ICD Brief 87.
14.05.2018.-20.05.2018.
As you skim today’s ICD Brief headlines, you will see a world hyper-engaged in fighting a cyber threat to stable governance, economic growth, intellectual property, personal identity and sustainable peace and security.
A Martian observer would be encouraged to see similar responses come from vastly different cultures and organizations. Google’s Alphabet offers free protection to political groups in the US while the oldest international organization, The International Telecommunication Union (ITU), an agency of the United Nations (UN) provides support for an Iranian cybersecurity training course.
“Decryption” and the ethics of “Securitising” in Australia becomes “National Standards for Personal Data Protection” in China.
World order is threatened by a shared infrastructure that intersects law, commerce, crime and war without a concept of shared benefits across open and less open societies.
Is strategic success a question of scaling up or do we need something more?
USA
Homeland Security Unveils New Cyber Security Strategy Amid Threats
“The U.S. Department of Homeland Security on Tuesday unveiled a new national strategy for addressing the growing number of cyber security risks as it works to assess them and reduce vulnerabilities.”
White House Cuts Critical Cybersecurity Role as Threats Loom
“A little over a month ago, the White House forced out Tom Bossert, its cybersecurity czar. A week later, cybersecurity coordinator Rob Joyce said he would depart as well. And now, rather than replace either, the Trump administration will do without anyone at the helm of its cybersecurity policy. It couldn’t have picked a worse time.”
Google Offers US Political Groups Free Cybersecurity
“Google’s parent company Alphabet is offering U.S.-based political groups free cyber protection ahead of the 2018 midterm elections, The Hill reports. Project Shield, run by Jigsaw, is a free service that protects sites from Distributed Denial of Service (DDOS) attacks.”
Cyber Attack Delays Atlanta Mayor’s First Budget Pitch
“Atlanta’s 2019 budget process has been delayed by a March cyber attack that scrambled a swath of government data, temporarily closing courts, halting bill payments and slowing other key services in the most devastating “ransomware” assault on a major U.S. city, a city spokesperson said on Tuesday.”
South Carolina Enacts First Insurance Data Security Act
“South Carolina has become the first state to enact a version of the Insurance Data Security Model Law, which was drafted by the National Association of Insurance Commissioners (NAIC) in 2017. Governor Henry McMaster signed the South Carolina Insurance Data Security Act into law on May 14, 2018. The Act will become effective on January 1, 2019.”
Australia
“Decryption” Legislation a Top Priority for Australia’s Cybersecurity Minister
“Minister for Law Enforcement and Cyber Security Angus Taylor has told the CeBIT Australia conference in Sydney on Thursday that the federal government’s push to access encrypted communication is one of his highest priorities, but he refused to offer a date of when legislation can be expected.”
The Pacific Cyber Security Operational Network Is Now in Action
“The Australian-funded Pacific Cyber Security Operational Network (PaCSON) is now in service, bringing together a network of Computer Emergency Response Teams (CERTs) and government-designated cybersecurity officials from 14 Pacific nations.”
The Ethics of “Securitising” Australian Cyberspace
“This article is the fifth in a five-part series exploring Australian national security in the digital age. Read parts one, two, three and four
China
China’s National Standards for Personal Data Protection
“China’s National Standards on Information Security Technology-Personal Information Security Specification came into force May 1 2018. They stipulate that explicit consent is required for collection of sensitive personal information.”
Germany
Germany Calls on Chip and Hardware Makers to Tackle Processor Flaws
“Germany’s federal cyber agency called on chip and hardware-makers to address new vulnerabilities discovered in computer central processing units, but said no complete fix was possible at the moment.”
India
IBM India Says Cyber Security a Gold Mine for Jobs
“Global technology major IBM has said there is a massive shortage of cyber security professionals in the country, urging young graduates to look this segment, which is a high-margin segment for companies, as a lucrative career option.”
Does Indian Law Provide Adequate Cyber Security for Its Assets?
“Traditionally, the security of cyber assets in India has been viewed only from the standpoint of the government, with considerations of national security and sovereignty taking centre stage when it comes to policy formulation. But the world today is experiencing a plethora of threats, most of which did not even exist when the relevant legal framework in India was devised. In the present day, the proliferation of information technology devices and their use by various stakeholders poses the question: Is India adequately prepared when it comes to protection of its cyber assets? The answer, unfortunately, is “No.”
Iran
“After banning the widely used Telegram messaging app, the Iranian government is once again deepening its censorship and suppression of internet use in the country by forcing government agencies to use domestic, state-approved online search engines.”
With ITU’s Support, Iran Hosts Cybersecurity Course
“A world-class cybersecurity training program is currently being held in Tehran jointly by the International Telecommunication Union (ITU), Indian Advanced Level Telecom Training Center (ALTTC) and Iran’s Faculty of Applied Science of Post and Telecommunication from May 12-16.”
Russia
Inside One of the Largest Hacking Conferences in Russia
“Hundreds of aspiring hackers in Moscow faced off against one another earliest this week in different challenges. The event, called Positive Hack Days, is organized by the cybersecurity firm Positive Technologies. More than 4,000 people attended the cybersecurity conference, one of the largest in Russia. It’s part discussion forum and part competition.”
South Korea
Cyber Security Is an “International Problem”, Requires Cross-Country Collaboration, Say Tech Experts
“Cyber security is an “international problem” that goes beyond national borders and requires cross-country collaboration as well as working with private tech companies like Google.”
Thailand
Thailand Plans to Set Up Cybersecurity Agency to Boost Cybersecurity Preparedness
“According to the Electronic Transactions Development Agency of Thailand (ETDA), Prime Minister of Thailand, General Prayut Chan-ocha recently chaired the first meeting of the National Security Council on Cyber Security.”
UK
NCSC Calls for Greater Interaction with UK Businesses
“Under-reporting of cyber crime by businesses means crucial evidence and intelligence about cyber threats and offenders is lost, according to Peter Yapp, a deputy director at the National Cyber Security Centre (NCSC).”
Insurance
The Insurance Industry: An Important Part of the Fight Against Cybercrime
By: James Burns
“At its root, cybercrime is a business like any other. Although legitimate business leaders and cybercriminals sit in opposite corners of the ring, comparisons can be made between the two groups when it comes to strategies for making money – identify opportunities, innovate solutions for your target market, and, where possible, capitalize on easy wins to make money fast.”