National Information Technology Center (NITC)

Government IT

is

Secure

Go Deep and Wide Visibility

Have Detailed logs

Go to the logs

Wireshark it

Netstat

syslog

Error logs

.

.

.

Experience

Secure Coding

Hacking and Penetration Testing

Secure networking

Secure Environment

.

.

.

Awareness

What to do and NOT to do?

Where to go and how to get it?

do this if that happened

NITC recommends

Go deep & Visibility

Awareness

National Information Technology Center (NITC)

Experience

Better Security

Re-active Security

Intrusion Forensics

Malware Sandboxing

What happened and how and Who!!!

What will happen if !!!

Resolving found Issues

Fix damage and close the hole

Share Lessons

Hello there, here what happened , if happened again do this.

Reporting & Escalation

• CID
• ISP’s
• Global CERTs

Partnership and cooperation

Hello Sahem Bik, here what happened, can you catch him.

• Collect information from our partners world-wide
• Honeybots

Proactive Security

Consultation and Tenders Evaluation

Awareness

Multi-layer protection

Vulnerability Assessment and Penetration Testing

• NITC utilize open source tools and commercial tools to protect (open for monitoring and commercial for actions) this increase the visibility and the team capacity.

All sites and services hosted by NITC should be scanned before launching to assure their security.

• NITC Team (Training and Tutorials)
• Government Staff (Email shots, SMS shots, Flyers, workshops)
• Citizens (TV and Radio Programs, SMS shots)

• NITC provide professional advices on securing the new deployed technologies.
• NITC set the main conditions that should exists in any new software that would be implemented through Tendering

Plan-B

Policies

Assessment

Scanning

Consultation

Awareness

Risk Assessment And Compliance

Programs

Plan-B

Promoting and Enforcement of IS Policies

• NITC set the plan B for any service (redundancy)
• Backups are ready. (SW, HW, Internet and power)

• Conduct Risk assessment for governmental entities
• Check their compliance with best practices and standards.

Assuring all the procedures, processes, data storage and data transfers are done according to the IS Polices

http://nitc.gov.jo/PDF/SiC.pdf

• Child Protection (awareness, steps, and tools)
• Cert
• IS Strategy

http://nitc.gov.jo/PDF/NIACSS.pdf

How NITC Helps Reducing the Cyber Crimes

Re-Active

Proactive

NITC Services

ISP

Exclusive Government Internet Provider

Service Availability

Protection

Redundancy

Intrusion Prevention

Web Filtering

Firewalling

Application Control

DDOS Mitigation

Knowledge Stations

Hosting

Computer and Internet usage Training for citizens

190 stations

and more than 150000 citizens

Secure Web Hosting

Server And Cabinets Hosting

Mail Inboxes Hosting

Backups and Tapes

Disaster Recovery

Security Services

Run E-Government Services

Penetration Testing

Risk Assessment

Incident Forensics

Jordan.gov.jo

Governmental Mail

ESP

Consultations

Awareness

Domain Name Service

.JO

.Jo Registrar

And More !