Category: Organisation Types

Organisation Types for membership

Mass Care/Emergency Assistance Pandemic Planning Considerations Guide

Agency News, Health & Social Care

FEMA announces an advisory document to examine the unique considerations when developing mass care and emergency assistance plans associated with a pandemic scenario. The processes discussed can be implemented by the jurisdiction without federal assistance or when federal assistance is requested and available. In this document, “jurisdiction” refers to local, state, tribe or territory, insular area and federal governments.

Further details and to download the document visit www.fema.gov/media-library/assets/documents/188597

Leave a comment

Spotlight on incident reporting of telecom security and trust services

Agency News, Cyber Security CII sector, Industry News

ENISA, the EU Agency for Cybersecurity, released a new version of CIRAS, a tool for statistical analysis of cybersecurity incidents. Two new sets of EU data on cybersecurity incident were made available:

Telecom security incidents reported for the year 2019
Trust services security incidents for 2016-2019

The online visual tool, accessible to the public, now gives access to 8 years of telecom security incidents, and 4 years of trust services incident reports: a total of 1100 cybersecurity incidents. The new visual tool allows for analysis of multiannual trends.

Mandatory cybersecurity incident reporting is a corner stone of cybersecurity legislation in the EU. Cybersecurity incident reporting gives the national authorities in Europe vital information about the root causes and overall impact of major incidents. Every year national authorities send summaries of these major cybersecurity incidents to ENISA for aggregation and analysis at EU level. ENISA publishes statistics in yearly reports and gives access to aggregated and anonymised data in the online visual tool, to increase transparency about cybersecurity incidents. This online visual tool allows for custom analysis of trends and patterns. For example, the user is able to select a specific time-period or specific root cause categories and get custom statistics about detailed causes and assets affected. ENISA also maintains a private repository for the national authorities.

Background and legal base:

ENISA has been supporting the EU telecom security authorities with the implementation of EU wide telecom breach reporting, under Article 13a of the Framework directive since 2010.

Under this framework, ENISA develops procedures, templates, tooling and analysis and publishes an annual report with aggregated statistics about the telecom security incidents with significant impact since 2012.

ENISA has been supporting supervisory bodies in the EU with cybersecurity breach reporting for trust services under Article 19 of the eIDAS regulation since 2016. Besides, ENISA also started to support the NIS cooperation group with the cybersecurity incident reporting along the provisions of the NIS Directive.

ENISA will be publishing the detailed annual reports in the coming weeks.

Root causes of telecom security incidents

Over the last 4 years, the most common root cause of telecom security incidents is system failures (412 out of 637 incidents). The second most common root cause is human errors with nearly a fifth of total incidents (19%, 119 incidents in total). Natural phenomena are the third root cause with 11% while only 4% of the incidents are categorized as malicious actions.

Root cause categories of trust services security incidents

Over the 4 years of trust services security incident reporting, the most common root cause is System failures (60%). Around a fifth of the reported incidents were due to human errors and a fifth of the incidents were flagged as malicious actions. Natural phenomena are not a common root cause in this sector. This sector operates differently than the telecom one. With large-scale aboveground infrastructure for the mobile networks, the telecom sector is more vulnerable to natural phenomena.

Leave a comment

Telos ID to provide Transportation Security Administration (TSA) with improved background checks for airport workers

Industry News, Telecomms sector

Telos ID has announced that the Port of Seattle has contracted with Telos ID to provide Transportation Security Administration (TSA)-approved Designated Aviation Channelling (DAC) services for processing worker background checks at Seattle-Tacoma International Airport (SEA).

Telos ID’s DAC services improve data integrity, increase the efficiency of credentialing operations and reduce costs. DAC services enable submissions of workers’ biographic and biometric data to conduct background checks, including subscriptions to the FBI Rap Back program, for individuals working in secure areas of U.S. commercial airports. Telos ID has been supporting SEA with DAC services since 2016, and with recent selection to continue services, will do so for an additional ten years. SEA uses the DAC via integration with its identity management system (IdMS).

“The DAC services deployment at Seattle-Tacoma International Airport is notable for its size and scope, specifically the integration with SEA’s IdMS, enabling efficient biographic, biometric, and Rap Back transmissions,” said Dawn E. Lucini, vice president of aviation security, Telos ID. “With a large badge holder population, we have streamlined the TSA-required aviation worker background check process, while upholding the high security and customer service standards at SEA.”

As an encrypted, web-based solution, Telos ID’s DAC services meet TSA and Department of Homeland Security (DHS) requirements for handling personally identifiable information and biometrics. Its modular design supports each airport’s and air carrier’s needs, and users can perform multiple functions on one platform.

Leave a comment

COVID-19 pandemic highlights submarine cables as critical infrastructure

Industry News, Telecomms sector

“Submarine cables are crucial infrastructure and have been vital in helping us get through this pandemic together,” said Keith Schofield, General Manager, International Cable Protection Committee.

For many years now, the submarine cable industry has been at the heart of international connectivity, providing data avenues that span continents and unrivalled capacity. Despite this, the industry’s fundamental contribution to the telecoms sphere is often overlooked.

But now, during the coronavirus pandemic, the critical nature of the subsea cable industry has come to the fore, proving once and for all that they are undeniably critical infrastructure all over the world. But responding to the demands of the crisis has not been easy.

[Source: Total Telecom]
Leave a comment

Nigeria declares telecoms facilities critical national Infrastructure

Industry News, Telecomms sector

In response to the yearnings of industry stakeholders to declare telecom facilities Critical National Infrastructure, President Muhammadu Buhari, has finally approved and also directed that necessary physical protective measures be put in place to safeguard telecommunications infrastructure deployed across the country.

This followed a proposal by the Minister of Communications and Digital Economy, Dr. Ibrahim Pantami, to the President to identify telecommunications infrastructure as Critical National Infrastructure, with a view to protecting them from vandalization and theft, amongst other things.

Recall that telecom operators and industry players had over the years been consistent in their demand for the Federal government to declare all telecoms facilities across the country critical national infrastructure but their request was never heeded to, leading to frequent vandalization of telecoms infrastructure in various parts of the country.

The Nigerian telecommunications industry, depends on a number of infrastructure that play a critical role in the smooth delivery of telecoms services.

These are part of Critical National Infrastructure (CNI) because of the important role they play, in ensuring security and in the delivery of other essential services.

As part of the policy of the Federal Government of Nigeria, the Minister of the Federal Ministry of Communications and Digital Economy, Dr Isa Ali Ibrahim Pantami, decided to champion the efforts to identify telecommunications infrastructure as Critical National Infrastructure, with a view to protecting them from vandalization and theft, amongst other things.

With the presidential directive, the Minister said the Office of the National Security Adviser (ONSA), Defence Headquarters (DHQ), Nigeria Police Force (NPF), Department of State Security Services (DSS) and the Nigeria Security and Civil Defence Corps (NSCDC), have been notified of Mr President’s directive and are expected to enforce same as directed.

While, appreciating the security institutions, and commending them for their commitment in securing these infrastructure, he noted that the ministry are also working towards the reinforcement of the directives through appropriate regulatory instruments.

“The implementation of the National Broadband Plan (NBP) and the implementation of the National Digital Economy Policy and Strategy, both unveiled by Mr. President, have repositioned the ICT sector.

“This is evident by the recent ‘Nigeria’s Gross Domestic Product Report’ released by the National Bureau of Statistics (NBS) which showed that the ICT sector contributed an unprecedented 14.07% to the total real GDP in the first quarter of 2020.

“The Minister is truly grateful for the timely approval of President Muhammadu Buhari, and we are confident that this will address the challenge of vandalism of our Critical National Infrastructure.

“It will also go a long way in supporting the implementation of the National Broadband Plan (2020-2025),” the Minister said.

He however, urged the Mobile Network Operators (MNOs) to ensure that they further reduce the price of data and calls for citizens to reciprocate the government gesture.

He also advised them to submit a comprehensive list of their facility locations all over the country.

[Source: Today Nigeria]
Leave a comment

National Grid Welcomed to European CNI Forum

Industry News, Power/Energy/Oil & Gas sector

The European Network for Cyber Security (ENCS) has welcomed National Grid as its first UK member, saying the UK’s transmission system operator (TSO) is among Europe’s “most sophisticated” in terms of cybersecurity posture, and its membership will boost knowledge sharing.

The ENCS is a member-led organisation that works to boost the security of EU energy grids and infrastructure in the face of hyperactive probing by bad actors, and, arguably, distinctly half-baked regulation that fails to penalise manufacturers for insecure components.

Among other efforts, ENCS has baked security requirement guidance into procurement cycles across its membership base and developed testing capabilities to risk-assess things like smart metres; this has now expanded to other areas of the grid, like distribution automation and other tools.

Paul Lee, an engineering manager for cyber and control systems at National Grid said in a statement shared by ENCS: “We have robust cybersecurity measures in place across all our operational infrastructure and IT to protect against cyber threats, but our membership will help us to benefit from ENCS knowledge base as we share information with other members, contributing to increased protection across all critical infrastructure”.

ENCS’s MD Nijk said, “Grid infrastructure has evolved with dramatic speed. Partnering with domain operators to build an expert pool is vital to our members need to be fast and effective [in building up their security] instead of waiting for regulations”.

“National Grid already ranks among the most sophisticated TSOs in terms of cyber security, and by joining ENCS, it demonstrates its commitment to that improving even further” he said in a canned statement.

[Source: Computer Business Review]
Leave a comment

Red Cross Calls for Halt to Cyberattacks on Healthcare Infrastructure

Health & Social Care, Industry News

The Red Cross has called on hackers and scammers to end their cyber-attacks on health facilities in a letter published.

The letter, also signed by a group of political and business figures, said that attacks endanger human lives, particularly during the Covid-19 pandemic, and governments should take more “immediate and decisive action” to stop them.

Brad Smith, President of Microsoft, and former US Secretary of State Madeleine Albright, are among the 42 co-signers of the letter, which was initiated by the CyberPeace Institute.

In the letter, Peter Maurer, president of the International Committee of the Red Cross, said: “We are hoping that the world’s governments will step up to affirm their commitments to the international rules that prohibit such actions.”

The calls come after an increase in cyber-attacks on critical infrastructure and healthcare facilities during the Covid-19 pandemic, with hackers and scammers eyeing an opportunity to take advantage of a complicated situation.

In April, Interpol warned that cybercriminals have been increasing attacks on healthcare systems, increasing ransomware attacks to hold hospitals to ransom during the spread of Covid-19, despite the work these facilities carry out to save lives.

Interpol Secretary-General, Jürgen Stock, commented: “As hospitals and medical organisations around the world are working non-stop to preserve the well-being of individuals stricken with the coronavirus, they have become targets for ruthless cybercriminals who are looking to make a profit at the expense of sick patients

“Locking hospitals out of their critical systems will not only delay the swift medical response required during these unprecedented times, but it could also directly lead to deaths.

“Interpol continues to stand by its member countries and provide any assistance necessary to ensure our vital healthcare systems remain untouched and the criminals targeting them held accountable.”

Leave a comment

Only 36% of critical infrastructures have a high level of cyber resilience

Cyber Security CII sector, Industry News

Greenbone Networks revealed the findings of a research assessing critical infrastructure providers’ ability to operate during or in the wake of a cyberattack.

The research investigated the cyber resilience of organizations operating in the energy, finance, health, telecommunications, transport and water industries, located in the world’s five largest economies: UK, US, Germany, France and Japan. Of the 370 companies surveyed, only 36 percent had achieved a high level of cyber resilience.

To benchmark the cyber resilience of these critical infrastructures, the researchers assessed a number of criteria. These included their ability to manage a major cyberattack, their ability to mitigate the impact of an attack, whether they had the necessary skills to recover after an incident, as well as their best practices, policies and corporate culture.

Infrastructure providers in the US were the most likely to score highly, with 50 percent of companies considered highly resilient. In Europe, the figure was lower at 36 percent. In Japan, is was just 22 percent.

Read more >>

[Source: HelpNetSecurity]

Leave a comment

Statement from Attorney General William P. Barr Regarding the U.S. Department of State Global CTO Roundtable on 5G Integrated and Open Networks

Industry News, Telecomms sector

Attorney General Barr issued the following statement:

“The United States and our partners are in an urgent race against the People’s Republic of China (PRC) to develop and build 5G infrastructure around the world.  Our national security and the flourishing of our liberal democratic values here and around the world depend on our winning it.  Future 5G networks will be a critical piece of global infrastructure, the central nervous system of the global economy.  Unfortunately, the PRC is well on its way to seizing a decisive 5G advantage.  If the PRC wins the 5G race, the geopolitical, economic, and national security consequences will be staggering.

The PRC knows this, which explains why it is using every lever of power to expand its 5G market share around the globe.  The community of free and democratic nations must do the same.

To compete and win against the PRC juggernaut, the United States and its partners must work closely with trusted vendors to pursue practical and realistic strategies that can turn the tide now.  Although the ‘Open RAN’ approach is not a solution to our immediate problem, the concept of Integrated and Open Networks (ION), which was the topic of yesterday’s roundtable, holds promise and should be explored.  We can win the race, but we must act now.”

Leave a comment

Model Of Critical Infrastructures Reveals Vulnerabilities

Industry News, Transport sector

An interdisciplinary team of Kansas State University researchers developed a computer simulation that revealed beef supply chain vulnerabilities that need safeguarding — a realistic concern during the COVID-19 pandemic.

Caterina Scoglio, professor, and Qihui Yang, doctoral student, both in electrical and computer engineering, recently published “Developing an agent-based model to simulate the beef cattle production and transportation in southwest Kansas” in Physica A, an Elsevier journal publication.

The paper describes a model of the beef production system and the transportation industry, which are interdependent critical infrastructures — similar to the electrical grid and computer technology. According to the model, disruptions in the cattle industry — especially in the beef packing plants — will affect the transportation industry and together cause great economic harm. The disruptions modeled in the simulation share similarities with how the packing plants have been affected during the COVID-19 pandemic.

“When we first started working on this project, there was a lot of emphasis on studying critical infrastructures; especially ones that are interdependent, meaning that they need to work together with other critical infrastructures,” Scoglio said. “The idea is if there is a failure in one of the systems, it can propagate to the other system, increasing the catastrophic effects.”

Full story at Eurasia Review - https://www.eurasiareview.com/18052020-model-of-critical-infrastructures-reveals-vulnerabilities/

Leave a comment
1 51 52 53 54