ICD Brief 83.
Greetings from the Nation’s capital. ICD 83 reflects a maturing of attitudes and actions needed to secure and sustain a 21st century built on Cyber.
We are just a month out from the new European Union GENERAL DATA PROTECTION REGULATION (GDPR) on privacy and the rights of the individual which takes effect on May 25, 2018. You will receive our GDPR email under separate cover this week.
Here’s a sampling:
RSA San Francisco
The Price of Cyber-Warfare A compelling video of actual individuals affected during last year’s global ransom ware attacks, a progress report and call to action. 20:11 minutes
Brad Smith, President, Microsoft
“The battle has moved to cyber space and citizens around the world are finding themselves in the cross-hairs. As the WannaCry and Not Petya attacks showed us, these attacks don’t pit machines against machines, but machines against real people with devastating consequences to economies, businesses, civil society and individual citizens. Join Brad Smith, President of Microsoft as he discusses how this new reality demands new solutions and ever greater responsibility from the tech sector, governments and users.”
By: Ted Schlein
“This week more than 40,000 security professionals will attend RSA in San Francisco to see the latest cyber technologies on display and discuss key issues. No topic will be higher on the agenda than the Russian-sponsored hack of the American 2016 election, with debate about why the country has done so little to respond and what measures should be taken to deter future attempts at subverting our democracy.”
“President Donald Trump has sent a cyberwarfare policy to Congress that should outline how the administration will tackle some of the field’s most vexing issues – including launching hacking operations and deterring adversaries.”
“The upcoming White House national cybersecurity strategy will empower the Department of Homeland Security to more forcefully respond to cyber threats directed at the private sector and critical infrastructure entities, according to agency chief Kirstjen Nielsen.”
“White House cyber security coordinator Rob Joyce will leave his post and return to the National Security Agency, a White House official said on Monday.”
“Facebook has moved more than 1.5 billion users out of reach of European privacy law, despite a promise from Mark Zuckerberg to apply the “spirit” of the legislation globally.”
“U.S. Department of Homeland Security Secretary Kirstjen Nielsen warned on Tuesday that a European data privacy law taking effect next month may have “unintended consequences” that harm the United States’ ability to protect itself from cyber attacks.”
“Australian security firms looking for new cybersecurity talent have found great value in an AustCyber ‘speed dating’ event that this week gave around 130 aspiring cybersecurity students the chance to sit down with the experts that may one day employ them.”
Cyber Risk Management
In this A.M.BestTV episode at the Risk and Insurance Management Society, Inc.’s (RIMS) conference in San Antonio, TX, a panel of insurance and risk management executives discuss dramatic changes and progress in underwriting cyber risk, the effect of GDPR, the new EU Privacy law, Probabilistic Risk Models, Mitigation credits and discounts for best practices and specific products through partnerships such as the Allianz, Cisco, Aon, Apple.
Click on http://www.ambest.com/v.asp?v=rims5418 to view the entire program.” [14:45]
“The European Commission surprised tech policy observers this week when it suggested to amp up transatlantic cooperation on cybersecurity, just as Europe’s relations with the US are under strain following the Facebook data leakage scandal.”
“India and Sweden agreed on yesterday to set up “a common task force on cybersecurity” and to work together to find innovative solutions for the environment, after leaders of the two countries met for talks in the Swedish capital Stockholm. Narendra Modi was the first Indian prime minister to visit Sweden in 30 years, said Modi’s Swedish counterpart, Stefan Lofven.”
Internet Security Alliance
“The Internet Security Alliance today formally released two new cybersecurity handbooks designed for corporate directors in Germany and the United Kingdom, building out from a well-received U.S. version drafted in tandem with the National Association of Corporate Directors. “Managing Cyber Risk: A Handbook for German Boards of Directors” and the “Handbook for UK Boards of Directors” were released at the ISA-NACD Global Cyber Forum in Geneva, Switzerland, a first-of-its-kind international cyber event for corporate directors.”
“There is a specter of nation-state cyber-attacks against the United States, but with the right preparations, there is little to fear, according to former National Security Agency Director General Keith Alexander and Nadav Zafrir, former commander of Israel’s 8200 Intelligence Unit (Israel’s equivalent of the NSA).”
“Nearly 1,000 data-breaches occurred in the first-half of 2017. Each new breach raises fears that trust in the global digital economy is eroding. In tandem, investors are seizing the opportunity to back the next generation of cybersecurity startups. A new report by CBInsights points at the global high-momentum startups with the potential to shape the future of cybersecurity. The Cyber Defenders 2018 research report has identified 29 early- to mid-stage high-momentum companies pioneering technology with the potential to transform cybersecurity in 2018.”
“Dutch state employment agency UWV has said it will take part in the National Detection Network (NDN). The NDN is a collaboration platform for the national government and vital private parties, aimed at handling digital dangers and risks better and faster. By sharing threat information, the parties should be better able to take appropriate measures in time and so limit or prevent possible damage. The public and private sector is working together on the digital resilience of the Netherlands, the National Cyber Security Centre said (NCSC). The NCSC was formed by the previous government cabinet to deal with the perceived lag in this area of the Netherlands.”
“The recent scandal related to the misuse of Facebook user data by Cambridge Analytica alarmed the Philippine government. The National Privacy Commission (NPC) demanded that Facebook founder and CEO Mark Zuckerberg determine whether or not 1.1 million potentially affected Filipino users had their personal data shared with Cambridge Analytica. “
“Under this MoC the two countries will cooperate to deliver cybersecurity capacity building programmes to Commonwealth Member States for a two-year period beginning September 2018. The UK will also actively participate in Singapore’s ASEAN Cyber Capacity Programme (ACCP) that was launched in 2016.”
Thailand’s new proposed Cyber Security Law indicates increased surveillance and risks of legal action against information technology (IT) and social media companies.
“Theresa May will strengthen the UK’s digital defences through a £15m online security pact with Commonwealth allies amid warnings over the growing threat of cyber warfare from Russia.”
“The cyber threat to business has never been greater, so the National Cyber Security Centre is urging UK companies to ensure they have implemented all the basic, best-practice cyber security controls and processes.”
“The UK’s cyber security watchdog has warned the UK telecoms sector not to use network equipment or services from Chinese supplier ZTE as it would have a “long term negative effect on the security of the UK”.”
A teenager who tricked his way into obtaining the email and phone accounts of senior US intelligence officials has been sentenced.