Hai Duong's 2024 information security drill aims to improve coordination capacity and further strengthen the cybersecurity incident handling process.
On the morning of December 12, at the Eastern Cultural Center, the Department of Information and Communications of Hai Duong province chaired and coordinated with Bkav Joint Stock Company to organize a practical exercise to ensure information security and respond to cyber security incidents in 2024.
The drill has three objectives: to test and evaluate the ability to detect, respond to and handle information security incidents in provincial agencies and organizations; to improve coordination skills between units, to build and further consolidate the process of handling cybersecurity incidents; and to raise awareness of cybersecurity for the entire political system, businesses and people.
During the drill, participants were divided into 5 teams. One of them was the Red Team (attack team) consisting of Bkav's cybersecurity experts. This team will guide the process of using some common security vulnerability scanning and attack tools; deploy the attack process on simulated systems protected by the Blue Team (defense team).
4 Blue teams (defense teams) include representatives of leaders, officers, and employees of the Department of Information and Communications, a number of departments, branches, localities, and information technology enterprises of the province. This team must deploy procedures and use support tools to investigate vulnerabilities in order to respond to information security and network security incidents.
This is the third consecutive year that the Department of Information and Communications has hosted the event, with the coordination of cybersecurity experts to organize the exercise.
Through cyber security drills to assess information security protection capacity, readiness to prevent, handle and respond to cyber attacks. Detect existing weaknesses and loopholes in technology, processes and personnel to promptly handle and propose improvements in the future.
At the end of the practical exercise, the defense team of the IT enterprises in the province achieved the highest results.
In recent times, the Department of Information and Communications has focused on implementing many contents on information security such as strengthening the province's information security incident response team, training basic knowledge on information security for community digital technology teams; assessing the level of information security when installed at the province's Data Center (DC); connecting systems with national population data.
The Department has approved information security level profiles for 280 provincial information systems, ranking 3rd nationwide in profile approval rate.