ICD Brief 53.
11.09.2017.- 17.09.2017
This week, we launch Accountability, Responsibility and Innovation: What should be done to protect our privacy and intellectual property and who is doing it? A new ICD Series that looks at what’s working between the public private sectors towards a realistic working partnership to improve information sharing and the systems supporting that. See ICD Expert Advisor Richard H L Marshall, Esq, thoughts under FEATURED OPINION.
In May 2016, we launched The ICD Weekly Brief to engage a broad cross section of thinking individuals (now in 42 countries) charting a global movement from plans to execution of laws, standards, new partnerships.
This year, we invite you our readers to join us online and in real time events to build a context that represents more than the cyber sphere’s parts. We’ll leave a question or two at the end of each edition with a link. Your thoughts can be on or off the record. Each month, we will publish a report summarizing your answers on our website.
You will join our International Expert Advisors both public and private sector, in demographics, defense, energy, ethics, finance, horizon scanning, insurance, law, telecommunications, transport, soft and hard sciences. They participate as speakers in ICD events and provide their insights, knowledge and experience to our work.
The International Cybersecurity Dialogue is an initiative of Bader Resources LLC, a small international consulting firm founded in 2009 by Anne C. Bader, known for her innovative programs that build self-sustaining initiatives and multi stakeholder networks for clients in government, business and academe. Services include all aspects of public affairs from convening ICD roundtables, custom briefings, executive roundtables, Board and C Suite Briefings, International missions, White Papers and Reports and providing support to clients in our networks in a host of countries.
FEATURED OPINION
Richard H L Marshall, Esq.Opinion
Dear Anne–I thoroughly enjoyed our conversation Friday as always. Of course, I am honored to offer some insight into the complex issues you raised below in your email. It goes without saying that there are never any easy answers to complex issues but perhaps there are some intelligent ones. In your quest to find them, I wish you great success.
For that insight, I refer you to the Introduction in Richard Clarke’s book “Cyber War.” In brief, he suggests that the prospect of cyber war should engage the same serious domestic and international thoughtful discussion that the dawn of nuclear weapons generated…
USA
New Cybersecurity Report Asks the Private Sector to Join Forces with the Government
“The National Infrastructure Advisory Council (NIAC) recently published a report that identifies cyber threats and urges private companies and executives to join forces with the government to better address those threats. See The President’s National Infrastructure Advisory Council, Securing Cyber Assets, Addressing Urgent Cyber Threats to Critical Infrastructure (Aug. 15, 2017) (NIAC Report). Among other things, the report cites the lack of information sharing and coordination between private parties and various governmental bodies as a primary reason why the nation “remain[s] unable to move actionable information to the right people at the speed required by cyber threats.” NIAC Report, at 5. According to NIAC, “it is imperative that Federal and private roles in defending these systems are aligned and mutually supportive.” NIAC Report, at 5.”
House Foreign Affairs Leaders Push to Save State Cyber Office
“The State Department’s cyber office, which Secretary of State Rex Tillerson announced plans to shutter last month, would be made permanent under legislation offered Thursday by the top Republican and Democrat on the House Foreign Affairs Committee. The Cyber Diplomacy Act would create a permanent Office of Cyber Issues in the State Department with an ambassador-level leader appointed by the president. That’s a step up from the current office’s coordinator for cyber issues, who is appointed by the secretary.”
Equifax Had Patch 2 Months Before Hack and Didn’t Install It, Security Group Says
“Hackers took advantage of an Equifax security vulnerability two months after an industry group discovered the coding flaw and shared a fix for it, raising questions about why Equifax didn’t update its software successfully when the danger became known.”
“Cybersecurity is becoming more and more important in the regulation of medical products. In May 2017, the US Food and Drug Administration (FDA) conducted a public workshop on medical device cybersecurity, the agency’s third on the subject to date. At this workshop, FDA officials, industry representatives and researchers tried to determine the current gaps in regulatory science as it relates to cybersecurity. The FDA officials aim was to come up with fixes for those gaps down the road.”
Helping Small Businesses Deal with Cyber Threats
“Experience also shows that a cyber incident at a small business is not likely to remain confined to that business and could allow hackers access to larger networks. And once cyber attacks occur, many small businesses cannot afford the expense and time necessary to recover. Enhancing cybersecurity at the small-business level is about more than securing individual businesses. It’s a contribution to the public good and economic security of the United States. ”
US Cybersecurity Policy Director Joins FTI Consulting
“FTI Consulting, Inc. (NYSE:FCN) today announced that Cheryl Davis, former Director for Cybersecurity Policy at the U.S. National Security Council and Principal Director of Cyber Policy at the U.S. Department of Homeland Security, has joined the firm’s cross-segment cybersecurity team as a Managing Director in its Technology segment.”
DHS Issues Warning About Cybersecurity Vulnerabilities in Wireless Infusion Pumps
“The U.S. Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (DHS ICS-CERT) last week issued an advisory outlining eight vulnerabilities in Smiths Medical’s Medfusion 4000 Wireless Syringe Infusion Pump.”
Australia
Moving Cyber Security Centre from ASIO Building Creates Opportunity
“Relocating the federal government’s Australian Cyber Security Centre from the ASIO building to Canberra Airport will drive emergency preparedness and knowledge sharing, Prime Minister Malcolm Turnbull’s special adviser says.”
Technology Alone Cannot Prevent A Security Breach – Why You Need to Focus on the Frontline
“Australia is recognised as being one of the most technogically advanced countries in the region, with an increasingly mobile workforce helping to foster a more agile and productive business landscape. In a business environment where breaches are becoming more frequent, and increasingly sophisticated, organisations in Australia are investing in more robust infrastructure to protect their data, assets and reputation. From advanced machine learning and artificial intelligence, to cloud based monitoring and analysis technologies, companies are investing heavily in the latest and most effective safeguards. Yet the effectiveness of these solutions is increasingly dependent on one often overlooked business commodity – employees.”
Baltics/Estonia
Estonia’s Defense Industry Cluster to Cooperate with German Cyber Authority
“The Estonian Defence and Security Industry Innovation Cluster has signed a cooperation agreement with the Cybersecurity Council of Germany to promote economically sustainable cooperation in cybersecurity with an international approach.”
China
China to Create National Cybersecurity Database
“China said on Wednesday it will create a national data repository for information on cyber attacks and require telecom firms, internet companies and domain name providers to report threats to it.”
EU
“EU issued a set of cybersecurity proposals, including a new cybersecurity strategy in the form of a joint communication titled “Resilience, Deterrence and Defence: Building strong cybersecurity for the EU’. This strategy is found here. Greg Day, VP and Chief Security Officer (CSO) EMEA at Palo Alto Networks commented below.”
Greece Keen to Keep EU Cybersecurity Agency
“The Greek government’s contact person for the EU’s cybersecurity agency has welcomed a proposal to give the agency a bigger role. “I am always saying that the next threat to European security will be through the internet, so there are huge stakes there for the EU,” the secretary general for telecommunications and post, Vassilis Maglaras, told EUobserver in an interview at his office in Athens.”
India
After UN Talks On Cyber Norms Collapse, India Starts Chalking Out Own Strategy
“A National Security Council Secretariat-appointed committee will pick up where the UN GGE left off and study how cyber norms for India’s digital development platforms can be formulated.”
Israel
Email Hacking and Viruses – Business in Israel Is Reacting
“When Michael Snape held the position as the CFO of a medium-sized company, he received what seemed like a routine email from his CEO, who was overseas at the time. The email instructed Snape to transfer money into a specific account. Money transfers in this manner were standard practice as a function of his role at the company. He later queried the instruction with his CEO. Snape was met with a blank stare. The email was a fake and the money was gone.”
Mexico Accepts Israeli Offer to Help Develop Central America
“Mexico President Enrique Pena Nieto said on Thursday that his country had accepted Israel’s offer to help it and the United States develop Central America, as Israel and Mexico seek to deepen business ties.”
Netherlands
Intercom Telecom Delivers Public Safety Project in Netherlands
“Intracom Telecom, a global telecommunication systems and solutions vendor, announced that it has undertaken a project to supply its StreetNode™ 26GHz to ProRail, the national Netherland Railway Infrastructure Operator with a network of approximately 3000km, as backhaul to CCTV and security/surveillance assets at the railway stations.”
Russia
Kaspersky Ban Raises Concerns Among Cyber Pros, Consumers; Draws Kremlin Rebuke
“The U.S. government’s decision to ban Kaspersky Lab security software prompted both criticism and praise from the security industry, ignited a flurry of concern from consumers over their own Kaspersky purchases and drew a sharp rebuke from the Kremlin.”