
implementation of state ICT security measures
among state public agencies - To establish standard in the application of ICT
security measures - To carry out auditing on state ICT assets so that
security measures/guidelines are adhered to - To carry out research and development on ICT
security technologies
12Secretariat of Working Committee
State Government ICT Security Working Committee
- Secretariat - JPKN
- Chairman of the secretariat - Director of JPKN
- Members - JPKN, UKIT and KKIPC
- Terms of reference of the secretariat shall be
to provide secretarial, organizational and
administrative services to the ICT security
working committee
13State ICT Security Teams
- Under the State Government ICT Security Working
Committee, five teams were formed to look after
specific areas of State ICT security matters
14State ICT Security Teams
sgCERT
Audit
Monitoring
State ICT Security Working Committee
Secretariat (JPKN)
HRD
RD
15Incident Response Forensic (sgCERT)
State ICT Security Teams
- Membership
- Core Technical Members
- Members from State Government ICT Security Team
- Remote Agents
- Selected personnel at each major remote sites
- Functions
- To formulate / review procedures in responding to
incidents - To report ICT security Incidents
16State ICT Security Teams
- sgCERT (Cont)
- To respond to report of ICT Security incidents
- To identify and inform relevant personnel on
incidents based on need to know basis - To collect and analyse forensic evidence
- To write reports on incidents and propose the
next course of action - Lodge police report for legal action
- Patch systems and fix vulnerability
17Audit and Assessment
State ICT Security Teams
- Membership
- Core Technical Members
- Members from State Government ICT Security Team
- Remote Agents
- Selected personnel at each major remote sites
- Independent Auditors
- To compare the actual ICT security level and with
the perceived ICT security baseline
18Audit and Assessment (Cont)
State ICT Security Teams
- Functions
- To formulate and review ICT security auditing and
assessment procedures - To take pre-emptive actions to remove possible
source of vulnerabilities based on security
advisories received - To plan for security enhancement
- To register all ICT equipment /facilities
/services - To periodically audit and assess the ICT security
and update the ICT security baseline.
19Education and Awareness (HRD)
State ICT Security Teams
- Membership
- Members from State Government ICT Security Team
- INSAN
- Functions
- To formulate and review training curriculum on
ICT security - To plan, conduct and review ICT security
awareness activities - To conduct regular ICT security training
20Security Monitoring
State ICT Security Teams
- Membership
- Core members
- Members of the State Government ICT Security Team
- Sabah.Net Secure Network Operating Center
- Remote agents
- Selected personnel at each major remote sites
- Functions
- To formulate and review ICT Security Monitoring
procedures - To monitor and ensure Security Policy Compliance
- To monitor and create Security Advisory
- To report suspicious activities
- To monitor daily security logs
21Research Development
State ICT Security Teams
- Membership
- Members from State Government ICT Security Team
- Functions
- To evaluate security tools and propose
recommendation - To study Systems / Network / Application Security
improvement propose recommendation - To create customised tools / scripts to improve
ICT securities - To create commercial ICT security products
- To report new vulnerabilities found to vendors
22Future Activities
- Policy formulation
- Awareness training
- Security forums
- Security auditing
23Challenges
- Attitude and mindset of the users Not bother
and not sensitive - Lack of staff with time and skills devoted to
security - Local security training available insufficient
24Closing Remarks
ICT security is important ..
The most critical security hole not lie with the
system, but the people operating the systems.
Need to treat ICT security seriously. ICT
security matters are everyone responsibility.
Secured ICT
The only truly secured ICT is where the computer
is buried in concrete, with the power turned off
and the network cable cut.
25Thank You