Scribd Logo
Upload

Welcome to Scribd!

  • Cybersecurity Profile

    Uploaded by

    bskvsdm
    44 views6 pages

    Original Title

    cybersecurity-profile

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    44 views6 pages

    Cybersecurity Profile

    Uploaded by

    bskvsdm

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 6

    Cybersecurity

    Profile

    Cybersecurity Profile 1
    Introduction

    About the Cybersecurity Unit How you can help

    The Supreme Committee for Delivery & Legacy Please complete the forms below to help the
    (SC) is working to deliver an amazing FIFA World CSU maintain and update Qatar’s cybersecurity
    Cup Qatar 2022™ (the tournament); however, roadmap using its governance, risk and
    hosting a sporting mega-event of this magnitude compliance platform.
    is a magnet for risk.
    Please return your completed forms to
    Malicious actors will attempt to exploit any mpto.communication@sc.qa.
    cybersecurity weaknesses; therefore, securing
    Qatar’s digital infrastructure plays an important The CSU would like to thank you for your
    role in delivering the tournament. cooperation. Your contribution will help keep
    Qatar safe and secure for everyone.
    The SC has established a Cybersecurity Unit (CSU)
    to unify baselines, best practices and safeguards
    for the delivery of the tournament and other
    major events hosted by the State of Qatar.

    The SC has procured the services of other


    stakeholders to help deliver the tournament.
    These stakeholders will collaborate with the SC to
    reduce technological vulnerabilities in the run-up
    to and during the tournament.

    To aid in this endeavour, the SC and Qatar-based


    stakeholders have developed a cybersecurity
    framework, which can be found at the following link:

    https://www.qatar2022.qa/sites/default/files/
    Qatar2022Framework.pdf

    Cybersecurity Profile 2
    IT Information

    Sr. Required Information Answer


    General
    Sector
    1
    (e.g. government, public or private)
    2 Regulator name
    3 Overview of high-level organisational structure
    Is your organisation part of another organisation?
    4 (e.g. your organisation is the parent to 10 smaller
    organisations)
    5 Number of physical sites
    6 Total number of employees
    7 Size of IT team
    8 Provision of budget
    9 Annual budget for IT Department
    IT Network
    Number of employees using remote access
    10
    services
    11 Number of network nodes
    12 Number of IPs
    13 Number of applications
    14 Number of servers 679 (Main & DR)
    15 Number of Windows servers 338
    16 Number of Linux servers 172
    17 Number of Unix servers 159
    18 Number of workstations 0
    Are there any demilitarised zones in the
    19 Yes/ No
    organisation network?
    Domain names registered to your organisation
    20
    (e.g. meeza.org, meezait.com)
    Does your network have any security systems
    21 deployed?
    (e.g. intrusion detection systems)
    Offered Services
    Does your organisation provide services to other
    22 Yes/ No
    entities?
    23 If yes, please list these services

    Cybersecurity Profile 3
    Cybersecurity
    Information

    Sr. Required Information Answer


    General
    Total number of dedicated resources for the
    1
    Cybersecurity Department
    2 Annual Cybersecurity Department budget
    Does your organisation use a managed
    3
    cybersecurity service?
    Service:
    4 If yes, please list Name of the
    provider:
    Do you perform regular analysis of your network?
    5 (e.g. vulnerability assessments, penetration testing,
    capacity monitoring)
    Detection and Response
    6 Do you have a security operations centre? Yes/ No
    7 Does your organisation retain logs? Yes/ No
    8 If so, what is the log retention period?
    What type of logs are saved?
    9
    (e.g. system, events, activity)
    Is there an incident response team within your
    10 Yes/ No
    organisation?
    Does your organisation have any third-party
    11 Yes/ No
    incident response agreements?
    Security Solutions
    Does your organisation use multifactor
    12 Yes/ No
    authentication?
    Has the organisation implemented any solutions
    13 as part of the email security program? Yes/ No
    (e.g. DMARK, DKIM, SPF)
    Does the organisation have any endpoint
    14 protection platforms in place? Yes/ No
    (e.g. AV, EDR, application whitelisting)
    15 If yes, please list the licences and manufacturers
    National Initiative (for government entities only)
    16 Are you part of any eShield program? Yes/ No
    Please complete the form in Appendix 1
    17 If so, please complete Appendix 1
    below

    Cybersecurity Profile 4
    Training and
    Awareness

    Training and Awareness

    Sr. Required Information Answer


    Please list any industry standard cybersecurity
    1 certifications your organisation has attained
    (e.g. NIA, NICS, HIPAA, ISO/IEC 27001:2013)
    Please list of the IT team’s cybersecurity Please complete the form in Appendix 2
    2
    certifications below
    Do you provide cybersecurity training for your
    3 Yes/ No
    IT team?
    Do you provide cybersecurity training for all of
    4 Yes/ No
    your employees?
    Do you provide cybersecurity awareness sessions
    5 Yes/ No
    for employees?
    6 If so, please elaborate

    Appendix 1

    Appendix 2

    Cybersecurity Profile 5
    Cybersecurity Profile 6

    You might also like