Coordinated Vulnerability Disclosure
|
|
- Adam Joseph
- 5 years ago
- Views:
Transcription
1 Coordinated Vulnerability Disclosure
2 Overview CVD Workshop Speakers: Hans de Vries Head of National Cyber Security Centre of the Netherlands CVD good practices, dutch approach Joshua Corman I am The Cavalry CVD from the researcher s perspective Ryan Gillis Vice President, Cybersecurity Strategy and Global Policy at Palo Alto Networks CVD good practices of organisations, manifesto Szilvia Tóth Ministry of Foreign Affairs of Hungary & Mihaela Popescu Ministry of Foreign Affairs of Romania Expert meetings in this initiative & a look ahead
3 Coordinated Vulnerability Disclosure The Dutch Approach Hans de Vries (NCSC-NL) Washington, June 1st 2016
4 Agenda Guiding Principles NCSC-NL The Dutch Approach Our experiences Looking to the present and future Coordinated Vulnerability Disclosure June 1st, 2016
5 Guiding Principles NCSC-NL Multi stakeholder approach Connecting and strengthening initiatives Public Private Partnerships Individual responsibility Self-regulation where possible Proportionate measures and regulation Shared responsibilities between departments International cooperation Coordinated Vulnerability Disclosure June 1st, 2016
6 Corporate website Login Password
7 The Dutch approach Provide guidelines with focus on good cooperation between vulnerability researcher and organisation and clear expectations If all goes well, only role of the government is facilitator and promoter Coordinated Vulnerability Disclosure June 1st, 2016
8 Guidelines, no law The Ministry of Security and Justice and Public Prosecution Service support and advocate guidelines Public Prosecution Service ultimately still has the discretion to prosecute, for instance when a reporter goes too far despite of agreed terms, of course this also holds true for organisations Policy is an agreement between organisation and reporter Reporter and organisation agree to adhere to published policy, organisation promises not to file a complaint with the Police Jurisprudence/Case law: Guidelines cited by judge in several criminal cases Coordinated Vulnerability Disclosure June 1st, 2016
9 Our experiences Many organisations have published a policy Good comments from both reporters and organisations Many good quality reports Mostly website vulnerabilities, but also 0-days Reporters getting hired instead of arrested Organisations put fixing found vulnerabilties in supplier contracts Organisations take opportunity to improve software development, testing and incideng handling procedures Coordinated Vulnerability Disclosure June 1st, 2016
10 Coordinated Vulnerability Disclosure June 1st, 2016
11 So why listen to someone who owned you? Find vulnerabilities in your systems Show people that you care about their information Involve community in keeping your organisation secure Have reporters disclose responsibly Make the world a better and safer place! A win-win situation! Coordinated Vulnerability Disclosure June 1st, 2016
12 Looking to the present and future Adoption by international companies makes other organisations also see the advantages of CVD and its positive reputation effects Who is liable? Organisation using the software, the reporter or the company that made the software? Several private companies help to further develop CVD and promote the principles Security vs safety, CVD in this respect has a lot of challenges, like how to disclose vulnerabilities in critical infrastructure, medical equipment and automotive We need more good international examples! Coordinated Vulnerability Disclosure June 1st, 2016
13 Coordinated Vulnerability Disclosure Manifesto New signatories welcome! Coordinated Vulnerability Disclosure June 1st, 2016
14 Coordinated Vulnerability Disclosure June 1st, 2016
15
16 Speakers
Netherlands Cyber Security Strategy. Michel van Leeuwen Head of Cyber Security Policy Ministry of Security and Justice
Netherlands Cyber Security Strategy Michel van Leeuwen Head of Cyber Security Policy Ministry of Security and Justice 1 Netherlands: small country, big time vulnerable #1 80% online banking 95% youth uses
More informationMapping of the CVD models in Europe
Mapping of the CVD models in Europe TASK FORCE ON SW VULNERABILITY DISCLOSURE IN EUROPE Brussels, 29/11/2017 Gianluca Varisco Disclaimer This preliminary mapping has been put together by: reaching out
More informationProject III Public/private cooperation
Project Cybercrime@EAP III Public/private cooperation Արևելյան Գործընկերություն Східне партнерство Eastern Partnership აღმოსავლეთ პარტნიორობა Parteneriatul Estic Şərq tərəfdaşlığı Partenariat Oriental
More informationGlobal Alliance Against Child Sexual Abuse Online 2014 Reporting Form
Global Alliance Against Child Sexual Abuse Online 2014 Reporting Form MONTENEGRO Policy Target No. 1 Enhancing efforts to identify victims and ensuring that they receive the necessary assistance, support
More informationehealth Ministerial Conference 2013 Dublin May 2013 Irish Presidency Declaration
ehealth Ministerial Conference 2013 Dublin 13 15 May 2013 Irish Presidency Declaration Irish Presidency Declaration Ministers of Health of the Member States of the European Union and delegates met on 13
More informationCyber Security Strategy
Cyber Security Strategy Committee for Home Affairs Introduction Cyber security describes the technology, processes and safeguards that are used to protect our networks, computers, programs and data from
More informationDan Lipman Chair, 2016 NIS Organising Committee. Roger Howsley Executive Director, WINS. Elena Sokova - Executive Director, VCDNP
Introduction Integrating the Nuclear Security, Industry and Knowledge Summits Event Report 23 September 2014 On 23 September 2014 (on the margins of the September 2014 IAEA General Conference), the United
More informationOverview on the Project achievements
Overview on the Project achievements Closing Conference, Tbilisi, Georgia 14 May 2010 Cristina Schulman Council of Europe Strasbourg, France Tel +33-3-8841-2103 cristina.schulman@coe.int www.coe.int/cybercrime-georgia
More informationGeneral Framework for Secure IoT Systems
General Framework for Secure IoT Systems National center of Incident readiness and Strategy for Cybersecurity (NISC) Government of Japan August 26, 2016 1. General Framework Objective Internet of Things
More informationPromoting Global Cybersecurity
Promoting Global Cybersecurity Presented to ITU-T Study Group 17 Geneva, Switzerland 6 October 2005 Robert Shaw ITU Internet Strategy and Policy Advisor ITU Strategy and Policy Unit 1 Agenda Critical Infrastructures
More informationCommonwealth Cyber Declaration
Commonwealth Cyber Declaration Recognising that the development of cyberspace has made a powerful contribution to the economic, social, cultural and political life of the Commonwealth; Underlining that
More informationDigital Financial Inclusion and Consumer Protection
Digital Financial Inclusion and Consumer Protection ITU Regional Forum on Consumer Information, Protection and Rights for Africa 2017 Cotonou, BENIN 14-16 March 2017 Anne Rita Ssemboga- anne.rita.ssemboga@itu,int
More informationThe NIS Directive and Cybersecurity in
The NIS Directive and Cybersecurity in ehealth Dr. Athanasios Drougkas Officer in NIS Belgian Hospitals Meeting on Security Brussels 13 th October European Union Agency For Network And Information Security
More informationMs. Izumi Nakamitsu High Representative for Disarmament Affairs United Nations
Opening Remarks by Ms. Izumi Nakamitsu, High Representative for Disarmament Affairs, at the High-Level Event on Cyber Security, hosted by the Prime Minister of Bangladesh Ms. Izumi Nakamitsu High Representative
More informationMeeting minutes of NLO annual meeting of 8 June 2016
Meeting minutes of NLO annual meeting of 8 June 2016 1.1 NIS Directive and its implications for ENISA The Head of ENISA s Core Operations Department, Steve Purser, presented the NIS Directive and its implications
More informationVademecum of Speakers
Vademecum of Speakers Session 1 - The response to the crisis: removing barriers and unleashing growth in services Ariane Kiesow Centre for European Policy Ariane Kiesow is a policy analyst at the Centre
More informationMobile Application Privacy Policy
Mobile Application Privacy Policy Introduction This mobile application is hosted and operated on behalf of your health plan. As such, some information collected through the mobile application may be considered
More informationINFORMATION SECURITY NO MORE THE CINDERELLA?
INFORMATION SECURITY NO MORE THE CINDERELLA? Lord Toby Harris THE VIEW FROM THE KITCHEN Information security the Cinderella of technology Information security the Cinderella of security Who are the Ugly
More informationThe Case for National CSIRTs
The Case for National CSIRTs ENOG 12 Yerevan 3-4 Oct 2016 What is a CERT (CSIRT)? A Computer Security Incident Response Team (CSIRT) is a service organization that is responsible for receiving, reviewing,
More informationImplementing the Administration's Critical Infrastructure and Cybersecurity Policy
Implementing the Administration's Critical Infrastructure and Cybersecurity Policy Cybersecurity Executive Order and Critical Infrastructure Security & Resilience Presidential Policy Directive Integrated
More informationProject CyberSouth Cooperation on cybercrime in the Southern Neighbourhood
Project CyberSouth Cooperation on cybercrime in the Southern Neighbourhood Project concept 1 Version 1 July 2017 Project title / number (2017/DG1/JP/3692): CyberSouth Cooperation on cybercrime in the Southern
More informationCybersecurity in Asia-Pacific State of play, key issues for trade and e-commerce
Cybersecurity in Asia-Pacific State of play, key issues for trade and e-commerce 5-8 September 2017 Yogyakarta, Indonesia Sameer Sharma Senior Advisor ITU Digital Infrastructure for Connectivity SDGs Evolution
More informationLegal Foundation and Enforcement: Promoting Cybersecurity
Legal Foundation and Enforcement: Promoting Cybersecurity Regional Workshop on Frameworks for Cybersecurity and Critical Information Infrastructure Protection February 19, 2008 Mark L. Krotoski Computer
More informationCYBER CRIME LEGISLATION COURSE MALAYSIAN COMMUNCIATIONS AND MULTIMEDIA COMMISSION MALAYSIA
CYBER CRIME LEGISLATION COURSE MALAYSIAN COMMUNCIATIONS AND MULTIMEDIA COMMISSION MALAYSIA NATIONAL STRATEGY IN MANAGEMENT OF CYBER SECURITY Comprehensive law and policies Effective monitoring tools Awareness
More informationList of beneficiaries who are to be awarded grants for the implementation of CEPOL training activities in 2014
List of beneficiaries who are to be awarded grants for the implementation of CEPOL training activities in 2014 No. Title of the beneficiary Granted training activity Maximum budget covered by CEPOL, JOINT
More informationCOMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN
COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN 24-27 July 2016 1 CONTENT INTRODUCTION POLICY OBJECTIVES POLICY AND LEGISLATIVE PRINCIPLES CYBER SECURITY STRATEGY CHALLENGES AND OPPORTUNITIES CAPACITY BUILDING
More informationICT Policy Perspective for APEC. Ministry of Internal Affairs and Communications March 2015
ICT Policy Perspective for APEC Ministry of Internal Affairs and Communications March 2015 Current Status in APEC Region 1 GDP Growth Rate Twice the global average Share of Global Communications Service
More informationDiscussion on MS contribution to the WP2018
Discussion on MS contribution to the WP2018, 30 January 2018 European Union Agency for Network and Information Security Possibilities for MS contribution to the WP2018 Expert Groups ENISA coordinates several
More informationData Protection systems in the Republic of Azerbaijan
Data Protection systems in the Republic of Azerbaijan Cyber Security Center Ministry of Communications and High Technologies Director - Faig Farmanov Enhance the Right to Data Protection in Eastern Partnership
More informationRequirements on new data protection regulations and current changing needs from the view of the EDPS
Requirements on new data protection regulations and current changing needs from the view of the EDPS 10/11/2015, Berlin Wojciech Wiewiórowski ISSE 2015. Making Europe a safer place to do business M. Narojek
More informationThe National Medical Device Information Sharing & Analysis Organization (MD-ISAO) Initiative Session 2, February 19, 2017 Moderator: Suzanne
The National Medical Device Information Sharing & Analysis Organization (MD-ISAO) Initiative Session 2, February 19, 2017 Moderator: Suzanne Schwartz, Assoc. Dir., CDRH, FDA Denise Anderson, MBA, President,
More informationGovernment Resolution No of February 15, Resolution: Advancing National Regulation and Governmental Leadership in Cyber Security
Government Resolution No. 2443 of February 15, 2015 33 rd Government of Israel Benjamin Netanyahu Resolution: Advancing National Regulation and Governmental Leadership in Cyber Security It is hereby resolved:
More informationG8 Lyon-Roma Group High Tech Crime Subgroup
G8 Lyon-Roma Group High Tech Crime Subgroup In October 2009, a series of recommendations for amendments to ICANN s Registrar Accreditation Agreement (RAA) was proposed to ICANN by law enforcement agencies
More informationISACA National Cyber Security Conference 8 December 2017, National Bank of Romania
C-PROC Cybercrime Programme Office Council of Europe, Bucharest, Romania ISACA National Cyber Security Conference 8 December 2017, National Bank of Romania The role of legislation in enhancing the cyber
More informationTowards a European e-competence Framework
Towards a European e-competence Framework Projects, trends, multistakeholder activities towards a European ICT sectoral framework, related to the EQF Jutta Breyer Brussels, 24 June 2008 Overview 1. Intro
More informationRecent developments CEN and CENELEC
Recent developments CEN and CENELEC UNECE WP6 22nd Session, 2012-11-09 ddus@cencenelec.eu Overview Standardization developments - CEN and CENELEC Portfolio - Relations to ISO and IEC Hot topics - Technical
More informationENISA & Cybersecurity. Dr. Udo Helmbrecht Executive Director, European Network & Information Security Agency (ENISA) 25 October 2010
ENISA & Cybersecurity Dr. Udo Helmbrecht Executive Director, European Network & Information Security Agency (ENISA) 25 October 2010 Agenda Some Definitions Some Statistics ENISA & Cybersecurity Conclusions
More informationRESOLUTION 130 (Rev. Antalya, 2006)
Res. 130 430 RESOLUTION 130 (Rev. Antalya, 2006) Strengthening the role of ITU in building confidence and security in the use of information and communication technologies The Plenipotentiary Conference
More informationASEAN COOPERATION ON DISASTER MANAGEMENT. Disaster Management & Humanitarian Assistance Division, ASEAN Secretariat
ASEAN COOPERATION ON DISASTER MANAGEMENT Disaster Management & Humanitarian Assistance Division, ASEAN Secretariat AADMER - FOR A MORE UNITED AND COORDINATED RESPONSE TOWARD DISASTERS WITHIN THE REGION
More informationRomania - Cyber Security Strategy. 6th IT STAR Workshop on Digital Security
Romania - Cyber Security Strategy 6th IT STAR Workshop on Digital Security 30 March 2012 Bratislava, Slovakia Florin VREJOIU Horia GLIGOR Programme Manager Member of the Board Association for Information
More informationNational CIRT - Montenegro. Ministry for Information Society and Telecommunications
National CIRT - Montenegro Ministry for Information Society and Telecommunications Regional Cybersecurity Forum Sofia, November 2016 CIRT ESTABLISHMENT Key Organizations in establishing Montenegro CIRT:
More informationIt s still very important that you take some steps to help keep up security when you re online:
PRIVACY & SECURITY The protection and privacy of your personal information is a priority to us. Privacy & Security The protection and privacy of your personal information is a priority to us. This means
More informationMedical Device Cybersecurity: FDA Perspective
Medical Device Cybersecurity: FDA Perspective Suzanne B. Schwartz MD, MBA Associate Director for Science and Strategic Partnerships Office of the Center Director (OCD) Center for Devices and Radiological
More informationDecember 10, Statement of the Securities Industry and Financial Markets Association. Senate Committee on Banking, Housing, and Urban Development
December 10, 2014 Statement of the Securities Industry and Financial Markets Association Senate Committee on Banking, Housing, and Urban Development Hearing Entitled Cybersecurity: Enhancing Coordination
More informationFuture-Proof Security & Privacy in IoT
All rights reserved, Arthur s Legal B.V. Future-Proof Security & Privacy in IoT From State of Play, To State of The Art Arthur van der Wees, LLM Managing Director Arthur s Legal, the global tech-by-design
More informationHow the Board Should Take Care of Cyber Security. ICS Conference 2012, October 31 Denmark
How the Board Should Take Care of Cyber Security ICS Conference 2012, October 31 Denmark Cyber Security is not just a technological issue Situation Our digital society provides lots of new business opportunities,
More informationV{ xy Éy à{x Vtu Çxà Éy ` Ç áàxüá
BUENOS AIRES, July 28, 2011 In the view of the Record CUDAP: EXP-JGM: 0005475/2011 of the Registry of the Presidency of the Cabinet of Ministers ( Decree nr. 438/92) and the Resolution ex SFP Nr. 81/ 14
More informationInternational Policy Division, Global ICT Strategy Bureau
MIC International Policy Division, Global ICT Strategy Bureau Communications News Newsletter of the Ministry of Internal Affairs and Communications(MIC), Japan Please Feel free to use articles in this
More informationIntroduction. ISNR Abu Dhabi 2020 Program. Participation & Partnership Opportunities
Event brochure Introduction ISNR Abu Dhabi 2020 Program Participation & Partnership Opportunities ISNR ABU DHABI 2018 was under the Patronage of H.H Sheikh Hazza bin Zayed Al Nahyan, Deputy Chairman of
More informationFriedrich Smaxwil CEN President. CEN European Committee for Standardization
Friedrich Smaxwil CEN President CEN European Committee for Standardization www.cen.eu www.cencenelec.eu Friedrich Smaxwil, CEN President 1. Standards & standardization 2. CEN s role in European Standardization
More informationInternational cyber strategy for Norway
Norwegian Ministry of Foreign Affairs International cyber strategy for Norway 2017 Strategy International cyber strategy for Norway 2017 Foreword by the Prime Minister Cyberspace is developing rapidly.
More informationA Criminal Intrudes into a Bank in Geneva Korean agents. Canadian agents make the arrest. Argentinian investigators. discover. attack came from Seoul
Harmonizing National Legal Approaches and International Legal Coordination International Cooperation in Cybercrime Investigations A Law Enforcement Perspective Colonel Claudio Peguero ITU / WSIS Thematic
More information10007/16 MP/mj 1 DG D 2B
Council of the European Union Brussels, 9 June 2016 (OR. en) 10007/16 OUTCOME OF PROCEEDINGS From: On: 9 June 2016 To: General Secretariat of the Council Delegations No. prev. doc.: 9579/16 + COR 1 Subject:
More informationUN General Assembly Resolution 68/243 GEORGIA. General appreciation of the issues of information security
UN General Assembly Resolution 68/243 GEORGIA General appreciation of the issues of information security Widely publicized cyber attacks and, to some expert opinions, cyber war - conducted against Georgia
More informationThe Africa-EU Energy Partnership (AEEP) The Role of Civil Society and the Private Sector. 12 February, Brussels. Hein Winnubst
The Africa-EU Energy Partnership (AEEP) The Role of Civil Society and the Private Sector 12 February, Brussels Hein Winnubst Introduction Purpose of this meeting Share information on progress and planning
More information10025/16 MP/mj 1 DG D 2B
Council of the European Union Brussels, 9 June 2016 (OR. en) 10025/16 OUTCOME OF PROCEEDINGS From: On: 9 June 2016 To: General Secretariat of the Council Delegations No. prev. doc.: 9579/16 + COR 1 Subject:
More informationNational Policy and Guiding Principles
National Policy and Guiding Principles National Policy, Principles, and Organization This section describes the national policy that shapes the National Strategy to Secure Cyberspace and the basic framework
More informationDirective on security of network and information systems (NIS): State of Play
Directive on security of network and information systems (NIS): State of Play Svetlana Schuster Unit H1 Cybersecurity and Digital Privacy DG Communications Networks, Content and Technology, European Commission
More informationAssistant Secretary-General Michèle Coninsx Executive Director, CTED
High-Level Conference of Heads of Counter-Terrorism Agencies Opportunities and challenges in strengthening international cooperation through the sharing of information, expertise and resources United Nations
More informationCyber Security Development. Ghana in Perspective
Cyber Security Development Ghana in Perspective GHANA S CYBER SECURITY JOURNEY NCSPS Development Establishment of CERT NCSPS Validation 2015 Adoption of NCSPS by Cabinet 2016 NCSTWG NCSIAC NCSPS Review
More informationUSA HEAD OFFICE 1818 N Street, NW Suite 200 Washington, DC 20036
US-China Business Council Comments on The Draft Measures for Security Review of Online Products and Services March 6, 2017 On behalf of the more than 200 members of the US-China Business Council (USCBC),
More informationThe UNODC Global Programme on Cybercrime Alexandru Caciuloiu CYBERCRIME COORDINATOR SOUTHEAST ASIA AND THE PACIFIC
The UNODC Global Programme on Cybercrime Alexandru Caciuloiu CYBERCRIME COORDINATOR SOUTHEAST ASIA AND THE PACIFIC UNODC is mandated to assist Member States in their struggle against illicit drugs, crime
More informationNIS Directive : Call for Proposals
National Cyber Security Centre, in Collaboration with the Research Institute in Trustworthy Inter-connected Cyber-physical Systems (RITICS) Summary NIS Directive : Call for Proposals Closing date: Friday
More informationVdTÜV Statement on the Communication from the EU Commission A Digital Single Market Strategy for Europe
Author Date VdTÜV-WG Cybersecurity October, 3 rd 2015 VdTÜV Statement on the Communication from the EU Commission A Digital Single Market Strategy for Europe VdTÜV e.v. welcomes the Communication on a
More informationCentre for cybersecurity Belgium : Role, Missions et future capacities
Centre for cybersecurity Belgium : Role, Missions et future capacities NLO meeting 30/01/2018 Phédra Clouner Deputy Director CCB 01 CCB mission & services Page 2 Legal Basis R.D. 10/10/2014 Contribute
More informationA Holistic Approach to Cyber Security
A Holistic Approach to Cyber Security Shernon Osepa Manager Regional Affairs Latin America & the Caribbean Cyber Security & Digital Forensics Event Mona-UWI-Jamaica 1 October 2013 Agenda What is the Internet
More informationPrivacy Policy on the Responsibilities of Third Party Service Providers
Privacy Policy on the Responsibilities of Third Party Service Providers Privacy Office Document ID: 2489 Version: 3.2 Owner: Chief Privacy Officer Sensitivity Level: Low Copyright Notice Copyright 2016,
More informationFrom Hyogo to Sendai. Anoja Seneviratne Disaster Management Centre
From Hyogo to Sendai Anoja Seneviratne Disaster Management Centre Milestone Event in the Year 2015 New York in September 2015 to World Conference define voluntary on Disaster Risk Sustainable Reduction
More informationIMPORTANT GLOBAL CYBERLAW TRENDS 2017
IMPORTANT GLOBAL CYBERLAW TRENDS 2017 BY PAVAN DUGGAL ADVOCATE, SUPREME COURT OF INDIA PRESIDENT, CYBERLAWS.NET HEAD, PAVAN DUGGAL ASSOCIATES, ADVOCATES The year 2017 promises to be a year of tremendous
More informationThe role of COP/ITU on international level. Dr Ibrahim Al dabal chair of child on line council working group
The role of COP/ITU on international level Dr Ibrahim Al dabal chair of child on line council working group I nformation & I nternational C ommunication T elecommunication T echnologies U nion WHO WE
More informationPROJECT BACKGROUND AND RATIONALE
PROJECT BACKGROUND AND RATIONALE The political agreement on the EU General Data Protection Regulation (GDPR) has been reached and the new Regulation will be on the books by the end of the first quarter
More informationChild Online Protection in Child Pornography Namibia
Child Online Protection in Child Pornography Namibia Regulation in Namibia UNICEF Namibia Presented by: Jolanda van Westering Outline Introduction Typology of online abuse and exploitation Scale and response
More informationUniversal Trusted Service Provider Identity to Reduce Vulnerabilities
1.1 Session 3: Cyber-attacks: Are we ready for the battlefield of the 21st Century? 22 May 2008 Palais des Nations, Geneva Universal Trusted Service Provider Identity to Reduce Vulnerabilities Tony Rutkowski
More information2nd National MBE Manufacturers Summit 2017
Global Manufacturing Community 2nd National MBE Manufacturers Summit 2017 August 15-16, 2017 Corporate Sponsorship Global Manufacturing Community Providing Opportunities for MBE Manufacturers Nationally
More informationDeveloping an integrated e-health system in Estonia
Developing an integrated e-health system in Estonia Box 1 What problems did the initiative seek to address? Fragmented flow of information between health providers. Poor management of the growing number
More informationPublic Sector Cyber Security Series
2018 Staying ahead of evolving threats Public Sector Cyber Security Series program Sydney 10 th September Melbourne 11 th September Canberra 12 th September Brisbane 19 th September Wellington 20 th September
More informationNATIONAL COMMISSION ON FORENSIC SCIENCE
NATIONAL COMMISSION ON FORENSIC SCIENCE Recommendation for the Accreditation of Digital and Multimedia Forensic Science Service Providers 1 Subcommittee Date of Current Version 25/02/16 Accreditation and
More informationIncentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO
White Paper Incentives for IoT Security May 2018 Author: Dr. Cédric LEVY-BENCHETON, CEO Table of Content Defining the IoT 5 Insecurity by design... 5 But why are IoT systems so vulnerable?... 5 Integrating
More informationCOUNTERING COUNTERING SPAM IN A DIGITAL WORLD
IN A DIGITAL WORLD EU SYMPOSIUM 2006 15 June 2006 Maastricht, The Netherlands Cristina Bueti Cristina Bueti Project Officer Strategy and Policy Unit (SPU) International Telecommunication Union www.itu.int/spam
More informationCOOPERATION BETWEEN INTERPOL AND THE UNITED NATIONS
COOPERATION BETWEEN INTERPOL AND THE UNITED NATIONS February 2018 A HISTORY OF COOPERATION 1997: Cooperation agreement between INTERPOL and the UN Many decades of collaboration was formalized in an agreement
More informationCybersecurity & Digital Privacy in the Energy sector
ENERGY INFO DAYS Brussels, 25 October 2017 Cybersecurity & Digital Privacy in the Energy sector CNECT.H1 Cybersecurity & Digital Privacy, DG CNECT ENER.B3 - Retail markets; coal & oil, DG ENER European
More informationCOUNCIL OF THE EUROPEAN UNION. Brussels, 24 May /13. Interinstitutional File: 2013/0027 (COD)
COUNCIL OF THE EUROPEAN UNION Brussels, 24 May 2013 Interinstitutional File: 2013/0027 (COD) 9745/13 TELECOM 125 DATAPROTECT 64 CYBER 10 MI 419 CODEC 1130 NOTE from: Presidency to: Delegations No. Cion
More informationACCEPTABLE USE POLICY
Great Lakes Energy Connections, Inc. Truestream ACCEPTABLE USE POLICY Contents OVERVIEW... 2 INTRODUCTION... 2 VIOLATION OF THIS ACCEPTABLE USE POLICY... 2 PROHIBITED USES AND ACTIVITIES... 2 CUSTOMER
More informationManaging Supply Chain Risks for SCADA Systems
Managing Supply Chain Risks for SCADA Systems Nadya Bartol, Vice President of Industry Affairs and Cybersecurity Strategist, UTC Nadya.bartol@utc.org 2014 Utilities Telecom Council Agenda Problem Definition
More informationCouncil of the European Union Brussels, 23 November 2016 (OR. en)
Conseil UE Council of the European Union Brussels, 23 November 2016 (OR. en) 13323/1/16 REV 1 LIMITE PUBLIC DAPIX 173 ENFOPOL 349 ENFOCUSTOM 163 COSI 156 GENVAL 107 AVIATION 210 NOTE From: To: Subject:
More informationICT Legal Consulting on GDPR: the possible value of certification in data protection compliance and accountability
ICT Legal Consulting on GDPR: the possible value of certification in data protection compliance and accountability Prof. Dr. Paolo Balboni Founding Partner Professor of Privacy, Cybersecurity, and IT Contract
More informationOne click away from Sustainable Consumption and Production
SCP CLEARINGHOUSE Sustainable Consumption and Production www.start.scpclearinghouse.org One click away from Sustainable Consumption and Production Convened by Shifting to Sustainable Consumption and Production
More informationReducing Risk and Building Capacity
Reducing Risk and Building Capacity The Cybersecurity Capacity Maturity Model (CMM) for Nations Prof Michael Goldsmith Global Cyber Security Capacity Centre (GCSCC) April 2017 Delivering Effective Cybersecurity
More informationResolution adopted by the General Assembly on 21 December [on the report of the Second Committee (A/64/422/Add.3)]
United Nations A/RES/64/211 General Assembly Distr.: General 17 March 2010 Sixty-fourth session Agenda item 55 (c) Resolution adopted by the General Assembly on 21 December 2009 [on the report of the Second
More informationThe challenges of the NIS directive from the viewpoint of the Vienna Hospital Association
The challenges of the NIS directive from the viewpoint of the Vienna Hospital Association page 1 Cybersecurity Strategy Essential Points The norms, principles and values that the City of Vienna and the
More informationMatt Quinn.
Matt Quinn matt.quinn@nist.gov Roles of AHRQ and NIST What s at Stake Current State of Usability in Certified EHRs Projects to Support Improved Usability Moving Forward June 7 NIST Workshop Questions NIST's
More informationAbout the information we collect We collect and process personal data including but not limited to:-
Privacy Policy About us TP Supported Accommodation is responsible for collecting, processing, storing and safe keeping of personal information as part of our business activities. We manage information
More informationCONCLUSIONS OF THE WESTERN BALKANS DIGITAL SUMMIT APRIL, SKOPJE
CONCLUSIONS OF THE WESTERN BALKANS DIGITAL SUMMIT 2018 18-19 APRIL, SKOPJE CONCLUSIONS OF THE WESTERN BALKANS DIGITAL SUMMIT 2018 At the Trieste Western Balkans Summit, we stressed the importance of the
More informationEuropean Union Agency for Network and Information Security
Critical Information Infrastructure Protection in the EU Evangelos Ouzounis Head of Secure Infrastructure and Services Regional Cybersecurity Forum Sofia, Bulgaria 29 th November 2016 European Union Agency
More informationInformation Security Incident Response Plan
Information Security Incident Response Plan Purpose It is the objective of the university to maintain secure systems and data. In order to comply with federal, state, and local law and contractual obligations,
More informationCooperating Catalogues Export Tool. User guide
User guide Author(s) Cindy Li, Stephanie Solingen Version 1.2 Status Final The Hague, 15-10-2009 2/19 Document information Colophon Author(s) Status Cindy Li, Stephanie Solingen Final Project Date Toolbox
More informationMy name is Joe Bhatia, and I am president and CEO of the American National Standards Institute.
S. Joe Bhatia President and CEO American National Standards Institute Opening Remarks 1 st Indo-U.S. Summit on Standards in Trade February 16, 2010 New Delhi, India Good morning, everyone. My name is Joe
More informationRESOLUTION 130 (REV. BUSAN, 2014)
RESOLUTION 130 (REV. BUSAN, 2014) Strengthening the role of ITU in building confidence and security in the use of information and communication technologies The Plenipotentiary Conference of the International
More informationGlobal Wildlife Cybercrime Action Plan1
Global Wildlife Cybercrime Action Plan1 A Call to Action for the London Conference on Illegal Wildlife Trade October 11-12, 2018 1 Wildlife cybercrime in this context refers to cyber-enabled wildlife trafficking.
More informationFDA & Medical Device Cybersecurity
FDA & Medical Device Cybersecurity Closing Keynote, February 19, 2017 Suzanne B. Schwartz, M.D., MBA Associate Director for Science & Strategic Partnerships Center for Devices and Radiological Health US
More information