際際滷

際際滷Share a Scribd company logo

Cybersecurity

ETDAofficialRegist
ETDAofficialRegist

Cybersecurity 犖÷険犢犖犖犖 犖犖ム賢犖犖犖園権 犖犖園犖犖伍牽犖犖犖犖÷犖迦犖犖園

1 of 11
Download to read offline
1 CYBERSECURITY 犖犖伍牽犖迦犖犖犖 犖о顕犖∇幻犖犖迦 犖犖項犖犢犖迦犖о権犖犖迦牽犖犢犖迦犖園犖犖迦犖犖園犖犖迦犖伍牽犖犖犖犖÷犖迦犖犖巌犖ム犖犖犖犖犖犖巌犖犢 (犖犖犖犢犖犖迦牽犖÷見犖迦犖) 犖犖迦牽犖犖巌犖犢犖迦犖園犖犢犖о犖犖ム顕犖∇犖 61 犖犢犖犢犖犖劇犖犖 犖犖ム顕犖犖犖 62 - 犖犖項犖ム犖迦牽犖犖園犖犖園犖 3 犖犖犖犢犖犖 ETDA - Electronic Transaction Development Agency, DPA- Data Protection Agency, NCSA - National Cybersecurity Agency 犖犖項犖 犖犖項犖∇犖犖犖萎肩犖迦犖犖迦 Cybersecurity 犢犖ム鍵 Data Protection Knowledge Center 犖÷険犢犖犖犖 犖犖ム賢犖犖犖園権 犖犖園犖犖伍牽犖犖犖犖÷犖迦犖犖園 Promote e-Commerce Develop Standard 犖犢犖迦見犖犖園犖犖伍牽犖犖犖犖÷犖迦犖犖犖犢犖ム犢 Minimize Risks-Cybersecurity, ThaiCert, GMS (Government Monitoring System)
S E C U R I T Y 2 Strong Government Excellence learning Current Situation Uncontrollable Factors Recommen dation Information Security Tips for Social Media Why is Security our shared responsiblity
3 Paperless&Cashless | Digital ID | Open Data | Data Sharing | Blockchain | Artificial Intelligence (AI) STRONG GOVERNMENT 犖犢犖犖犢犖犖犖朽権犖 IT 犢犖犢犖犖犢犖犖 犢犖犖劇犖犖∇犖犖萎犖園犖犖о顕犖÷犖犢犖÷犢犖 犖犖迦 Security SECURITY CYBER
4 EXAMPLE: LESSON LEARNED FROM OTHERS SECURITY CYBER 犖犢犖迦犖犖萎犖 | 犖犖犖犖÷顕犖 | 犖犢犖∇犖迦権 | 犖犖犢犖о権犖犖迦 !!! DATA BREACH 犖犢犖犖÷弦犖 SingHealth 犖犖迦牽犖犖園犖о犖犖ム犖犖 1.5 犖ム犖迦犖犖 ITU : Global Cybersecurity Index (GCI) 2017 WHY犖犖巌犖犢犖犖犢 犖犖園犖犖園 1 Security 犖犖犖犢犖ム
5 犖∇幻犖犖犖犖迦肩犖犖犢 | 犖犖園犖犖迦犖 | 犖犖園犖犖迦犖犖犖÷顕犖 犖犖犖萎犖迦絹 CII | Incident Handling Flow SECURITY CYBER CURRENT SITUATION 犖犢犖迦硯犖犖項 TOP 20 犢犖犢犖犖∇犖迦犢犖 犖犖犖萎犖犖犢犖犖 犖犖園犖犖園 22 犖犖迦 194 犖犖犖萎犖犖 ITU : Global Cybersecurity Index (GCI) 2017
6 UNCONTROLLABLE FACTORS SECURITY CYBER Awareness 犖犖迦犖犖о顕犖÷犖犖萎見犖犖園 Policy Alignment 犖犢犖∇犖迦権犖犖朽犖∇険犖犢犖÷犖犖犖犖犖ム犖犖 Budget 犖犖犖犖犖萎検犖迦犢犖÷犢犖犖朽権犖犖犖 Digital Workforce 犖犖迦犖犖伍犖ム顕犖犖 Software Vulnerability 犖犢犖犖犢犖犖о犖犖犖 Software
7 犖犖朽犖÷顕: SANS 1. Inventory of Authorized and Unauthorized Devices 2. Inventory of Authorized and Unauthorized Software 3. Secure Configurations for Hardware and Software 4. Continuous Vulnerability Assessment and Remediation 5. Controlled Use of Administrative Privileges 11. Secure Configurations for Network Devices 12. Boundary Defense 13. Data Protection 14. Controlled Access Based on the Need to Know 15.Wireless Access Control 犖犖÷顕犖∇犖犖犖: HIPAA = Health Insurance Portability and Accountability Act FFIEC = Federal Financial Institutions Examination Council NERC CIP = North American Electric Reliability Corporation Critical Infrastructure Protection CSA = Cloud Security Alliance 6. Maintenance, Monitoring, and Analysis of Audit Logs 7. Email and Web Browser Protections 8. Malware Defenses 9. Limitation and Control of Network Ports 10. Data Recovery Capability 16.Account Monitoring and Control 17.Security Skills Assessment and Appropriate Training to Fill Gaps 18. Application Software Security 19. Incident Response and Management 20. Penetration Tests and Red Team Exercise 20 CRITICAL SECURITY CONTROLS RECOMMENDATION SECURITY CYBER 犖犖迦牽犢犖犢 Cybersecurity Framework (CSF) 犖犖о犖犖項犖犖園犖÷顕犖犖犖犖迦犢犖ム鍵犖犖犖犢犖犖犖ム犢犖迦犖犖о顕犖÷検犖園犖犖犖犖犖ム賢犖犖犖園権 犖÷顕犖犖犖犖迦犖犖園犖о 犢犖 ISO/IEC 27001 犖犖迦牽犖犖園犖犖迦犖о顕犖÷検犖園犖犖犖犖犖ム賢犖犖犖園権犖犖萎犖犖犖迦牽犖犖犢犖犖 HIPAA 犖犖犖犖÷顕犖∇犖伍犖÷犖犖犖犖犢犖犖÷弦犖ム肩犖伍犖犖迦 (犖犖犖犖園犖犢犖÷牽犖巌犖) FFIEC 犖犖項犖÷厳犖犖犖迦牽犖犖犖о犢犖犖犖朽犖犖犖犖犢犖о権犖犖迦犖犢犖迦犖園犖犖項犖ム犖ム幻犢犖÷犖迦牽犢犖犖巌 (犖犖犖犖園犖犢犖÷牽犖巌犖) NERC CIP 犖÷顕犖犖犖犖迦犖犖о顕犖÷検犖園犖犖犖犖犖ム賢犖犖犖園権犢犖犖犖ム幻犢犖÷犖項犖犖ム鹸犖犢犖犖犢犖 (犖犢犖÷牽犖巌犖迦犖犖犖劇賢) 犖÷顕犖犖犖犖迦犖犖朽 Specific 犢犖犖犖迦鍵犢犖犢犖ム鍵 Sector 犖犖犖巌犖迦牽 Cloud computing - CSA Star 犖犖ム幻犢犖÷肩犖迦犖迦牽犖犖犖伍 - ISO 27799 犖犖ム幻犢犖÷犖犖巌犖迦牽犖犢犖迦牽犖萎犖犖巌 - PCI DSS (Data Security Standard) 犖犖ム幻犢犖÷犖ム険犖犖犖迦犢犖犖犢犖 NERC CIP
8 1. Security and Privacy by Design 2. Regular Audit 3. Asset Classification 4. Risk Management 5. Website Security Standard / Website Application Standard 6. Government Monitoring System : GMS by ThaiCERT 7. Best Practice SECURITY CYBER INFORMATION SECURITY
9 1. Update Software 2. 犢犖÷犢犖犖犢 Password : 犖犖園犖犢犖犢犖∇顕犖 犖犢犖迦犖犢犢犖犢 犢犖犖ム元犢犖∇犖犢犖犖∇ 3. Check 犖犢犖犖 Share 4. 犖犖項犖ム犢犖犖÷弦犖ム肩犢犖о犖犖伍犖犖 5. 犢犖÷犖犖ム犖犖 click link TIPS FOR SOCIAL MEDIA SECURITY CYBER
10 SECURITY CYBER WHY SECURITY IS OUR SHARED RESPONSIBILITY SECURITY 犢犖犢犖犖犖犢犖迦犖朽犖犖犖犖犖伍犖犖
11

More Related Content

Cybersecurity

  • 1. 1 CYBERSECURITY 犖犖伍牽犖迦犖犖犖 犖о顕犖∇幻犖犖迦 犖犖項犖犢犖迦犖о権犖犖迦牽犖犢犖迦犖園犖犖迦犖犖園犖犖迦犖伍牽犖犖犖犖÷犖迦犖犖巌犖ム犖犖犖犖犖犖巌犖犢 (犖犖犖犢犖犖迦牽犖÷見犖迦犖) 犖犖迦牽犖犖巌犖犢犖迦犖園犖犢犖о犖犖ム顕犖∇犖 61 犖犢犖犢犖犖劇犖犖 犖犖ム顕犖犖犖 62 - 犖犖項犖ム犖迦牽犖犖園犖犖園犖 3 犖犖犖犢犖犖 ETDA - Electronic Transaction Development Agency, DPA- Data Protection Agency, NCSA - National Cybersecurity Agency 犖犖項犖 犖犖項犖∇犖犖犖萎肩犖迦犖犖迦 Cybersecurity 犢犖ム鍵 Data Protection Knowledge Center 犖÷険犢犖犖犖 犖犖ム賢犖犖犖園権 犖犖園犖犖伍牽犖犖犖犖÷犖迦犖犖園 Promote e-Commerce Develop Standard 犖犢犖迦見犖犖園犖犖伍牽犖犖犖犖÷犖迦犖犖犖犢犖ム犢 Minimize Risks-Cybersecurity, ThaiCert, GMS (Government Monitoring System)
  • 2. S E C U R I T Y 2 Strong Government Excellence learning Current Situation Uncontrollable Factors Recommen dation Information Security Tips for Social Media Why is Security our shared responsiblity
  • 3. 3 Paperless&Cashless | Digital ID | Open Data | Data Sharing | Blockchain | Artificial Intelligence (AI) STRONG GOVERNMENT 犖犢犖犖犢犖犖犖朽権犖 IT 犢犖犢犖犖犢犖犖 犢犖犖劇犖犖∇犖犖萎犖園犖犖о顕犖÷犖犢犖÷犢犖 犖犖迦 Security SECURITY CYBER
  • 4. 4 EXAMPLE: LESSON LEARNED FROM OTHERS SECURITY CYBER 犖犢犖迦犖犖萎犖 | 犖犖犖犖÷顕犖 | 犖犢犖∇犖迦権 | 犖犖犢犖о権犖犖迦 !!! DATA BREACH 犖犢犖犖÷弦犖 SingHealth 犖犖迦牽犖犖園犖о犖犖ム犖犖 1.5 犖ム犖迦犖犖 ITU : Global Cybersecurity Index (GCI) 2017 WHY犖犖巌犖犢犖犖犢 犖犖園犖犖園 1 Security 犖犖犖犢犖ム
  • 5. 5 犖∇幻犖犖犖犖迦肩犖犖犢 | 犖犖園犖犖迦犖 | 犖犖園犖犖迦犖犖犖÷顕犖 犖犖犖萎犖迦絹 CII | Incident Handling Flow SECURITY CYBER CURRENT SITUATION 犖犢犖迦硯犖犖項 TOP 20 犢犖犢犖犖∇犖迦犢犖 犖犖犖萎犖犖犢犖犖 犖犖園犖犖園 22 犖犖迦 194 犖犖犖萎犖犖 ITU : Global Cybersecurity Index (GCI) 2017
  • 7. 7 犖犖朽犖÷顕: SANS 1. Inventory of Authorized and Unauthorized Devices 2. Inventory of Authorized and Unauthorized Software 3. Secure Configurations for Hardware and Software 4. Continuous Vulnerability Assessment and Remediation 5. Controlled Use of Administrative Privileges 11. Secure Configurations for Network Devices 12. Boundary Defense 13. Data Protection 14. Controlled Access Based on the Need to Know 15.Wireless Access Control 犖犖÷顕犖∇犖犖犖: HIPAA = Health Insurance Portability and Accountability Act FFIEC = Federal Financial Institutions Examination Council NERC CIP = North American Electric Reliability Corporation Critical Infrastructure Protection CSA = Cloud Security Alliance 6. Maintenance, Monitoring, and Analysis of Audit Logs 7. Email and Web Browser Protections 8. Malware Defenses 9. Limitation and Control of Network Ports 10. Data Recovery Capability 16.Account Monitoring and Control 17.Security Skills Assessment and Appropriate Training to Fill Gaps 18. Application Software Security 19. Incident Response and Management 20. Penetration Tests and Red Team Exercise 20 CRITICAL SECURITY CONTROLS RECOMMENDATION SECURITY CYBER 犖犖迦牽犢犖犢 Cybersecurity Framework (CSF) 犖犖о犖犖項犖犖園犖÷顕犖犖犖犖迦犢犖ム鍵犖犖犖犢犖犖犖ム犢犖迦犖犖о顕犖÷検犖園犖犖犖犖犖ム賢犖犖犖園権 犖÷顕犖犖犖犖迦犖犖園犖о 犢犖 ISO/IEC 27001 犖犖迦牽犖犖園犖犖迦犖о顕犖÷検犖園犖犖犖犖犖ム賢犖犖犖園権犖犖萎犖犖犖迦牽犖犖犢犖犖 HIPAA 犖犖犖犖÷顕犖∇犖伍犖÷犖犖犖犖犢犖犖÷弦犖ム肩犖伍犖犖迦 (犖犖犖犖園犖犢犖÷牽犖巌犖) FFIEC 犖犖項犖÷厳犖犖犖迦牽犖犖犖о犢犖犖犖朽犖犖犖犖犢犖о権犖犖迦犖犢犖迦犖園犖犖項犖ム犖ム幻犢犖÷犖迦牽犢犖犖巌 (犖犖犖犖園犖犢犖÷牽犖巌犖) NERC CIP 犖÷顕犖犖犖犖迦犖犖о顕犖÷検犖園犖犖犖犖犖ム賢犖犖犖園権犢犖犖犖ム幻犢犖÷犖項犖犖ム鹸犖犢犖犖犢犖 (犖犢犖÷牽犖巌犖迦犖犖犖劇賢) 犖÷顕犖犖犖犖迦犖犖朽 Specific 犢犖犖犖迦鍵犢犖犢犖ム鍵 Sector 犖犖犖巌犖迦牽 Cloud computing - CSA Star 犖犖ム幻犢犖÷肩犖迦犖迦牽犖犖犖伍 - ISO 27799 犖犖ム幻犢犖÷犖犖巌犖迦牽犖犢犖迦牽犖萎犖犖巌 - PCI DSS (Data Security Standard) 犖犖ム幻犢犖÷犖ム険犖犖犖迦犢犖犖犢犖 NERC CIP
  • 8. 8 1. Security and Privacy by Design 2. Regular Audit 3. Asset Classification 4. Risk Management 5. Website Security Standard / Website Application Standard 6. Government Monitoring System : GMS by ThaiCERT 7. Best Practice SECURITY CYBER INFORMATION SECURITY
  • 9. 9 1. Update Software 2. 犢犖÷犢犖犖犢 Password : 犖犖園犖犢犖犢犖∇顕犖 犖犢犖迦犖犢犢犖犢 犢犖犖ム元犢犖∇犖犢犖犖∇ 3. Check 犖犢犖犖 Share 4. 犖犖項犖ム犢犖犖÷弦犖ム肩犢犖о犖犖伍犖犖 5. 犢犖÷犖犖ム犖犖 click link TIPS FOR SOCIAL MEDIA SECURITY CYBER
  • 10. 10 SECURITY CYBER WHY SECURITY IS OUR SHARED RESPONSIBILITY SECURITY 犢犖犢犖犖犖犢犖迦犖朽犖犖犖犖犖伍犖犖
  • 11. 11