Result of the Attitude Survey on Information Security

Full text

(1)

1

Result of the Attitude Survey

Result of the Attitude Survey

on Information Security

on Information Security

Conducted toward the companies

Conducted toward the companies

Operating in Thailand

Operating in Thailand

Presentation

February, 2009 Center of the International Cooperation for Computerization of Japan

(2)

¾

¾

The survey period : Oct.

The survey period : Oct.

Nov. 2008

Nov. 2008

¾

¾

Target organizations: Companies in Thailand

Target organizations: Companies in Thailand

¾

¾

Number of answers received : 512

Number of answers received : 512

About the Survey

About the Survey

(3)

3

Agenda

Agenda

1.

1.

About the Company Profile of the survey

About the Company Profile of the survey

2.

2.

The Current Situation of the Information

The Current Situation of the Information

Security Management

Security Management

3.

(4)

1. About the Company Profile of the Survey

1. About the Company Profile of the Survey

¾

¾

1.1 About the company profile

1.1 About the company profile

¾

(5)

5

1.1 About the company profile

1.1 About the company profile

¾

¾ The companies originally coming from The companies originally coming from

z

z A. Local (include majority of JV) A. Local (include majority of JV) ::296296 z

z B. Japan (include majority of JV) B. Japan (include majority of JV) ::153153 z

z C. Other Asian (include majority of JV) C. Other Asian (include majority of JV) ::1717 z

z D. America or Europe (include majority of JV) D. America or Europe (include majority of JV) : 38: 38 z

z E. Other country (include majority of JV) E. Other country (include majority of JV) : 6: 6

A, 58% B, 30% E, 1% D, 7% C, 3% A B C D E

(6)

1.1 About the company profile

1.1 About the company profile

¾

¾ The ratio of security vendor, IT vendor, and company using ITThe ratio of security vendor, IT vendor, and company using IT

z

z A. Company specializing in providing securityA. Company specializing in providing security--related products or related products or services

services

z

z B. Company specializing in providing IT products or servicesB. Company specializing in providing IT products or services z

z C. Company using ITC. Company using IT

A, 3% B, 22% C, 75% A B C

(7)

7 Small, 19% Medium, 37% Large, 44% Small Medium Large

1.1 About the company profile

1.1 About the company profile

¾

¾ Number of employee that companies ownNumber of employee that companies own

6% 12% 27% 25% 12% 10% 9% 0% 5% 10% 15% 20% 25% 30% G. 5,001 or more F. 1,001 to 5,000 E. 301 to 1,000 D. 101 to 300 C. 51 to 100 B. 21 to 50 A. 20 or less Small Medium Large

The ratio of large, medium, and small sized companies

(8)

1.1 About the company profile

1.1 About the company profile

¾

¾ The ratio of large, medium, and small sized companies comparing The ratio of large, medium, and small sized companies comparing

with the number of their administrator

with the number of their administrator

33% 18% 1% 47% 44% 17% 19% 39% 81% 0% 20% 40% 60% 80% 100% SMALL sized companies MEDIUM sized companies LARGE sized companies

A. Have full-time administrators B. Administrators are double as other post

(9)

9

1.1 About the company profile

1.1 About the company profile

¾

¾ The ratio of large, medium, and small sized companies comparing The ratio of large, medium, and small sized companies comparing

with the custom of password changing

with the custom of password changing

Servers Password

Servers Password Clients PasswordClients Password

13% 3% 2% 16% 13% 10% 56% 49% 30% 16% 35% 58% 0% 20% 40% 60% 80% SMALL sized companies MEDIUM sized companies LARGE sized companies

A. Change them frequently B. Use passwords, but do not change

C. Passwords are shared among members D. Not use 24% 11% 3% 6% 9% 4% 54% 50% 36% 16% 29% 57% 0% 10% 20% 30% 40% 50% 60% SMALL sized companies MEDIUM sized companies LARGE sized companies

A. Change them frequently B. Use passwords, but do not change

C. Passwords are shared among members

(10)

1.1 About the company profile

1.1 About the company profile

¾

¾ The ratio of large, medium, and small sized companies comparing The ratio of large, medium, and small sized companies comparing

with the physical security control

with the physical security control

72% 51% 19% 13% 22% 30% 13% 21% 37% 2% 6% 14% 0% 10% 20% 30% 40% 50% 60% 70% 80% SMALL sized companies MEDIUM sized companies LARGE sized companies A. Use biometrics B. Use ID cards C. Other D. Not controlled

(11)

11

1.1 About the company profile

1.1 About the company profile

¾

¾ The ratio of large, medium, and small sized companies comparing The ratio of large, medium, and small sized companies comparing

with establishing their information security policy

with establishing their information security policy

18% 6% 2% 42% 26% 14% 18% 27% 21% 22% 41% 64% 0% 10% 20% 30% 40% 50% 60% 70% SMALL sized companies MEDIUM sized companies LARGE sized companies A. Established B. Planning

C. Have no plan, but understand it is important

(12)

1.2 About IT system of the companies

1.2 About IT system of the companies

¾

¾

Do you have servers in place?

Do you have servers in place?

Have their own servers, 90% No servers, 10%

Have their own servers No servers

(13)

13

1.2 About IT system of the companies

1.2 About IT system of the companies

¾

¾

The location of their servers

The location of their servers

11% 16% 93% 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% External sites in overseas External sites in domestic In-house

(14)

1.2 About IT system of the companies

1.2 About IT system of the companies

¾

¾

The methods of control to enter or exit of the

The methods of control to enter or exit of the

rooms where important equipment such as

rooms where important equipment such as

servers and storages installed

servers and storages installed

41% 25% 28% 9% 0% 5% 10% 15% 20% 25% 30% 35% 40% 45% D. Not controlled C. Other B. Use ID cards A. Use biometrics

(15)

15

1.2 About IT system of the companies

1.2 About IT system of the companies

¾

¾ Threat due to lack of physical security is still high in JapanThreat due to lack of physical security is still high in Japan

Source: Information Security Incident Survey 2007 - Japan Network Security Association

Loss or Mislay 20.5%

Lack of Control 20.4%

Cause of Security Incidents

Operation Error 18.2% Theft 16.6% Virus 8.3% Taking out without allow 7.9%

Internal dishonest act 0.9%

(16)

1.2 About IT system of the companies

1.2 About IT system of the companies

¾

¾

How many client PCs are installed approximately?

How many client PCs are installed approximately?

z

z 648.12 Client PCs (Average)648.12 Client PCs (Average)

2% 0% 20% 1% 3% 23% 0% 17% 33% 2% 31% 10% 95% 49% 15% 0% 20% 40% 60% 80% 100% SMALL sized companies MEDIUM sized companies LARGE sized companies 49 or less clients 50 to 99 clients 100 to 299 clients 300 to 999 clients 1000 or more clients

(17)

17

1.2 About IT system of the companies

1.2 About IT system of the companies

¾

¾

About client PCs

About client PCs

¾

¾

Which OS are used in the client PCs?

Which OS are used in the client PCs?

4% 10% 4% 94% 26% 25% 5% 17% 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% Other Linux Mac OS Windows XP Windows Vista Windows 2000 Windows ME Windows 98

(18)

1.2 About IT system of the companies

1.2 About IT system of the companies

¾

¾

About Firewall installation

About Firewall installation

Yes, 88% No, 12%

Yes No

Servers with Firewall installed

(19)

19

1.2 About IT system of the companies

1.2 About IT system of the companies

¾

¾

95% of companies use Windows XP. They don

95% of companies use Windows XP. They don

t

t

install personal firewall?

install personal firewall?

Windows Firewall (the control panel of Windows XP)

(20)

1.2 About IT system of the companies

1.2 About IT system of the companies

¾

¾

About applying security patch

About applying security patch

z

z

If the Windows Update or new version is released, are

If the Windows Update or new version is released, are

they installed?

they installed?

Servers with security patch

Servers with security patch

Yes, 78% No, 22%

Yes No

Clients with security patch

Clients with security patch

Yes, 70% No, 30%

Yes No

(21)

21

1.2 About IT system of the companies

1.2 About IT system of the companies

¾

¾ The problem is that security and IT vendor are not fully controlThe problem is that security and IT vendor are not fully controlled. There is led. There is a result that their security situation is worse than general com

a result that their security situation is worse than general company using IT.pany using IT.

Servers with security patch

Servers with security patch

Clients with security patch

Clients with security patch

23% 14% 30% 77% 86% 70% 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% C. Company using IT B. Company specializing in providing IT products or services A. Company specializing in providing security-related products or services

If the Windows Update or new version is released, they are installed

If the Windows Update or new version is released, they are NOT installed

33% 17% 31% 67% 83% 69% 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% C. Company using IT B. Company specializing in providing IT products or services A. Company specializing in providing security-related products or services

If the Windows Update or new version is released, they are installed

If the Windows Update or new version is released, they are NOT installed

(22)

1.2 About IT system of the companies

1.2 About IT system of the companies

¾

¾

If applying the security patches are delayed, the

If applying the security patches are delayed, the

possibility of security incident will be higher.

possibility of security incident will be higher.

Time Infection rate

Security patch released Epidemic (Virus)

You could protect from virus

(23)

23

1.2 About IT system of the companies

1.2 About IT system of the companies

¾

¾

About the policy of using password

About the policy of using password

z

z A. Change them frequentlyA. Change them frequently

z

z B. Use passwords, but do not changeB. Use passwords, but do not change

z

z C. Passwords are shared among membersC. Passwords are shared among members

z

z D. Not useD. Not use

Servers with the password

Servers with the password Clients with the passwordClients with the password

A, 43% B, 41% C, 12% D, 4% A, 39% B, 44% C, 7% D, 10%

(24)

1.2 About IT system of the companies

1.2 About IT system of the companies

¾

¾

Hacker can easily decode your password if they

Hacker can easily decode your password if they

have some time.

have some time.

z

z

With 1,000,000 attacks per second

With 1,000,000 attacks per second

.the problem is

.the problem is

CPU will be still faster.

CPU will be still faster.

14 years 78 days 27 hours Alphabet +Number +Symbol 32 days 22 hours 36 minutes Alphabet +Number 2.4 days 2 hours 5 minutes Alphabet Only 8 Characters 7 Characters 6 Characters

(25)

25

1.2 About IT system of the companies

1.2 About IT system of the companies

¾

¾

Strong Password

Strong Password

z

z

A lot of characters (Ex. 8 characters)

A lot of characters (Ex. 8 characters)

z

z

Difficult to guess

Difficult to guess

z

z

Using Alphabet and Number at the same time

Using Alphabet and Number at the same time

z

z

Using Capital and Small letters at the same time

Using Capital and Small letters at the same time

z

z

Using Symbolic letters (Ex. #, $, %, &)

Using Symbolic letters (Ex. #, $, %, &)

¾

¾

Weak Password

Weak Password

z

z

The same of user ID

The same of user ID

z

z

Easy to guess (Ex. Birthday, Telephone number)

Easy to guess (Ex. Birthday, Telephone number)

z

z

A few characters

A few characters

z

(26)

1.2 About IT system of the companies

1.2 About IT system of the companies

¾

¾

About servers

About servers

¾

¾

Are the routines to synchronize the correct date

Are the routines to synchronize the correct date

and time in all systems installed?

and time in all systems installed?

z z

A. Yes

A. Yes

z z

B. No

B. No

A, 71% B, 29% A B

(27)

27

1.2 About IT system of the companies

1.2 About IT system of the companies

¾

¾

About servers

About servers

¾

¾

Are the logging facilities or logging tools

Are the logging facilities or logging tools

installed?

installed?

z z

A. Yes

A. Yes

z z

B. No

B. No

A, 77% B, 23% A B

(28)

¾

¾ In order to get effective logs chasing attacker, those time stamIn order to get effective logs chasing attacker, those time stamps ps must be accurate. They includes network facilities like Gateway,

must be accurate. They includes network facilities like Gateway,

Firewall, IDS, and several kind of servers.

Firewall, IDS, and several kind of servers.

¾

¾ You might be able to get evidence where the attacker come from, You might be able to get evidence where the attacker come from, when he crack the server, and how it is like.. etc.

when he crack the server, and how it is like.. etc.

1.2 About IT system of the companies

1.2 About IT system of the companies

Internet

Gateway

FW DMZ

External network

Mobile

Internal Server Clients

Mail DNS WEB Internal Network IDS Attacker Attack Route Attack Wireless LAN Attacker’s Logs

(29)

29

2. The Current Situation of the Information Security Management

2. The Current Situation of the Information Security Management

¾

¾

2.1 About company's attitude to the

2.1 About company's attitude to the

information security management

information security management

¾

¾

2.2 About information security policy

2.2 About information security policy

¾

¾

2.3 Measures against threats to information

2.3 Measures against threats to information

¾

(30)

3% 18% 43% 57% 30% 16% 38% 61% 16% 0% 10% 20% 30% 40% 50% 60% 70%

I. Other things to worry H. Failure of remote application services (SaaS (Software as a Service), ASP

and so on) or leak of information through the failure of those services G. Negative effects on your business that can be brought by system halt F. Loss of information you hold due to system failure or other accidents E. Loss or leak of information (trade secrets, personal information and so on) that you gave to your business partner (company that outsourced its job to

your company)

D. Your business partner (your outsourcer) is making (or likely to make) strenuous demands on your company regarding information security measures.

C. Loss or leak of information (trade secrets, personal information and so on) that you received from your business partner (company that outsourced its job

to your company)

B. Loss or leak of in-house information (trade secrets, personal information and so on)

A. Nothing

2.1 About company's attitude to the information security managem

2.1 About company's attitude to the information security managementent

¾

¾

Do you have something to worry about information

Do you have something to worry about information

security measure?

(31)

31

2.1 About company's attitude to the information security managem

2.1 About company's attitude to the information security managementent

¾

¾

Cause of Security Incidents with the number of

Cause of Security Incidents with the number of

personal information leakage in Japan

personal information leakage in Japan

Source: Information Security Incident Survey 2007 - Japan Network Security Association

Internal dishonest act 1,234,700 Lack of Control 114,400 Hacking 23,500

Bug 19,900 Taking out without allow 9,900

According to “Cause of Security Incidents”, Internal dishonest act accounts for only 0.9%.

Comparing with the report,

the fact explains that the damage of internal dishonest act becomes extremely high.

(32)

3% 15% 16% 17% 13% 38% 17% 57% 18% 0% 10% 20% 30% 40% 50% 60% I. Other elements H. Do not know what measures should be taken as regards information security

G. Management is scarcely aware of the need of information security F. Difficult to confirm the implementation status of security measures undertaken by the external company where you outsource your job.

E. Because operation and maintenance control of internal system is outsourced to external company, security measures are not actively

implemented by employees within your company

D. Have no personnel specializing in information security C. Cannot afford personnel in charge of implementing security measures B. High installation cost of security-related software and hardware products A. No problem

2.1 About company's attitude to the information security managem

2.1 About company's attitude to the information security managementent

¾

¾ What do you think is the challenge for your company in What do you think is the challenge for your company in

implementing information security?

(33)

33

2.1 About company's attitude to the information security managem

2.1 About company's attitude to the information security managementent

¾

¾

the total expenditure of information technology

the total expenditure of information technology

for a company in Japan

for a company in Japan

Source: Information Security Incident Survey 2007 - IPA

Less than ¥20,000,000 32.6% Exchanges Rate 0.39 THB = 1 JPY, Jan 26 2009 ¥20,000,000~¥49,999,999 12.9% ¥50,000,000~¥99,999,999 8.7% ¥100,000,000~¥399,999,999 14.6% More than ¥400,000,000 13.3% Not answered 17.9%

(34)

1% 46% 44% 50% 33% 52% 62% 0% 10% 20% 30% 40% 50% 60% 70% G. Others F. Educational materials on information security that are targeted

for your employees

E. Guide on how to make information-security-related technical settings on major software products

D. Self-assessment tool that can be used to diagnose where the problems lie within security measures

C. Check list on information security measures that can be used to satisfy requests from multiple companies that outsourced their

job to your company

B. Best practices of security measures that are being implemented by other companies in the similar industry and similar

size

A. Guideline on minimum-required security measures

2.1 About company's attitude to the information security managem

2.1 About company's attitude to the information security managementent

¾

¾ What do you think is necessary for implementing appropriate What do you think is necessary for implementing appropriate

information security measures?

(35)

35

2.1 About company's attitude to the information security managem

2.1 About company's attitude to the information security managementent

¾

¾ Recognition on guideline for protection against computer virus iRecognition on guideline for protection against computer virus in n Japan

Japan

Source: Information Security Incident Survey 2007 - IPA

Understand 7.1% Read 22.4% Know it 33.0% Don’t Know 36.5% Not sure 1.0%

(36)

2.1 About company's attitude to the information security managem

2.1 About company's attitude to the information security managementent

¾

¾

What are the ways for staff training on

What are the ways for staff training on

information security?

information security?

14% 51% 61% 42% Persons in charge of information security 22% 16% 12% 62% General staff None Seminar External training Internal training

(37)

37

2.2 About information security policy

2.2 About information security policy

¾

¾

Does your company establish information

Does your company establish information

security policy?

security policy?

z z A. YesA. Yes z z B. Planned B. Planned z

z C. Have no plan, but understand it is importantC. Have no plan, but understand it is important z

z D. Not necessaryD. Not necessary

A, 48% B, 23% C, 23% D, 6% A B C D

(38)

2.2 About information security policy

2.2 About information security policy

¾

¾ What are the reference rules to make your information security What are the reference rules to make your information security

policy? policy? 10% 64% 11% 17% 30% 10% 15% 0% 10% 20% 30% 40% 50% 60% 70% G. Other F. Company’s own rule E. Measures that are requested

by the business partner D. Standard of IT vendors C. National standard or national

guideline

B. ISO/IEC 27002 Code of Practice (pragmatic ISMS advice)

A. ISO/IEC 27001(ISMS requirements specification (used

(39)

39

2.2 About information security policy

2.2 About information security policy

¾

¾

How does your company treat a staff who

How does your company treat a staff who

offences the security policy?

offences the security policy?

5%

32%

45% 18%

0% 5% 10% 15% 20% 25% 30% 35% 40% 45% 50%

D. Don't do anything special C. A supervisor warns the

person

B. Punish the person based on the company's general

rules

A. Punish the person as explicitly described in the

(40)

2.3 Measures against threats to information

2.3 Measures against threats to information

¾

¾ If an incident of the information security occurs, to whom do yoIf an incident of the information security occurs, to whom do you u report to? report to? 5% 2% 49% 24% 7% 0% 10% 20% 30% 40% 50% 60% E. Other D. Do not report especially C. Management top in the

company

B. IT vendor A. ThaiCERT (in Thailand)

(41)

41

2.3 Measures against threats to information

2.3 Measures against threats to information

¾

¾

Do you know the police unit responsible for

Do you know the police unit responsible for

computer crime

computer crime

z z

A. Yes

A. Yes

z z

B. No

B. No

A, 61% B, 39% A B

(42)

2.3 Measures against threats to information

2.3 Measures against threats to information

¾

¾

Were there any information security problems in

Were there any information security problems in

the company?

the company?

z z

A. Yes

A. Yes

z z

B. No

B. No

z

z

C. Not sure

C. Not sure

A, 21% B, 49% C, 29% A B C

(43)

43

2.3 Measures against threats to information

2.3 Measures against threats to information

¾

¾

What type of incident was it?

What type of incident was it?

2% 41% 11% 8% 14% 0% 5% 10% 15% 20% 25% 30% 35% 40% 45% E. Other D. Infected by virus or spyware C. Leak of information B. Unauthorized access (such

as defacing web pages) A. System holt that caused

stoppage in business operation and services

(44)

2.3 Measures against threats to information

2.3 Measures against threats to information

¾

¾

Experience about computer virus

Experience about computer virus

Never found virus nor infected 41.6%

Found virus but not infected 45.4%

Infected by virus 12.4%

Not Answer 0.6%

(45)

45

2.3 Measures against threats to information

2.3 Measures against threats to information

¾

¾ If a company staff takes out files in the mobile PC or USB memorIf a company staff takes out files in the mobile PC or USB memory, y, how does your company handle it?

how does your company handle it?

15% 56% 15% 12% 0% 10% 20% 30% 40% 50% 60% D. Others C. No any special control

B. Require password authentication when they are

opened

(46)

2.3 Measures against threats to information

2.3 Measures against threats to information

¾

¾ Cause of Security Incidents with the number of personal informatCause of Security Incidents with the number of personal information ion leakage in Japan by media/ channel in Japan

leakage in Japan by media/ channel in Japan

Document 16,950,000 (2,520,000)

Media like USB 11,810,000

Because of the big incident (14,430,000)

PC 790,000 Not sure 320,000 Other 40,000

(47)

47 A, 30% B, 70% A B

2.4 Others

2.4 Others

¾

¾

Relation with business partners

Relation with business partners

¾

¾

Has your company checked with business

Has your company checked with business

partners about their status of information

partners about their status of information

security measures?

security measures?

z z

A. Yes

A. Yes

z z

B. No

B. No

(48)

2.4 Others

2.4 Others

¾

¾

Relation with business partners

Relation with business partners

¾

¾

Have your business partners checked with your

Have your business partners checked with your

company about your status of information

company about your status of information

security measures?

security measures?

z z

A. Yes

A. Yes

z z

B. No

B. No

A, 35% B, 65% A B

(49)

49

2.4 Others

2.4 Others

¾

¾

Cause of Security Incidents by channel in Japan

Cause of Security Incidents by channel in Japan

Source: The report about information security governance - Ministry of Economy, Trade and Industry Person’s own PC 60.5% Business Partner 31.6% retired employee or ex-partner 13.2% Company’s own PC 2.6% Other 5.3%

(50)

2.4 Others

2.4 Others

¾

¾

Evaluation method for the company status of

Evaluation method for the company status of

information security

information security

z

z In Japan, benchmark testing method is established and open to puIn Japan, benchmark testing method is established and open to public. blic.

Companies are able to assess their own security level and it is

Companies are able to assess their own security level and it is free of charge. free of charge.

z

z Do you want to receive such benchmark testing if it is made avaiDo you want to receive such benchmark testing if it is made available in your lable in your

country?

country?

• A. YesA. Yes •

• B. Want to know about it moreB. Want to know about it more •

• C. Not necessaryC. Not necessary •

• D. Not interestedD. Not interested

A, 26% B, 59% C, 8% D, 7% A B C D

More than 85% of companies are interested in security benchmark testing

(51)

51

2.4 Others

2.4 Others

¾

¾ CSIRTCSIRT (Computer Security Incident Response Team) is an organization to(Computer Security Incident Response Team) is an organization to deal with deal with information security incidents. Recently company

information security incidents. Recently company‘‘s own CSIRT becomes famous s own CSIRT becomes famous managing these incidents inside and outside of the company.

managing these incidents inside and outside of the company.

¾

¾ What do you think of company's own CSIRT?What do you think of company's own CSIRT?

27% 38% 16% 19% 0% 5% 10% 15% 20% 25% 30% 35% 40% 45% D. No Need C. Necessary, but not planning B. Planning A. Already have Company's own

CSIRT

More than 70% of companies think CSIRT is necessary

(52)

About CSIRT

About CSIRT

Account Section

Attack

Sales Section Executive Section Internal CSIRT

Dealing with information security incidents

National CSIRT

National CSIRT

National CSIRT

Internet

Dealing with information security incidents

Dealing with information security incidents

(53)

53

3. Recommended Security Controls

3. Recommended Security Controls

¾

¾

Physical Security

Physical Security

z

z

For example..

For example..

• Make clear rules how to deal with physical security areaMake clear rules how to deal with physical security area •

• Make appropriate entry controls to ensure that only Make appropriate entry controls to ensure that only authorized personnel are allowed access

authorized personnel are allowed access

• Recognize your staff from the outsideRecognize your staff from the outside •

• Record logs when they come in/ out in your officeRecord logs when they come in/ out in your office

(54)

3. Recommended Security Controls

3. Recommended Security Controls

¾

¾

Human resources Security

Human resources Security

z

z

For example..

For example..

• Make clear sense of responsibility they have to realizeMake clear sense of responsibility they have to realize •

• Contract confidentiality agreementsContract confidentiality agreements •

• Make a formal discipline for employees who have break your Make a formal discipline for employees who have break your security rules

security rules

• Return all of their assets including IDs and remove all of Return all of their assets including IDs and remove all of access light when employee retire

(55)

55

3. Recommended Security Controls

3. Recommended Security Controls

¾

¾

System Security

System Security

z

z

For example..

For example..

• Make clear security requirements for information facilities and Make clear security requirements for information facilities and systems

systems

• Monitor system activities and review regularlyMonitor system activities and review regularly •

• Get security related logsGet security related logs •

• Protect logging facility and log informationProtect logging facility and log information •

• Synchronize the clock of all relevant information processing Synchronize the clock of all relevant information processing systems with an accurate time source

systems with an accurate time source

(56)

¾

¾

Thank you !

Thank you !

ขอบคุณครับ

Figure

Updating...

References

Updating...