Staff Reporter
The Supreme Council for Information and Communication Technology (ictQATAR) is launching the Qatar Computer Emergency Response Team (Q-CERT) in September with support from Carnegie Mellon University’s CERT Co-ordination Centre.
“Q-CERT is intended as the national organisation to conduct and co-ordinate a comprehensive set of cyber security activities needed to adequately protect Qatar’s critical infrastructures as cyber space becomes the nervous system of government, business and education operations,” project manager Hamad al-Mannai explained.
The official was addressing Q-CERT’s technical workshop on cyber security, conducted jointly by ictQATAR and Carnegie Mellon’s Software Engineering Institute (SEI) yesterday.
“In order to become one of the most successful knowledge-based societies in the world, Qatar needs to implement initiatives that successfully deal with the increased risk that comes with dependence on these powerful technologies,” al-Mannai said.
Though Internet and other interconnected networks greatly enhance productivity and capability, they also bring along increased vulnerability.
It is easy to exploit the many security holes in the Internet and in the software commonly used in conjunction with it and disguise or hide the true origin and identity of the exploiters, it was pointed out.
“Q-CERT’s goals include creating awareness on the issues of cyber security to private-public institutions and the public and providing proactive and guided approaches for managing ICT security to the civil society,” SEI’s Networked Systems Survivability Programme director Richard D Pethia said in his presentation.
Assisting stakeholders in managing risks and vulnerabilities against Qatar’s information infrastructure and ensuring integrity and confidentiality of data crucial to the wide range of prospective online services are among the goals.
“Introduction and enforcement of laws against cyber crimes and intrusion of privacy, and educating the public about their rights are also among the goals of Q-CERT,” Pethia said.
Countries that do not have cyber laws would over a period of time become a haven for cyber criminals, the speaker cautioned.
The SEI official reminded that it should be ensured that system developers and operators use appropriate technology, systems development-management practices, and supporting infrastructures to resist, recognise and recover from attacks on networked systems to limit damage and to ensure continuity of critical services in the presence of attacks, accidents and failures.
“Cyber vulnerabilities could cause a massive disruption of developed economies and network attacks lead to lost money, time, products, reputation, lives and sensitive information,” he said.
Q-CERT can help in developing an incident management capability which secure and harden the enterprise infrastructure to help prevent incidents from occurring or to mitigate an ongoing incident apart from detecting, triaging and responding to incidents and events when they occur, according to the speaker.
“Q-CERT will provide a single point of contact for reporting local and regional problems, identify and analyse what has happened including the impact and threat, research solutions and mitigation strategies, and share response options, information and lessons learned,” Pethia said.
Referring to the extent of problems in cyber security, the speaker pointed out that home and small business users of computers have become targets of cyber criminals as their machines are connected to the web mostly.
“Q-CERT is to be connected to CERT’s monitoring centre in Pittsburgh, the home of Carnegie Mellon University,” Pethia added. |
