Issue Date:

Revision:

Get Involved and Contribute! Adli Wahid

Security Specialist, APNIC

adli@apnic.net

2

About Adli

• Friend of Jacomo!

• Lets connect! – @adliwahid (Twitter, LInkedIn) – Blog: https://blog.apnic.net

• Security Specialist @ Asia Pacific Network Information Centre (APNIC) – www.apnic.net/security

• Board Member of the Forum of Incident Response & Security Teams (FIRST)

Jacomo!

APNIC’s Vision:

A global, open, stable, and secure Internet that serves the entire Asia Pacific community.

How we achieve this:

• Serving Members

• Supporting the Asia Pacific Region

• Collaborating with the Internet Community

3

Security Outreach

4

Craig Ng

Promoting security best practices in the

APNIC community

NOGs, CSIRTS and LEA events

PK, CN, HK, KR, JP, PH SG, MY, ID, AU, TW

Collaboration with JICA and KISA to deliver

regional CERT training

Geoff Huston member of ICANN SSAC

Adli Wahid member of FIRST Board

MoU with APCERT

Interpol Global Cyber Crime Group

Adli Wahid

www.apnic.net/security

Security Response Community:

Are We There Yet?

Responding to Security Incidents

6

National Cyber Security Agency

National CERT / CSIRTs

Enterprise CERTs/CSIRTs

End-Users

Critical Infrastructure, Network Providers, Hosting, Cloud, Government, Financial Services, SMEs =

7

Thinking about the the problem

National Regional Global

8

Challenge #X Human Resources

9

Education

Technical

Soft skills

Formal

Informal

10

Where or how do I start?

Breaking down • Knowledge & skills

• Access to threat intelligence – On to trusted communities

• Access to people, expertise – Mentoring, coaching– Sharing of experience & lessons learned

• Challenge – Trust – “Don’t know anyone”

Can we teach this faster?

12

The power of communities

13

Different communities• Open Source projects

– Github!– Many security projects to join

• Local communities – Activities – Sharing ideas – Mentoring

• Special Interest Groups – FIRST (www.first.org) – Honeynet Project (www.honeynet.org) – OWASP (www.owasp.org)

• Examples – Network Operators Group (NOGs) – New Zealand Internet Task Force (NZITF)

14

Can I trust you? Who are you?

• Certain security groups are not easy to get involved with

• What am I sharing? – Ongoing investigation – My data / access

• Solutions – Trusted introducers – Web of trust – Traffic light protocol

15

Not this community!

16

What can you do?

• Individual– Start now – Get together – Make introductions

• Leaders– Encourage & motivate

• Businesses & government – Support – Provide platform & resources

• Law Enforcement – Awareness

• Everyone has a role to play

APNIC’s approach

• Capacity development – Internet Infrastructure – Cyber Security*

• Online training– http://training.apnic.net

• Strategic partnership – Various stakeholders– Regional & global – Shared goals

17

18

Get involved & contribute!

Internet Operational Research Grants

19

New fund supporting the Internet research community in the Asia Pacific

Research aiming to improve availability, reliability, and security of the Internet in the

Asia Pacific

Network measurement and analysis

IPv6 deployment BGP Routing Network Security

Issue Date:

Revision:

Be United, Be Secure!Adli Wahid

www.apnic.net

adli@apnic.net