Upgrade to Pro — share decks privately, control downloads, hide ads and more …

サイバーセキュリティ戦略の立案 / Cyber Security Strategy Development

サイバーセキュリティ戦略の立案 / Cyber Security Strategy Development

2022年7月11日(月)、早稲田大学 大学院経営管理研究科「サイバーセキュリティ」にて使用したスライドです。

Kenji Saito
PRO

July 10, 2022
Tweet

More Decks by Kenji Saito

Other Decks in Technology

Transcript

  1. 2022 11-12 (WBS) 2022 11-12 — 2022-07-11 – p.1/44

  2. https://speakerdeck.com/ks91 ( ) WBS 2022 11-12 — 2022-07-11 – p.2/44

  3. 1 6 6 • 2 6 6 • 3 6

    13 • 4 6 13 • 5 6 20 I ( ) • 6 6 20 I ( ) • 7 6 27 ( ) • 8 6 27 ( ) • 9 7 4 • 10 7 4 • 11 7 11 • 12 7 11 • 13 7 18 II ( ) 14 7 18 II ( ) 15 7 25 ( ) 2022 11-12 — 2022-07-11 – p.3/44
  4. + + 2022 6 6 ∼7 11 + 2022 11-12

    — 2022-07-11 – p.4/44
  5. 2022 11-12 — 2022-07-11 – p.5/44

  6. 5. (1) ( ) (2) 2022 6 6 ( )

    2020 7 7 ( ) 23:59 JST ( ) Waseda Moodle (Q & A ) 2022 11-12 — 2022-07-11 – p.6/44
  7. . . . . . . 9 7 ( )

    ( ) BIPROGY( ) USB NTT Emotet 2022 11-12 — 2022-07-11 – p.7/44
  8. Y BIPROGY USB ⇒ USB ( ) . . .

    (0) : IPA https://www.ipa.go.jp/security/fy24/reports/insider/ 2022 11-12 — 2022-07-11 – p.8/44
  9. U (Web ) ⇒ ANA ( ) ;-P 2022 11-12

    — 2022-07-11 – p.9/44
  10. U ( ) ⇒ 1 5 2022 11-12 — 2022-07-11

    – p.10/44
  11. M ⇒ 2022 11-12 — 2022-07-11 – p.11/44

  12. A IT . . . FBI ⇒ 2022 11-12 —

    2022-07-11 – p.12/44
  13. T ⇒ 2022 11-12 — 2022-07-11 – p.13/44

  14. K ( ) ⇒ 2022 11-12 — 2022-07-11 – p.14/44

  15. 2022 6 6 ∼7 11 6 21 ∼7 7 17

    2022 11-12 — 2022-07-11 – p.15/44
  16. 6 21 Cloudflare 19 https://blog.cloudflare.com/cloudflare-outage-on-june-21-2022/ 2022 11-12 — 2022-07-11 –

    p.16/44
  17. 6 21 https://twitter.com/hiroyan360/status/1540607781576638464 ⇒ 2022 11-12 — 2022-07-11 – p.17/44

  18. 6 26 https://news.yahoo.co.jp/articles/cbd78b49e74ea6ca83ba2d602aa175e89b9439a4 ⇒ 2022 11-12 — 2022-07-11 – p.18/44

  19. 6 27 GPT-3 https://twitter.com/mootastic/status/1541245989256044544 ⇒ 2022 11-12 — 2022-07-11 –

    p.19/44
  20. 6 27 1 SD 1 https://www.city.kadoma.osaka.jp/soshiki/shiminbunkabu/7/4/2/3/sonota/19775.html ⇒ 2022 11-12 —

    2022-07-11 – p.20/44
  21. 6 28 3 https://www.sankei.com/article/20220628-TGN3U5DDPNJ5TLYKBEJMDYYS5E/ ⇒ offensive security researcher 2022 11-12

    — 2022-07-11 – p.21/44
  22. 6 29 1 4500 ( 61 1000 ) https://japan.cnet.com/article/35189954/ 2022

    11-12 — 2022-07-11 – p.22/44
  23. 6 29 (IPA) English Reading https://www.ipa.go.jp/files/000099580.pdf https://www.ipa.go.jp/files/000099578.pdf ⇒ 2022 11-12

    — 2022-07-11 – p.23/44
  24. 6 29 ( 701,000 ) https://diskunion.net ⇒ + HTTP 503

    Service Unavailable 200 OK unavailable 2022 11-12 — 2022-07-11 – p.24/44
  25. 6 30 https://www.fsa.go.jp/news/r3/20220630/system01.pdf ⇒ . . . 2022 11-12 —

    2022-07-11 – p.25/44
  26. 6 30 35 17 https://www.meti.go.jp/press/2022/06/20220630007/20220630007.html 2021 PCIDSS 2022 11-12 —

    2022-07-11 – p.26/44
  27. 7 4 10 22TB 2800 https://gigazine.net/news/20220705-stolen-data-1-billion-chinese-citizens/ 2022 11-12 — 2022-07-11

    – p.27/44
  28. 7 4 Microsoft Azure https://www.theregister.com/2022/07/04/azure_capacity_issues/ 2022 11-12 — 2022-07-11 –

    p.28/44
  29. 7 5 https://www.datacenterdynamics.com/en/news/pen-tester-breaks-into-data-center-via-piss-corridor-behind-toilets/ ⇒ 1 2022 11-12 — 2022-07-11 –

    p.29/44
  30. 7 5 6 27 1 https://xtech.nikkei.com/atcl/nxt/news/18/13240/ 2022 11-12 — 2022-07-11

    – p.30/44
  31. 7 6 NIST, https://twitter.com/NIST/status/1544349197494730758 CRYSTALS-Kyber ( ) CRYSTALS-Dilithium ( )

    FALCON ( ) SPHINCS+ ( ) 2022 11-12 — 2022-07-11 – p.31/44
  32. 7 7 SaveOurSpace, 4 https://save-our-space.org/protest/ 2022 11-12 — 2022-07-11 –

    p.32/44
  33. https://kurashi.com/journal/11074 2022 11-12 — 2022-07-11 – p.33/44

  34. (1) / IPA ( ) Ver 2.0 (2017) https://www.meti.go.jp/policy/netsecurity/mng_guide.html 3

    10 2022 11-12 — 2022-07-11 – p.34/44
  35. (2) / IPA ( ) Ver2.0 F 2 (2022) https://www.meti.go.jp/policy/netsecurity/mng_guide.html

    2022 11-12 — 2022-07-11 – p.35/44
  36. (3) (2019) https://www.keidanren.or.jp/policy/cybersecurity/CyberRiskHandbook .html 10 NIST 2022 11-12 — 2022-07-11

    – p.36/44
  37. 3 2022 11-12 — 2022-07-11 – p.37/44

  38. 10 1. 2. 3. ( ) 4. 5. 6. PDCA

    7. 8. 9. 10. F 2022 11-12 — 2022-07-11 – p.38/44
  39. 1 IT 2 3 4 5 2022 11-12 — 2022-07-11

    – p.39/44
  40. NIST 5 (Identify) (Protect) (Detect) (Respond) (Recover) 2022 11-12 —

    2022-07-11 – p.40/44
  41. : 5 5 2022 11-12 — 2022-07-11 – p.41/44

  42. 2022 11-12 — 2022-07-11 – p.42/44

  43. 6. (1) ( ) (2) I WBSNFT NFT WBSCERT 2020

    7 14 ( ) 23:59 JST ( ) Waseda Moodle (Q & A ) 2022 11-12 — 2022-07-11 – p.43/44
  44. 2022 11-12 — 2022-07-11 – p.44/44