Download presentation
Presentation is loading. Please wait.
1
Deborah Housen-Couriel, ADV.
Responding to Cyber Threats in the Transportation Sector: Insights from Global and Comparative Cybersecurity REGULATION Deborah Housen-Couriel, ADV.
2
THE TRANSPORT OF TWO TYPES OF CYBER- VULNERABLE DATA
3
PRIVATE VEHICLE TRAFFIC SYSTEMS MEANS OF TRANSPORT =
MASS LAND TRANSPORT (BUSES, TRUCKS) CIVIL AVIATION NAVAL TRANSPORT, PORTS AND HARBORS TRAINS CIVILIAN DRONES (?) PRIVATE VEHICLE TRAFFIC SYSTEMS MEANS OF TRANSPORT = CRITICAL INFRASTRUCTURE
4
counter-terrorism laws critical infrastructure
protecting critical infrastructure THE BEST SOLUTION AT PRESENT FOR PROTECTING TRANSPORT VULNERABILITIES… TRANSPORT VULNER-ABILITIES
5
ART. 2, 2008 EU DIRECTIVE ON CI …asset, system or part thereof located in Member States which is essential for the maintenance of vital societal functions, health, safety, security, economic or social well-being of people, and the disruption or destruction of which would have a significant impact in a Member State... US PATRIOT ACT – “DEBILITATING IMPACT”
6
LOOKING AT CYBER –ENABLED ATTACKS ON TRANSPORT AS ATTACKS ON CRITICAL INFRASTRUCTURE
7
WHAT’S NOT WORKING?
8
LEGAL AND REGULATORY GAPS: THE END GAME FOR CI PROTECTION
NO OVERARCHING POLICY RE TRANSPORT INFRASTRUCTURE THAT CAN DRIVE LEGAL SOLUTIONS NEED FOR SECTOR-SPECIFIC TOOLS FOR CYBER SECURITY ANALYSIS DOMINO EFFECTS OF CYBER ATTACKS BETTER THREAT AND RISK ASSESSMENT MODELS CORPORATE GOVERNANCE WITHIN INDUSTRY ORGANIZATIONS
9
PERIPHERAL SYSTEMS THAT AREN’T YET DEFINED AS CRITICAL INFRASTRUCTURES…
11
IN PARTICULAR – SATELLITE COMMUNICATION VULNERABILITIES
(SHIP-TO-LAND) (GPS)
12
(1) CRITICAL INFRASTRUCTURE PROTECTION POLICIES (NOT LAW)
(3) NATIONAL COUNTER-TERRORISM LAWS (2) INTERNATIONAL TREATIES AND ENFORCEMENT
13
(1) CRITICAL INFRASTRUCTURE PROTECTION POLICIES – NOT BINDING LAW
14
2004 COMMUNICATION ON Critical Infrastructure Protection in the fight against terrorism 2006 EUROPEAN PROGRAMME FOR CI PROTECTION 2008 DIRECTIVE ON EU CRITICAL INFRASTRUCTURES- DESIGNATION AND PROTECTION REQUIREMENTS
15
2013 COMMISSION STAFF WORKING DOCUMENT ON A NEW APPROACH
INTERDEPENDENCIES AMONG CRITICAL INFRASTRUCTURES ACROSS SECTORS + NATIONAL BORDERS EUROCONTROL PILOT PROJECT ON AVIATION “SINGLE EUROPEAN SKY”
16
Presidential Policy Directive -- Critical Infrastructure Security and Resilience, 2013
18
INFORMATION SHARING AND ANALYSIS CENTERS (ISACs)
19
(2) INTERNATIONAL NORMS AND ENFORCEMENT
20
THE AIM: HARMONIZATION OF NATIONAL CYBERCRIME LEGISLATION
Art. 5 – System interference Each Party shall adopt such legislative and other measures as may be necessary to establish as criminal offences under its domestic law… the serious hindering without right of the functioning of a computer system by inputting, transmitting, damaging, deleting, deteriorating, altering or suppressing computer data -CRUCIAL IN THE CI CONTEXT
22
BUDAPEST CONVENTION >> CYBER POLICING HAS GONE GLOBAL
24/7 PoC REQUIRED INTERPOL EUROPOL FBI SECTORAL (BANKS, FINANCE)
23
(3) NATIONAL COUNTER-TERRORISM LAWS
24
ISRAEL’S LAW ON THE FIGHT AGAINST TERRORISM, 2016 - “Act of terrorism”
Motivation is political, religious, nationalistic, or ideological Carried out with the goal of causing public fear or alarm, or to cause the government or another public body (in Israel or abroad, including IOs) to either act or refrain from acting One of the following was either threatened or had a real danger of occurring:
25
Severe injury to a person’s body or freedom;
Severe injury to public safety or health Severe damage to property Severe damage to religious objects, places of worship or other sites Severe damage to infrastructure, systems or basic services, or severe interference with them, or severe damage to the national economy or ecosystem.
26
AUSTRALIAN CRIMINAL CODE, 1995
A terrorist act […] causes one or more of the following: …serious interference with, disruption to, or destruction of critical infrastructure such as a telecommunications or electricity network.
27
GERMANY’S LEGISLATIVE APPROACH, 2015
OUTLIER
28
SUMMING UP
29
counter-terrorism laws critical infrastructure
protecting critical infrastructure THE BEST SOLUTION AT PRESENT FOR PROTECTING TRANSPORT VULNERABILITIES… TRANSPORT VULNER-ABILITIES
30
4 CRITICAL CHALLENGES ADAPT THE INFRASTRUCTURE PROTECTION REGIME TO INCLUDE PERIPHERAL SYSTEMS …AND THEIR ACCOMPANYING DATA CONSIDER GERMANY’S LEGISLATIVE APPROACH (AUGMENTED CI + ANTI-TERRORISM) IMPROVING THE PREVENTION OF ATTACKS ON TRANSPORT BY INTEGRATING EXISTING LEGAL TOOLS
31
THANK YOU.
32
counter-terrorism laws critical infrastructure
protecting critical infrastructure THE BEST SOLUTION AT PRESENT FOR PROTECTING TRANSPORT VULNERABILITIES… CRITICAL INFRA-STRUCTURE PROTECTION, INCL. COUNTER-TERRORISM
33
EXTRA SLIDES
34
…systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters. (Patriot Act, 2001)
35
IMPACTS: PHYSICAL (LOSS OF LIFE AND PROPERTY) ECONOMIC SOCIAL
36
MAY 2015 2013 STANDARDS 2015
Similar presentations
