5-6 SILICON VALLEY World Cyberspace Cooperation Summit IV NOVEMBER. World Cyberspace Cooperation EXECUTIVE!SUMMARY!
|
|
- Maud Phelps
- 5 years ago
- Views:
Transcription
1
2 READ MORE 5-6 ORGANIZED BY: PARTNERS: NOVEMBER World Cyberspace Cooperation Summit IV Learn more about EWI s cybersecurity work and read all our reports at Measuring the Cybersecurity Problem Building Trust in Cyberspace Cyber Detente Between the United States and China Priority International Communications The Internet Health Model for Cybersecurity Mobilizing for International Action Fighting Spam to Build Trust Critical Terminology Foundations Working Towards Rules for Governing Cyber Conflict Protecting the Digital Economy EXECUTIVESUMMARY SILICON VALLEY 2013 World Cyberspace Cooperation Summit IV cybersummit.info #cybersummit2013
3 EXECUTIVESUMMARY ByKARLFREDERICKRAUSCHER&ZHOUYONGLIN[ ] T he hacking issueisaserious'challengeforthefuturefriendshipandtheprosperityofchinaandtheunited States.Unlikesuperpowersbefore,history stwolargesteconomiesareintimatelyintertwinedandmutually reliantincyberspace.informationandcommunicationstechnologyict)ispervasivelyappliedtomedical care and social life, industry and trade, research and education, and law enforcement and national security, to nameafew.thetechnologiesthatchinaandtheunitedstatesarenowsoreliantuponarerapidlyadvancingin boththepowertheywieldandthecomplexitytheybring,thusmakingusmoreandmorevulnerable.chinaand theunitedstatesaremutuallyreliantuponictproductsthataremadebyeachother.whiletheu.s.hasaunique graspofthetechnologysupplychainwithitsresearchanddevelopmentleadershipincoresoftwareandhardware platforms,chinaiscatchingup.theyaresocloseintheirintegratedrelianceoneachother,thateachcaneasily doharmtotheother 'devastatingharm.unfortunately,inthepastyears,chinaandtheu.s.haveseenthetrust in their relationship suffer. The current situation is thus one of growing instability for China and the U.S. with regardtocybersecurity. Arisingfromavarietyofmotivations,includingcrime,politicsandcuriosity,agrowingnumberofharmfulactivities areconductedinthecyberspacewearesomuchrelyingupon.suchharmfulhackingthreatensthesafetyand prosperityoftheworld.fromapurenumbersperspective,thenetworksofchinaandtheu.s.havemanyinternet Protocol IP) addresses, and thus have many potential sources of malicious activity, as well as many potential targets. Among all written and spoken words on the subject, the suspicions and blames have taken on the strongestvoicefortherelationshipofchinaandtheu.s.yetweknowthatsuchanapproachcanneversolvesuch difficult problems. On the contrary, such accusations and arguments have fueled escalations so that the relationshipisnowstrained,makingevenroutinedialogueapprehensive,ratherthancomfortableandconfident. PresidentsObamaandXihaveplacedcybersecurityontheirbilateralagenda,andfrontandcenterisdamaging hacking. 1 Theproblemsincludetheexfiltrationofcommerciallysensitivedata,accessintooperationsofcritical infrastructure and national security assets, the militarization of cyberspace, unequal scrutiny of behaviors in cyberspaceandthedependenceontheother ssystemsinitscriticalinfrastructures.thejointproblemstatement wasagreedas: 2 ForChinaandtheUnitedStates,thefollowingareunacceptable:i)theperceivedcorebeliefsofeachother for what is permissible behavior in cyberspace, ii) the proliferation of compromises being made to each other sassetsincyberspace,andiii)theunsettleddispositionsofidentifiedincidentsofcompromisesthat haveaffectedeachother sassets. PRACTICALMEASURESTOSTEMHARMFULHACKING 1 1 Remarks'by'President'Obama'and'President'Xi'Jinping'of'the'People's'Republic'of'China'After'Bilateral'Meeting,SunnylandsRetreat,Rancho Mirage,California,8June Section2.2,Problem'Description.
4 PRACTICALMEASURESTOSTEMHARMFULHACKING 2 Whatiscommonisthatneithersideiscomfortablewiththepoliciesandpracticesoftheother.Bothsidesalso recognizethatharmfulhackingisnotachinaeu.s.issue,asitisanissuenowfortheworld. This report was prepared to help these two countries get out of this predicament. This report was prepared throughtheagilityofatrack2bilateralapproach,withtheinsightsofover150volunteersubjectmatterexperts with profound experience and knowledge of policy, technology, business and law, as relevant to cybersecurity. FacilitatedbytheInternetSocietyofChinaISC)andtheEastWestInstituteEWI)thisresearchreportanswerstwo questions: 1. How'do'we'build'trust'between'China'and'the'U.S.'in'cyberspace?' 2. What'practical'countermeasures'can'we'take'to'improve'the'safety'of'cyberspace?'' ThisreportsubmitstenimmediatelyactionableRecommendations,whichifimplemented,willestablishpractical conversationsandrelationshipsthatcanslowtherateofdestabilizationaroundthissubject,and,withcontinued applicationthenreversethetrend sdirectiontoonethatisfavorablesection4). Together,thefirstfourrecommendationssupportaTotalTrustManagementTTM)systemthatassuresareliable assessmentfigure1).withthissysteminplace,genuinetrustcanthriveandeachpartycanhaveconfidencein theirassessment.thissystemwillalsodetectwheneitherpartyisdemonstratingbehaviorthatisnottrustworthy, and likewise enable a party to have confidence in its judgment that there is insufficient evidence that their interestsarebeingprotected. The TTM system is equally applicable for a wide range of topics, including international cooperation in fighting crime, international cooperation in tracking down malicious hackers, protection of humanitarian interests, protection of commercial intellectual property and norms of behavior in cyberspace. The first set of recommendationscanbesummarizedas: RecommendationNo.1Stated&Policy Thefirststeptobuildingtrustissettingexpectations.Thisfirstrecommendationcallsongovernments, businessesandotherorganizationstostateclearlytheirinterestsandpracticesincyberspace. RecommendationNo.2Policy&Deployment Oncepolicyisstated,thesecondstepinbuildingtrustcanbegin:movingfromwordstoactions.This recommendationcallsongovernments,businessesandotherorganizationstodeploythepoliciesthey espouse.
5 Can we trust what is done? Can we trust what is said? I. Stated Policy II. Policy Deployment III. Performance Evaluation Can we trust what is seen? IV. Corrective Action Can we trust the response? KARL%FREDERICK%RAUSCHER%%2013% Figure1.TotalTrust ManagementModel, withtrustquestions. RecommendationNo.3Performance&Measurement Once policy is stated and deployed, then the third step in building trust can begin: engaging stakeholderswhoperceiveanapparentfailureinpolicyoritsdeployment.thisrecommendationcalls forcooperationinanalyzingincidentsoffailedpolicyoritsdeployment. RecommendationNo.4Corrective&Action The response to failures in stated policy or its deployment are a key indicator of an organziation s trustworthiness,whetheritbeagovenementagency,abusiness,orotherwise.correctiveactionsare tangiblewaysthatshowseriouscommitmenttostatedpolicy. 3 Each party is evaluated based on adherence to its stated policy and plan of action. 4 If implemented, these recommendationswillcleartheair.stakeholderswillhaveconfidenceineachotherbasedontheirobservations from a pattern of what is said, done and seen. This cycle of meaningful dialogue and engagement will in turn producetangibleprogressatvariouslevelsinconfidencebuildingandriskreduction,withtheaimofproducingan upwardspiralofreinforcingcooperationandtrust. Thesimpletruthisthattheessential asks inthesefirstfourrecommendationsareactuallyquitebasic.yetthe presentdaychinaeu.s.crisisoverhackingisevidenceofhowthesebasicshavebeenneglected.intheunfortunate casewhereeitheroneorbothsidesisunwillingtocommittothesebasics,discussionsonmoreadvancedsubjects canbedelusional;givingafalsesenseofsafetyforwhichthereisnofoundation.thusthettmsystemcanhelp inform both parties and stakeholders of a status of good health, improving health, deteriorating health or bad health.thettmsystemisanalternativetobrinkmanship,i.e.deteriorationofconfidencethatisreinforcedbythe negativecycleofnonecooperationandmisinformation. An element of the analysis was the Landscape of Interests in Cyberspace framework, which enabled focused analysis of three primary interests, and their interactions Figure 2, Section 2.4.1, Landscape' of' Interests). By examining the interests, we categorize the information systems into 7 groups. Different groups have different involvementwithcybersecurity.onemajorconclusionfromthisanalysisisagreementthathumanitarianassetsin cyberspacedeservespecialprotection.asecondmajorconclusionisthatgovernments,businesses,andother entitieswithnationalsecuritymissionsshouldacknowledgethehigherriskcreatedwhenconductinginternational espionage. PRACTICALMEASURESTOSTEMHARMFULHACKING 3 3 i.e.,recommendationno.4,corrective'action,anticipatesregularneedstoadjuststatedpolicyandpolicydeploymentplans. 4 Atitscore,theTTMsystemdescribedaboveisanempiricalmethodofarrivingatthetruth,butonethatallowsforhumanimperfectionsalong theway.
6 Security Humanitarian Universe of Interests Figure3. Landscape ofinterests in Commercial KARL%FREDERICK%RAUSCHER%%2013% Figure2.Landscape ofinterestsincyberspace. 5 PRACTICALMEASURESTOSTEMHARMFULHACKING 4 Cyberspace. 5 AnotherelementoftheanalysiswastheModelofHarmfulHackingandDefenseseeFigure3,page5),which suggeststhekindsofcountermeasuresthatcanaddressattacksandimprovesecurity. Basedontheaboveanalysis,anothersixrecommendationsweredevelopedtoprovideadditionalguidancethat complimentsthefirstsetofrecommendationsbyemphasizingspecificcriticalareasrequiringspecialattention: RecommendationNo.5 Separate&Critical&Humanitarian&Assets Thisrecommendationcallsforqualifiedhumanitarianentitiestoarticulatetheirinterestsandtoseek separationoftheirassetsincyberspace. RecommendationNo.6 De:Clutter&Espionage&Expectations Thisrecommendationacknowledgestheexpectationthatnationalsecurityeorientedassets,becauseof their potential for hostility, are elevated as targets for espionage by foreign interests. This factor suggests a differentiation between incidents experienced by national security interests and other entities. RecommendationNo.7 Summon&a&Roundtable&of&Subject&Matter&Experts Thisrecommendationcallsonworldeclasssubjectmatterexpertsfrombothcountriestocreateanew modeofcollaboration,andasaresourceforobjectiveanalysisandassessment. RecommendationNo.8 Continuous&Approach&Status&Indicator Thisrecommendationcallsforaprovisionalcapabilitytomonitor,assessandreportonthestatusof eachofthesecrucialcomponents.itwillprovideareliable,independentassessmentofthehealthof thedialogueandcooperation. RecommendationNo.9 Prepare&Sufficiently,&React&Quickly&and&Summarize&Seriously. This recommendation calls for transformation of the harmful hacking responses from one that is primarilyreactivetoonethatisproeactive,andincludessettinggoalsthatdefinesufficientpreparation andresponse. 5 Rauscher,KarlFrederick,Written'Statement'for'the'United'States'Congress'House'Committee'on'Foreign'Affairs,'Hearing'on' Asia:'The'Cyber' Security'Battleground,23July2013.
7 Defense Phase Preparation Responding Follow-up Make policy to Continuously remove First, recover normal encourage good and resources that can be business operations; punish bad actions; used by hackers; Investigate and punish Deploy resources to Monitor attacks and the bad actors; Task build defense capability; abnormal behaviors; Learn from each Remove the possibility Send warnings and alerts incident to improve for abuse of internal and stop the attacks preparation and resources and functions quickly. response. Hacking Task Make the [im]moral choice to hack; Prepare the attack techniques; Evaluate benefits and risks. Carry out the attacks to take down the target, steal data, commit fraud, etc. Use multiple network and server hops; Erase hacking tracks. Phase Preparation Implementation Escape Figure3.ModelofHarmfulHackingandDefense. RecommendationNo.10Launch&Parallel&Bilateral&Collaboration&on&Government&and&Industry&Levels& This recommendation calls for industry level collaboration to supplement the new cooperation undertakenatthegovernmentallevel.industrytechnicalexpertiseandbusinessinsightsarerequired tocombattheharmfulhackingthatisoutofcontrol. ThisreportalsopresentsvoluntaryBestPractices,whichprovidecomplimentarysupporttotheRecommendations Section 5). The Best Practices development was informed by the Eight Ingredient Framework and intrinsic vulnerabilityanalysissection2.5.2)andthelifecycleofahacksection2.5.3).bestpracticeexamplesincludethe following: Thisbilateralreportcanbesummarizedstatisticallyasfollows: 1 Commonpurposetoreversethehackingthatisharmingourcountries 2 Thenumberinaseriesofbilateralreports 6 10 Recommendations >50 KeyObservationsfromanalyses >50 VoluntaryBestPractices PRACTICALMEASURESTOSTEMHARMFULHACKING 5 >150 Contributingsubjectmatterexpertsandstakeholders >2,000 Yearsofcombinedexperienceofcontributingexpertsandstakeholders >100,000 Analysispointswithdeterminationsmade 6 Rauscher,KarlFrederick,Zhou,Yonglin,ChinaRU.S.'Bilateral'on'Cybersecurity:''Fighting'Spam'to'Build'Trust,EastWestInstituteandInternet SocietyofChina:2011.
8 6 PRACTICALMEASURESTOSTEMHARMFULHACKING Thisreportisnotatypicalpolicypaper,norareitsideas inthesky.rather,itisadocumentthatincludesthe practical, downtoearth guidanceessentialforsolvingtheharmfulhackingproblem.thecharacterofthisreport maybemorelikenedtothatofamusicalscoreforasymphonyorchestra,wheredistinctcontributionsarecalled forfromadiverserangeoftalents;ifeachperformsinharmonywiththeother,theresultsareawesome.those whocareaboutthecyberrelationship,andthosewhocareaboutthesecurityandprosperityofthecyberspace, areencouragedtoreadandreferencethisreport. NotefromtheAuthors We'are'deeply'appreciative'of'the'many'subject'matter'experts'who'have' contributed'to'this'report.'please'see'their'names'in'the'full'report,'to'be' published'at'
9 World Cyberspace Cooperation Summit IV SILICON VALLEY 2013 cybersummit.info #cybersummit2013 This report indicates that China and the U.S. can make joint efforts for a safe and secure cyber space. I support concrete actions like this." CAI Mingzhao While the U.S and China may approach cyberspace from different political and cultural vantage points, both nations have a fundamental stake in an Internet that is secure and trustworthy. This report frames a way forward that builds trust in a deliberate and verifiable manner. ORGANIZED BY: PRACTICALMEASURESTOSTEMHARMFULHACKING 7 Michael Chertoff PARTNERS:
Legal Foundation and Enforcement: Promoting Cybersecurity
Legal Foundation and Enforcement: Promoting Cybersecurity Regional Workshop on Frameworks for Cybersecurity and Critical Information Infrastructure Protection February 19, 2008 Mark L. Krotoski Computer
More informationCommonwealth Cyber Declaration
Commonwealth Cyber Declaration Recognising that the development of cyberspace has made a powerful contribution to the economic, social, cultural and political life of the Commonwealth; Underlining that
More informationMs. Izumi Nakamitsu High Representative for Disarmament Affairs United Nations
Opening Remarks by Ms. Izumi Nakamitsu, High Representative for Disarmament Affairs, at the High-Level Event on Cyber Security, hosted by the Prime Minister of Bangladesh Ms. Izumi Nakamitsu High Representative
More informationG7 Bar Associations and Councils
COUNTRY PAPER UNITED STATES G7 Bar Associations and Councils SEPTEMBER 14, 2017 ROME, ITALY The American Bar Association P R E F A C E As we have witnessed, cyber terrorism is an extremely serious threat
More informationThe challenges of the NIS directive from the viewpoint of the Vienna Hospital Association
The challenges of the NIS directive from the viewpoint of the Vienna Hospital Association page 1 Cybersecurity Strategy Essential Points The norms, principles and values that the City of Vienna and the
More informationDHS Cybersecurity. Election Infrastructure as Critical Infrastructure. June 2017
DHS Cybersecurity Election Infrastructure as Critical Infrastructure June 2017 Department of Homeland Security Safeguard the American People, Our Homeland, and Our Values Homeland Security Missions 1.
More informationCyber Security Roadmap
Cyber Security Roadmap The Hague, 25 May 2011 Security: Developing a Secure Cyberspace Protecting the 5 th Domain As with land, sea, air and space, a safe Cyberspace is crucial for our societies. Different
More informationAngela McKay Director, Government Security Policy and Strategy Microsoft
Angela McKay Director, Government Security Policy and Strategy Microsoft Demographic Trends: Internet Users in 2005.ru.ca.is.uk.nl.be.no.de.pl.ua.us.fr.es.ch.it.eg.il.sa.jo.tr.qa.ae.kz.cn.tw.kr.jp.mx.co.br.pk.th.ph.ng.in.sg.my.ar.id.au
More informationStrengthening the Cybersecurity of Federal Networks and Critical Infrastructure
Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure Executive Order 13800 Update July 2017 In Brief On May 11, 2017, President Trump issued Executive Order 13800, Strengthening
More informationCybersecurity for Health Care Providers
Cybersecurity for Health Care Providers Montgomery County Medical Society Provider Meeting February 28, 2017 T h e MARYLAND HEALTH CARE COMMISSION Overview Cybersecurity defined Cyber-Threats Today Impact
More informationAre you safe? Your business growth strategies are at the heart of the cyber risks your organization faces
Are you safe? Your business growth strategies are at the heart of the cyber risks your organization faces 36 Deloitte A Middle East Point of View Summer 2015 Cyber Security Most reports on cyber security
More informationENISA & Cybersecurity. Dr. Udo Helmbrecht Executive Director, European Network & Information Security Agency (ENISA) 25 October 2010
ENISA & Cybersecurity Dr. Udo Helmbrecht Executive Director, European Network & Information Security Agency (ENISA) 25 October 2010 Agenda Some Definitions Some Statistics ENISA & Cybersecurity Conclusions
More informationGlobal cybersecurity and international standards
World Class Standards Global cybersecurity and international standards Professor Solange Ghernaouti-Hélie sgh@unil.ch Faculty of Business and Economics, University of Lausanne Member of the Hight Level
More informationEU policy on Network and Information Security & Critical Information Infrastructures Protection
EU policy on Network and Information Security & Critical Information Infrastructures Protection Köln, 10 March 2011 Valérie ANDRIANAVALY European Commission Directorate General Information Society and
More informationAbout Issues in Building the National Strategy for Cybersecurity in Vietnam
Vietnam Computer Emergency Response Team - VNCERT About Issues in Building the National Strategy for Cybersecurity in Vietnam Vu Quoc Khanh Director General Outline Internet abundance Security situation
More informationUNITED STATES OF AMERICA COMMENTS ON THE REPORT OF THE WGIG
Document WSIS-II/PC-3/CONTR/035-E 17 August 2005 Original: English UNITED STATES OF AMERICA COMMENTS ON THE REPORT OF THE WGIG Y:\APP\PDF_SERVER\ALL-USER\IN\COORDUNIT\WGIG-COVER.DOC 17.08.05 17.08.05 www.itu.int/wsis
More informationSecurity and resilience in Information Society: the European approach
Security and resilience in Information Society: the European approach Andrea Servida Deputy Head of Unit European Commission DG INFSO-A3 Andrea.servida@ec.europa.eu What s s ahead: mobile ubiquitous environments
More informationIndonesia Cyber Security Market
Indonesia Cyber Security Market EXECUTIVE SUMMARY: Indonesia offers abundant demand for cyber security exports. Defense spending is modest, totaling $8 billion, but is expected to increase. Increase in
More informationOUTCOME DOCUMENT OF THE INTERNATIONAL CONFERENCE ON CYBERLAW, CYBERCRIME & CYBERSECURITY
OUTCOME DOCUMENT OF THE INTERNATIONAL CONFERENCE ON CYBERLAW, CYBERCRIME & CYBERSECURITY ADOPTED BY THE PARTICIPANTS OF THE INTERNATIONAL CONFERENCE ON CYBERLAW, CYBERCRIME & CYBERSECURITY AT NEW DELHI
More informationBoston Chapter AGA 2018 Regional Professional Development Conference Cyber Security MAY 2018
Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security BRANDEIS UNIVERSITY PROFESSOR ERICH SCHUMANN MAY 2018 1 Chinese military strategist Sun Tzu: Benchmark If you know your
More informationCybersecurity & Digital Privacy in the Energy sector
ENERGY INFO DAYS Brussels, 25 October 2017 Cybersecurity & Digital Privacy in the Energy sector CNECT.H1 Cybersecurity & Digital Privacy, DG CNECT ENER.B3 - Retail markets; coal & oil, DG ENER European
More informationGovernance Ideas Exchange
www.pwc.com.au Anatomy of a Hack Governance Ideas Exchange Robert Di Pietro October 2018 Cyber Security Anatomy of a Hack Cyber Security Introduction Who are the bad guys? Profiling the victim Insights
More informationCyber Security Strategy
Cyber Security Strategy Committee for Home Affairs Introduction Cyber security describes the technology, processes and safeguards that are used to protect our networks, computers, programs and data from
More informationCritical Information Infrastructure Protection Law
Critical Information Infrastructure Protection Law CCD COE Training 8 September 2009 Tallinn, Estonia Maeve Dion Center for Infrastructure Protection George Mason University School of Law Arlington, Virginia.
More informationPromoting Global Cybersecurity
Promoting Global Cybersecurity Presented to ITU-T Study Group 17 Geneva, Switzerland 6 October 2005 Robert Shaw ITU Internet Strategy and Policy Advisor ITU Strategy and Policy Unit 1 Agenda Critical Infrastructures
More informationResolution adopted by the General Assembly on 21 December [on the report of the Second Committee (A/64/422/Add.3)]
United Nations A/RES/64/211 General Assembly Distr.: General 17 March 2010 Sixty-fourth session Agenda item 55 (c) Resolution adopted by the General Assembly on 21 December 2009 [on the report of the Second
More informationCritical Infrastructure Protection (CIP) as example of a multi-stakeholder approach.
Critical Infrastructure Protection (CIP) as example of a multi-stakeholder approach. By Christopher Ganizani Banda ICT Development Manager Malawi Communications Regulatory Authority 24-26th July,2016 Khartoum,
More informationNetherlands Cyber Security Strategy. Michel van Leeuwen Head of Cyber Security Policy Ministry of Security and Justice
Netherlands Cyber Security Strategy Michel van Leeuwen Head of Cyber Security Policy Ministry of Security and Justice 1 Netherlands: small country, big time vulnerable #1 80% online banking 95% youth uses
More informationSecure Development Lifecycle
Secure Development Lifecycle Strengthening Cisco Products The Cisco Secure Development Lifecycle (SDL) is a repeatable and measurable process designed to increase Cisco product resiliency and trustworthiness.
More informationCybersecurity & Spam after WSIS: How MAAWG can help
Cybersecurity & Spam after WSIS: How MAAWG can help MAAWG Brussels Meeting 27-29 June 2006 Robert Shaw Deputy Head ITU Strategy and Policy Unit International Telecommunication Union 28 June 2006 1 Setting
More informationCIRT: Requirements and implementation
CIRT: Requirements and implementation By : Muataz Elsadig Sudan CERT Joint ITU-ATU Workshop on Cyber-security Strategy in African Countries Khartoum, Republic of Sudan, 24 26 July 2016 There is no globally
More information3.4 The EU as a partner in cyber diplomacy and defence
3.4 The EU as a partner in cyber diplomacy and defence by Thomas Renard and Andre Barrinha The European institutions became involved in cyber-related issues in the 1990s. However, cyberspace only came
More informationCyber Intelligence Professional Certificate Program Booz Allen Hamilton 2-Day Seminar Agenda September 2016
Cyber Intelligence Professional Certificate Program Booz Allen Hamilton 2-Day Seminar Agenda 21-22 September 2016 DAY 1: Cyber Intelligence Strategic and Operational Overview 8:30 AM - Coffee Reception
More informationThe Republic of Korea. economic and social benefits. However, on account of its open, anonymous and borderless
The Republic of Korea Executive Summary Today, cyberspace is a new horizon with endless possibilities, offering unprecedented economic and social benefits. However, on account of its open, anonymous and
More informationCOUNCIL OF THE EUROPEAN UNION. Brussels, 24 May /13. Interinstitutional File: 2013/0027 (COD)
COUNCIL OF THE EUROPEAN UNION Brussels, 24 May 2013 Interinstitutional File: 2013/0027 (COD) 9745/13 TELECOM 125 DATAPROTECT 64 CYBER 10 MI 419 CODEC 1130 NOTE from: Presidency to: Delegations No. Cion
More informationBrussels, 19 May 2011 COUNCIL THE EUROPEAN UNION 10299/11 TELECOM 71 DATAPROTECT 55 JAI 332 PROCIV 66. NOTE From : COREPER
COUNCIL OF THE EUROPEAN UNION Brussels, 19 May 2011 10299/11 TELECOM 71 DATAPROTECT 55 JAI 332 PROCIV 66 NOTE From : COREPER To: COUNCIL No Cion. prop.: 8548/11 TELECOM 40 DATAPROTECT 27 JAI 213 PROCIV38
More informationProgram 1. THE USE OF CYBER ACTIVE DEFENSE BY THE PRIVATE SECTOR
Program The structure of the workshop will be fully participatory for each session. We will ask several participants to take the lead in some panels, and to present the main challenges or comment on certain
More informationCOMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN
COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN 24-27 July 2016 1 CONTENT INTRODUCTION POLICY OBJECTIVES POLICY AND LEGISLATIVE PRINCIPLES CYBER SECURITY STRATEGY CHALLENGES AND OPPORTUNITIES CAPACITY BUILDING
More informationBREAKING BARRIERS TO COLLABORATE WITH THE C-SUITE
BREAKING BARRIERS TO COLLABORATE WITH THE C-SUITE 31st Annual SoCal ISSA Security Symposium Wendy T. Wu Vice President Agenda + CISO: Then and Now + Who are the Stakeholders and What Do They Care About?
More informationRESOLUTION 45 (Rev. Hyderabad, 2010)
212 RESOLUTION 45 (Rev. Hyderabad, 2010) The World Telecommunication Development Conference (Hyderabad, 2010), recalling a) Resolution 45 (Doha, 2006) of the World Telecommunication Development Conference
More informationCybersecurity, Trade, and Economic Development
Cybersecurity, Trade, and Economic Development G7 ICT Priorities: Technology, Innovation, and the Global Economy UNCTAD E-Commerce Week Danielle Kriz Senior Director, Global Policy Palo Alto Networks April
More informationRESOLUTION 130 (Rev. Antalya, 2006)
Res. 130 430 RESOLUTION 130 (Rev. Antalya, 2006) Strengthening the role of ITU in building confidence and security in the use of information and communication technologies The Plenipotentiary Conference
More informationHow do you decide what s best for you?
How do you decide what s best for you? Experience Transparency Leadership Commitment Cost reduction Security Trustworthiness Credibility Confidence Reliability Compliance Privacy Expertise Flexibility
More informationAdvanced IT Risk, Security management and Cybercrime Prevention
Advanced IT Risk, Security management and Cybercrime Prevention Course Goal and Objectives Information technology has created a new category of criminality, as cybercrime offers hackers and other tech-savvy
More informationThe UK s National Cyber Security Strategy
The UK s National Cyber Security Strategy 2016 2021 Vision for 2021: The UK is secure and resilient to cyber threats, prosperous and confident in the digital world 1 National Cyber Security Strategy 2016
More informationCyber Security in Europe
Cyber Security in Europe ENISA supporting the National Cyber Security Strategies An evaluation framework Liveri Dimitra Security and Resilience of Communication Networks Officer www.enisa.europa.eu Securing
More informationThe Cyber Threat. Bob Gourley, Partner, Cognitio June 22, How we think. 1
The Cyber Threat Bob Gourley, Partner, Cognitio June 22, 2016 How we think. 1 About This Presentation Based on decades of experience in cyber conflict Including cyber defense, cyber intelligence, cyber
More informationProtecting Critical Energy Infrastructure International Multistakeholder Conference, Training & Exhibition
VIENNA CYBER SECURITY WEEK 2018 Protecting Critical Energy Infrastructure International Multistakeholder Conference, Training & Exhibition SECURITY & DIPLOMACY 29-30 January 15A Favoritenstraße, 1040 Taubstummengasse
More informationJapan s Cyber Diplomacy
Japan s Cyber Diplomacy As the importance of cyberspace is increasing, cyber threats are rapidly growing. The Ministry of Foreign Affairs (MOFA) needs to lead international discussions on how to ensure
More information716 West Ave Austin, TX USA
Fundamentals of Computer and Internet Fraud GLOBAL Headquarters the gregor building 716 West Ave Austin, TX 78701-2727 USA TABLE OF CONTENTS I. INTRODUCTION What Is Computer Crime?... 2 Computer Fraud
More informationCaribbean Cyber Security: Not Only Government s Responsibility
Caribbean Cyber Security: Not Only Government s Responsibility AWARENESS AND VIGILANCE IS EVERYBODY S RESPONSIBILITY Preseted at: ICT Symposium Antigua and Barbuda March 2017 Caribbean Cyber Security Events
More informationDefending Our Digital Density.
New Jersey Cybersecurity & Communications Integration Cell Defending Our Digital Density. @NJCybersecurity www.cyber.nj.gov NJCCIC@cyber.nj.gov The New Jersey Cybersecurity & Communications Integration
More informationWorld Telecommunication Development Conference (WTDC- 14) Dubai, 30 March 10 April 2014
World Telecommunication Development Conference (WTDC- 14) Dubai, 30 March 10 April 2014 Document WTDC14/28- E 10 February 2014 Original: French SOURCE: TITLE: ALG/28/1 Objective: 3 Ministry of Post and
More informationhow to manage risks in those rare cases where existing mitigation mechanisms are insufficient or impractical.
Contents Introduction... 2 Purpose of this paper... 2 Critical Infrastructure Security and Resilience... 3 The National Security Environment... 5 A Proactive and Collaborative Approach... 7 Critical Infrastructure
More informationDraft Resolution for Committee Consideration and Recommendation
Draft Resolution for Committee Consideration and Recommendation Committee A: Security and Transparency in a Digital Environment The General Assembly; Draft Resolution Submitted for revision by the delegations
More informationRESOLUTION 130 (REV. BUSAN, 2014)
RESOLUTION 130 (REV. BUSAN, 2014) Strengthening the role of ITU in building confidence and security in the use of information and communication technologies The Plenipotentiary Conference of the International
More informationCyber Security Summit 2014 USCENTCOM Cybersecurity Cooperation
Cyber Security Summit 2014 USCENTCOM Cybersecurity Cooperation COL Michael R. Corpening Deputy Chief, Operations Division (CCJ6-O) 1 December 2014 The overall classification of this brief is UNCLASSIFIED
More informationThe public sector s cybersecurity imperative
The public sector s cybersecurity imperative May 2012 Tucker Bailey Aamer Baig The public sector s cybersecurity imperative Down the road, the cyberthreat will be the number one threat to the country.
More informationEMPOWER PEOPLE IMPROVE LIVES INSPIRE SUCCESS
Information Technology Shared Service Team North Dakota Cyber Security Across North Dakota Threats and Opportunities 15 September 2018 EMPOWER PEOPLE IMPROVE LIVES INSPIRE SUCCESS AGENDA SIRN / FirstNet
More informationFEMA Region III Cyber Security Program
FEMA Region III Cyber Security Program Maryland Cyber Security Workshop (January 16, 2019) (Presented again at the October 16, 2018, meeting of the Maryland Cybersecurity Council and published with permission.)
More informationCYBERSECURITY. Protecting Against the Financial, Regulatory and Reputational Impacts of Cyber Attack
CYBERSECURITY Protecting Against the Financial, Regulatory and Reputational Impacts of Cyber Attack An Interview with the Department of Homeland Security s Office of Cybersecurity Since government agencies
More informationDirective on security of network and information systems (NIS): State of Play
Directive on security of network and information systems (NIS): State of Play Svetlana Schuster Unit H1 Cybersecurity and Digital Privacy DG Communications Networks, Content and Technology, European Commission
More informationDepartment of Homeland Security Updates
American Association of State Highway and Transportation Officials Special Committee on Transportation Security and Emergency Management 2016 Critical Infrastructure Committee Joint Annual Meeting Department
More informationGlobal Cybersecurity Agenda
Global Cybersecurity Agenda A Framework for International Cooperation in Cybersecurity ITU Workshop on Frameworks for National Action: Cybersecurity and Critical Information Infrastructure Protection 17
More informationCYBERBIT P r o t e c t i n g a n e w D i m e n s i o n
CYBERBIT P r o t e c t i n g a n e w D i m e n s i o n CYBETBIT in a Nutshell A leader in the development and integration of Cyber Security Solutions A main provider of Cyber Security solutions for the
More informationDHS Cybersecurity: Services for State and Local Officials. February 2017
DHS Cybersecurity: Services for State and Local Officials February 2017 Department of Established in March of 2003 and combined 22 different Federal departments and agencies into a unified, integrated
More informationISRAEL NATIONAL CYBER SECURITY STRATEGY IN BRIEF
SEPTEMBER 2017 ISRAEL NATIONAL CYBER SECURITY STRATEGY IN BRIEF STATE OF ISRAEL PRIME MINISTER S OFFICE NATIONAL CYBER DIRECTORATE Vision and Objective 5 Development of Israel s national cyber security
More informationRESOLUTION 179 (REV. BUSAN, 2014) ITU's role in child online protection
402 Res. 179 RESOLUTION 179 (REV. BUSAN, 2014) ITU's role in child online protection The Plenipotentiary Conference of the International Telecommunication Union (Busan, 2014), recognizing a) Resolution
More informationThe Global Cybercrime Industry
Nir Kshetri The Global Cybercrime Industry Economic, Institutional and Strategic Perspectives 4y Springer 1 The Global Cybercrime Industry and Its Structure: Relevant Actors, Motivations, Threats, and
More informationStatement for the Record
Statement for the Record of Seán P. McGurk Director, Control Systems Security Program National Cyber Security Division National Protection and Programs Directorate Department of Homeland Security Before
More informationRESOLUTION 179 (REV. BUSAN, 2014) ITU's role in child online protection
RESOLUTION 179 (REV. BUSAN, 2014) ITU's role in child online protection The Plenipotentiary Conference of the International Telecommunication Union (Busan, 2014), recognizing a) Resolution 67 (Rev. Dubai,
More informationEnhancing the Cybersecurity of Federal Information and Assets through CSIP
TECH BRIEF How BeyondTrust Helps Government Agencies Address Privileged Access Management to Improve Security Contents Introduction... 2 Achieving CSIP Objectives... 2 Steps to improve protection... 3
More informationBachelor of Information Technology (Network Security)
Course information for Bachelor of Information Technology (Network Security) Course Number HE20524 Location Meadowbank Course Design The Bachelor of Information Technology (Network Security) is a three-year
More informationStephanie Zierten Associate Counsel Federal Reserve Bank of Boston
Stephanie Zierten Associate Counsel Federal Reserve Bank of Boston Cybersecurity Landscape Major Data Breaches (e.g., OPM, IRS) Data Breach Notification Laws Directors Derivative Suits Federal Legislation
More informationCybersecurity and Hospitals: A Board Perspective
Cybersecurity and Hospitals: A Board Perspective Cybersecurity is an important issue for both the public and private sector. At a time when so many of our activities depend on information systems and technology,
More information10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS
10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS WHITE PAPER INTRODUCTION BANKS ARE A COMMON TARGET FOR CYBER CRIMINALS AND OVER THE LAST YEAR, FIREEYE HAS BEEN HELPING CUSTOMERS RESPOND
More informationThailand Initiatives and Challenges in Cyber Terrorism
Thailand Initiatives and Challenges in Cyber Terrorism Agenda Cyber-Terrorism weapons & tactics MICT Cyber Inspector Group IT Laws Development Challenges Cyber-Terrorism weapons & tactics What is Cyber-Terrorism?
More informationForensic analysis with leading technology: the intelligent connection Fraud Investigation & Dispute Services
Forensic Technology & Discovery Services Forensic analysis with leading technology: the intelligent connection Fraud Investigation & Dispute Services Forensic Technology & Discovery Services EY s Forensic
More informationThe Honest Advantage
The Honest Advantage READY TO CHALLENGE THE STATUS QUO GSA Security Policy and PCI Guidelines The GreenStar Alliance 2017 2017 GreenStar Alliance All Rights Reserved Table of Contents Table of Contents
More informationGlobal Alliance Against Child Sexual Abuse Online 2014 Reporting Form
Global Alliance Against Child Sexual Abuse Online 2014 Reporting Form MONTENEGRO Policy Target No. 1 Enhancing efforts to identify victims and ensuring that they receive the necessary assistance, support
More informationSecurity Takes Center Stage
Security Takes Center Stage Rajesh De Partner Chair, Global Cybersecurity & Data Privacy Practice +1 202 263 3366 rde@mayerbrown.com June 7, 2016 Cyber Attacks Are Increasing in Cost and Frequency Breaches
More informationProfessional Training Course - Cybercrime Investigation Body of Knowledge -
Overview The expanded use of the Internet has facilitated rapid advances in communications, systems control, and information sharing. Those advances have created enormous opportunities for society, commerce
More informationCyberspace : Privacy and Security Issues
Cyberspace : Privacy and Security Issues Chandan Mazumdar Professor, Dept. of Computer Sc. & Engg Coordinator, Centre for Distributed Computing Jadavpur University November 4, 2017 Agenda Cyberspace Privacy
More informationThe commission communication "towards a general policy on the fight against cyber crime"
MEMO/07/199 Brussels, 22 May 2007 The commission communication "towards a general policy on the fight against cyber crime" The use of the term cyber crime in this communication There is no agreed definition
More informationMANAGING SECURITY THREATS IN THE NEW CONNECTED WORLD THROUGH FORENSIC READINESS
MANAGING SECURITY THREATS IN THE NEW CONNECTED WORLD THROUGH FORENSIC READINESS Mohamad Firham Efendy Bin Md Senan Specialist, Digital Forensics Department CyberSecurity Malaysia firham@cybersecurity.my
More informationCyber Security For Utilities Risks, Trends & Standards. IEEE Toronto March 22, Doug Westlund Senior VP, AESI Inc.
Cyber Security For Utilities Risks, Trends & Standards IEEE Toronto March 22, 2017 Doug Westlund Senior VP, AESI Inc. Agenda Cyber Security Risks for Utilities Trends & Recent Incidents in the Utility
More informationITU-IMPACT Capacity Building for Least Developed & Developed Countries
ITU-IMPACT Capacity Building for Least Developed & Developed Countries Marco Obiso Cybersecurity Coordinator International Telecommunication Union (ITU) 30 January 2012 ITU and cybersecurity 2003 2005
More informationJoint ICTP-IAEA School of Nuclear Energy Management November 2012
2374-20 Joint ICTP- School of Nuclear Energy Management 5-23 November 2012 Establishing National Nuclear Security Infrastructure (Module 9 Topics 3 & 4) EVANS Rhonda International Atomic Energy Agency,
More informationEuropean Directives and reglements for Information security
Е а а И ац а *** European Directives and reglements for Information security Krassi BOGDANOVA LISO for the Secretariat-General, the Cabinets of Commissioners and the European Political Strategy Centre,
More informationThe Impact of Cybersecurity, Data Privacy and Social Media
Doing Business in a Connected World The Impact of Cybersecurity, Data Privacy and Social Media Security Incident tprevention and Response: Customizing i a Formula for Results Joseph hm. Ah Asher Marcus
More information"DIGITAL GENEVA CONVENTION" IN TIMES OF CYBER (IN)SECURITY?
Panelová debata: Monitorování internetu. Máme se bát o své soukromí? DO WE NEED A "DIGITAL GENEVA CONVENTION" IN TIMES OF CYBER (IN)SECURITY? Microsoft Internet Advertising Conference 2017 2 Internet Advertising
More informationRESOLUTION 67 (Rev. Buenos Aires, 2017)
524 Res. 67 RESOLUTION 67 (Rev. Buenos Aires, 2017) The role of the ITU Telecommunication Development Sector in child online protection The World Telecommunication Development Conference (Buenos Aires,
More informationCYBERSECURITY MATURITY ASSESSMENT
CYBERSECURITY MATURITY ASSESSMENT ANTICIPATE. IMPROVE. PREPARE. The CrowdStrike Cybersecurity Maturity Assessment (CSMA) is unique in the security assessment arena. Rather than focusing solely on compliance
More informationCybersecurity in Asia-Pacific State of play, key issues for trade and e-commerce
Cybersecurity in Asia-Pacific State of play, key issues for trade and e-commerce 5-8 September 2017 Yogyakarta, Indonesia Sameer Sharma Senior Advisor ITU Digital Infrastructure for Connectivity SDGs Evolution
More informationThe Interim Report on the Revision of the Guidelines for U.S.-Japan Defense Cooperation
The Interim Report on the Revision of the Guidelines for U.S.-Japan Defense Cooperation I. Introduction At the 2+2 U.S.-Japan Security Consultative Committee (SCC) meeting in Tokyo on October 3, 2013,
More informationForensics and Active Protection
Forensics and Active Protection Computer and Network Forensics Research Project 2003 Work Update Yanet Manzano Florida State University manzano@cs.fsu.edu manzano@cs.fsu.edu 1 Outline CNF Project Goal
More informationDecember 10, Statement of the Securities Industry and Financial Markets Association. Senate Committee on Banking, Housing, and Urban Development
December 10, 2014 Statement of the Securities Industry and Financial Markets Association Senate Committee on Banking, Housing, and Urban Development Hearing Entitled Cybersecurity: Enhancing Coordination
More informationInnovation policy for Industry 4.0
Innovation policy for Industry 4.0 Remarks from Giorgio Mosca Chair of Cybersecurity Steering Committee Confindustria Digitale Director Strategy & Technologies - Security & IS Division, Leonardo Agenda
More informationState of Israel Prime Minister's Office National Cyber Bureau. Unclassified
- 1 - Background for the Government Resolutions Regarding Advancing the National Preparedness for Cyber Security and Advancing National Regulation and Governmental Leadership in Cyber Security On February
More informationPALANTIR CYBERMESH INTRODUCTION
100 Hamilton Avenue Palo Alto, California 94301 PALANTIR CYBERMESH INTRODUCTION Cyber attacks expose organizations to significant security, regulatory, and reputational risks, including the potential for
More information