ICD Brief 110.
19.11.2018.-25.11.2018.
Greetings from Manhattan a city like no other: exciting, resilient and inspiring. Here are a few of our updates from this week.
USA
NYC Invests to Become Hub for Cybersecurity Professionals
“As part an effort to turn New York City into a hub around which cybersecurity startups will be founded, the New York City Economic Development Corp. (NYCEDC) has allied itself with SOSA, a startup incubator, to create a physical location in lower Manhattan designed to enable academic and cybersecurity experts to bring new cybersecurity technologies to market.”
DHS Hopes Supply Chain Task Force Will Enhance Federal IT Security
“The Department of Homeland Security is moving ahead with plans to beef up security for the global IT supply chain and, by extension, for the federal government. On Oct. 30, DHS announced the creation and chartering of the nation’s first Information and Communications Technology Supply Chain Risk Management Task Force. The task force is a public-private partnership designed to examine and develop “consensus recommendations” to identify and manage risk to the global ICT supply chain.”
Manufacturers Remain Slow to Recognize Cybersecurity Risk
“They have names like Notpetya, Samsam and perhaps the most cynically named WannaCry. These are just some of the most recent cyberattacks that have not only affected financial institutions, retailers and shipping companies but have also plagued manufacturers, like Merck & Company., the pharmaceutical firm, and the snack company Mondelez International.”
Indonesia and United States Ink Agreement on Cybersecurity Training
“The Indonesian government has inked partnership agreement with the United States to strengthen the bilateral collaboration against transnational cyber and financial crimes. The agreement between the Indonesian National Police and the U.S. Attorney-General’s Office is intended to increase U.S. training of Indonesian law enforcement officials to fight against cyber-attacks using digital forensics, the Straits Times reported.”
Singapore and US Commit to ASEAN Cybersecurity
“The Cyber Security Agency of Singapore and the US Department of State have signed a Declaration of Intent (DOI) that will benefit ASEAN member states.”
Australia
Australia and New Zealand Announce Joint Pacific Cyber Security Plan
“Australia and New Zealand have made a new commitment to cyber security in the Pacific.”
Baltics/Estonia
Start-Ups Invited to Beef Up Estonian Cyber Security
“Estonia has begun to invite early-stage start-ups to join its defence artificial intelligence (AI) and cybersecurity accelerator, the first of its kind in Europe.”
Czech Republic
Ratas in Prague: Czech Interested in Our E-Services, We in Their E-Commerce
“Prime Minister Jüri Ratas (Centre) on Friday assured Czech Prime Minister Andrej Babiš that Estonian experts and IT companies are prepared to support the Czech Republic in creating its own e-state, adding that Estonia in turn is interested in Czech experiences in the development of e-commerce.”
China
China in Breach of Cybersecurity Pact
“It has been a fairly turbulent week in the cyber-espionage space following accusations that China’s Ministry of Security Services is behind the surge of intellectual property theft from Australian companies.”
EU
Cyber Defence: Council Updates Policy Framework
“The EU is increasingly cooperating in cyber defence, with a view to strengthen its capacities. At its last meeting, on 18 October 2018, the European Council called for measures to build strong cybersecurity in the EU. EU leaders referred in particular to restrictive measures able to respond to and deter cyber-attacks.”
Germany
German eID Card System Vulnerable to Online Identity Spoofing
“Security researchers have found a vulnerability in the backbone of the electronic ID (eID) cards system used by the German state. The vulnerability, when exploited, allows an attacker to trick an online website and spoof the identity of another German citizen when using the eID authentication option.”
Hungary
CEE Countries, Including Hungary, At Risk of Cyberattacks
“According to research conducted by Legal Week Intelligence and CMS, more than 100 separate cyber incidents were recorded last year affecting 18 CEE countries, yet less than a quarter of these resulted in government or regulatory action.”
India
India May Impose Higher Penalties to Ensure Companies Report Cybersecurity Breaches
“The government wants to impose higher penalties on companies that fail to immediately report incidents of data breach of Indian users to the authorities, a senior government official has said adding that the current ones are too low.”
Cybersecurity Insurance Hits Missing Data Roadblock
“Cybersecurity insurance, a new buzzword among Indian insurers, have crucial roadblocks to surmount before it can live up to the potential promised by the companies. Lack of actuarial data on cyber-attacks, murky disclosures by victim companies and the incredible speed at which a breach may spread globally has companies in a bind.”
Israel
Israel Defence Ministry to Provide G20 Cybersecurity in $5m Deal
“Israel’s Defence Ministry will provide cyber security for the upcoming G20 summit after signing a $5 million deal with its Argentinian counterpart.”
ITU
PP-18 Concludes in the UAE with ITU Telecom Strategy for the Next Four Years
“Organised by TRA, the key telecom event, convened delegates and guests from over 180 countries and 2300 delegates discussed 274 working papers throughout the period of three weeks to map out the future ICT roadmap.”
Singapore
Singapore to Collaborate with Canada, US on Cybersecurity
“Singapore has inked partnership agreements with Canada and the US that encompass data sharing as well as joint technical certification programmes and capacity building initiatives.”
Association of Banks in Singapore Issues Set of Cybersecurity Assessment Guidelines
“The Association of Banks in Singapore (ABS), with support from the Monetary Authority of Singapore (MAS), has developed a set of cybersecurity assessment guidelines to strengthen the cyber resilience of the financial sector in Singapore.”
UK
UK Power Grid Vulnerable as Government Failing on Cybersecurity
“The government is failing to deliver on promises to protect the UK’s critical national infrastructure (CNI) from cyber attacks, a report from a parliamentary committee has warned.”
GCHQ warns on Black Friday cyber-threat
“The National Cyber Security Centre’s advice to reduce the risk of cyber-crime is:
- Install the latest software and app updates
- Choose strong and separate passwords for accounts
- Type in a shop’s website address rather than clicking on links in emails
- Avoid over-sharing unnecessary information with shops, even if they ask
- Don’t panic if you think you’ve been a victim of fraud
- Keep an eye on bank accounts for unrecognised payments
- Make sure all your home gadgets are secure”