EXPORT CONTROLS ON CYBERSECURITY Feb. 2016 EXPORT CONTROLS ON CYBERSECURITY Feb. 2016 Eli Greenbaum

Slides:



Advertisements
Similar presentations
Session I: Technology, Trade and Growth-lessons of Experiences Session I: Technology, Trade and Growth-lessons of Experiences Issues related to technology.
Advertisements

Freedom of Speech (Part 3)
Classification The Threat Environment Joyce Corell, NCSC Assistant Director for Supply Chain National Defense Industrial Association Global Supply Chain.
Copyright © 2009 South-Western Legal Studies in Business, a part of South-Western Cengage Learning. CHAPTER 13 The Regulation of Exports.
Guanjong High School Group 2. Physical Network Access Security Getting into a network closet could easily allow someone to disable computers and connect.
Ch.5 It Security, Crime, Compliance, and Continuity
Lecture 1: Overview modified from slides of Lawrie Brown.
EXAMINING CYBER/COMPUTER LAW BUSINESS LAW. EXPLAIN CYBER LAW AND THE VARIOUS TYPES OF CYBER CRIMES.
© McGraw Hill Companies, Inc., 2000 Entry Strategy and Strategic Alliances Chapter 14.
Legal Issues and Export Controls Career-Ending Opportunities and Ways to Get Fitted for an Orange Jumpsuit David Lombard Harrison, Associate Vice President.
Inteco and NIST Cooperation Peter Mell National Vulnerability Database Project Lead Senior Computer Scientist NIST Computer Security Division Tim Grance.
Carnegie Mellon Export Controls & Universities. Carnegie Mellon Introduction  Federal laws restricting the exports of goods and technology have been.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.
Software Protection & Scope of the Right holder Options for Developing Countries Presentation by: Dr. Ahmed El Saghir Judge at the Council of State Courts.
1 ECP 6701 Competitive Strategies in Expanding Markets International Business: An Overview.
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
By: Colby Shifflett Dr. Grossman Computer Science /01/2009.
NEW ZEALAND’S EXPORT CONTROLS Implementation and Status Ministry of Foreign Affairs and Trade.
Intellectual Property in the Context of Growth and Development of the World Economy Luciano Daffarra, Attorney at Law Daffarra, d’Addio & Partners China-Italy.
Modernizing Export Controls ABA International Law Section Matthew S. Borman Acting Assistant Secretary for Export Administration Bureau of Industry and.
Export Control Basics James E. Peterson, Ph.D. Associate Vice Chancellor for Research Office of Sponsored Research.
Global Analysis. International Trade – exchange of goods and services among nations Imports – goods and services purchased from another country Exports.
College of Engineering and Architecture Using Information to Increase Power Reliability and Reduce Vulnerability Anjan Bose Washington State University.
1 Panda Malware Radar Discovering hidden threats Channel Presentation Name Date.
Topics → Business strategy must set goals → Partners selection → Criteria for selecting partners → Structure must maximize cooperation → Incentives for.
Environment for Information Security n Distributed computing n Decentralization of IS function n Outsourcing.
Vulnerabilities in peer to peer communications Web Security Sravan Kunnuri.
Sample Security Model. Security Model Secure: Identity management & Authentication Filtering and Stateful Inspection Encryption and VPN’s Monitor: Intrusion.
ISO17799 Maturity. Confidentiality Confidentiality relates to the protection of sensitive data from unauthorized use and distribution. Examples include:
Impact of Globalization and Outsourcing of Software Development.
Embajada de la República Argentina Irlanda Welcome.
Chapter Fourteen Entry Strategy and Strategic Alliances.
. 1. Computer Security Concepts 2. The OSI Security Architecture 3. Security Attacks 4. Security Services 5. Security Mechanisms 6. A Model for Network.
Commons, Networks, and Technology Transfer Gerald Barnett Director, Intellectual Property Management University of California, Santa Cruz.
World Intellectual Property Organization DCPPS 1 presented by Mr. Vladimir Yossifov WIPO NATIONAL WORKSHOP ON INNOVATION SUPPORT SERVICES AND THEIR MANAGEMENT.
OneView Administrator Training Company Module December 2010.
World Politics in a New Era World Politics: Trade and Investment.
IT Risks and Controls Revised on Content Internal Control  What is internal control?  Objectives of internal controls  Types of internal controls.
SINGAPORE’S NATIONAL NON-PROLIFERATION EFFORTS Seminar on Strengthening Global Disarmament and Non-Proliferation 2 November 2006, Bali.
Export Controls: The Researchers’ Friend or Foe? Shannon G. Davis, Ph.D. Assistant Dean for Research College of Engineering.
Introduction and Overview of Information Security and Policy By: Hashem Alaidaros 4/10/2015 Lecture 1 IS 332.
Computer Security By Duncan Hall.
International Trade 1. Why Nations Trade  Believe products received worth more than what they give up  Increases variety of goods available  Sometimes.
Describe the potential of IT to improve internal and external communications By Jim Green.
Management Information Systems, 4 th Edition 1 I. Sharing Information Systems Vertical market –A market in which the goods of one business are used as.
EU-Thailand Cooperation in Export Control Additional Controls.
“It was the best of times, it was the worst of times....” Charles Dickens, A Tale of Two Cities McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies,
Overview of Department of Commerce Export Controls for Chemical and Biological Items.
Forms and Ownership of Foreign Production
Chapter 14: System Administration Mark Milan. System Administration Acquiring new IS resources Maintaining existing IS resources Designing and implementing.
Corporate responsibility for security Sibylle Bauer SIPRI Sofia, 22 May 2006.
Export Control at Jefferson
to Help Meet Interoperability Standards for the
Canada’s Adoption of Control Lists 2016 WA Practical Workshop Vienna, June 2016 Joon Hyuk Yoon Senior Permit Officer.
Legal challenges related to software vulnerability disclosure
International Trade.
CS 450/650 Fundamentals of Integrated Computer Security
INTERNATIONAL ADVANTAGE
Privacy and Security in the Employment Relationship
Wassenaar Arrangement 20th Anniversary Practical Workshop
International Marketing
I have many checklists: how do I get started with cyber security?
Penetration Testing Computer Science and Software Engineering
INFORMATION SYSTEMS SECURITY and CONTROL
Project instruction Economic issues.
Rutgers Export Compliance Officer
IS4680 Security Auditing for Compliance
Export Control at Jefferson
Presentation transcript:

EXPORT CONTROLS ON CYBERSECURITY Feb EXPORT CONTROLS ON CYBERSECURITY Feb Eli Greenbaum

Laws that regulate the export and sharing of sensitive: – Technology – Equipment – Software – Know-how – Data Not related to “purpose” or “intentions” Prohibitions vs. Licenses Export Controls

Export Controls can: – Prevent the spread of WMD or military goods, which could harm global security and stability – Prevent the spread of dangerous technology to enemies – Preserve economic and military advantages – Promote trade between allied states Benefits of Export Controls

Export Controls can: – Prevent potentially lucrative trade opportunities – Deter foreign investment – Hurt competitiveness of domestic firms – Anger domestic audiences – Have diplomatic costs Costs of Export Controls

Need a license to: market, export, be an agent for controlled technology Restricts transfers to foreigners Maximum fine: 3 years prison, 6.7 million NIS, could be higher in aggravating circumstances Company managers can have personal liability as well. Exceptions for public domain and academic research חוק הפיקוח על הייצוא הביטחוני

Nuclear Suppliers Group Missile Control Technology Regime (MCTR) Australian Group Wassenaar Arrangement International Export Control

2013 amendments to Wassenaar Arrangements French and British propose adding cybersecurity controls Implemented in many countries without problems May 2015: United States regulations Jan 2016: Israel Regulations Cybersecurity Controls

Wassenaar: “Intrusion Software” “IP Surveillance Systems Israel adds: Forensic Equipment Vulnerabilities Automatic Export Generation Cybersecurity Controls

Software specially designed or modified to avoid detection by 'monitoring tools', or to defeat 'protective countermeasures', of a computer or network capable device, and performing any of the following: a.The extraction of data or information, from a computer or network capable device, or the modification of system or user data; or b.The modification of the standard execution path of a program or process in order to allow the execution of externally provided instructions. Not including: a.Debuggers or Software Reverse Engineering tools; b.Digital Rights Management (DRM) software ; or c.Software designed to be installed by owners for asset tracking Intrusion Software

Software specially designed or modified to avoid detection by 'monitoring tools', or to defeat 'protective countermeasures', of a computer or network capable device, and performing any of the following: a.The extraction of data or information, from a computer or network capable device, or the modification of system or user data; or b.The modification of the standard execution path of a program or process in order to allow the execution of externally provided instructions. Not including: a.Debuggers or Software Reverse Engineering tools; b.Digital Rights Management (DRM) software ; or c.Software designed to be installed by owners for asset tracking Intrusion Software By Who? Users? Network owner? Owner of the software?

Software specially designed or modified to avoid detection by 'monitoring tools', or to defeat 'protective countermeasures', of a computer or network capable device, and performing any of the following: a.The extraction of data or information, from a computer or network capable device, or the modification of system or user data; or b.The modification of the standard execution path of a program or process in order to allow the execution of externally provided instructions. Not including: a.Debuggers or Software Reverse Engineering tools; b.Digital Rights Management (DRM) software ; or c.Software designed to be installed by owners for asset tracking Intrusion Software Tracking software?

Software specially designed or modified to avoid detection by 'monitoring tools', or to defeat 'protective countermeasures', of a computer or network capable device, and performing any of the following: a.The extraction of data or information, from a computer or network capable device, or the modification of system or user data; or b.The modification of the standard execution path of a program or process in order to allow the execution of externally provided instructions. Not including: a.Debuggers or Software Reverse Engineering tools; b.Digital Rights Management (DRM) software ; or c.Software designed to be installed by owners for asset tracking Intrusion Software Auto-updaters? Products that stop employee communication? All third party developers? Antivirus software?

Software specially designed or modified to avoid detection by 'monitoring tools', or to defeat 'protective countermeasures', of a computer or network capable device, and performing any of the following: a.The extraction of data or information, from a computer or network capable device, or the modification of system or user data; or b.The modification of the standard execution path of a program or process in order to allow the execution of externally provided instructions. Not including: a.Debuggers or Software Reverse Engineering tools; b. Digital Rights Management (DRM) software ; or c.Software designed to be installed by owners for asset tracking Intrusion Software Packers? Obfuscators?

חולשה, למעט אחת מאלה: א. חולשות הנמסרות באופן בלעדי למי שפיתח את הקוד א הפרוטוקול, או למי מטעמו, ב. חולשות המוצאות לנחלת הכלל, ג. חולשות המיועדות לשימוש במוצרי הגנה בלבד, המיוצרים בחברה המחזיקה בחולשה או בחברה. Vulnerabilities

חולשה, למעט אחת מאלה: א. חולשות הנמסרות באופן בלעדי למי שפיתח את הקוד א הפרוטוקול, או למי מטעמו, ב. חולשות המוצאות לנחלת הכלל, ג. חולשות המיועדות לשימוש במוצרי הגנה בלבד, המיוצרים בחברה המחזיקה בחולשה או בחברה. Wh at about: To customers/suppliers? Open source? Vulnerabilities that require multi-stakeholder cooperation? Academic/Security Research? Vulnerabilities

מערכות או תוכנה שתוכננה או הותאמה במיוחד לאיתור חולשות אוטומטי, לשם ביצוע שימוש בהן בתוכנת חדירה כנגד אחר. טכנולוגיה וידע לפיתוח של תוכנת חדירה. Vulnerabilities

מערכות או תוכנה שתוכננה או הותאמה במיוחד לאיתור חולשות אוטומטי, לשם ביצוע שימוש בהן בתוכנת חדירה כנגד אחר. טכנולוגיה וידע לפיתוח של תוכנת חדירה. Vulnerabilities Wh at about: All software on on the planet? Wh at about: Pen Testing? Automated Exploit Generation (Metasploit)?

Foreign availability outside participating states. The ability to control effectively the export of the goods. The ability to make a clear and objective specification of the item Wassenaar Criteria

THANK YOU Eli Greenbaum

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.