サイバーセキュリティ戦略の立案 / Cyber Security Strategy Development

Transcript

1. 2022 11-12 (WBS) 2022 11-12 — 2022-07-11 – p.1/44

2. https://speakerdeck.com/ks91 ( ) WBS 2022 11-12 — 2022-07-11 – p.2/44

3. 1 6 6 • 2 6 6 • 3 6

   13 • 4 6 13 • 5 6 20 I ( ) • 6 6 20 I ( ) • 7 6 27 ( ) • 8 6 27 ( ) • 9 7 4 • 10 7 4 • 11 7 11 • 12 7 11 • 13 7 18 II ( ) 14 7 18 II ( ) 15 7 25 ( ) 2022 11-12 — 2022-07-11 – p.3/44

4. + + 2022 6 6 ∼7 11 + 2022 11-12

   — 2022-07-11 – p.4/44

5. 2022 11-12 — 2022-07-11 – p.5/44

6. 5. (1) ( ) (2) 2022 6 6 ( )

   2020 7 7 ( ) 23:59 JST ( ) Waseda Moodle (Q & A ) 2022 11-12 — 2022-07-11 – p.6/44

7. . . . . . . 9 7 ( )

   ( ) BIPROGY( ) USB NTT Emotet 2022 11-12 — 2022-07-11 – p.7/44

8. Y BIPROGY USB ⇒ USB ( ) . . .

   (0) : IPA https://www.ipa.go.jp/security/fy24/reports/insider/ 2022 11-12 — 2022-07-11 – p.8/44

9. U (Web ) ⇒ ANA ( ) ;-P 2022 11-12

   — 2022-07-11 – p.9/44

10. U ( ) ⇒ 1 5 2022 11-12 — 2022-07-11

    – p.10/44

11. M ⇒ 2022 11-12 — 2022-07-11 – p.11/44

12. A IT . . . FBI ⇒ 2022 11-12 —

    2022-07-11 – p.12/44

13. T ⇒ 2022 11-12 — 2022-07-11 – p.13/44

14. K ( ) ⇒ 2022 11-12 — 2022-07-11 – p.14/44

15. 2022 6 6 ∼7 11 6 21 ∼7 7 17

    2022 11-12 — 2022-07-11 – p.15/44

16. 6 21 Cloudflare 19 https://blog.cloudflare.com/cloudflare-outage-on-june-21-2022/ 2022 11-12 — 2022-07-11 –

    p.16/44

17. 6 21 https://twitter.com/hiroyan360/status/1540607781576638464 ⇒ 2022 11-12 — 2022-07-11 – p.17/44

18. 6 26 https://news.yahoo.co.jp/articles/cbd78b49e74ea6ca83ba2d602aa175e89b9439a4 ⇒ 2022 11-12 — 2022-07-11 – p.18/44

19. 6 27 GPT-3 https://twitter.com/mootastic/status/1541245989256044544 ⇒ 2022 11-12 — 2022-07-11 –

    p.19/44

20. 6 27 1 SD 1 https://www.city.kadoma.osaka.jp/soshiki/shiminbunkabu/7/4/2/3/sonota/19775.html ⇒ 2022 11-12 —

    2022-07-11 – p.20/44

21. 6 28 3 https://www.sankei.com/article/20220628-TGN3U5DDPNJ5TLYKBEJMDYYS5E/ ⇒ offensive security researcher 2022 11-12

    — 2022-07-11 – p.21/44

22. 6 29 1 4500 ( 61 1000 ) https://japan.cnet.com/article/35189954/ 2022

    11-12 — 2022-07-11 – p.22/44

23. 6 29 (IPA) English Reading https://www.ipa.go.jp/files/000099580.pdf https://www.ipa.go.jp/files/000099578.pdf ⇒ 2022 11-12

    — 2022-07-11 – p.23/44

24. 6 29 ( 701,000 ) https://diskunion.net ⇒ + HTTP 503

    Service Unavailable 200 OK unavailable 2022 11-12 — 2022-07-11 – p.24/44

25. 6 30 https://www.fsa.go.jp/news/r3/20220630/system01.pdf ⇒ . . . 2022 11-12 —

    2022-07-11 – p.25/44

26. 6 30 35 17 https://www.meti.go.jp/press/2022/06/20220630007/20220630007.html 2021 PCIDSS 2022 11-12 —

    2022-07-11 – p.26/44

27. 7 4 10 22TB 2800 https://gigazine.net/news/20220705-stolen-data-1-billion-chinese-citizens/ 2022 11-12 — 2022-07-11

    – p.27/44

28. 7 4 Microsoft Azure https://www.theregister.com/2022/07/04/azure_capacity_issues/ 2022 11-12 — 2022-07-11 –

    p.28/44

29. 7 5 https://www.datacenterdynamics.com/en/news/pen-tester-breaks-into-data-center-via-piss-corridor-behind-toilets/ ⇒ 1 2022 11-12 — 2022-07-11 –

    p.29/44

30. 7 5 6 27 1 https://xtech.nikkei.com/atcl/nxt/news/18/13240/ 2022 11-12 — 2022-07-11

    – p.30/44

31. 7 6 NIST, https://twitter.com/NIST/status/1544349197494730758 CRYSTALS-Kyber ( ) CRYSTALS-Dilithium ( )

    FALCON ( ) SPHINCS+ ( ) 2022 11-12 — 2022-07-11 – p.31/44

32. 7 7 SaveOurSpace, 4 https://save-our-space.org/protest/ 2022 11-12 — 2022-07-11 –

    p.32/44

33. https://kurashi.com/journal/11074 2022 11-12 — 2022-07-11 – p.33/44

34. (1) / IPA ( ) Ver 2.0 (2017) https://www.meti.go.jp/policy/netsecurity/mng_guide.html 3

    10 2022 11-12 — 2022-07-11 – p.34/44

35. (2) / IPA ( ) Ver2.0 F 2 (2022) https://www.meti.go.jp/policy/netsecurity/mng_guide.html

    2022 11-12 — 2022-07-11 – p.35/44

36. (3) (2019) https://www.keidanren.or.jp/policy/cybersecurity/CyberRiskHandbook .html 10 NIST 2022 11-12 — 2022-07-11

    – p.36/44

37. 3 2022 11-12 — 2022-07-11 – p.37/44

38. 10 1. 2. 3. ( ) 4. 5. 6. PDCA

    7. 8. 9. 10. F 2022 11-12 — 2022-07-11 – p.38/44

39. 1 IT 2 3 4 5 2022 11-12 — 2022-07-11

    – p.39/44

40. NIST 5 (Identify) (Protect) (Detect) (Respond) (Recover) 2022 11-12 —

    2022-07-11 – p.40/44

41. : 5 5 2022 11-12 — 2022-07-11 – p.41/44

42. 2022 11-12 — 2022-07-11 – p.42/44

43. 6. (1) ( ) (2) I WBSNFT NFT WBSCERT 2020

    7 14 ( ) 23:59 JST ( ) Waseda Moodle (Q & A ) 2022 11-12 — 2022-07-11 – p.43/44

44. 2022 11-12 — 2022-07-11 – p.44/44