RNP > RNP News > 2006 News

RNP promotes the security culture

2nd Latin American Security Workshop gathers groups from all over the world

Virus, worms, Trojan horse, phishing scams, botnets, service attacks denial, social engineering- computing security has become an increasingly crucial issue. In 2006, over 62,000 security incidents were reported to CAIS, RNP’s Security Incidents Assistance Center, which represents 30% of all cases reported during the last ten years of the center’s existence.

CAIS works on the detection, solution and prevention of security incidents in Ipê network, an infrastructure built by RNP to integrate higher learning and research Brazilian institutions. It also gives information and sends security warnings besides collaborating with international organisms of the same kind.

In that direction, CAIS organized three important events in the last quarter of 2006: COLARIS - the 2nd Latin-American Conference in Response to Security Incidents- in October; 2nd ENCSIRTs - the 2nd Meeting of Academic Security Groups; and DISI 2006 - International Security Day in Informatics. The last two events took place in November.

COLARIS brings groups from all over the world to Brazil

“It’s necessary to create human capacity to continue developing, using the infrastructure and applications with security,” RNP’s General Director, Mr. Nelson Simões, explained at the opening ceremony of the Second Latin-American Security Workshop, held in Rio de Janeiro, on October 9th and 10th. The event, which gathered around two hundred people, integrated the 2nd COLARIS, promoted by RNP and Forum of Incident Response and Security Teams (FIRST).

CAIS’s manager, Ms. Liliana Solha, emphasized the need to promote and spread the security culture and explained that RNP is committed to encouraging the creation of new incident response and security teams - CSIRTs. In addition, in his opening statement, FIRST’s Director, Mr. Chris Gibson, argued that trust is the key to the establishment of the security culture. FIRST gathers around 190 security teams in the whole world.

The workshop debated issues such as informatics crime according to law, malicious, hidden codes, real cybernetic security threats and security policies in Latin America, among others. Both Brazilian and foreign experts made their contribution, among whom Mr. Sérgio Luis Fava, a crime expert of the Brazilian Federal Police, who reported the Federal Police’s experience in fighting phishing scam in Brazil, and Mr. Wietse Venema, from IBM, who lectured on Forensic Investigation.

Legislation and broadcast

Draft Bill # 76/2000 on informatics crime was the main subject of the 2nd ENCIRTS, which took place on November 9th, in the 12th RNP’s Enabling and Innovation Seminar (read news on page 4). The aim was to carry out a poll so that RNP could have a more comprehensive view of the impacts of the bill on the academic community in order to articulate its contribution via the Internet Steering Committee in Brazil. The overall impression of the debate was that the academic community is not prepared to submit to the resolutions of Bill #76/2000. According to Mr. Javam Machado, from National Association of Directors of Higher Learning Federal Institutions (ANDIFES), it is necessary to invest in equipment, development and personnel so that universities may identify users and store logs in the measurement determined by the bill.

DISI 2006

On November 30th, CAIS celebrated the Informatics International Security Day (DISI 2006) with several activities such as online lectures, games, information broadcast and security practices. Simple measures like antivirus and firewall updating can make all the difference. Protecting an organization requires the participation of the whole staff. Those were the ideas that conducted DISI 2006 program, which included the following themes: security in wireless networks, human rights promotion on the internet and security tips for organizations.

Further information on CAIS at: http://www.rnp.br/cais.

[RNP, 12.01.2006]