ICD Brief 79.
Greetings from Manhattan! We lead with the US CyberCom new command strategy United States Cyber Command’s New Vision: What It Entails and Why It Matters
as this week’s key indicator on how the public and private sectors are improving their cyber security organization, practices and use of innovation to counter threats.
Here is a sampling of updates from the US, the ASEAN region, Australia, the EU, Finland, Germany, Ghana, Israel, Russia, Saudi Arabia and the UK.
I am especially pleased to feature ICD colleague Peter Pleckaitis’ fintech article: Mobile Banking Transformation: The Key to Banking Success in a Digital World and Warwick Ashford’s interview with ICD colleague and McMafia author, Misha Glenny: Popular Culture Key to Giving Cyber Security Much-Needed Boost.
“The United States Cyber Command (USCYBERCOM) has released effectively a new command strategy (formally called a “Command Vision,” although it addresses ends, ways and means), anchored on the recognition that the cyberspace domain has changed in fundamental ways since the Command was established in 2009. Drawing on its experience over the past eight years, the Command offers a new approach that aligns with the strategic realities within which it must successfully operate. The “Achieve and Maintain Cyberspace Superiority: A Command Vision for US Cyber Command” marks a significant evolution in cyber operations and strategic thinking, portending an opportunity to bring about greater security and stability to the interconnected global digital environment.”
“‘Allison Transmission, Autoliv, Calsonic Kansei, Hitachi, Intel and Navistar all play critical roles in the design and engineering of secure connected vehicles, and we look forward to working with them,’” said Jeff Massimilla of General Motors, who serves as the Auto-ISAC’s Chairman. “‘The addition of these six companies will help the Auto-ISAC continue to drive the industry’s proactive efforts to incorporate strong security measures into every phase of the vehicle lifecycle.’”
“In its latest drumbeat against the cyber activities of Iran, the US government Friday charged nine Iranian hackers with a massive three-year campaign to penetrate and steal more than 31 terabytes of information—totaling more than $3 billion in intellectual property—from more than 300 American and foreign universities.”
“A massive federal government spending bill unveiled on Wednesday includes $380 million to help safeguard U.S. voting systems from cyber attacks, in what would be Congress’ first concrete steps to bolster election security since the 2016 presidential campaign was marred by allegations of Russian meddling.”
“The Senate Intelligence Committee has released a six-point plan to boost election security to ensure the United States’ electoral process is safe from foreign meddling that centers on increasing deterrence capabilities and better communications between the federal and state levels.”
“With RSA Conference 2018 USA less than a month away, we asked Britta Glade, Director, Content and Curation for RSA Conference, to tell us more about this year’s event.”
By: Caitríona Heinl
“In the wake of the inability to achieve consensus in the 2016-2017 UN Group of Governmental Experts (GGE), policymakers are exploring how other multilateral efforts and regional activities can promote cyber stability and security. The Association of Southeast Asian Nations (ASEAN) and ASEAN Regional Forum (ARF) are often identified as venues that could help implement cyber norms, confidence building measures (CBMs), and the like in the Asia-Pacific. With Singapore holding the ASEAN chairmanship this year and its decision to prioritize cyber issues during its tenure, how can it promote this agenda successfully?”
“Sydney is now home to Australia’s newest Joint Cyber Security Centre (JCSC), which was officially opened this week by Minister for Law Enforcement and Cyber Security, Angus Taylor. The JCSC is situated in Darling Park and is part of an overall JCSC rollout that includes centres in Brisbane, Melbourne, Perth, and a future centre in Adelaide.”
“A data breach at a website used for athletic events in Wales shows why new cyber-security rules are needed, a legal expert has argued. Active Network is used by a number of events including Velothon Wales, the Cardiff Half Marathon and Ironman Wales to process registrations and payments.”
“IT executives working in capital markets, wealth management and corporate banking sectors are struggling with budget cuts and staff shortages while implementing cyber security strategies that will be compliant with the upcoming General Data Protection Regulation.”
“Antti Pelttari, the director-general of the Finnish Security Intelligence Service, says both cyber and traditional espionage have become more commonplace in Finland.”
By: Semih Aridogan
“We Germans have a huge problem. We invented the car. We have some of the best engineers and 11 of the 100 most valuable brands. We’re the economic powerhouse of the European Union. But we missed a train, an important one. And it is pulling away fast, while we are chugging along with our stuttering diesel cars. That train is digital innovation.”
“The Governor of the Bank of Ghana, Dr. Ernest Addison has disclosed that banks in Ghana will soon be required to publish bank-specific cyber security policies.”
“Bulgarian President Rumen Radev toured Israel’s National computer emergency response team (CERT) in Beersheba on Wednesday with a delegation of ministers, officials and businessmen and discussed possibilities of cooperation in the cybersecurity sphere with Israel.”
“Retired Mossad chief Tamir Pardo said he has assembled a team of more than 30 hackers from Israel’s security and intelligence services into a startup called XM Cyber that seeks to keep companies’ networks safe by imitating how real hackers work.”
“Sberbank, with support from Digital Economy ANO and the Russia Association of Banks, will hold the International Cybersecurity Congress (ICC). The event will take place on 6 July 2018 at the World Trade Centre in Moscow.”
“The Saudi Federation for Cyber Security and Programming signed on Friday a Memorandum of Understanding (MoU) with Northrop Grumman, the leading global security company for innovative systems and solutions, and the Air Force Association, reported the Saudi Press Agency (SPA).”
Warwick Ashford on Misha Glenny’s McMafia
“The cyber security industry should turn to popular culture to raise awareness of the cyber threat to businesses and consumers and attract new blood to the field, says McMafia author.”
“The Inter-ACE 2018 cyber security challenge, hosted by the University of Cambridge, was designed to help address a large and growing skills gap in the cyber security industry. GCHQ’s National Cyber Security Centre supported the two-day event.”
“The UK’s police forces have spent more than £1.3 million in the last three years training its staff on cybersecurity issues. The figures, contained in a new report released by the Parliament Street Think Tank, show that almost 40,000 staff have taken part in the training.”
By: Peter Pleckaitis
“It’s no secret that the world of finance is changing. Customers are increasingly empowered by a new generation of mobile banking and financial technology startups, with 75 percent of consumers saying that fintechs give them more power over their finances, according to Forbes. Banks are ripe for disruption from fintechs because their traditional services and antiquated processes leave a gap of unmet customer needs. Adopting digital capabilities can help meet those needs, but banks need to do more than just roll out new mobile apps on top of traditional offerings.”