Table of contents exchange of letters with the minister executive summary



Download 5.91 Mb.
View original pdf
Page321/329
Date27.11.2023
Size5.91 Mb.
#62728
1   ...   317   318   319   320   321   322   323   324   ...   329
Report of the COI into the Cyber Attack on SingHealth 10 Jan 2019

COI Report – Part VII
Page 412 of 425

(i) Security principles ii) Security vulnerabilities/weaknesses; iii) The internet iv) Risks v) Network protocols vi) Network applications and services vii) Network security issues viii) Host/system security issues ix) Malicious code and x) Programming skills. c) Incident handling skills – i) Local team policies and procedures ii)
Understanding/identifying intruder techniques iii) Communicating with sites iv) Incident analysis and v) Maintenance of incident records.
1194. Reinforcement and real-world application of training. The war against cyber attackers is unpredictable and rapidly evolving. A well-prepared CERT would be a powerful weapon in the arsenal of any defender. However, training



COI Report – Part VII
Page 413 of 425

alone would not be adequate to ensure that the CERT fulfils its potential as the guardian of an organisation’s IT assets. It is crucial that training and theoretical knowledge is made real and ingrained in the CERT members through the conduct of regular practical exercises. As CE, CSA said
“CSA recommends that IHiS should conduct a thorough review of their processes to ensure that there are no gaps, followed by a thorough and systematic training process to ensure that all staff have internalised these processes, and know exactly what steps to take in the event of a cybersecurity incident
1195. In this regard, TTXes (Table Top Exercises) and drills are key to ensuring that CERT members familiarise themselves with incident response plans and processes. Repeated execution of these plans and processes will lead to increased efficiency, and reduce the chances of confusion and hesitation causing a delayed response in the event of areal attack. Furthermore, these exercises will inevitably expose weaknesses in the plans and processes that can then be addressed. The importance of practice and practical application cannot be overstated. As Gen. Alexander said Proper training and a solid exercise program would have ensured personnel knew and understood their roles and responsibilities in helping to prevent the cyber attack on SingHealth. Personnel involved in detecting and mitigating this attack would have benefited from an individual and collective training program
1196. The conduct of exercises will also help to alert management to the natural abilities (or inabilities) of CERT members. This will allow for an assessment of the initiative of individual team members, and also for the evaluation of potential bottlenecks in the incident response process due to the failings of individual officers (e.g. the SIRM).

Download 5.91 Mb.

Share with your friends:
1   ...   317   318   319   320   321   322   323   324   ...   329




The database is protected by copyright ©ininet.org 2024
send message

    Main page