ICD Brief 82.
09.04.2018.-15.04.2018.
This week’s Brief highlights multi stakeholder partnerships, progress towards international laws, standards and best practices as well as serious preparation for major cyber attacks. Here is a sampling.
NSA Calls for Cybersecurity Community Collaboration
Estonia’s Guardtime delivers a specialised cyber exercise for the UK civil nuclear sector
Commission Should “Walk the Walk” on Cybersecurity, German Chief Says
Japan’s Softbank, Etisalat and Two Other Telcos to Form Cybersecurity Alliance
NATO and Others Struggle with Cyber Attribution and Legal and Military Responses
UK Launched Cyber-Attack on Islamic State
Over 60s take up SAS cyber attack training
USA
NSA Calls for Cybersecurity Community Collaboration
“A US National Security Agency (NSA) representative has called for cyber security community collaboration at the National Cyber Security Centre’s conference in Manchester [UK].”
Cyber and Infrastructure Resilience
“Livermore [National] Laboratory explores and develops innovative technologies and approaches to enhance the resiliency of U.S. infrastructure to physical, cyber, and environmental threats. This includes:
- Identification of vulnerabilities
- Science-based, threat-informed risk analysis
- Analysis of mitigation options
- Design, testing, and pilot deployment of mitigations
- Infrastructure architecture enhancement to improve efficiency, resilience, and reliability
Laboratory scientists leverage programs and connections with the Department of Energy, the Department of Homeland Security, industry, and the State of California.”
Google is Testing Self Destructing Emails in New Gmail
“Google is working on a brand new design for the web version of Gmail. Yesterday, I published screenshots of the new design. TechCrunch’s tipster Chaim also discovered an interesting new feature in the new Gmail. You’ll soon be able to send expiring emails.”
US Faces Evolving, Emboldened Adversaries in Cyberspace, Officials Warn
“As threats in cyberspace constantly evolve, the United States is facing adversaries that are increasingly sophisticated, capable and emboldened in that domain, top defense officials told lawmakers today.”
DHS Seeks Growth in Cyber Budget
“Cybersecurity threats “keep me up at night,” said Homeland Security Secretary Kirstjen Nielsen at an April 11 appropriations hearing. “It changes quickly. It’s prolific. It’s non-stop and it’s from many, many, many sectors.” DHS is seeking more than $644 million just for a mix of programs to support federal agency cybersecurity, including the Continuous Diagnostics and Mitigation program and the network shield system known as EINSTEIN.”
DHS S&T Announces Release of Mobile Security R&D Program Guide Vol.2
“The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) today released its 2018 Mobile Security Research and Development (R&D) Program Guide that introduces the technology projects, goals and objectives and their alignment with DHS and federal mobile security strategies and priorities.”
US Department of Commerce Selects FIU as Partner in Cybersecurity Education Outreach
“The U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) granted FIU [Florida International University], and its partner New America, a cooperative agreement to host the annual National Initiative for Cybersecurity Education (NICE) Conference and Expo over the next five years.”
Australia
ASD to Review Australia’s Cybersecurity and “Drive Out Known Problems”
“New Australian Signals Directorate chief Mike Burgess outlines his priorities for the restructured agency’s next 12 months.”
“Government officials have outlined their priorities for Australia’s cybersecurity efforts following a major reorganisation of the country’s cybersecurity agencies. These include a national assessment of Australian cybersecurity, and collaboration with major internet service providers to address known problems.”
Bulgaria/EU
Cyber Defence Conference Organised by the Bulgarian EU Presidency and EDA
“The International Conference on Cyber Defence – Building a Rapid Response will be held in the Central Military Club, Sofia, Bulgaria, from 13 to 14 June 2018. This event is co-organised by the Bulgarian EU Presidency and the European Defence Agency (EDA).”
Estonia
Estonia’s Guardtime delivers a specialised cyber exercise for the UK civil nuclear sector
“The Estonian-founded, Amsterdam-based software security company, Guardtime, has planned and executed a custom cyber exercise for the UK civil nuclear sector. The exercise was run on the Estonian Defence Forces’ cyber range, complemented with actual industrial control systems simulating a nuclear power plant, the company said in a statement.”
Germany
Commission Should “Walk the Walk” on Cybersecurity, German Chief Says
“The European Commission should “walk the walk” and use strong encryption to protect its computer networks against hackers instead of pushing member states to adopt controversial new legislation, the head of Germany’s cybersecurity agency has said. Arne Schönbohm, the director of Germany’s Federal Office for Information Security (BSI), lashed out at the Commission for not being transparent about the technology it uses to prevent cybersecurity breaches.”
Israel
The Israel – Massachusetts Cybersecurity Ecosystem Is Thriving
“Israeli-founded cybersecurity firms employ nearly 3,300 workers, an increase of more than 12% since 2015, according to a new report from Brandeis International Business School and 90 West. Empow, one of the over 30 Israeli-founded cybersecurity companies doing business in Massachusetts, announced today a $10 million series B round of funding and veteran cybersecurity executive Peter George as its new CEO.”
Japan
Japan’s Softbank, Etisalat and Two Other Telcos to Form Cybersecurity Alliance
“Japanese technology giant SoftBank Group and three telecom operators that include Abu Dhabi-based Etisalat are forming an alliance to offer cyber security services to businesses, helping them combat rising cyber threats. The companies, which also include Spain’s Telefonica and Singapore’s Singtel, have signed a formal pact for the Global Telco Security Alliance that will have more than 1.2 billion customers in over 60 countries across Asia Pacific, Europe, the Middle East and the Americas, Etisalat said in a statement on Thursday.”
NATO
NATO and Others Struggle with Cyber Attribution and Legal and Military Responses
“NATO and other international organisations are grappling to frame a response, military or legal, to cyber attacks that fall short of war but pose potentially deadly threats to society.”
New Zealand
New Zealand to Refresh Cybersecurity Strategy
“New Zealand Broadcasting, Communications and Digital Media Minister Clare Curran has announced a refresh to the country’s three-year-old cybersecurity strategy amid concerns of a growing threat landscape.”
UAE
“Emirates Diplomatic Academy (EDA), the UAE’s leading international relations and diplomatic institution, today hosted Dr Mohamed Al-Kuwaiti, Executive Advisor at the Signals Intelligence Agency (SIA) – formerly the National Electronic Security Authority (NESA), for a lecture on ‘The UAE Cyber Security Framework’.”
UK
UK Launched Cyber-Attack on Islamic State
“The UK has conducted a “major offensive cyber-campaign” against the Islamic State group, the director of the intelligence agency GCHQ has revealed.”
UK could launch retaliatory cyber attack on Russia if infrastructure targeted: Sunday Times
“LONDON (Reuters) – Britain would consider launching a cyber attack against Russia in retaliation if Russia targeted British national infrastructure, the Sunday Times reported, citing unnamed security sources.”
Cybersecurity a Shared Responsibility, Says Amber Rudd
“The UK home secretary has emphasised that cyber security is a shared responsibility and committed to promote EU cyber cooperation post-Brexit at the National Cyber Security Centre’s conference in Manchester. At the heart of the wide-ranging speech, the home secretary announced the allocation of £50m in the next year to bolster cyber capabilities within law enforcement.”
Insurance – Chubb
“The threat of cyber attacks is large and growing, costing companies and individuals trillions of dollars each year. Chubb has industry-leading experience and expertise to help you reduce the cyber risks you and your business face. ”
Feature
Over 60s take up SAS cyber attack training
“The over 60s are particularly vulnerable to online scams, according to Santander, so it has launched a Scam Avoidance School (SAS) to help people recognise and deal with this cyber scourge.”
A Simple Proposal to Help Fix Corporate America’s Cybersecurity Problem
By: Craig A. Newman (The New York Times)
“The public’s confidence in the capability of companies to protect customers’ personal information has taken a beating in recent weeks. Customers of Sears and Kmart, Best Buy, Saks Fifth Avenue and Lord & Taylor, and Delta Air Lines recently learned that hacks have exposed their personal data, including credit and debit card numbers. And then there’s the disclosure that Cambridge Analytica harvested the personal information of nearly 87 million Facebook users. Despite these disclosures and others, we continue to entrust our personal information to businesses without any standard for judging how safe it is. It doesn’t have to be that way.”
Cyber Security Market Research Report
By: Market Insights Report
“In 2016, Asia-Pacific region come across maximum number of cyber-attacks and over 25% of ransomware attacks were commenced. This growing cyber risk is raising awareness and requirement to mitigate cyber threats in Asia-Pacific region. Increasing digital transformation and connectivity APAC region is making it exposed to cyber threats.”