Ilias Chantzos Senior Director, Government Affairs - EMEA Symantec Cyber-security & cyber-resilience: Policy implications in smart cities.

Slides:

Advertisements

Similar presentations

A strategy for a Secure Information Society –

Advertisements

Philippine Cybercrime Efforts

‘Changing environment – changing security’ - Cyber-threat challenges today – Budapest, September 17-18, Industry and the fight against cybercrime.

Threat Intelligence Use in Information Security: History, Theory and Practice Tim Gallo Cyber Security Field Engineering 1.

Security for Today’s Threat Landscape Kat Pelak 1.

1 Getting Beyond Standalone Antivirus to Advanced Threat Protection Eric Schwake Sr. Product Marketing

Backup Modernization with NetBackup Appliances

From devices to governance: ICT as a key enabler in Genoa Smart City Strategy.

Global Information Systems

The Changing Face of Endpoint Security K Varadarajan Regional Manager, Enterprise Sales, Symantec Security Conference 2010_Bangalore.

Focus Group on Smart Sustainable Cities ITU-T Giampiero Nanni Leader of the “Technical report on cyber-security, data protection & cyber-resilience in.

(Geneva, Switzerland, September 2014)

Symantec Vision and Strategy for the Information-Centric Enterprise Muhamed Bavçiç Senior Technology Consultant SEE.

NIS Directive and NIS Platform

Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.

1 When Cloud Networking meets Cloud Computing: Software-Defined Networking (SDN) Customer Application Faan DeSwardt Infrastructure Architecture Manager.

Comptroller of the Currency Administrator of National Banks E- Security Risk Mitigation: A Supervisor’s Perspective Global Dialogue World Bank Group September.

Cybercrime Outlook on African banks Adwo Heintjes Global Head IT Audit & Ops Rabobank.

Resiliency Rules: 7 Steps for Critical Infrastructure Protection.

Your cybersecurity breach will happen! Here’s what to do to mitigate your risk Thursday, 25 September 2014.

Lessons Learned in Smart Grid Cyber Security

Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.

2002 Symantec Corporation, All Rights Reserved The dilemma European Security Policy and Privacy Ilias Chantzos Government Relations EMEA Terena Conference,

January THE ISSUE Launch Event. Leicester. THE ISSUE Traffic- Health- Environment. Intelligent Solutions Sustaining Urban Economies. Professor.

© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Cyber Security: Now and.

Isdefe ISXXXX XX Your best ally Panel: Future scenarios for European critical infrastructures protection Carlos Martí Sempere. Essen.

DOCUMENT #:GSC15-PLEN-53 FOR:Presentation SOURCE:ETSI AGENDA ITEM:PLEN 6.11 CONTACT(S):Emmanuel Darmois, Board Member Marylin Arndt, TC M2M chair Smart.

Symantec Managed Security Services The Power To Protect Duncan Evans Director, Cyber Security Services 1.

1 Safely Using Shared Computers Amanda Grady December 2013.

President’s Forum and WSML 2012 Mobile Market Dynamics Deborah Clark, Dawn Davis, Brian Duckering, Marie Pettersson 1 “A Day in the Life of a Mobile Family”

The NIGF CONFERENCE © 2013 ADDRESSING THE VULNERABILITY OF CRITICAL ICT INFRASTRUCTURE by Ernest Ndukwe, OFR Chairman Openmedia Communications Ltd 18 th.

Secure Connections for a Smarter World Dr. Shuyuan Mary Ho Assistant Professor School of Information Florida State University.

2 ictQATAR “ Information and Communication Technology (ICT) improves how we live and work in countless ways.”  The Ministry of Information Communication.

Towards a European data-driven economy Giuseppe Abbamonte, Director Media and Data European Commission DG for Communications Networks, Content and Technology.

Next Generation Partner Program Fady Iskander Symantec Corp.

WebCast 5 May 2003 Proposed NERC Cyber Security Standard Presentation to IT Standing Committee Stuart Brindley, IMO May 26, 2003.

Quick Thoughts on PGP Use Cases for KMIP 1 Michael Allen Sr. Technical Director.

The current state of Cybersecurity Targeted and In Your Pocket Dale “Dr. Z” Zabriskie CISSP CCSK Symantec Evangelist.

ROBERT HAVAS VP Strategy and Business Development Security Chairman of EOS(European Organisation for Security xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.

President’s Forum and WSML 2012 SYMSTRAT 03: Enterprise Sales Conversations for Virtualization Todd Zambrovitz with guest appearance by Kevin Fiedler 1.

2002 Symantec Corporation, All Rights Reserved The EU Regulations and IT security An industry perspective Ilias Chantzos, Government Relations EMEA Terena.

WLAN Auditing Tools and Techniques Todd Kendall, Principal Security Consultant September 2007.

Cyber Insecurity Under Attack Cyber Security Past, present and future Patricia Titus Chief Information Security Officer Unisys Corporation.

International Telecommunication Union Committed to connecting the world ITU-T Focus Group on Smart Sustainable Cities Giampiero Nanni Co-Leader of the.

Features Governmental organization Critically important ICT objects Distributed infrastructure Three levels of confidentiality Dozens of subsidiary organizations.

Governor’s Office of Homeland Security & Emergency Preparedness LOUISIANA BANKERS ASSOCIATION 2010 Louisiana Emergency Preparedness Coalition Meetings.

The EU framework programme for research and innovation.

111 © 2005 EMC Corporation. All rights reserved. Achieving Business Resilience 2005 Business Continuity and Corporate Security Show & Conference Stephen.

Introduction and Overview of Information Security and Policy By: Hashem Alaidaros 4/10/2015 Lecture 1 IS 332.

Copy to Tape TOI. 2 Copy to Tape TOI Agenda Overview1 Technical Feature Implementation2 Q&A3.

© 2012 IBM Corporation IBM Security Systems 1 © 2012 IBM Corporation Cloud Security: Who do you trust? Martin Borrett Director of the IBM Institute for.

ReFINE Research for Future Infrastructure Networks of Europe ECTP OG 10 -April 28, 2010 Brussels.

19-20 October 2010 IT Directors’ Group meeting 1 Item 6 of the agenda ISA programme Pascal JACQUES Unit B2 - Methodology/Research Local Informatics Security.

Optimized Synthetics 1 OpenStorage Optimized Synthetics.

Partner Proctored Assessment Registration Process Ajit Jha 1 Partner Assessment.

TÜBİTAK – BİLGEM – SGE Cyber Security Institute Asım Gençer Gökce TÜBİTAK BİLGEM Cyber Security Institute (SGE) Role: Cyber.

Cyber Security in the Post-AV Era Amit Mital Chief Technology Officer General Manager, Emerging Endpoints Business Unit.

Sicherheitsaspekte beim Betrieb von IT-Systemen Christian Leichtfried, BDE Smart Energy IBM Austria December 2011.

 ROAD SAFETY: the European Union Policy European Commission, Directorate General for Mobility & Transport «Road Safety.

EUROPEAN SECURITY POLICY A SNAPSHOT ON SURVEILLANCE AND PRIVACY DESSI WORKSHOP, CPH 24 JUNE 2014 Birgitte Kofod Olsen, Chair Danish Council for Digital.

Agile Information Lifecycle: A Customer Journey March 2016 Dan Jennings Veritas Partner Technical Account Manager +44 (0) Veritas Technologies.

Andrew J Haire. Agenda  Let us define Terms…  What do we know so far  How did we get here  What are Implications to Policy Makers  What will this.

Protecting Data, Sharing Information Graham Wakerley: Director

Security and resilience for Smart Hospitals Key findings

Information Security – Current Challenges

4th SG13 Regional Workshop for Africa on “Future Networks for a better Africa: IMT-2020, Trust, Cloud Computing and Big Data” (Accra, Ghana, March.

Bob Siegel President Privacy Ref, Inc.

Security for Safety: Enabling Digitalization of Railway Systems

The European Union response to cyber threats

Adding security to your ICS environment? Fine! But how?!

Presentation transcript:

Ilias Chantzos Senior Director, Government Affairs - EMEA Symantec Cyber-security & cyber-resilience: Policy implications in smart cities.

Big themes in the European policy agenda Cyber-Security Critical Information Infrastructure Protection Privacy and Data Protection Internet of Things (IoT) Big Data All data-driven, therefore any good policy approach will look at how to protect data 2

Cyber-security a main public policy theme 3  Greater awareness of risks and vulnerabilities  In 2013 the number of targeted cyber attacks increased by 91% YoY  Over the years, high-profile attacks have demonstrated how increasingly sophisticated attackers become  Cyber-attacks are perceived as a tier-1 threat by the EU and NATO  The EU is harmonising legislation on Critical Infrastructure Protection & Data Protection

Critical Information Infrastructure Protection Catapulted to the forefront – Several incidents of various nature – Widespread concern – Edge of cyber-warfare, state-sponsored actions Stuxnet 2011 Duqu 2012 Gauss 2012 Flame 2014 Dragonfly 2014 Regin

Network & Information Security Directive 5 Obligation for EU Member States to: Establish national cybersecurity strategies Build incident response capabilities, create and Equip national CERTS Appoint an authority with responsibility for cybersecurity Share information with each other. Obligations for industry and operators: In key sectors, develop a risk management approach Obligation for industry to notify cybersecurity breaches and share information with governments. Increasing resilience

General Data Protection Regulation – Directly applicable to all countries – Following up from 95/46/EC – Applicable to all industry of a certain size and possibly by Country discretion, to public sector – Regulates how personal data are collected, processed, retained and transferred 6

Principles of data collection  Fairly and lawfully  Receiving individual consent  Relevance  Proportionality  Types of data Collect Retain  Duration  Types of data Secure  Technical measures  Organizational measures  Data loss Purpose limitation  Specific data  For specific purpose  Any changes need to be notified Any processing Process Manage Retain & Secure Information lifecycle Provide access Right to rectify data Data destruction policy Data transfers Applicable rules The information lifecycle and good data governance 7

Awareness of data vulnerability 8 In a digital economy data is the “new currency” Information protection generates value, enables growth Individual/Industry/Government/National security: all interlinked. Focus shifts: Systems/HW/Devices  information/identity/ interactions Passive defense  Active intelligence Not vaccine, but DNA analysis Recognizing an attack, correlate data  learn from previous attacks Cooperate to understand cyber-threats: PPP - MoUs

Where is the public sector going? Direct impact on the lives of citizens Direct impact on the operations of government Accidental loss and Open Source Intelligence Resilience and continuity of operations Educate the users Intelligence driven Dynamic and mobile Process and people driven Info-sharing Threat mitigation Incident response Rethink national security and national defense strategy Know what information and infrastructure assets to be protected Understand the value of information CyberSecurity is no longer just about firewalls and AntiVirus Cooperation structures between government & NII owners/operators

Securing smart sustainable city systems Highly complex ICT systems Highly interconnected components (IoT) High volume of data 10

Securing the smart sustainable city 11 Wireless & hotspots Smart grids Intelligent transportation Connected healthcare Public safety & security Cyber-security Privacy Data integrity Compliance Resilience

Ensuring safety of critical infrastructure and continuity of critical services through cyber-resilience 12 City governance to ensure that ICT strategies are strongly interwoven into the fabric of the wider city evolution strategy Technology to enable policy City CIOs increasingly part of strategic policy discussions Systems/IoT, need to be standardised, interoperable and open, but also secure Cyber-security and resilience to be embedded from inception Cyber-security + backup and recovery systems for mission-critical administration data (& Big Data) Legislation increasingly prescriptive, nationally and EU

Conclusions 13 Smart city deployments imply vulnerability Complex, heterogeneous ICT implementations Diverse stakeholders Hyper-connectivity, IoT, Big Data, Cloud Computing Data is the digital currency - Data governance is the new focus Intelligence + Processes + People + Tools Cyber-attacks and data breaches are dangerous and costly Human lives - Data - Financial - Reputation - Credibility Cyber-threats are here to stay  Conceive the resilient smart city with Cyber-Security and Resilience in mind

EU Definition of Critical Infrastructure 14 Energy installations and networks Communications and information technology, Cloud Finance (banking, securities and investment) Healthcare Food production and distribution Water (dams, storage, treatment and networks) Transport (airports, ports, intermodal facilities, railway and mass transit networks and traffic control systems) Logistics Production, storage and transport of dangerous goods (e.g. chemical, biological, radiological and nuclear materials) Government (e.g. critical services, facilities, information networks, assets and key national sites and monuments). Media

Thank you! Copyright © 2015 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. 15 Ilias Chantzos Senior Director, Government Affairs - EMEA Symantec