ICD Brief 94.
02.07.2018.-08.07.2018.
This week’s word is ACTION! New laws, guidelines, start ups – dynamism throughout updates from the US, Australia, China, EU, Hungary, India, Iran, Israel, Japan, NATO, Netherlands, Russia, South Korea, UK, UN and Vietnam.
A special welcome to our new readers. And a special preview invitation to join me at Cyber Security Summit 2018 in the Minneapolis Convention Center, October 22-24. Please use my Advisor’s 15% discount by entering AB2018 at the appropriate place.
USA
DHS S&T Enlists Cyber 20/20 to Enhance Cybersecurity Capabilities for Financial Services
“The U.S. Department of Homeland Security (DHS) Science & Technology Directorate (S&T) has awarded Cyber 20/20, Inc. a contract to enhance the capabilities of existing cybersecurity tools to detect and respond to malicious cyber-security attacks on financial institutions.”
DHS Aims to Turn Mobile Devices into No Phishing Zones
“Phishing attacks remain the bane of information security specialists and missions across government, and as they advance in sophistication, the Homeland Security Department is attempting to better protect against them.”
DHS Cyber Strategy Faces Staffing, Vulnerability Tests
“The Department of Homeland Security (DHS) released its cybersecurity strategy in May to protect government networks and critical infrastructure. To protect the people who will rely on the 20 billion connected devices that DHS predicts, the strategy hinges on five pillars: Risk Identification, Vulnerability Reduction, Threat Reduction, Consequence Mitigation, and Enabl[ing] Cybersecurity Outcomes.”
Enhancing Compliance for the Sake of Cybersecurity
“Every state has some form of a personal data breach law. New York law places its emphasis on the actual breach of personal information (PI): “The Act requires that State entities and persons or businesses conducting business in New York who own or licenses computerized data which includes private information must disclose any breach of data … whose private information was, or is reasonably believed to have been, acquired by a person without valid authorization” (“The New York State Information Security Breach and Notification Act,” Medical Society of the State of New York fact sheet, http://bit.ly/2kBQpQV).
Australia
Coalition Spotlights Cybersecurity for WA
“The risk of a cyber attack on one of Australia’s major resource companies is too big to ignore, the federal government says. Attorney-General Christian Porter on Friday launched the first cyber security centre in Western Australia to protect against attacks in the digital realm.”
China
China Filing “Unprecedented Level” of Cybersecurity Patents, Says Report
“China is filing cybersecurity patents at an “unprecedented level”, according to a report from Minesoft and Patinformatics.”
EU
EU Council Gives EASA Authority Over UAV, Aviation Cybersecurity Development
“A mandate adopted by the Council of the European Union last week updates the continent’s aviation safety rules to better prepare for emerging technologies like unmanned aerial vehicles.”
Hungary
10 Brilliant Start-Ups from Budapest to Watch
“The Hungarian capital, Budapest, is buzzing with tech start-ups with a world vision, and products and platforms to match. One of Europe’s most beautiful cities and a treasure trove of museums, libraries, baths, opera houses and art galleries, Budapest also boasts a compelling tech start-up ecosystem.”
India
Digital India Susceptible to Security Breaches
“India’s Prime Minister, Narendra Modi, is preparing for a digital revolution that includes strategies to improve cybersecurity for a digital India; however, as the divide between users and nonusers of the internet narrows, the risk for cyber-attacks increases, according to Prem Behl, Chairman of Exhibitions India Group.”
Cyber warfare is grave threat, but India is not yet prepared for it: General Hooda (IANS Interview)
Iran
Iranian White Hat Hackers on March to Augment Cybersecurity
“A new startup introducing a bug bounty platform and tapping Iranian white hat hackers’ potential is addressing the cybersecurity concerns that have beleaguered the booming web-based businesses in the country.”
Israel
A Look at Israel’s New Draft Cybersecurity Law
“Last month, the Israeli government published the draft of its long-anticipated cybersecurity law and issued a call for public comment, which closes on July 11. The draft represents years of consultation and debate around the country’s approach to cybersecurity. It combines elements of existing cybersecurity legislation and policy with several significant innovations, including some controversial broadening of powers of the lead government agency for cybersecurity, the National Cyber Directorate (NCD).”
Japan
Japan, EU Strengthen Cybersecurity Cooperation Ahead of Olympics
“Japan and the European Union are strengthening their cooperation on cybersecurity ahead of the Tokyo 2020 Olympic and Paralympic Games.”
NATO
NATO Advances in Its New Operational Domain: Cyberspace
“As NATO prepares for its annual summit, to be held July 11-12 in Brussels, media attention has been focused on whether member states will boost their defense spending and readiness across the traditional operational domains of land, air and sea. This reflects a needed focus on important, but frankly longstanding alliance priorities. What many NATO-watchers are missing, however, is NATO’s full embrace of its newest operational domain: cyberspace.”
Netherlands
NCSC Netherlands Publishes IT Security Guidelines for Mobile Apps
“The growing number of smartphone users has also tremendously escalated the mobile app market and the market will continue to rise even greater in the near future. With this advent, mobile applications are also getting more prone to malicious activities.”
Russia
Putin Urges Closer International Cybersecurity Cooperation
“President Vladimir Putin on Friday called for closer international cooperation in fending off cyberattacks. Addressing a cybersecurity conference in Moscow, Putin said it’s important to develop common cybersecurity standards that take into account interests of all nations. He noted that cyberthreats have mounted around the world.”
South Korea
South Korea Admits Crypto Exchanges Being Regulated Financial Institutions
“From now on the cryptocurrency exchanges of South Korea form a new industry named “Cryptocurrency Exchange and Brokerage” able to operate at a large capacity with full government support.”
UK
BOE Tells U.K. Banks Cyber Attacks Are Coming, Now Get Ready
“Many U.K. financial firms don’t have a Plan B to fall back on if they’re hit by a cyber attack. The Bank of England wants to change that.
Financial regulators told firms to come up with a detailed plan for restoring services such as payments, lending and insurance after a disruption, and to invest in the staff and technology to make it work. The plan should include time limits on how long an outage could last.”
Finance Leading the Way for Cybersecurity Investment, Study Shows
“The study, which analysed Gov.uk data from over 800 companies, comes after separate figures from the Business Continuity Institute showed that more than 50% of business believe that cybercrime is their biggest threat.”
Think Cyber Security: The Tech Firm that Uses Human Behaviour to Counter Cyber Threats
“UK start-up Think Cyber Security will be welcomed into the Government’s £13.5m innovation centre to help enhance its work on using human behavioural science to tackle cyber attacks initiated by people”
UN
Russia to Propose Draft Cybersecurity Convention to UN General Assembly
“Russia will propose the UN General Assembly to pass its draft criminal convention on cybersecurity in the early autumn, Director of the Russian Foreign Ministry’s Department for New Challenges and Threats Ilya Rogachev told TASS.”
Vietnam
Vietnam Tracks China with Tough New Cybersecurity Law
“A new cybersecurity law in Vietnam may usher in a new era of increased online censorship, privacy-invasive data processing methods, and deprivation of internet connections for organizations and individuals who publish “prohibited” content.”
Feature
Is Cyber the Perfect Weapon? Joseph S Nye Project Syndicate
“For years, political leaders have warned of the danger of a “Cyber Pearl Harbor.” Thus far, however, cyber weapons seem to be oversold, more useful for signaling or sowing confusion than for physical destruction.
If Russian President Vladimir Putin sees his country as locked in a struggle with the United States but is deterred from using high levels of force by the risk of nuclear war, then perhaps cyber is the “perfect weapon.” That is the title of an important new book by New York Times reporter David Sanger, who argues that beyond being “used to undermine more than banks, databases, and electrical grids,” cyberattacks “can be used to fray the civic threads that hold together democracy itself.”