Category: Cyber Security CII sector

Cyber Security CII sector

INTERPOL report charts top cyberthreats in Southeast Asia

Agency News, Cyber Security CII sector, Industry News
An INTERPOL report has highlighted the key cybercrime trends and threats confronting the Association of Southeast Asian Nations (ASEAN) region.
INTERPOL’s ASEAN Cyberthreat Assessment 2021 report outlines how cybercrime’s upward trend is set to rise exponentially, with highly organized cybercriminals sharing resources and expertise to their advantage.
It provides strategies for tackling cyberthreats against the context of the pandemic which has seen more people going online using mostly unprotected mobile devices, creating a surge in cybercriminal activities profiting from the theft of personal information and credentials.
The report further describes the essential collaboration on intelligence sharing and expertise between law enforcement agencies and the private sector, facilitated by INTERPOL’s global network.
The INTERPOL’s ASEAN Cybercrime Operations Desk (ASEAN Desk) with the support from law enforcement agencies in the region and INTERPOL’s private sector cybersecurity partners identify the region’s top cyberthreats:
- Business E-mail Compromise campaigns continue to top the chart with businesses suffering major losses, as it is a high-return investment with low cost and risk.
- Phishing. Cybercriminals are exploiting the widespread use of global communications on information related to COVID-19 to deceive unsuspecting victims.
- Ransomware. Cybercrime targeting hospitals, medical centers and public institutions for ransomware attacks has increased rapidly as cybercriminals believe they have a higher chance of success given the medical crisis in many countries.
- E-commerce data interception poses an emerging and imminent threat to online shoppers, undermining trust in online payment systems.
- Crimeware-as-a-Service puts cybercriminal tools and services in the hands of a wider range of threat actors – even non-technical ones, to the extent that anyone can become a cybercriminal with minimal ‘investment’.
- Cyber Scams. With the increase of online transactions and more people working from home, cybercriminals have revised their online scams and phishing schemes, even impersonating government and health authorities to lure victims into providing their personal information and downloading malicious content.
- Cryptojacking continues to be on the radar of cybercriminals as the value of cryptocurrencies increases.
“Cybercrime is constantly evolving. The COVID-19 pandemic has accelerated digital transformation, which has opened new opportunities for cybercriminals,” said Craig Jones, INTERPOL’s Director of Cybercrime.
“Through this report, INTERPOL strives to support member countries in the ASEAN region to take a targeted response against ever-evolving cybercrime threats to protect their digital economies and communities,” added Mr Jones.
Under the mandate of reducing the global impact of cybercrime and protecting communities, the INTERPOL Regional Cybercrime Strategy for ASEAN sets out INTERPOL’s key priorities and principles against cybercrime in the region.
Delivered through INTERPOL’s ASEAN Desk and ASEAN Cyber Capacity Development Project, the strategy is underpinned by four pillars: enhancing cybercrime intelligence for effective responses to cybercrime; strengthening cooperation for joint operations against cybercrime; developing regional capacity and capabilities to combat cybercrime; and promoting good cyber hygiene for a safer cyberspace.
Leave a comment , , ,

Digital transformation in Europe: 3 key regulatory priorities for 2021

Cyber Security CII sector, Industry News
“Europe's mix of enabling regulatory environments, robust connectivity infrastructure and the lively ecosystem of digital technology providers is fuelling the Region's transformation and has proven critical in the resilience during the COVID 19 pandemic,” remarked Doreen Bogdan-Martin, Director of the Telecommunication Development Bureau at ITU, as she welcomed participants of the ITU Regional Regulatory Forum for Europe on Regulation supporting digital transformation.
Held virtually in 2020, the Regional Regulatory Forum (RRF) is one of several milestones of the ITU Regional Initiative for Europe on Broadband infrastructure, broadcasting and spectrum management.
Organized with the support of the Agency for Electronic Communications and Postal Services (EKIP) of Montenegro, the Forum was opened by Vladan Djukanovic, EKIP Board Member, who highlighted the dependency which all sectors of economies now have on information and communication technology (ICT) infrastructure and services, exacerbated by the COVID-19 pandemic. This dependency requires a strategic approach to connectivity.
3 key priorities for 2021
Beyond recognizing the work of the ITU on the REG4COVID platform and other activities related to policy and regulation, representatives attending the RRF agreed on the following three key strategic priorities for 2021:
- carrying out an assessment of regulatory measures undertaken in the context of COVID-19, including the capacity of internal networks and interconnection with other regions,
- accelerating broadband development to bridge the digital divide, especially in terms of coverage, and
- strengthening international cooperation in the field of regulation.
Sofie Maddens, Head of the BDT’s Regulatory and Market Environment Division, shared an insightful reminder of the changing role of regulation and the need for authorities to adapt their toolbox to ensure actions are fit for purpose and following ITU’s gold standard on “collaborative regulation”, the benchmark of fifth generation (G5) regulation.
Unlocking investment in connectivity
The role of data in supporting the deployment of broadband is a fundamental aspect of digital transformation and regulation. By informing more accurate ‘snapshots’ of markets, data facilitates the design and creation of the regulatory incentives needed to deploy networks efficiently.
During the Forum, ITU, the European Commission, BEREC, the European Investment Bank, the World Bank and UNICEF all presented data-driven approaches to smart decision making to create an enabling environment that unlocks the private investments needed to attain connectivity targets, such as the EU Gigabit Society targets of delivering 100 Mbps to all households by 2025.
Member States also shared their experiences in broadband mapping as a tool to accelerate broadband deployment using infrastructure, service and investment data gathered from network operators. National Regulatory Authorities (NRAs) from Poland, Portugal, Slovenia, Germany, and Lithuania, which have relatively advanced systems encompassing thousands of operators, other network operators (such as utilities), building companies, local and regional administrations, demonstrated how these platforms can enhance collaboration among various stakeholders and support the allocation of public funding leading to fruitful results.
NRAs from non-EU countries such as Albania, Georgia, Montenegro, North Macedonia, and Serbia also presented their systems, and outlined their efforts towards unlocking investment whilst protecting competition. Given that the potential for improvements in broadband deployment is greater here than in EU countries, the need to allocate additional resources into mapping systems as fundamental enablers was noted.
Despite the recent progress in many non-EU countries taking steps towards harmonization with EU standards, many challenges remain, ranging from the high fixed and operational costs of setting up mapping systems to human capacity building within administrations, but also across operators.
Realizing untapped potential
While the EU regulatory framework for broadband mapping will undergo considerable revisions in 2021, non-EU countries, particularly in South Eastern Europe, have the potential monitor this process closely and leapfrog, establishing state of the art systems.
The background paper Broadband Mapping Systems in Europe and Regional Harmonization Initiatives focuses on the regulation underpinning broadband mapping systems, which are now essential tools for NRAs to allocate public funding efficiently and fostering cross-sector collaboration and investment whilst protecting competition. The paper traces the development of the European Union’s regulatory framework, its most recent and future developments, the actions undertaken by the European Commission and Member States in the field and, finally, looks at eight countries in South Eastern Europe.
I invite all stakeholders to join ITU’s workstreams dedicated to broadband development and regulation and to learn more from the Regional Regulatory Forum’s draft Outcome Report. I also invite you to engage with us on this topic and keep an eye on related activities for 2021 until we can hopefully meet again in person next September in Budva, Montenegro, as it is tradition for ITU Regulatory Forums for Europe.
[Source: ITU]
Leave a comment , ,

Why effective disaster management needs responsible AI

Cyber Security CII sector, Industry News, Telecomms sector
The use of artificial intelligence holds promise in helping avert, mitigate and manage disasters by analyzing swaths of data, but more efforts are required to ensure that technologies are deployed in a responsible, equitable manner.
According to UNDDR, about 1.2 million lives have been lost worldwide and more than 4 billion people affected in disasters that took place between 2000 and 2019.
Faster data labelling
Cameron Birge, Senior Program Manager Humanitarian Partnerships at Microsoft, says their work in using AI for humanitarian missions has been human-centric. "Our approach has been about helping the humans, the humans stay in the loop, do their jobs better, faster and more efficiently," he noted.
One of their projects in India uses roofing as a proxy indicator of households with lower incomes who are likely to be more vulnerable to extreme events like typhoons. Satellite imagery analysis of roofs are used to inform disaster response and resilience-building plans. A simple yet rewarding avenue of using AI has been around data labelling to train AI models to assist disaster management.
One challenge, he noted, has been around "unbiased, good, clean, trusted data". He also encouraged humanitarian organizations to understand their responsibilities when making use of AI models to support decision-making. "You have to ensure you sustain, train and monitor these models," he advised. Microsoft also wants to promote more sharing of data with its 'Open Data' campaign.
Precise decision support
AI is becoming increasingly important to the work of the World Meteorological Organization (WMO). Supercomputers crunch petabytes of data to forecast weather around the world. The WMO also coordinates a global programme of surface-based and satellite observations. Their models merge data from more than 30 satellite sensors, weather stations and ocean-observing platforms all over the planet, explained Anthony Rea, Director of the Infrastructure Department at WMO.
AI can help interpret resulting data and help with decision support for forecasters who receive an overwhelming amount of data, said Rea. "We can use AI to recognize where there might be a severe event or a risk of it happening, and use that in a decision support mechanism to make the forecaster more efficient and maybe allow them to pick up things that couldn't otherwise be picked up."
Understanding the potential impact of extreme weather events on an individual or a community and assessing their vulnerability requires extra information on the built environment, population, and health.
"We need to understand where AI and machine learning can help and where we are better off taking the approach of a physical model. There are many examples of that case as well. Data curation is really important," he added.
WMO also sets the standards for international weather data exchange, including factors such as identifying the data, formats, and ontologies. While advocating for the availability of data, Rea also highlighted the need to be mindful of privacy and ethical considerations when dealing with personal data. WMO is revising its own data policies ahead of its Congress later this year, committing to free and open exchange of data beyond the meteorological community.
'Not a magic bullet'
Rea believes that AI cannot replace the models built on physical understanding and decades of research into interactions between the atmosphere and oceans. "One of the things we need to guard against in the use of AI is to think of it as a magic bullet," he cautioned.
Instead of vertically integrating a specific dataset and using AI to generate forecasts, Rea sees a lot of promise in bringing together different datasets in a physical model to generate forecast information. "We use machine learning and AI in situations where maybe we don't understand the underlying relationships. There are plenty of places in our area of science and service delivery where that is possible."
Rakesh Bharania, Director of Humanitarian Impact Data at Salesforce.org, also sees the potential of artificial or augmented intelligence in decision support and areas where a lot of contextual knowledge is not required. "If you have a lot of data about a particular problem, then AI is certainly arguably much better than having humans going through that same mountain of data. AI can do very well in answering questions where there is a clear, right answer," he said.
One challenge in the humanitarian field, Bharania noted, is scaling a solution from a proof of concept to something mature, usable, and relevant. He also cautioned that data used for prediction is not objective and can impact results.
"It's going to be a collaboration between the private sector who typically are the technology experts and the humanitarians who have the mission to come together and actually focus on determining what the right applications are, and to do so in an ethical and effective and impactful manner," he said. Networks such as NetHope and Impactcloud are trying to build that space of cross-sectoral collaboration, he added.
Towards 'white box AI’
Yasunori Mochizuki, NEC Fellow at NEC Corporation, recalled how local governments in Japan relied on social networks and crowd-behaviour analyses for real-time decision-making in the aftermath of 2011’s Great East Japan Earthquake and resulting tsunami.
Their solution analyzed tweets to extract information and identify areas with heavy damage and need for immediate rescue, and integrated it with information provided by public agencies. "Tweets are challenging for computers to understand as the context is heavily compressed and expression varies from one user to another. It is for this reason that the most advanced class of natural language processing AI in the disaster domain was developed," Mochizuki explained.
Mochizuki sees the need for AI solutions in disaster risk reduction to provide management-oriented support, such as optimizing logistics and recovery tasks. This requires “white box AI” he said, also known as ‘explainable AI’. "While typical deep learning technology doesn't tell us why a certain result was obtained, white box AI gives not only the prediction and recommendation, but also the set of quantitative reasons why AI reached the given conclusion," he said.
Webinar host and moderator Muralee Thummarukudy, Operations Manager, Crisis Management Branch at the United Nations Environment Programme (UNEP), also acknowledged the value of explainable AI. "It will be increasingly important that AI is able to explain the decisions transparently so that those who use or are subject to the outcome of these black box technologies would know why those decisions were taken," he said.
[Source: ITU]
Leave a comment , ,

DHS S&T Announces $36.5M Funding Opportunity for New Center of Excellence

Agency News, Cyber Security CII sector, Industry News
The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) announced a $36.5 million funding opportunity for a new DHS Center of Excellence (COE), Engineering Secure Environments from Targeted Attacks (ESE).
“Partnering with universities, S&T delivers practical results by developing multidisciplinary, customer-driven solutions while training the next generation of homeland security experts,” said William Bryan, Acting Under Secretary for Science and Technology. “The challenges we face as a nation are complex. In collaboration with our academic partners, DHS is excited to launch a new COE focused on mitigating long-term threats against our nation’s surface transportation and built environments with novel engineering solutions.”
DHS plans to fund the new COE through a cooperative agreement for 10 years for a total of approximately $36.5 million.
The ESE COE will research and develop solutions to support DHS counterterrorism and violent extremism operations. The COE will help DHS continue fostering a culture of “security by design” by providing intentional and flexible architecture solutions to thwart an adaptive adversary. ESE will also advance a skilled workforce of scientists, technologists, engineers and mathematicians who focus on homeland security-related issues.
Technological advancements and their applications are increasingly complex and integrated into everyday processes. As cities grow larger and density increases across people, buildings, and infrastructure, a potential increase in the frequency or severity of targeted attacks from foreign and domestic terrorism is a legitimate concern. ESE will provide academic-led innovation that supports safer, more resilient transportation systems and communities.
DHS is soliciting proposals from multidisciplinary research and education teams, that will work closely with DHS and other subject-matter experts to develop approaches to strengthen the security of crowded spaces and transportation modalities. The teams will need various combinations of academic disciplines, including engineering, data analytics, and mathematics.
The DHS COEs work closely with DHS operating components to research, develop, and transition mission-relevant science and technology, and educate the next generation of homeland security technical experts. ESE will be required to engage with DHS operational components and fully understand the operational environment to help better identify technical and training gaps. Each DHS COE is led by a U.S. college or university and partners with other federally funded research and development centers, academic institutions, the commercial industry, and other federal, state, and local agencies.
Leave a comment , , ,

World’s most dangerous malware EMOTET disrupted through global action

Agency News, Cyber Security CII sector, Industry News
Law enforcement and judicial authorities worldwide have this week disrupted one of the most significant botnets of the past decade: EMOTET. Investigators have now taken control of its infrastructure in an international coordinated action.
This operation is the result of a collaborative effort between authorities in the Netherlands, Germany, the United States, the United Kingdom, France, Lithuania, Canada and Ukraine, with international activity coordinated by Europol and Eurojust. This operation was carried out in the framework of the European Multidisciplinary Platform Against Criminal Threats (EMPACT).
EMOTET has been one of the professional and long lasting cybercrime services out there. First discovered as a banking Trojan in 2014, the malware evolved into the go-to solution for cybercriminals over the years. The EMOTET infrastructure essentially acted as a primary door opener for computer systems on a global scale. Once this unauthorised access was established, these were sold to other top level criminal groups to deploy further illicit activities such as data theft and extortion through ransomware.
Spread via Word documents
The EMOTET group managed to take email as an attack vector to a next level. Through a fully automated process, EMOTET malware was delivered to the victims’ computers via infected e-mail attachments. A variety of different lures were used to trick unsuspecting users into opening these malicious attachments. In the past, EMOTET email campaigns have also been presented as invoices, shipping notices and information about COVID-19.
All these emails contained malicious Word documents, either attached to the email itself or downloadable by clicking on a link within the email. Once a user opened one of these documents, they could be prompted to “enable macros” so that the malicious code hidden in the Word file could run and install EMOTET malware on a victim’s computer.
Attacks for hire
EMOTET was much more than just a malware. What made EMOTET so dangerous is that the malware was offered for hire to other cybercriminals to install other types of malware, such as banking Trojans or ransomwares, onto a victim’s computer.
This type of attack is called a ‘loader’ operation, and EMOTET is said to be one of the biggest players in the cybercrime world as other malware operators like TrickBot and Ryuk have benefited from it.
Its unique way of infecting networks by spreading the threat laterally after gaining access to just a few devices in the network made it one of the most resilient malware in the wild.
Disruption of EMOTET’s infrastructure
The infrastructure that was used by EMOTET involved several hundreds of servers located across the world, all of these having different functionalities in order to manage the computers of the infected victims, to spread to new ones, to serve other criminal groups, and to ultimately make the network more resilient against takedown attempts.
To severely disrupt the EMOTET infrastructure, law enforcement teamed up together to create an effective operational strategy. It resulted in this week’s action where by law enforcement and judicial authorities gained control of the infrastructure and took it down from the inside. The infected machines of victims have been redirected towards this law enforcement-controlled infrastructure. This is a unique and new approach to effectively disrupt the activities of the facilitators of cybercrime.
How to protect oneself against loaders
Many botnets like EMOTET are polymorphic in nature. This means that the malware changes its code each time it is called up. Since many antivirus programmes scan the computer for known malware codes, a code change may cause difficulties for its detection, allowing the infection to go initially undetected.
A combination of both updated cybersecurity tools (antivirus and operating systems) and cybersecurity awareness is essential to avoid falling victim to sophisticated botnets like EMOTET. Users should carefully check their email and avoid opening messages and especially attachments from unknown senders. If a message seems too good to be true, it likely is and emails that implore a sense of urgency should be avoided at all costs.
As part of the criminal investigation conducted by the Dutch National Police into EMOTET, a database containing e-mail addresses, usernames and passwords stolen by EMOTET was discovered. You can check if your e-mail address has been compromised at www.politie.nl/emocheck. As part of the global remediation strategy, in order to initiate the notification of those affected and the cleaning up of the systems, information was distributed worldwide via the network of so-called Computer Emergency Response Teams (CERTs).
The following authorities took part in this operation:
- Netherlands: National Police (Politie), National Public Prosecution Office (Landelijk Parket)
- Germany: Federal Criminal Police (Bundeskriminalamt), General Public Prosecutor's Office Frankfurt/Main (Generalstaatsanwaltschaft)
- France: National Police (Police Nationale), Judicial Court of Paris (Tribunal Judiciaire de Paris)
- Lithuania: Lithuanian Criminal Police Bureau (Lietuvos kriminalinės policijos biuras), Prosecutor’s General’s Office of Lithuania
- Canada: Royal Canadian Mounted Police
- United States: Federal Bureau of Investigation, U.S. Department of Justice, US Attorney's Office for the Middle District of North Carolina
- United Kingdom: National Crime Agency, Crown Prosecution Service
- Ukraine: National Police of Ukraine (Національна поліція України), Prosecutor General’s Office (Офіс Генерального прокурора)
Leave a comment , , , ,

ENISA release new report and training material to fight cybercrime and improve cooperation

Agency News, Cyber Security CII sector, Industry News
The European Union Agency for Cybersecurity releases a new report and training material to support the cooperation among CSIRTs, Law Enforcement Agencies (LEAs) and their interaction with the judiciary.
The publications are designed to help tackle the challenges of this complex multi-stakeholder cooperation. The report, the handbook and the toolset are a set of deliverables complementing each other as follows:
- The report analyses roles, duties, competences, synergies and potential interferences across Computer Security Incident Response Teams (CSIRTs) - in particular, national and governmental ones, LE and judiciary (prosecutors and judges);
- The handbook helps a trainer explain these concepts through different scenarios;
- The toolset consists of exercises meant for trainees based on the handbook’s scenarios.
The report proposes a methodology to analyse the legal and organisational framework defining the roles and duties, the required competencies of CSIRTs and LE. It also identifies synergies and the potential interferences that may occur while engaging in the activities needed to respond to incidents of criminal nature and in fighting cybercrime.
In addition, it presents a detailed analysis focusing on Czechia, France, Germany, Luxembourg, Norway, Portugal, Romania, and Sweden. The methodology proposed can be used for a more comprehensive future analysis covering additional countries as it is based on:
- desk research;
- subject matter expert interviews;
- the segregation of duties (SoD) matrix.
This SoD matrix is also available in the ENISA repositories in GitHub, as well as the documentation on the Reference Security Incident Taxonomy Working Group (RSIT).
The RSIT working group will meet today as part of the 62nd TF-CSIRT Meeting. These are two other examples of the efforts ENISA engages in to contribute to building a bridge between CSIRTs and LE communities.
Main conclusions of the 2020 report on CSIRTs and LE cooperation include:
- The communities already engage in a number of actions meant to:
  - Avoid interferences wherever possible;
  - Create effective partnerships;
  - Use their synergies to support each other.
- However, interferences may still happen in the process of incident handling and cybercrime investigations, mainly because of the difference in purpose and mandate of each of these communities, i.e. incident mitigation (CSIRTs) compared with evidence preservation and criminal prosecution (LE and the judiciary).
- Joint training activities are organised mainly in community pairs, being either CSIRT and LE or LE and the judiciary. Such activities rarely involve the three communities. The joint training activities help the wider development of the competences required to respond to cybercrime.
- Overall, the 2019 pandemic of the COVID-19 virus did not have any significant impact on cooperation and exchanges between the three communities and their ability to function. Interaction even increased in some instances. For example, daily dialogues became more frequent in order to ensure that each community was kept informed as the situation evolved.
The response to cybercrime requires the cooperation of all actors involved. In this response, CSIRTs, LE and the judiciary perform each a different role and seek different objectives. Helping CSIRTs, LE and the judiciary understand their roles, duties and competences reciprocally will allow a closer cooperation while building on synergies and hence avoid possible interferences.
ENISA has been collecting input from the communities and compiling reports to shed light on the different aspects of the cooperation. These efforts are meant to further enhance the cooperation between CSIRTs and LE and their interaction with the judiciary, In addition, the Agency has been developing training material and co-organising the annual ENISA-EC3 workshop on CSIRT-LE Cooperation. The last edition of this event took place on 16 September 2020.
This new report and training material build on the work already completed in the area over the past. It contributed to the implementation of the ENISA programming document 2020-2022. The work conducted by ENISA in this area is planned to continue in 2021.
Leave a comment , , ,

CISA Launches Campaign to Reduce Risk of Ransomeware

Agency News, Cyber Security CII sector, Industry News
The Cybersecurity and Infrastructure Security Agency (CISA) announced the Reduce the Risk of Ransomware Campaign today, a focused, coordinated and sustained effort to encourage public and private sector organizations to implement best practices, tools and resources that can help them mitigate this cybersecurity risk and threat.
Ransomware is increasingly threatening both public and private networks, causing data loss, privacy concerns, and costing billions of dollars a year. These incidents can severely impact business processes and leave organizations without the data they need to operate and deliver mission-critical services. Malicious actors have adjusted their ransomware tactics over time to include pressuring victims for payment by threatening to release stolen data if they refuse to pay and publicly naming and shaming victims as secondary forms of extortion.
“CISA is committed to working with organization at all levels to protect their networks from the threat of ransomware,” said Brandon Wales, Director (Acting) of CISA. “This includes working collaboratively with our public and private sector partners to understand, develop and share timely information about the varied and disruptive ransomware threats. Anyone can be the victim of ransomware, and so everyone should take steps to protect their systems.”
In this campaign, which will have a particular focus on supporting COVID-19 response organizations and K-12 educational institutions, CISA is working to raise awareness about the importance of combating ransomware as part of an organization’s cybersecurity and data protection best practices. Over the next several months, CISA will use its social media platforms to iterate key behaviors or actions with resource links that can help technical and non-technical partners combat ransomware attacks.
CISA established a new one-stop resource at cisa.gov/ransomware. On this page, interested partners will find four categories of ransomware resources:
- Alerts and Statements: Official CISA updates to help stakeholders guard against the ever-evolving ransomware threat environment. These alerts are geared toward system administrators and other technical staff to bolster their organization’s security posture.
- Guides and Services: Tips and best practices for home users, organizations, and technical staff to guard against the growing ransomware threat.
- Fact Sheets and Infographics: Easy-to-use, straightforward information to help organizations and individuals better understand the threats from and the consequences of a ransomware attack.
- Trainings and Webinars: This information provides technical and non-technical audiences, including managers, business leaders, and technical specialists with an organizational perspective and strategic overview.
Many of the resources on this webpage were developed in collaboration with industry and interagency partners, such as:
- CISA and Multi-State Information Sharing and Analysis Center (MS-ISAC) Joint Ransomware Guide;
- CISA, Federal Bureau of Investigation (FBI), and Department of Health and Human Services (HHS) Joint Cybersecurity Advisory on Ransomware Activity Targeting the Healthcare and Public Health Sector;
- CISA, FBI, DHS Homeland Security Investigations, and U.S. Secret Service recorded video discussion on Trends and Predictions in Ransomware from the 2020 CISA National Cybersecurity Summit.
- CISA Fact Sheet on Cyber Threats to K-12 Remote Learning Education for non-technical educational professionals with contributions from the FBI.
Leave a comment , ,

Securing Cloud Services for Health: New report by EU Agency for Cybersecurity helps healthcare organisations securely adopt cloud services and prepare for cybersecurity challenges

Agency News, Cyber Security CII sector, Industry News
The European Union Agency for Cybersecurity (ENISA) published the Cloud Security for Healthcare Services report, which provides cybersecurity guidelines for healthcare organisations to help further digitalise with cloud services. Building on ENISA’s procurement guidelines for cybersecurity in hospitals, published early last year, this new report assesses the cybersecurity risks of cloud services and offers good practices for their secure integration into the European healthcare sector. The ENISA report comes as the European Commission is moving forward this year with the European Health Data Space initiative to promote the safe exchange of patients’ data and access to health data.
The COVID-19 pandemic has underlined an increased need for efficient – and secure – digital healthcare services. Cloud solutions allow for the flexible and rapid deployment of the electronic storage of data and electronic communications such as telemedicine. However, the complexity of legal systems and new technologies, as well as concerns over the security of sensitive patient data have slowed the healthcare sector in adopting cloud services.
EU Agency for Cybersecurity Executive Director Juhan Lepassaar said: “A resilient health sector relies on secure digital solutions. The EU Agency for Cybersecurity provides healthcare organisations with guidance to address cybersecurity concerns related to cloud services and is preparing an EU Cloud Cybersecurity Certification scheme, both of which aim to do just that.”
The report addresses these concerns by providing security guidelines for three main areas in which cloud services are used by the healthcare sector, namely for:
Electronic Health Record (EHR), i.e. systems focusing on the collection, storage, management and transmission of health data, such as patient information and medical exam results;
Remote Care, i.e. the subset of telemedicine supporting remote patient-doctor consultation;
Medical Devices, i.e. cloud services supporting the operation of medical devices such as making medical device data available to different stakeholders or for device monitoring.
For each of these use cases, the report highlights the main factors to be considered when healthcare organisations conduct the relevant risk assessment – for example, in terms of risk to sensitive patient data or availability of a medical service. These guidelines, however, are only a first step for healthcare providers to adapt securely to the cloud. More support is needed, such as established industry standards on cloud security, specific direction from national and EU authorities, and further guidelines from Data Protection Authorities on transferring healthcare data to the cloud.
The report also proposes a set of security measures for healthcare organisations to implement when planning their move to cloud services, such as establishing processes for incident management, defining data encryption requirements, and ensuring data portability and interoperability. The measures are proposed taking into consideration the draft candidate EU Cybersecurity Certification Scheme on Cloud Services (EUCS) to ensure compatibility and requirements mapping. The Agency’s draft scheme is part of the larger cybersecurity certification framework aimed at enhancing trust in ICT products, services and processes across Europe. The draft scheme is open for public consultation until 7 February 2021.
The EU Agency for Cybersecurity will continue its work to strengthen the cybersecurity of Europe’s healthcare sector by publishing guidelines, promoting information sharing, collaborating with policy-makers and organising events such as the annual eHealth Conference, addressing the healthcare sector’s major cybersecurity challenges.
Leave a comment , , ,

One ICT regulator’s journey to 5th-generation regulation

Cyber Security CII sector, Industry News, Telecomms sector
The global regulatory and technology landscape is complex and fast-moving.
Regulators find themselves grappling with an ever-growing array of challenges, chief among them achieving the Sustainable Development Goals (SDGs) by the 2030 deadline, now just a decade away.
The Kingdom of Saudi Arabia’s ICT regulator is no exception, as the country continues to prioritize the rapid growth of its ICT sector and pursue sustainable economic diversification as part of its Vision 2030.
But what is 5th-generation in the first place? And how is Saudi Arabia’s Communications and Information Technology Commission (CITC) planning to get there?
The evolving role of the ICT regulator
If we think in terms of regulatory “generations”, the first employed a “command and control approach”, which often took the form of public or national telecom monopolies. The second-generation regulatory landscape saw the opening of markets, facilitating partial liberalization and privatization of telecommunications. By generation three, we saw accelerated investment, innovation, and access opportunities emerge, with regulators placing a dual focus on stimulating competition while ensuring consumer protection.
Fourth generation features integrated regulation, led by economic and social policy goals. A 4th-generation regulator is one that ensures or is working towards universal access, consults stakeholders regularly, and promotes international and regional cooperation, equitable spectrum management, and stronger consumer protection.
Where do regulators stand globally?
According to ITU’s Global ICT Regulatory Outlook 2020, 8 per cent of countries now has holistic, forward-looking regulatory frameworks enabling digital transformation across the economy.
40 per cent of countries remain in regulatory generations 1 and 2, missing development opportunities and remaining disconnected from the digital transformation of their economies. While one third of countries have achieved G4, characterized by thriving markets for ICT services and the lowest proportion of unconnected populations, some have already set 5th-generation regulation in their sights. In a 5th-generation regulatory environment, collaboration among even more stakeholders is key to shaping decisions in a harmonized way not only within the telecommunications realm, but across a broad range of sectors now dependent on ICTs.
CITC’s regulatory transformation
With a guiding vision of a “connected nation for a thriving digital economy”, CITC is stepping up to meet the 5th-generation regulation challenge with an ambitious new digital transformation strategy. Their vision also emphasizes safeguarding the public, providing reliable service, ensuring fair competition, and balancing the diverse needs of multiple stakeholders.
Historically, the Commission’s mandate focused on regulating the telecommunication and information technology sectors. But the last two years have seen that mandate evolve to reflect a changing global regulatory and technology landscape.
The Saudi Arabian regulator has met the challenges of an increasingly complex regulatory environment with a series of initiatives, including, among others:
• Promoting investment and infrastructure development while ensuring access to high-quality services. CITC reported investing 15 billion USD in infrastructure, including meeting major deployment milestones on network infrastructure and quality. Mobile broadband download speed reached 77.55 Mbps in August 2020, and mobile coverage increased to 99 per cent of the population for 3G and 94 per cent for 4G, according to CITC estimates.
• Establishing a National Regulatory Committee that will bring together 8 core regulators to collaborate on ICT and digital cross-sectoral topics like blockchain, smart cities and digital platforms, and proactively anticipate emerging topics. Additional public and private entities will be involved as needed. This collaboration was set up to accelerate regulation-to-adoption and seeks to drive innovation, job creation, and investor confidence by promoting coherence and efficiency across Saudi Arabia’s ICT ecosystem.
• Acting collaboratively to deploy ICTs during the COVID-19 pandemic. As the pandemic reached Saudi Arabia, CITC collaborated quickly and effectively with telecom operators to meet the surge in demand for online access and data with increased speeds and data capacity, free services, expanded spectrum use, and enhanced network configurations and connectivity. This rapid response played a critical role in enabling remote work, business continuity, delivery apps, e-government services, and remote learning across Saudi Arabia.
[courtesy of ITU]
Leave a comment , , ,

ENISA and eu-LISA – Cooperation for a More Digitally Resilient Europe

Agency News, Cyber Security CII sector, Industry News
Within the priorities of the Portuguese Presidency of the Council of the European Union and the current Recovery Plan for Europe put forward by the European Commission, the words “digital” and “resilience” are prominent and at times used together. When combined they bring to mind IT-related challenges that need to be addressed to ensure a stronger and safer Europe for its citizens. One of the primary concerns is cybersecurity; and, given that this is a topic of common interest to the European Union Agency for Cybersecurity (ENISA) and the European Union Agency for the Operational Management of Large-Scale IT Systems in the Area of Freedom, Security and Justice (eu-LISA), it gives the two Agencies further impetus to work together to face this growing threat.
Earlier today Executive Directors Juhan Lepassaar (ENISA) and Krum Garkov (eu-LISA) signed a multiannual Cooperation Plan. The plan sets out activities that will provide benefits through joint actions to the Agencies themselves and to the EU Member States.
The three-year Cooperation Plan complements the existing regulations applicable to ENISA and eu-LISA, and lays out various actions within complimentary areas that the Agencies can draw benefits from by sharing knowledge, information and expertise. Information Security, Business Continuity, Research, Data Protection and Corporate Quality Management are among the priority areas identified for collaboration.
ENISA Executive Director Juhan Lepassaar said: “Securing our digital future is facilitated by sharing knowledge and expertise. This Cooperation Plan will allow our Agencies to find solutions together.”
"With cybersecurity and digital resilience high on the European agenda for the coming years, it seems fitting to take the opportunity to strengthen our cooperation with ENISA and to boost our common contributions to the goals set for Europe's digital future. There are many areas where our respective consolidated expertise can be put to good use. The EU Cybersecurity Strategy, adopted by the Commission in December, is one of these and the fast changing landscape of cyber threats including the ensuing need to secure common cyber spaces are examples of where we can mutually assist each other. This renewed agreement is the best way to kick-off 2021 and eu-LISA is looking forward to extending its relationship with ENISA." said Krum Garkov, Executive Director of eu-LISA.
It is in the common interest of both Agencies to promote and share activities with their stakeholders and the general public in order to provide increased visibility and further improve awareness of their respective responsibilities and joint successes. For this reason, the Cooperation Plan includes core activity related plans, as well as communication and information sharing as important areas for joint actions.
Leave a comment , , ,
1 20 21 22 23 24 28