Secure Coding Workshop

A weeklong (19-23 August, 2019) Workshop on Secure Coding organised by the Bhutan Computer Incident Response Team (BtCIRT) under the Department of Information Technology and Telecom, MoIC is currently underway. The program is being supported by Asia-Pacific Network Information Centre (APNIC) and European Union(EU) through Asi@Connect Project coordinated by TEIN*CC. The workshop has over 50 participants with application development or system administration backgrounds from various organisations including colleges, ISPs, financial institutions, corporations, government offices and private sector agencies ....

Secure Coding Workshop

With support of TIEN and APNIC, BtCIRT is organising a workshop on Secure Coding from August 19-23, 2019. If you would like to participate, please fill in your details in the form below and you will be notified if your application is successful. Please note that only the event fee and expenses for lunch and refreshments are covered by the organiser. Also note that this registration is only open for the private sector employees. Registration remains open till August 10, 2019. REGISTER HERE...

Protecting your Web-based System from Snoopers

Today the execution of every business and delivery of services are conducted over a computer network or the world wide web which begs the need for protection against dangerous actors that can compromise this effective mode of interaction between providers and consumers. These kinds of attacks are perpetrated by hijacking and then manipulating the information transacted over the network. One of the many methods to safeguard against attackers from intercepting data between two transacting parties can be achieved by encryption. Encryption can be implemented by using the SSL (secure socket layer) certificates that enables algorithms to turn plain text...

Content Security Policy

Content Security Policy (CSP) was developed to save online websites and applications from cross-site scripting (XSS) attacks. While the first version of CSP was only published in 2012, attempts to devise such a method can be traced back to 2004. CSP version 2 is the current version of the standard and is supported by both Chrome and Firefox, while Safari and edge only support version 1. It works when the web server sends a special header to the web browser identifying that the server implements a content security policy. It dictates from where the browser should load web components...

Cyber Security Simulation

The Department of Information Technology and Telecom conducted a “Cyber Incident Simulation” exercise today, November 27, 2018 with support of the International Telecommunication Union (ITU). The exercise was designed exclusively for heads of government, policy makers and other high ranking figures to increase awareness on cyber security and preparedness to make critical decisions in response to cyber attacks. It was attended by honorable cabinet ministers, secretaries, executive government officials, law enforcement representatives and heads of corporations, private sector organisations and other institutions with critical information infrastructure.  The program was moderated by Prof. Marco Gercke from Cybercrime Research Institute, who...