ICD Brief 126.
18.03.2019.-24.03.2019.
Today’s ICD Brief covers Washington DC, Ottawa, Brussels, Paris, Berlin, Teheran, the Hague, Oslo, Moscow, Singapore, Berne and London.
With a news cycle of such overwhelming scale and circumstance, it is easy to overlook the impressive progress from plans to execution below the national level. Today, we feature An Inside Look at New York State Government Cybersecurity. by ICDAdvisor Dan Lohrmann.
“State and local governments are on the front lines of so many important technology and security issues,” Lohrmann explained. “From implementing infrastructure projects to new healthcare pilots to education reform to restructuring how governments deliver services to constituents in the 21st century, there is so much happening with U.S. Governors that is being overshadowed by other media stories. “And as a specific example, states’ governments such as New York are quietly going through major government reorganizations regarding the delivery of technology and citizen services.”
USA
FEMA ‘unnecessarily’ shared data of 2.3 million disaster victims with contractor
“FEMA says accidental data leak has been dealt with and user data removed from contractor’s systems.
Hurricane Harvey, Irma, and Maria survivors, along with the California 2017 wildfires victims had their data shared inappropriately by FEMA officials, according to a reportpublished this week by the Department of Homeland Security’s Office of Inspector General (OIG).”
A Look at Cyber-Security Spending in 2019: Where Budgets are Increasing and Why
“Last month Dark Reading published a round up of 2019 cyber-security spending outlooks from the likes of Gartner, Forrester, and InformationWeek. In general, they all agree that there are three drivers for cyber-security spending: (1) security risks; (2) business needs; and (3) industry changes. Data privacy concerns are also becoming a key factor, driving market demand for security services through 2019.”
FDA Says Cybersecurity Vulnerabilities Found in Some Medtronic Devices
“The U.S. Food and Drug Administration (FDA) on Thursday said cybersecurity vulnerabilities were identified in Medtronic Plc’s implantable cardiac devices, clinic programmers, and home monitors.”
As cyber reskilling academy takes shape, hiring reform wish-list emerges
“That’s the goal of the Federal Cyber Reskilling Academy, which will begin classes with its first cohort of 25 students on April 15, Jason Gray, chief information officer at the Education Department, said Thursday.”
Vermont’s Norwich U gets $7.3M for cyber security programs
Ohio looks to set up a cyber reserve to fight, prevent attacks
State lawmakers are now considering a bill that would require Ohio Secretary of State Frank LaRose to appoint a chief for information security, mandate county Boards of Elections conduct audits of election results, and require the governor create a civilian cyber security reserve force.
Canada
Canada, EU Share Ways to Blunt Hybrid Threats
“On Wednesday government officials, academics and private sector experts got a view into the future of cyber warfare at the 5th Security and Defence Symposium between Canada and the European Union in Ottawa.”
EU
Law Enforcement Agencies Across the EU Prepare for Major Cross-Border Cyber-Attacks
“To prepare for major cross-border cyber-attacks, an EU Law Enforcement Emergency Response Protocol has been adopted by the Council of the European Union. The Protocol gives a central role to Europol’s European Cybercrime Centre (EC3) and is part of the EU Blueprint for Coordinated Response to Large-Scale Cross-Border Cybersecurity Incidents and Crises1”EU Cybersecurity Briefing Paper Identifies Multiple Challenges
“1Commission Recommendation (EU) 2017/1584 of 13 September 2017 on coordinated response to large-scale cybersecurity incidents and crises C/2017/6100”
France
Central Banks Should Leave Crypto to Facebook and JPMorgan: PwC Partner
“According to PwC France’s Pauline Adam Kalfon, central banks should stay away from the issuance of central bank digital currencies (CBDCs) until large corporations test out the tokenization of fiat currencies themselves.” French Cybersecurity Agency Grants Security Certificate to Ledger Nano S Hardware Wallet
Germany
German Minister on Facebook Password Glitch: Didn’t Expect Such Frightening Unprofessionalism
“Germany’s Justice Minister on Friday said she would hardly have expected such “frightening unprofessionalism” from Facebook after the company acknowledged a glitch that exposed passwords of millions of users to its employees.”
Iran
Netanyahu Says Iran Has “Sensitive Information” on Rival, Tehran Denies Hack
“Israeli Prime Minister Benjamin Netanyahu alleged on Wednesday that Iran could blackmail his main election rival, Benny Gantz, after hacking the former armed forces chief’s phone, even as Tehran denied doing so.”
Netherlands
Netherlands Police, Heineken Win Private Sector Cybersecurity Exercise
“A team made up of the Netherlands’ National Cyber Security Centre and Heineken have won the Cyber Core 2019 exercise that simulated a wave of cyber-attacks on the leading energy provider of an EU state, threatening a shutdown of vital services in the whole country. The exercise marked the first time in Europe that international critical information infrastructure companies compete against each other countering simulated cyber-attacks.”
Norway
Norwegian Aluminium Producer Hit by “Extensive” Cyber Attack
“One of the world’s largest aluminium producers, Norsk Hydro, has been hit by an “extensive cyber attack” affecting operations in several business areas, the company said in a statement.”
Russia
Russian Cyber Espionage Groups Targeting EU Governments
“Nato member states are the top European targets of two state-backed Russian cyber espionage groups in the run up to European elections, according to researchers at security firm FireEye.”
Singapore
“E-mail log-in information of employees in several government agencies and educational institutions, as well as details of more than 19,000 compromised payment cards from banks here, have been put up for sale online by hackers.”
Switzerland
Top Swiss Institutes Launch Joint Cyber-Security Programme
“Switzerland’s federal technology institutes have launched a new Masters degree in cyber-security as part of an effort to play a leading role in studying the protection of computers and networks. ”
UK
NCSC Backs New Group to Help Boards’ Cyber Risk Efforts
“A group of academics, government experts, charities and others has come together to help UK boards better assess cyber risk.
The Cyber Readiness for Boards initiative is being funded by the National Cyber Security Centre (NCSC) and charity the Lloyd’s Register Foundation, but will also benefit from input from University College London (UCL), the University of Reading, Coventry University, the Research Institute in Science of Cyber Security (RISCS), and training provider RESILIA.”
Government Cybersecurity Strategy Is “Chaotic”
“The UK cyber security strategy is in a “chaotic” state, shadow Cabinet Office minister Jo Platt has said. Speaking at the ICT Public Sector event yesterday (21 March 2019), Platt told the audience the security measures in place to protect the UK against a cyber attack were insufficient.”
Feature
An Inside Look at New York State Government Cybersecurity
“As part of a massive IT transformation and consolidation effort, the state of New York government has redesigned the way it protects constituent data over the past several years. These extensive cybersecurity efforts are led by the state’s impressive Chief Information Security Officer (CISO) Deborah Snyder
The Global Rise of Internet Sovereignty
by: Eduard Saakashvili
“Russia and a set of less-than-democratic countries like China, Saudi Arabia, and Iran have certain aspirations for the internet. Domestically, these countries want control and think governments should get to decide what information flows across their borders. Globally, they want governments, not companies and NGOs, to be in charge of the internet.”