Cyber security in European ATM
|
|
- Ophelia Jenkins
- 5 years ago
- Views:
Transcription
1 Cyber security in European ATM EUROCONTROL Patrick MANA Cyber-security Project Manager 06/03/2018
2 Agenda Policy / guidelines / standards, training, support to states, R&D Initiatives: EATM-CERT & Cyber Info sharing CEF Project: SWIM Common PKI with SDM WAC
3 WAC
4 Why doing it? And because no one wants this To become this! 4
5 Cyber-resilience: a change of culture People Procedure Equipment EUROCONTROL 5
6 DISRUPT/DISTURB SERVICE 6
7 RANSOMWARE Should we pay or not? NO Even if we pay, we cannot operate a system that has been hacked/modified that way. Need for: Back-up Configuration management 7
8 Non-ATM systems Power Supply BMS HVAC EUROCONTROL/EATM-CERT 8
9 Resilience so far mainly designed for safety now also for security e.g. I have firewall(s) thus my internal network/machines is/are protected Do you use X.509 digital certificates for SWIM & non-swim, for external and internal exchanges of information? e.g. I have an Anti-Virus thus my internal network/machines is/are protected Is it updated with latest CVE? Can anyhow viruses go through? Yes 9
10 CYBER-SECURITY ESPECIALLY IN AVIATION IS NOT A NATIONAL ONLY ISSUE LET S SHARE CYBER-INFO FOR REAL Lesson learned from Wannacry, Not/Petya, => need for more cross-national sharing/coordination Sharing info, vulnerability, cyber-intel => Need for regional and sectorial CERT, ISAC Reduce our cost to protect ourselves Increase cost on bad guys side Best Practices of many other domains An objective could be: Let s make a type of cyber-attack working max once. Exchange of cyber-info can be achieved with simple existing technology/standards: And TRUST WAC
11 EUROCONTROL CONTRIBUTION WAC
12 ATM Security developments NEASCOG (NATO EUROCONTROL ATM Security Coordinating group) & EUROCONTROL Policy, Guidance: International collaboration (NEASCOG members full ATM spectrum) Threat/risk assessment: ICAO TRWG/cyber Matrixes (CNS) Awareness: seminars/workshops 2 days, in June every year Training: at IANS (RTCE of ICAO) SEC-CYBER, SEC-MS, SEC-LEX/CYBER ICAO GAT; Fundamentals of ATM Security Support to States: ATM cyber security workshops: 2,5 days, on site Guidance: Manual for National ATM Security Oversight v2.0 R&D: S2020, ACARE WG/4 Safety & Security (co-chaired with EASA) Standards: EUROCAE WG-72 (Aeronautical Information Systems Security). ED205 (security accreditation of ground ATM systems) WAC
13 (1) Need for regional sectorial (ATM) CERT: combine cyber and domain expertise EASA (ECCSA) National CERTs National CERTs National CERTs Alerts/Incidents - intelligence EATM-CERT Cyber Intelligence Thematic CERTs Cyber intelligence Cyber Provider intelligence Cyber Provider intelligence Provider ATM CI Provider (US & other Regions ATM CERT) EA-ISAC Alerts/ Incidents Intelligence /services EUROPOL CERT-EU Significant Incidents - intelligence Alerts/other Incidents - intelligence/services EUROCONTROL SOCs ENISA NATO/EDA ATM Stakeholder SOC SOC (1) ATM Stakeholder SOC SOC (1) ATM Stakeholder SOC ATM Stakeholder Logs System Recommendations ATM Manufacturer ATM Manufacturer ATM Manufacturer ATM Stakeholder ATM Stakeholder ATM Stakeholder EUROCONTROL 13
14 Alert/Incident reporting To National CERT (mandatory as per NIS Directive) To EATM-CERT (if national law permits e.g. legal case) Incidents of significant importance To National CERT(not mandatory in NIS Directive and dependent upon National CERT capabilities) To EATM-CERT Other Incidents To EATM-CERT Alerts Mandatory On a voluntary basis WAC
15 enter your presentation title 15
16 CERT & SOC services are complementary services Strategic CERT CERT services: Share info to prevent incidents and coordinates response to incidents Federate multiple systems/services and their SOC(s) Proactive services : analysis of information to generate ATM and Stakeholder relevant information Discover vulnerabilities and propose fix before exploited (design review, pen testing, red teaming, ) Inform about hackers Tactics, Techniques and Procedures to protect systems before being hit Inform about Indicators of Compromises (malware, URL) to protect systems before being hit Reactive services: Support to incident reaction/remediation, coordination amongst various entities being hit Hunting/post analysis in case of incidents Forensic investigation Tactical SOC (Security Operations Centre) SOC services: (H24) monitoring of systems/services activities to detect abnormal situations Analyse abnormal situations detected by SIEM (Security Information and Event Management) tool Filter false positive alerts (e.g. within 45 ) Analyse true alerts/incidents and propose remediation actions (e.g. within 1 or 24 hours) Improvement of abnormal situation detection criteria/threshold ( correlation rules ) using CERT info Update SIEM with info provided by CERT Operational NM, CRCO MUAC ANSPs AOs Decide if CERT or SOC recommendations have to be implemented and implement them Update Security Controls (firewalls, AV, IDS,..) and systems/applications using CERT info Manage cyber incidents with CERT and/or SOC support Post incident analysis with CERT support WAC 2018
17 Security Assessment Results WAC
18 CEF - SWIM Common PKI (PCP Family 5.1.4) WAC
19 Cross-certification (1/2): What collaboration WITHOUT a cross-certification bridge looks like CA 1 CA 5 CA 2 CA 4 CA 3 WAC
20 Cross-certification (2/2): What collaboration WITH a cross-certification bridge looks like Common Bridge (Trust Anchor) CA 1 CA 2 CA 3 CA 4 CA 5 WAC
21 Applied for CEF Funding as part of SDM Led & coordinated by EUROCONTROL ANSPs DFS, DSNA, NAVIAIR, ENAV, NAV P, ROMATSA, SMATSA, BULATSA, Hungaroconrol, HANSA, SloveniaControl, FABCE Ltd, Austrocontrol, ANS Finland, LFV, Belgocontrol, LVNL, LPS SR, PANSA, Oro Navigacija, Others Airlines Air France Lufthansa Ryanair Airport Operators: CPH MAG ADP Military Spanish Air Force French MoD WAC
22 World wide PKI ICAO trust bridge hierarchy The dream WAC
23 World wide PKI - Regional CA's with Crosscertification the reality to start with WAC
24 THANK YOU WAC
Centralised service 6-7: Ensuring the resilience of centralised services cyber-security and sharing cyber intelligence
Centralised service 6-7: Ensuring the resilience of centralised services cyber-security and sharing cyber intelligence Patrick MANA CS6-7 Project Manager WAC 08 March 2017 Why doing it? NIS Directive EC
More informationCentralised service 6-7: Ensuring the resilience of centralised services cyber-security and sharing cyber intelligence
Centralised service 6-7: Ensuring the resilience of centralised services cyber-security and sharing cyber intelligence Patrick MANA CS6-7 Project Manager WAC 08 & 09 March 2016 enter your presentation
More informationCYBER SECURITY AIR TRANSPORT IT SUMMIT
CYBER SECURITY AIR TRANSPORT IT SUMMIT SHARING GOOD PRACTICES VIVIEN EBERHARDT, SITA CYBER SECURITY CYBER SECURITY AIR TRANSPORT IT SUMMIT SHARING GOOD PRACTICES VIVIEN EBERHARDT, SITA CYBER SECURITY CYBER
More informationHow a global industry player addresses the Cybersecurity challenges of Air Transport
How a global industry player addresses the Cybersecurity challenges of Air Transport ICAO Cyber Summit and Exhibition Making Sense of Cyber Dubai, United Arab Emirates 4 6 April 2017 thomas.hutin@thalesgroup.com
More informationPENS The New Information Highway
PENS The New Information Highway ATSEP - Workshop October 2018 Speaker Michael Rauff Hansen Manager of CNS Systems at Naviair 24 years at the Danish ANSP Member of PENS management steering group PSSG Vice-chairman
More informationCSIRT in general CSIRT Service Categories Reactive Services Proactive services Security Quality Management Services CSIRT. Brmlab, hackerspace Prague
Brmlab, hackerspace Prague Lightning talks, November 2016 in general in general WTF is an? in general WTF is an? Computer Security in general WTF is an? Computer Security Incident Response in general WTF
More informationPosition Paper of the ASD Civil Aviation Cybersecurity Taskforce
Contact: Yoann Viaouet Position Paper of the ASD Civil Aviation Cybersecurity Taskforce April 2017 Content Executive Summary... 2 The need for a global cybersecurity framework: the role of ICAO... 3 The
More informationENISA EU Threat Landscape
ENISA EU Threat Landscape 24 th February 2015 Dr Steve Purser ENISA Head of Department European Union Agency for Network and Information Security www.enisa.europa.eu Agenda ENISA Areas of Activity Key
More informationDatalink performances
Datalink performances Outcome of the Datalink Performance Monitoring activities Jacky Pouzet Head of Communication and Frequency Coordination Unit WAC Madrid, March 2018 The Big Picture EC EASA Reminder:
More informationNebraska CERT Conference
Nebraska CERT Conference Security Methodology / Incident Response Patrick Hanrion Security Center of Excellence Sr. Security Consultant Agenda Security Methodology Security Enabled Business Framework methodology
More informationAutomated Response in Cyber Security SOC with Actionable Threat Intelligence
Automated Response in Cyber Security SOC with Actionable Threat Intelligence while its biggest weakness is lack of visibility: SOCs still can t detect previously unknown threats, which is a consistent
More informationCenter for Internet Security Confidence in the Connected World
Center for Internet Security Confidence in the Connected World Northeast Headquarters 31 Tech Valley Dr., East Greenbush, NY 12061 Mid-Atlantic Headquarters 1700 North Moore St., Suite 2100, Arlington,
More informationSESAR Deployment and upcoming CEF Transport Calls ANS Consultative Board. Helsinki, 12 October 2015
SESAR Deployment and upcoming CEF Transport Calls Presentation @NEFAB ANS Consultative Board Helsinki, 12 October 2015 SESAR JU SESAR DM 2 entities, 1 project European ATM Master Plan R&D INDUSTRIALISATION
More informationICB Industry Consultation Body
ICB Industry Consultation Body POSITION PAPER Regulatory Response to ATM Cyber-Security Increasing reliance on inter-connected ATM systems, services and technologies increases the risk of cyber-attacks.
More informationICB Industry Consultation Body
ICB Industry Consultation Body Evolution of network management 17/11/2016 Issue Position Paper Long-term evolution of Network Management This position paper is intended to form the basis of advice to the
More informationFinal Project Report. Abstract. Document information
Final Project Report Document information Project Title SWIM security solutions Project Number 14.02.02 Project Manager THALES Deliverable Name Final Project Report Deliverable ID D01 Edition 00.01.00
More informationMedical Device Cybersecurity: FDA Perspective
Medical Device Cybersecurity: FDA Perspective Suzanne B. Schwartz MD, MBA Associate Director for Science and Strategic Partnerships Office of the Center Director (OCD) Center for Devices and Radiological
More informationCYBER THREAT INTELLIGENCE TOWARDS A MATURE CTI PRACTICE
CYBER THREAT INTELLIGENCE TOWARDS A MATURE CTI PRACTICE Richard Kerkdijk December 7th 2017 A WORD ABOUT TNO Dutch innovation and advisory body, founded by law in 1932 and currently comprising some 2800
More informationDirective on security of network and information systems (NIS): State of Play
Directive on security of network and information systems (NIS): State of Play Svetlana Schuster Unit H1 Cybersecurity and Digital Privacy DG Communications Networks, Content and Technology, European Commission
More informationMastering the future of Air Traffic Management A conference on the European ATM Master Plan
Mastering the future of Air Traffic Management A conference on the European ATM Master Plan 16 December 2014, Brussels #ATMMasterPlan @SESAR_JU Conference on the EU ATM Master Plan Brussels, 16 December
More informationCyber Security Technologies
1 / Cyber Security Technologies International Seminar on Cyber Security: An Action to Establish the National Cyber Security Center Lisbon, 12 th September 2013 23 / Key highlights - Thales Group Thales
More information2 nd Cybersecurity Workshop Test and Evaluation to Meet the Advanced Persistent Threat
2 nd Cybersecurity Workshop Test and Evaluation to Meet the Advanced Persistent Threat Faye Francy Aviation ISAC February 2015 Company Organization Corporate Defense, Space & Security Boeing Capital Corporation
More informationCOMMISSION RECOMMENDATION. of on Coordinated Response to Large Scale Cybersecurity Incidents and Crises
EUROPEAN COMMISSION Brussels, 13.9.2017 C(2017) 6100 final COMMISSION RECOMMENDATION of 13.9.2017 on Coordinated Response to Large Scale Cybersecurity Incidents and Crises EN EN COMMISSION RECOMMENDATION
More informationVDL MODE 2 DATALINK RECOVERY PLAN WORKSHOP
VDL MODE 2 DATALINK RECOVERY PLAN WORKSHOP WAC 2017 Tuesday 7th March 2017 ATM Theatre #SESAR 2 Workshop Agenda 1. Welcome Address (Nicolas Warinsko - SDM ) 2. Setting the scene (Gzim Ocakoglu DG MOVE)
More informationNational Cyber Security Operations Center (N-CSOC) Stakeholders' Conference
National Cyber Security Operations Center (N-CSOC) Stakeholders' Conference Benefits to the Stakeholders A Collaborative and Win-Win Strategy Lal Dias Chief Executive Officer Sri Lanka CERT CC Cyber attacks
More informationICAS Workshop 3rd October 2005 Single European Sky Implementation Plan - SESAME
ICAS Workshop 3rd October 2005 Single European Sky Implementation Plan - SESAME Jan Van Doorn EUROCONTROL Experimental Centre, France Director European 1 Organisation for the Safety of Air Navigation Demand
More informationDevelopment of the SPI Regulation
Development of the SPI Regulation EC Workshop on the implementation of SPI Luc TYTGAT Director Pan-European Single Sky 07 March 2014 Introduction The SPI regulation was developed in close collaboration
More informationCybersecurity The Evolving Landscape
Cybersecurity The Evolving Landscape 1 Presenter Zach Shelton, CISA Principal DHG IT Advisory Zach.Shelton@DHG.com Raleigh, NC 14+ years of experience in IT Consulting 11+ years of experience with DHG
More informationCentre for cybersecurity Belgium : Role, Missions et future capacities
Centre for cybersecurity Belgium : Role, Missions et future capacities NLO meeting 30/01/2018 Phédra Clouner Deputy Director CCB 01 CCB mission & services Page 2 Legal Basis R.D. 10/10/2014 Contribute
More informationDesigning and Building a Cybersecurity Program
Designing and Building a Cybersecurity Program Based on the NIST Cybersecurity Framework (CSF) Larry Wilson lwilson@umassp.edu ISACA Breakfast Meeting January, 2016 Designing & Building a Cybersecurity
More informationStrategic and operational threat analysis at Europol's EC3
Strategic and operational threat analysis at Europol's EC3 Dr. Philipp Amann, MSc Senior Strategic Analyst Team Leader Strategy & Development ENISA Workshop on EU Threat Landscape Europol Unclassified
More informationcybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services
Enhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services European Union Agency for Network and Information Security Securing Europe s Information society 2
More informationACARE WG 4 Security Overview
ACARE WG 4 Security Overview ART WS ATM Security and Cybersecurity Kristof Lamont ATM & Cyber Security Expert 23 March 2016 ACARE Advisory Council for Aviation Research and Innovation in Europe http://www.acare4europe.com/
More informationENISA & Cybersecurity. Dr. Udo Helmbrecht Executive Director, European Network & Information Security Agency (ENISA) 25 October 2010
ENISA & Cybersecurity Dr. Udo Helmbrecht Executive Director, European Network & Information Security Agency (ENISA) 25 October 2010 Agenda Some Definitions Some Statistics ENISA & Cybersecurity Conclusions
More informationRansomware A case study of the impact, recovery and remediation events
Ransomware A case study of the impact, recovery and remediation events Palindrome Technologies 100 Village Court Suite 102 Hazlet, NJ 07730 www.palindrometech.com Peter Thermos President & CTO Tel: (732)
More informationDHG presenter. August 17, Addressing the Evolving Cybersecurity Landscape. DHG Birmingham CPE Seminar 1
Addressing the Evolving Cybersecurity Tom Tollerton, CISSP, CISA, PCI QSA Manager Cybersecurity Advisory Services DHG presenter Tom Tollerton, Manager DHG IT Advisory 704.367.7061 tom.tollerton@dhgllp.com
More informationENISA s Position on the NIS Directive
ENISA s Position on the NIS Directive 1 Introduction This note briefly summarises ENISA s position on the NIS Directive. It provides the background to the Directive, explains its significance, provides
More informationFFIEC Cyber Security Assessment Tool. Overview and Key Considerations
FFIEC Cyber Security Assessment Tool Overview and Key Considerations Overview of FFIEC Cybersecurity Assessment Tool Agenda Overview of assessment tool Review inherent risk profile categories Review domain
More informationThe Cyber Threat. Bob Gourley, Partner, Cognitio June 22, How we think. 1
The Cyber Threat Bob Gourley, Partner, Cognitio June 22, 2016 How we think. 1 About This Presentation Based on decades of experience in cyber conflict Including cyber defense, cyber intelligence, cyber
More informationEnhancing the cyber security &
Enhancing the cyber security & resilience of transport infrastructure in Europe European Union Agency for Network and Information Security Securing Europe s Information society 2 Positioning ENISA activities
More informationSecurity Aspects of Trust Services Providers
Security Aspects of Trust Services Providers Please replace background with image European Union Agency for Network and Information Security 24 th September 2013 www.enisa.europa.eu Today s agenda 09:30-10:00
More informationPanelists. Moderator: Dr. John H. Saunders, MITRE Corporation
SCADA/IOT Panel This panel will focus on innovative & emerging solutions and remaining challenges in the cybersecurity of industrial control systems ICS/SCADA. Representatives from government and infrastructure
More informationEISAS Enhanced Roadmap 2012
[Deliverable November 2012] I About ENISA The European Network and Information Security Agency (ENISA) is a centre of network and information security expertise for the EU, its Member States, the private
More informationReport on Service Areas and DLS overall architecture FPA No MOVE/E /SESAR FPA - Programme and Support Actions
Report on Service Areas and DLS overall architecture FPA No MOVE/E2-2014 717/SESAR FPA - Programme and Support Actions Deliverable 12.2 September 29 th, 2017 1 Report on Service Areas and DLS Overall Architecture
More informationCloud and Cyber Security Expo 2019
Cloud and Cyber Security Expo 2019 The Terrain to Actionable Intelligence Azeem Aleem, VP Consulting, NTT Security Actionable Intelligence Actionable intelligence through Cyber Intelligence Embedding intelligence
More informationNetwork and Information Security Directive
Network and Information Security Directive Provisions + ENISA s activities Dr Evangelos Ouzounis Head of Secure Infrastructure and Services Unit, ENISA European Union Agency for Network and Information
More informationSecurity Monitoring Engineer / (NY or NC) Director, Information Security. New York, NY or Winston-Salem, NC. Location:
Position: Reports to: Location: Security Monitoring Engineer / (NY or NC) Director, Information Security New York, NY or Winston-Salem, NC Position Summary: The Clearing House (TCH) Information Security
More informationCybersecurity and Commercial Aviation
Cybersecurity and Commercial Aviation Pascal ANDREI Chief Security Officer Airbus Group Jim Vasatka Director, Aviation Security Boeing Commercial Airplanes Agenda Aviation Cybersecurity External Drivers
More informationData-link Services (DLS) implementation 2017 CEF Transport Calls for proposals
Data-link Services (DLS) implementation 2017 CEF Transport Calls for proposals Brussels, 17 th November 2017 EC Workshop on DLS Agenda Overview SDM activities for Path I and Path II Path I - implementation
More informationBUILDING AND MAINTAINING SOC
BUILDING AND MAINTAINING SOC Digit Oktavianto KOMINFO 7 December 2016 digit dot oktavianto at gmail dot com 1 Digit Oktavianto Profile in 1 Page Currently working as a Security Architect Professional Certifications:
More informationTHE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION
BREACH & ATTACK SIMULATION THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION Cymulate s cyber simulation platform allows you to test your security assumptions, identify possible security gaps and receive
More informationFastResponder: New Open Source weapon to detect and understand a large scale compromise
FastResponder: New Open Source weapon to detect and understand a large scale compromise About us French Company in Cyber Security Cert Sekoia Detection Intrusion experts Digital Forensics and Incidence
More informationstandards and so the text is not to be used for commercial purposes, gain or as a source of profit. Any changes to the slides or incorporation in
ISO/IEC JTC 1/SC 27/WG 4 IT Security Controls and Services M. De Soete, ISO/IEC JTC 1 SC27 Vice Chair copyright ISO/IEC JTC 1/SC 27, 2014. This is an SC27 public document and is distributed as is for the
More informationBradford J. Willke. 19 September 2007
A Critical Information Infrastructure Protection Approach to Multinational Cyber Security Events Bradford J. Willke 19 September 2007 Overview A framework for national Critical Information Infrastructure
More informationEUROCONTROL SWIM Standards Evolution Workshop
EUROCONTROL SWIM Standards Evolution Workshop Introduction & SWIM Context Dennis Hart dennis.hart@eurocontrol.int Head of System Wide Information Management Unit 2 3 4 National Regulatory Authorities ISO
More informationGlobal Response Centre (GRC) & CIRT Lite. Regional Cyber security Forum 2009, Hyderabad, India 23 rd to 25 th September 2009
Global Response Centre (GRC) & CIRT Lite Regional Cyber security Forum 2009, Hyderabad, India 23 rd to 25 th September 2009 IMPACT Service offerings Global Response Centre CIRT Lite Need for GRC Access
More informationRansomware A case study of the impact, recovery and remediation events
Ransomware A case study of the impact, recovery and remediation events Peter Thermos President & CTO Tel: (732) 688-0413 peter.thermos@palindrometech.com Palindrome Technologies 100 Village Court Suite
More informationTHREAT INTEL AND CONTENT CURATION: ORGANIZING THE PATH TO SUCCESSFUL DETECTION
SESSION ID: AIR-W12 THREAT INTEL AND CONTENT CURATION: ORGANIZING THE PATH TO SUCCESSFUL DETECTION Justin Monti CTO MKACyber Mischel Kwon CEO MKACyber @MKACyber What is Cyber Threat Intelligence Data collected,
More informationCybersecurity and Data Protection Developments
Cybersecurity and Data Protection Developments Nathan Taylor March 8, 2017 NY2 786488 MORRISON & FOERSTER LLP 2017 mofo.com Regulatory Themes 2 A Developing Regulatory Environment 2016 2017 March CFPB
More informationto Enhance Your Cyber Security Needs
Our Service to Enhance Your Cyber Security Needs Since the business critical systems by its nature are ON all of the time and the increasingly connected world makes you open your organization to everything
More informationYou ve Been Hacked Now What? Incident Response Tabletop Exercise
You ve Been Hacked Now What? Incident Response Tabletop Exercise Date or subtitle Jeff Olejnik, Director Cybersecurity Services 1 Agenda Incident Response Planning Mock Tabletop Exercise Exercise Tips
More informationCTI Capability Maturity Model Marco Lourenco
1 CTI Capability Maturity Model Cyber Threat Intelligence Course NIS Summer School 2018, Crete October 2018 MARCO LOURENCO - ENISA Cyber Security Analyst Lead European Union Agency for Network and Information
More informationcybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services
Enhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services European Union Agency for Network and Information Security Securing Europe s Information society 2
More information13967/16 MK/mj 1 DG D 2B
Council of the European Union Brussels, 4 November 2016 (OR. en) 13967/16 'I/A' ITEM NOTE From: To: General Secretariat of the Council No. prev. doc.: 11911/3/16 REV 3 No. Cion doc.: 11013/16 Subject:
More informationPENS Symposium SESAR Project Overview
PENS Symposium SESAR 15.2.10 Project Overview Speaker Organisation Date and venue Boleslaw GASZTYCH EUROCONTROL 18 th October 2012, Brussels The European Organisation for the Safety of Air Navigation Agenda
More informationEUROPEAN COMMISSION JOINT RESEARCH CENTRE. Information Note. JRC activities in the field of. Cybersecurity
EUROPEAN COMMISSION JOINT RESEARCH CENTRE Information Note JRC activities in the field of Cybersecurity Date: 28 January, 2016 JRC activities in the field of Cybersecurity 1. Societal and political context
More informationPROTECTION FOR WORKSTATIONS, SERVERS, AND TERMINAL DEVICES ENDPOINT SECURITY NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY
PROTECTION FOR WORKSTATIONS, SERVERS, AND TERMINAL DEVICES ENDPOINT SECURITY NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY OUR MISSION Make the digital world a sustainable and trustworthy environment
More informationIncident Response Services to Help You Prepare for and Quickly Respond to Security Incidents
Services to Help You Prepare for and Quickly Respond to Security Incidents The Challenge The threat landscape is always evolving and adversaries are getting harder to detect; and with that, cyber risk
More informationSUMMIT ON CYBERSECURITY IN CIVIL AVIATION EUROPE, MIDDLE EAST AND AFRICA (EMEA)
DRAFT Hosted by: TENTATIVE PROGRAMME SUMMIT ON CYBERSECURITY IN CIVIL AVIATION EUROPE, MIDDLE EAST AND AFRICA (EMEA) Bucharest, Romania 7 to 9 May 2018 as of 19 March 2018 OPENING SESSION Welcome remarks
More informationService Provider View of Cyber Security. July 2017
Service Provider View of Cyber Security July 2017 Quick Stats Caribbean and LatAm: 3 rd largest population of Internet Users You Are Here Visualization from the Opte Project of the various routes through
More informationSecuring Europe's Information Society
Securing Europe's Information Society Dr. Udo Helmbrecht Executive Director European Network and Information Security Agency 16 June 2010 FIRST AGM Miami 16/6/2010 1 Agenda ENISA overview Challenges EU
More informationAviation Security Committee
Aviation Security Committee The Aviation Security Committee is responsible for the development and implementation of ACI EUROPE security policy position on issues such as landside security, insider threats,
More informationAerospace Technology Congress 2016 Stockholm, Sweden
SESAR Aerospace Technology Congress 2016 Stockholm, Sweden Michael Standar, SESAR Joint Undertaking 2 ICAO projected global traffic scenario - 2040 The European ATM Master Plan SESAR - addressing global
More informationMCGILL UNIVERSITY/PEOPIL CONFERENCE DUBLIN OCTOBER 2018
Cyber Security: Airport risk and liability Jean-Michel Fobe Adrian Cioranu MCGILL UNIVERSITY/PEOPIL Conference on International Aviation & Liability DUBLIN 19-20 Airport cybersecurity concerns Airport
More informationINCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Virus Outbreak
Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security
More informationGlobal Resilience Federation Trust. Collaboration. Community. Cindy Donaldson President, Global Resilience Federation October 2017
Global Resilience Federation Trust. Collaboration. Community. Cindy Donaldson President, Global Resilience Federation October 2017 Global Resilience Federation is a non-profit organization committed to
More informationEstablishing a Framework for Effective Testing and Validation of Critical Infrastructure Cyber-Security
Establishing a Framework for Effective Testing and Validation of Critical Infrastructure Cyber-Security Michael John SmartSec 2016, Amsterdam www.encs.eu European Network for Cyber Security The European
More informationHybrid Cyber Warfare, dual risks?
Hybrid Cyber Warfare, dual risks? Cologne - 26/04/2017 ing. Giuseppe G. Zorzino ERMCP, CISA, CISM, CGEIT, CRISC, LA ISO27001 Bio Giuseppe Giovanni Zorzino Teacher and consultant of information security,
More informationINCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Unauthorized Access
Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security
More informationDHS Cybersecurity. Election Infrastructure as Critical Infrastructure. June 2017
DHS Cybersecurity Election Infrastructure as Critical Infrastructure June 2017 Department of Homeland Security Safeguard the American People, Our Homeland, and Our Values Homeland Security Missions 1.
More informationCybersecurity Package
Cybersecurity Package Highlights of key initiatives Domenico Ferrara Policy officer @ DG CONNECT Brussels, 12 December 2017 1 2013-2017: Evolving threat landscape Proliferation of (poorly secured) IoT
More informationSpace for safe skies. ESA Iris Program. Satellite Communications for Air Traffic Management (ATM)
Space for safe skies ESA Iris Program Satellite Communications for Air Traffic Management (ATM) 23rd Ka-Band Broadband and 35th AIAA ICSSC Conference 18/10/2017 Slide 1 Satellite Communications for the
More informationCybersecurity Risk Mitigation: Protect Your Member Data. Introduction
Cybersecurity Risk Mitigation: Protect Your Member Data Presented by Matt Mitchell, CISSP Knowledge Consulting Group Introduction Matt Mitchell- Director Risk Assurance 17 years information security experience
More informationISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002
ISO 27002 COMPLIANCE GUIDE How Rapid7 Can Help You Achieve Compliance with ISO 27002 A CONTENTS Introduction 2 Detailed Controls Mapping 3 About Rapid7 8 rapid7.com ISO 27002 Compliance Guide 1 INTRODUCTION
More informationNew cybersecurity landscape in the EU Sławek Górniak 9. CA-Day, Berlin, 28th November 2017
in the EU Sławek Górniak 9. CA-Day, Berlin, 28th November 2017 European Union Agency for Network and Information Security Positioning ENISA activities CAPACITY Hands on activities POLICY Support MS & COM
More informationRBI GUIDELINES ON CYBER SECURITY AND RAKSHA APPROACH
RBI GUIDELINES ON CYBER SECURITY AND RAKSHA APPROACH RBI GUIDELINES ON CYBER SECURITY AND RAKSHA APPROACH CONTEXT RBI has provided guidelines on Cyber Security Framework circular DBS. CO/CSITE/BC.11/33.01.001/2015-16
More informationCredit Card Data Compromise: Incident Response Plan
Credit Card Data Compromise: Incident Response Plan Purpose It is the objective of the university to maintain secure financial transactions. In order to comply with state law and contractual obligations,
More informationEuropean Union Agency for Network and Information Security
Critical Information Infrastructure Protection in the EU Evangelos Ouzounis Head of Secure Infrastructure and Services Regional Cybersecurity Forum Sofia, Bulgaria 29 th November 2016 European Union Agency
More informationCurrent procedures, challenges and opportunities for collection and analysis of Criminal Justice statistics CERT-GH
Current procedures, challenges and opportunities for collection and analysis of Criminal Justice statistics CERT-GH International Workshop on Criminal Justice Statistics on Cybercrime and Electronic Evidence
More informationThe NIS Directive and Cybersecurity in
The NIS Directive and Cybersecurity in ehealth Dr. Athanasios Drougkas Officer in NIS Belgian Hospitals Meeting on Security Brussels 13 th October European Union Agency For Network And Information Security
More informationINCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Elevation of Privilege
Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security
More informationCyber Defence Situational Awareness
Cyber Defence Situational Awareness HQ SACT, ACT Office of Security NC3A, CAT-2 1 Objectives of the Workshop Communicate and clarify the context of Cyber Defence within NATO Present ACT s Cyber Defence
More informationINCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Malware Outbreak
Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security
More information10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS
10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS WHITE PAPER INTRODUCTION BANKS ARE A COMMON TARGET FOR CYBER CRIMINALS AND OVER THE LAST YEAR, FIREEYE HAS BEEN HELPING CUSTOMERS RESPOND
More informationDesigning Robustness and Resilience in Digital Investigation Laboratories
DIGITAL FORENSIC RESEARCH CONFERENCE Designing Robustness and Resilience in Digital Investigation Laboratories By Philipp Amann and Joshua James Presented At The Digital Forensic Research Conference DFRWS
More informationStakeholders Analysis
Stakeholders Analysis Introduction National Stakeholders ISP citizens CNIIP Media National CIRT Academia ONG, Public And Private Institutions sectoral CSIRTs Law enforcement 2 2 CIRT ISP A specialized
More informationSWIM System Wide Information Management
Directorate Air Traffic Management Civil-Military Coordination Division EUROCONTROL CMAC CNS Technical Leaflet #10 Edition 28 April 2017 SWIM System Wide Information Management Civil-Military Reflections
More informationTowards collaborative governance of the Digital Backbone for the SES White Paper
Towards collaborative governance of the Digital Backbone for the SES White Paper Executive Summary This paper explores the establishment of an alliance, called SES Shared Services Alliance (3SA), and formed
More informationFinal Project Report. Abstract. Document information
Final Project Report Document information Project Title Improved 1090 MHz ADS-B Ground station capacity and security Project Number 15.04.06 Project Manager Thales Deliverable Name Final Project Report
More informationSOLUTIONS BRIEF GOGO AIRBORNE SECURITY SUMMARY 2017 Q3 RELEASE
SOLUTIONS BRIEF GOGO AIRBORNE SECURITY SUMMARY 2017 Q3 RELEASE SECURE AIRBORNE CONNECTIVITY: OVERVIEW Gogo Business Aviation realizes the ever-pressing need to be vigilant in staying ahead of potential
More information