International Association of CIP Professionals

ENISA unveils its New Strategy towards a Trusted and Cyber Secure Europe

The European Union Agency for Cybersecurity (ENISA) is unveiling its new strategy, which outlines the Agency’s strengthened path towards achieving a high common level of cybersecurity across the Union. The strategy was developed to fulfil the Agency’s permanent mandate established last year by the EU Cybersecurity Act (CSA). Under the strategy, the Agency takes on the vision of ‘A Trusted and Cyber Secure Europe’ and enhanced mission: “to achieve a high common level of cybersecurity across the Union in cooperation with the wider community.''

Jean-Baptiste Demaison, Chair of the ENISA Management Board, stated: "The EU Agency for Cybersecurity with its permanent mandate and enhanced role and capabilities will be instrumental in supporting Member States and EU institutions to face the cyber challenges of the future."

Juhan Lepassaar, Executive Director of the European Union Agency for Cybersecurity, said: “Our new strategy acts as a compass, guiding the Agency’s work towards a trusted and cyber secure Europe. It will strengthen our key relationships within the cybersecurity ecosystem and equally it will be a key driver for the Agency to follow new values.”

What are the strategic objectives?

The strategy proposes concrete goals for the Agency in the form of seven strategic objectives that will set the priorities for European Union Agency for Cybersecurity in the coming years. These strategic objectives are as follows:

1 - Empowered and engaged communities across the cybersecurity ecosystem;
2 - Cybersecurity as an integral part of EU polices;
3 - Effective cooperation amongst operational actors within the Union in case of massive cyber incidents;
4 - Cutting-edge competences and capabilities in cybersecurity across the Union;
5 - A high level of trust in secure digital solutions;
6 - Foresight on emerging and future cybersecurity challenges;
7 - Efficient and effective cybersecurity information and knowledge management for Europe.

What we want to achieve?

An EU-wide, state-of-the-art body of knowledge on cybersecurity concepts and practices that builds cooperation amongst key actors in cybersecurity, promotes lessons learned, EU expertise and creates new synergies;
An empowered cyber ecosystem encompassing Member States’ authorities, EU institutions, agencies and bodies, associations, research centres and universities, industry, private actors and citizens, who all play their role in making Europe cyber secure;
Proactive advice and support to all relevant EU-level actors bringing in the cybersecurity dimension in the policy development lifecycle through viable and targeted technical guidelines;
Cybersecurity risk management frameworks that are in place across all sectors and followed throughout the cybersecurity policy lifecycle;
Continuous cross-border and cross-layer support to cooperation between Member States, as well as with EU institutions. In particular, in view of potential large scale incidents and crises, support the scaling up of technical operational, political and strategic cooperation amongst key operational actors to enable timely response, information sharing, situational awareness and crises communication across the Union;
Comprehensive and rapid technical handling upon request of the Member States to facilitate technical and operational needs in incident and crises management;
Aligned cybersecurity competencies, professional experience and education structures to meet the constantly increasing needs for cybersecurity knowledge and competences in the EU;
An elevated base-level of cybersecurity awareness and competences across the EU while mainstreaming cyber into new disciplines;
Well prepared and tested capabilities with the appropriate capacity to deal with the evolving threat environment across the EU;
Cyber secure digital environment across the EU, where citizens can trust ICT products, services and processes through the deployment of certification schemes in key technological areas;
Understanding emerging trends and patterns using foresight and future scenarios that contribute to mitigating the cyber challenges of the Agency’s stakeholders;
Early assessment of challenges and risks from the adoption of and adaptation to the emerging future options, while collaborating with stakeholders on appropriate mitigation strategies;
Shared information and knowledge management for the EU cybersecurity ecosystem in an accessible, customised, timely and applicable form, with appropriate methodology, infrastructures and tools, coupled and quality assurance methods to achieve continuous improvement of services.
How will ENISA use the strategy?

The strategy’s high-level objectives are directed at shaping a more digitally secure environment for Member States, EU Institutions, Agencies and Bodies, SMEs, academia and all of Europe’s citizens. The European Union Agency for Cybersecurity will use the new strategy to map out its annual work programme to improve security across the Union, and specifically to:

Better identify and understand the future cybersecurity capabilities needed to maintain competitiveness and preparedness.
Build on the Agency’s trusted relationships with stakeholders and communities within the cybersecurity ecosystem across Europe.
Guide ENISA communications within and beyond the Union, to non-EU countries and international organisations.
Deepen the knowledge and information sharing of ENISA expertise to reach larger audiences and increase awareness of digital security.
Provide cybersecurity stakeholders a clear understanding of the Agency’s priorities and actions.
Shape the future outlook of cybersecurity across the Union.

The strategy is both an aggregation of the tasks identified by the Cybersecurity Act and the developed synergies within Articles 5-12 of the CSA.

This publication by the European Union Agency for Cybersecurity outlines the Agency’s strategic objectives to boost cybersecurity, preparedness and trust across the EU under its new strengthened and permanent mandate.

Leave a comment

Artificial Intelligence (AI) In Healthcare Market: Dynamics, Segments, Size and Demand, COVID-19 2022

July 20, 2020 Neil Walker Health & Social Care, Industry News

Artificial intelligence(AI) is the creation of intelligent systems that can perform tasks without human interventions and instructions. It is the constellation of different technologies such as natural language processing, machine learning, perception and reasoning. These systems use computer algorithms, and huge amount of data to provide a response to a request. AI is being adopted in healthcare using algorithm and software for the analysis of medical data with a view to predict diseases and provide proper medication. It will lead to personalization and optimization leading to improved outcomes for both patients and healthcare systems. A basic AI computer used today in clinical practices can be used for alerts and reminder, diagnostic, therapy planning, Information retrieval and image interpretation. However, glitches in communication and technical infrastructure are amongst the barriers to the growth of AI in health care.

According to Infoholic Research, the “Artificial Intelligence in Healthcare Market” is expected to reach $ 1,139.2 million by 2022, growing at a CAGR of around 62.2% during the forecast period 2016–2022.The need of pre-operative planning, high costs associated with healthcare, adoption of mobile devices and rising chronic diseases amongst masses is driving the need of integrating AI in healthcare solutions. The AI market in healthcare has high growth opportunities due to rising needs of self-care and real-time monitoring.

Technology Analysis:

The AI technology is leading towards innovation of efficient and inexpensive healthcare solutions. The major technologies involved are natural language processing, machine learning, biometric security, speech recognition and disaster recovery. The technology providers are heading towards development of innovative products and solutions for end-users. At present, NLP market is having the major share with an estimated increase to $487.7 million by 2022 growing at a CAGR of 61.6%. The increase in adoption of cloud computing, internet and innovation in network connectivity is driving the adoption of NLP in healthcare sector. Besides, NLP the second most prominent technology in healthcare is machine learning which is expected to reach $223.7 million by 2022, growing at a CAGR of 61.9%. Based on end users, the market encapsulates diagnostic centres, hospitals and clinincs, R&D and healthcare institutes. AI finds wide application in precision medicine, real- time monitoring, drug development and personal health assistants.

Regional Analysis:

North America is leading in AI in healthcare market followed by Europe. Huge investments and strict governmental regulations is driving the growth in North America. One such initiative is Patient Protection and Affordable Care Act(ACA), which is leading emphasis on cost management and integrated care delivery models. The European market is enhancing due to increased need of quality care and high cost burden associated with re-hospitalisation. The Benevolent AI, Google’s DeepMind, Skin Analytics are working for providing healthcare solutions in Europe. APAC region has high growth potential accompanied with high investment in the market especially India and China. The major part (40%) of digital transformation in APAC will be driven by AI by 2022. LAMEA is yet developing and growing in the region. The increased adoption of internet and mHealth is enhancing the growth of AI in the region.

Leave a comment

CISA releases new strategy to improve industrial control system cybersecurity

July 13, 2020 Neil Walker Agency News, Cyber Security CII sector, Industry News

The Cybersecurity and Infrastructure Security Agency (CISA) released a strategy to strengthen and unify industrial control systems (ICS) cybersecurity for a more aligned, proactive and collaborative approach to protect the essential services Americans use every day.

The strategy, Securing Industrial Control Systems: A Unified Initiative is intended to help architects, owners and operators, vendors, integrators, researchers, and others in the ICS community build capabilities that lead to more secure ICS operations. Ultimately, it strives to move CISA and the ICS community beyond reactive measures to a more proactive ICS security focus.

“In recent years, we have seen industrial control systems around the world become a target for an increasing number of capable, imaginative adversaries aiming to disrupt essential services,” said Christopher Krebs, Director of CISA. “As attackers continue trying to exploit vulnerabilities in ICS, we need to make sure we’re staying ahead of them. Together with our partners in the ICS industry and the security community, this strategy will lead us to new, unified initiatives and security capabilities that will markedly improve the way we defend and secure ICS.”

Although ICS owners and operators manage their own security, CISA’s mission is to assist through delivery of a broad portfolio of ICS security products and services, especially when an exploitation may threaten people or property or undermines confidence in critical infrastructure safety and reliability.

The CISA ICS initiative is a five-year plan that builds on the collaborative work already done and the existing support CISA provides to the community. It also elevates ICS security as a priority within CISA, coalescing CISA’s organizational attention around the implementation of a unified, “One CISA” strategy. The initiative organizes our efforts around four guiding pillars:

Pillar 1: Ask more of the ICS Community, deliver more to them.

Pillar 2: Develop and utilize technology to mature collective ICS cyber defense.

Pillar 3: Build “deep data” capabilities to analyze and deliver information that the ICS community can use to disrupt the ICS cyber kill chain.

Pillar 4: Enable informed and proactive security investments by understanding and anticipating ICS risk.

The CISA ICS Strategy can be found at www.cisa.gov/ICS.

Leave a comment

EU Funds EUR 13 Million Natural Disasters Project Linking IOM, Oxfam in Burundi

July 10, 2020 Neil Walker Agency News, Industry News, Water sector

The International Organization for Migration (IOM) and Oxfam have joined forces to launch an EU backed multi-million Euro Disaster Risk Reduction (DRR) project that will help hundreds of thousands of Internally Displaced Persons (IDPs) and other communities in Burundi.

Every year tens of thousands of people are displaced by natural disasters and climatic events, ranging from earthquakes, flooding, landslides, hail, and heavy and torrential rains that claim many lives and destroy thousands of homes. Over 112,000 people in Burundi are currently displaced due to such weather disasters.

This has negatively impacted Burundi’s efforts to reduce poverty, fight climate change, and build sustainable cities, in line with the Sustainable Development Goals.

The EUR 13 million, 3-year project—funded through “TUBEHONEZA,” the “Rural Development” component of the European Union’s Resilience Programme—includes nationwide risk mapping, building the capacity of the Government of Burundi to coordinate DRR initiatives and leading community-based DRR interventions.

IOM will focus on Burundi’s 18 provinces and 119 communes, while Oxfam will target 11 provinces and 22 communes. Though the scope of each organization’s work is slightly different, actions will be synergized and coordinated to complement each other, avoiding duplication and ensuring a joint approach throughout the country.

The project will be implemented in co-ordination with the Ministry of Home Affairs, Community Development and Public Security, particularly including the National Platform for Risk Prevention and Disaster Management of Burundi.

“Local communities suffer not only from the direct consequences of the events, such as through destruction of shelter, agricultural fields and displacement, but are also exposed to significant direct and indirect public health risks created by the disasters,” said AJ Morgen, IOM Burundi Chief of Mission. “Supporting DRR efforts in Burundi, therefore, is not only important but essential for reducing displacement and improving the conditions needed for long-term, sustainable development.”

The initial stage of the project entails a country-wide, multi-hazard assessment and risk mapping at the national level, to be scientifically tailored to meet five primary hazards: torrential rains, strong winds, flooding, landsides, and earthquakes. The data collected during the risk assessment will produce risk assessment maps for each of the five hazards.

The second stage will utilize the risk maps to update or elaborate contingency plans in all 18 provinces of Burundi. Combined with institutional capacity building of the country’s Disaster Risk Management (DRM) platforms, this will enable communities, local authorities, humanitarian and development organizations to better prepare for, and respond to, those risks.

The final component of the project will engage communities most at-risk of disasters to implement disaster prevention and mitigation activities.

The projects also include emergency response funding to enable IOM and Oxfam to provide emergency non-food items and/or shelter support if a significant disaster occurs during the project’s lifetime.

“Climate change is severely affecting the Burundian population and will increase the frequency and magnitude of natural disasters in the future. The EU has reacted and is now supporting efforts to prevent these disasters. The EU will remain alongside the Burundian people and will draw on the experience of IOM and Oxfam in dealing with these risks,” explained H.E Claude Bochu, Ambassador of the European Union to Burundi.

Leave a comment

Criminals infiltrating Africa’s booming mobile money industry

July 8, 2020 Neil Walker Agency News, Industry News, Telecomms sector

A new INTERPOL report has found the billion dollar mobile money industry in Africa is being exploited by organized crime groups – a trend only set to increase as the service is rolled out across the continent.

The ‘Mobile money and organized crime in Africa’ report presents an overview of the criminal exploitation of mobile money services, including fraud, money laundering, extortion, human trafficking and people smuggling, the illegal wildlife trade and terrorism.

The African continent is the “world leader” in the mobile money industry, accounting for nearly half of all registered mobile money accounts globally.

The prominent role that mobile money plays in African societies and economies, and the rapid pace at which its infrastructure has been developed, has enabled criminals to “exploit weaknesses in regulations and identification systems” and commit mobile money-enabled crimes.

Lack of robust identity checks
The report notes that mobile money itself has proven to be a positive force for financial inclusion and economic development in many African countries, and that a more cash-based informal economy can sometimes present even graver challenges to law enforcement.

However, a lack of robust identity checks to verify users combined with a need for greater law enforcement resources and training on mobile money-enabled crimes have created a financial system distinctly vulnerable to criminal infiltration.

Types of ID required to register for a mobile money account are not standardized across Africa and acceptable documents range from national identity cards to company IDs, tax certificates and drivers licenses.

While such a broad spectrum of acceptable IDs benefit the growth of mobile money services, it also increases their vulnerability to fraud, money laundering and other crimes.

In parallel, despite progress in conviction rates for mobile money-enabled crimes, the technical expertise and equipment required to complete investigations can prove difficult to integrate into the court process.

“The time to act is now”
With mobile money poised for even greater growth in Africa, unless the vulnerabilities are addressed, these services pose a significant threat to consumers and national security.

By 2025, smartphone user rates in Sub-Saharan Africa alone are projected to rise from roughly 39 per cent today to 66 per cent. Higher smartphone adoption, combined with a wider array of mobile money services on offer, will likely increase the number of transactions performed through smartphone apps.

“The evidence shows that criminals are already exploiting mobile money services in Africa. The anonymity that these services too often allow and the technical nature of the industry also present a challenge to law enforcement in investigating and prosecuting these crimes,” said Cyril Gout, INTERPOL Acting Director of Operational Support and Analysis.

“This report emphasizes the need to act is now. By addressing the vulnerabilities highlighted by Project ENACT, we can ensure that the mobile money industry continues to grow throughout Africa without being compromised by those who seek to undermine it,” added Mr Gout.

Project ENACT
Through ENACT, INTERPOL assists police in Africa to adopt proactive strategies to combat organized crime threats, facilitate information exchange and enhance investigative skills.

Project ENACT is the first initiative of its kind to cover the entire African continent in analysing the scale of organized crime and its impact on security, governance and development. This analysis serves to inform decision-makers and strengthen law enforcement cooperation at regional and continental levels.

Project ENACT is funded by the European Union and implemented by INTERPOL and the Institute for Security Studies, in partnership with the Global Initiative Against Transnational Organized Crime.

Leave a comment

Italy & Romania Take Down €20m Cyber Fraud Ring

July 7, 2020 Neil Walker Agency News, Cyber Security CII sector, Industry News

The Italian National Postal and Communication Police Unit (Polizia Postale e delle Comunicazioni) and the Romanian National Police (Poliția Română), supported by Europol and Eurojust, dismantled an organised criminal group involved in financial fraud, cybercrime and money laundering.

On 7 July, Italian and Romanian law enforcement authorities carried out 12 house searches and arrested 12 individuals (8 in Italy and 4 in Romania). The operation led to the seizures of personal computers, credit cards, properties, vehicles and other assets with an overall estimated value of over €1.5 million.

The criminal organisation was using a wide network of money mules in Italy, created to launder criminal proceeds from a variety of cybercrime activities. The criminal group was involved in financial frauds and cyber scams such as rental fraud (fraud through the advertisement of non-existent properties to rent) and CEO fraud (impersonating a company official to trigger large transfers to bogus accounts). With these frauds, the criminals were deceiving victims across Europe into making wire transfers to Italian bank accounts, owned by the money mules. It is estimated that the criminal group has generated up to €20 million losses per year for victims across Europe.

Europol supported the operation by facilitating information exchange and providing analytical support. During the two action days, Europol deployed an expert to Italy to cross-check in real time operational information against Europol’s databases and provide leads to the investigators in the field.

Eurojust facilitated the coordination of the operation and the cooperation between the judicial authorities involved in the case.

Leave a comment

Ericsson to boost 5G mission-critical connectivity in European rail industry

July 1, 2020 Neil Walker Industry News, Transport sector

Building on its commitment to the railway sector, Ericsson has joined the Association of the European Rail Supply Industry (UNIFE) to show how 5G and mission-critical networks can enable the rail industry to meet the challenge of rail digitalization.

UNIFE, a major industry association, represents European train builders and rail equipment suppliers. By joining UNIFE, Ericsson strengthens its commitment to developing critical network capabilities for the rail industry. Its membership will make an important contribution to accelerating the modernization of railway communications with 5G for FRMCS (Future Railway Mobile Communication Systems).

As a UNIFE member, Ericsson will support the railway sector in tapping the potential of digitalization to improve the quality and efficiency of operation, passenger experience and network and data security.

Manuel Ruiz, Head of Mission Critical Networks at Ericsson, says that fundamental changes in technology that come with 5G and mission-critical networks will enable the rail industry to meet the challenge of digitalization and business transformation.

“With the standardization of the Future Railway Mobile Communications Systems expected to be based on 5G, Ericsson is honored to join UNIFE,” Ruiz says. “Many communications service providers in Europe have already chosen Ericsson’s 5G technology. We look forward to helping the railway sector achieve their operational goals using this technology.”

Already in 2018, Ericsson and Swisscom demonstrated end-to-end network slicing to meet the needs of the railway sector. Ericsson is currently testing connectivity together with national rail companies.

As a UNIFE member, Ericsson will also be able to participate in EU-funded innovation and research projects. Built on its leading 3GPP 4G and 5G technology, Ericsson’s mission-critical networks and applications deliver next-generation, secure, resilient, and high performance mission-critical mobile broadband communication services.

Leave a comment

The EU Cybersecurity Act’s first anniversary: one step closer to a cyber secure Europe

June 29, 2020 admin Agency News, Cyber Security CII sector, Industry News

On 27 June 2020, the European Union Agency for Cybersecurity (ENISA) celebrated the first anniversary of the EU Cybersecurity Act (CSA) and its strengthened role towards securing Europe’s information society. The CSA gave the Agency a permanent mandate, a new list of tasks and increased resources, and also established the EU cybersecurity certification framework.

The Agency now plays a key role in setting up the framework and builds on its past work towards achieving a high common level of cybersecurity across the European Union by actively supporting Member States, EU institutions, industry, academia and citizens. Regarding the framework, the Agency is close to completing the first cybersecurity certification scheme and is making rapid progress towards a second one, on cloud services.

The mandate has also expanded the Agency’s role in supporting capacity-building and preparedness capabilities, as well as operational cooperation - areas that continue to be put to the test during the COVID-19 pandemic. ENISA acted quickly at the onset of the pandemic by preparing awareness campaigns, sets of tools and publications offering in-depth guidance on cyber safety for organisations, businesses and citizens, all publically available on the webpage COVID19.

Under its expanded role in policy development and implementation, ENISA has thrived, especially in the area of emerging technologies. For 5G security, ENISA has been involved in each phase and continues to support the European Commission and Member States as a common toolbox is being implemented. Last year, the Agency also supported the EU Member States with developing an EU-wide joint risk assessment regarding the 5G roll out, and delivered a 5G threat landscape report, which analyses threats at a more technical level. On Artificial Intelligence, the Agency has set up a 15-member ad-hoc working group on Cybersecurity for AI that will further advance European expertise on AI threats and solutions.

In addition, ENISA has welcomed the newly mandated tasks around research and innovation by creating the EU cybersecurity skills framework and fostering collaboration amongst the four cybersecurity pilot projects of the European Cybersecurity Competence Network.

Leave a comment

EU funds research in rail cybersecurity

June 25, 2020 Neil Walker Industry News, Transport sector

The Safety4Rails research programme to improve the resilience of railways and metros to cyber and physical attacks is one of five projects that will share €38m in funding from the EU’s Horizon 2020 research budget.

The package announced by Commissioner for Innovation, Research, Culture, Education & Youth Mariya Gabriel on June 15 also includes the 7Shield project to improve prevention, detection, response and mitigation of cyber and physical threats to space infrastructure and the Ensures project covering e-commerce and delivery services.

The Impetus and S4AllCities projects are respectively aimed at enhancing the resilience of cities’ infrastructure and services and at protecting citizens in the event of security incidents in public spaces. All five are due to start by October 2020 and run for two years.

Horizon 2020 is contributing €7·7m towards the €9·6m Safety4Rails project, which will be co-ordinated by Germany’s Fraunhofer Institute.

Recognising that railways and metros could be an attractive target for cyber and/or physical attacks, Safety4Rails is intended to ‘deliver methods and systems to increase the safety and recovery of track-based inter-city railway and intra-city metro transport’. This could range from cyber attacks such as the WannaCry virus or physical attacks like the Madrid commuter train bombings in 2014 to combined cyber-physical attacks, which the promoters suggest are ‘an important emerging scenario given increasing IoT infrastructure integration’.

The research will focus on rush-hour scenarios where many passengers are using metros and railways to commute or attend mass events, including multi-venue sporting tournaments. In the event of an incident, operators have to consider many aspects of passenger safety and security, ranging from threat analysis and situation awareness to the establishment of crisis communication and communicating any responses to passengers and other organisations.

The project aims to take a holistic approach to incident handling, analysing the cyber-physical resilience of metro and railway systems and providing mitigation strategies for an efficient response, as well as facilitating continuous adaptation to address ‘ever-changing novel emerging risks’. Various proposals will be validated by two rail transport operators and fed back into the design of the final recommendations.

Leave a comment

GNSS Firewall Software to Strengthen Global Navigation Satellite System (GNSS) Protection

June 24, 2020 Neil Walker Industry News, Power/Energy/Oil & Gas sector

Critical infrastructure systems including power utilities, financial services, mobile networks and transportation rely on Global Positioning System (GPS)-delivered timing to ensure ongoing operations. Microchip Technology Inc. (Nasdaq: MCHP) today announced the release of a major software update for its BlueSky™ GNSS Firewall product, providing a higher level of resiliency against GPS vulnerabilities for systems dependent on GPS signal reception.

Microchip's BlueSky GNSS Firewall Software Release 2.0 performs real-time analysis to detect jamming and spoofing for protecting reception of the GPS signal and hardening response and recovery to avoid signal disruption. BlueSky GNSS Firewall Software Release 2.0 includes charting and advanced threshold settings of Global Navigation Satellite System (GNSS) observables such as satellites-in-view, carrier-to-noise, position dispersion, phase time deviation and radio frequency (RF) power level to simplify system turn-up and deployment.

BlueSky GNSS Firewall Software Release 2.0 includes improvements developed by Microchip as a result of participation in an industry live-sky testing event hosted by the U.S. Department of Homeland Security (DHS) Science and Technology Directorate and open to all providers. Microchip's participation in the DHS-hosted GPS Testing for Critical Infrastructure (GET-CI) events, with scenarios including spoofed signals, has helped the company to identify new solutions to prevent signal disruptions. As a result of 2019 live-sky testing and other input, Microchip developed the Blue Sky GNSS Firewall Software Release 2.0 to address operators' evolving requirements.

Leave a comment

« 1 … 45 46 47 48 49 »