Oman's 2015 Cybersecurity FocusOman CERT's Salehi on Building an Incident Response Structure
Oman, officially the Sultanate of Oman, an Arab country, faces similar security challenges faced by other nations: increasing cyber incidents and cybercrime. Recognizing the importance of a cyber-response team, Oman established OCERT (Oman Computer Emergency Response Team) in 2010.
"Having a CERT does not suffice," says Eng. Badar Ali Al Salehi, director general, OCERT. "There have been challenges owing to lack of cybersecurity awareness, need for cybersecurity policies that ensure cybersecurity is a compliance requirement, besides acute shortage of cybersecurity professionals."
To this end, Salehi has set out to frame an agenda for 2015 for protection of critical national information infrastructure, cybersecurity capacity building, establishing a national early cyber warning center with a strong incident response mechanism and a national digital forensics lab to support local law enforcement manage cyber-crime.
In this interview with Information Security Media Group, Salehi elaborates on Oman's challenges and the objective behind creating a cybersecurity center. He also discusses:
- Cybersecurity agenda for 2015;
- Strategy to build capacity and skills;
- Information sharing and awareness-building plans.
Al Salehi is the Director General of Oman National CERT, the e-Oman national initiative addressing cybersecurity issues in the sultanate of Oman. He heads the Regional Cyber Security Center of the International Telecommunication Union, the specialized ICT agency of the United Nations. He's also chairman of the Organization of Islamic Cooperation Computer Emergency Response Team. He's a member on several national and regional committees, including committees within the Gulf Cooperation Council. He's been working for several governmental agencies, leading national projects and initiatives which gained international recognition. He graduated from the University of Kent, UK.
Top Security Challenges of Oman
GEETHA NANDIKOTKUR: What are the top cybersecurity challenges facing Oman and neighboring countries?
BADAR ALI SAID Al SALEHI: Lack of cybersecurity awareness, need for policies that ensure cybersecurity is a compliance requirement instead of an added value, and shortage of skilled resources. Besides, OCERT's key challenge is dealing with an average of 450 cybersecurity incidents a year reported by OCERT constituents including public, private sectors and individuals. Additionally, CERT handled more than 100,000 attack attempts and analyzed more than 400 digital forensic evidences, which is a concern.
Tackling Security Challenges
NANDIKOTKUR: What initiatives has OCERT planned to address challenges?
Al SALEHI: While we broadly focus on various initiatives, there's much to be done as the nature of attacks is changing. We focus on building information security awareness within the public sector, building local capabilities in cybersecurity, improving security practices in public sector organizations, building awareness of identifying, dealing, reporting and responding to security incidents and establishing the principle of the OCERT mission as a trusted focal point of contact for any ICT security incidents.
Some initiatives are:
- National Campaign for cybersecurity towards a safe electronic environment;
- Awareness campaign for government institutions;
- Cybersecurity Ambassadors program;
- Adoption of information security standards;
- Issuing a number of security polices;
- Establishing government information security offices;
Cybersecurity Policy ingredients
NANDIKOTKUR: Does Oman have a National Cybersecurity Policy in place? How does it tackle challenges?
Al SALEHI: OCERT was established in 2010 as e-Oman's national initiative to be the national cybersecurity trusted focal point of contact, managing cybersecurity issues.
OCERT's key role is to define the scope to include (in addition to incident response) critical national information infrastructure protection, cybersecurity capacity building, awareness raising, threat and risk management, digital forensics, cyber-watch and monitoring, risk and vulnerability assessments, cybersecurity and cooperation and contributing to security policy development.
Security via PPP model
NANDIKOTKUR: How do you leverage public and private players as part of the PPP model for cybersecurity initiatives?
Al SALEHI: The private sector contributes majorly to OCERT's vision and mission, collaborating on OCERT activities and delivering services to OCERT constituents.
OCERT also enables private sector partners to meet and share their products and services with its constituents.
OCERT partners are exposed to regional and international cybersecurity platforms--for example, OIC-CERT and ITU Arab regional cybersecurity center, both headed by OCERT.
NANDIKOTKUR: What is your cybersecurity agenda? How will you overcome the skills shortage?
Al SALEHI: OCERT's 2015 agenda includes protection of critical national information infrastructure, cybersecurity capacity building, establishing a national early cyber-warning center with a strong incident response mechanism, a national digital forensics lab to support local law enforcements in managing cyber-crime.
For capacity-building, OCERT will conduct specialized and customized cybersecurity training, and provide cybersecurity scholarships in cooperation with industry partners - for example, EC-Council - through online training to build national cybersecurity professionals in Oman and the Arab region as a whole.
Specialized courses are offered under technical, management, audit and security basics.
We will build awareness through:
NANDIKOTKUR: Do you have an information sharing center to co-ordinate with the private sector and others on cybersecurity?
AI SALEHI: While there's no exclusive information sharing center, sharing is done through OCERT Threat Notification and Alert Service. We use social media and different communication channels to promote awareness. Online incidents get reported via the OCERT website.