Presentation is loading. Please wait.

Presentation is loading. Please wait.

Ilias Chantzos Senior Director, Government Affairs - EMEA Symantec Cyber-security & cyber-resilience: Policy implications in smart cities.

Published byTravis Rust Modified over 9 years ago

Similar presentations

Presentation on theme: "Ilias Chantzos Senior Director, Government Affairs - EMEA Symantec Cyber-security & cyber-resilience: Policy implications in smart cities."— Presentation transcript:

1 Ilias Chantzos Senior Director, Government Affairs - EMEA Symantec Cyber-security & cyber-resilience: Policy implications in smart cities.

2 Big themes in the European policy agenda Cyber-Security Critical Information Infrastructure Protection Privacy and Data Protection Internet of Things (IoT) Big Data All data-driven, therefore any good policy approach will look at how to protect data 2

3 Cyber-security a main public policy theme 3  Greater awareness of risks and vulnerabilities  In 2013 the number of targeted cyber attacks increased by 91% YoY  Over the years, high-profile attacks have demonstrated how increasingly sophisticated attackers become  Cyber-attacks are perceived as a tier-1 threat by the EU and NATO  The EU is harmonising legislation on Critical Infrastructure Protection & Data Protection

4 Critical Information Infrastructure Protection Catapulted to the forefront – Several incidents of various nature – Widespread concern – Edge of cyber-warfare, state-sponsored actions 4 2010 Stuxnet 2011 Duqu 2012 Gauss 2012 Flame 2014 Dragonfly 2014 Regin

5 Network & Information Security Directive 5 Obligation for EU Member States to: Establish national cybersecurity strategies Build incident response capabilities, create and Equip national CERTS Appoint an authority with responsibility for cybersecurity Share information with each other. Obligations for industry and operators: In key sectors, develop a risk management approach Obligation for industry to notify cybersecurity breaches and share information with governments. Increasing resilience

6 General Data Protection Regulation – Directly applicable to all countries – Following up from 95/46/EC – Applicable to all industry of a certain size and possibly by Country discretion, to public sector – Regulates how personal data are collected, processed, retained and transferred 6

7 Principles of data collection  Fairly and lawfully  Receiving individual consent  Relevance  Proportionality  Types of data Collect Retain  Duration  Types of data Secure  Technical measures  Organizational measures  Data loss Purpose limitation  Specific data  For specific purpose  Any changes need to be notified Any processing Process Manage Retain & Secure Information lifecycle Provide access Right to rectify data Data destruction policy Data transfers Applicable rules The information lifecycle and good data governance 7

8 Awareness of data vulnerability 8 In a digital economy data is the “new currency” Information protection generates value, enables growth Individual/Industry/Government/National security: all interlinked. Focus shifts: Systems/HW/Devices  information/identity/ interactions Passive defense  Active intelligence Not vaccine, but DNA analysis Recognizing an attack, correlate data  learn from previous attacks Cooperate to understand cyber-threats: PPP - MoUs

9 Where is the public sector going? Direct impact on the lives of citizens Direct impact on the operations of government Accidental loss and Open Source Intelligence Resilience and continuity of operations Educate the users Intelligence driven Dynamic and mobile Process and people driven Info-sharing Threat mitigation Incident response Rethink national security and national defense strategy Know what information and infrastructure assets to be protected Understand the value of information CyberSecurity is no longer just about firewalls and AntiVirus Cooperation structures between government & NII owners/operators

10 Securing smart sustainable city systems Highly complex ICT systems Highly interconnected components (IoT) High volume of data 10

11 Securing the smart sustainable city 11 Wireless & hotspots Smart grids Intelligent transportation Connected healthcare Public safety & security Cyber-security Privacy Data integrity Compliance Resilience

12 Ensuring safety of critical infrastructure and continuity of critical services through cyber-resilience 12 City governance to ensure that ICT strategies are strongly interwoven into the fabric of the wider city evolution strategy Technology to enable policy City CIOs increasingly part of strategic policy discussions Systems/IoT, need to be standardised, interoperable and open, but also secure Cyber-security and resilience to be embedded from inception Cyber-security + backup and recovery systems for mission-critical administration data (& Big Data) Legislation increasingly prescriptive, nationally and EU

13 Conclusions 13 Smart city deployments imply vulnerability Complex, heterogeneous ICT implementations Diverse stakeholders Hyper-connectivity, IoT, Big Data, Cloud Computing Data is the digital currency - Data governance is the new focus Intelligence + Processes + People + Tools Cyber-attacks and data breaches are dangerous and costly Human lives - Data - Financial - Reputation - Credibility Cyber-threats are here to stay  Conceive the resilient smart city with Cyber-Security and Resilience in mind

14 EU Definition of Critical Infrastructure 14 Energy installations and networks Communications and information technology, Cloud Finance (banking, securities and investment) Healthcare Food production and distribution Water (dams, storage, treatment and networks) Transport (airports, ports, intermodal facilities, railway and mass transit networks and traffic control systems) Logistics Production, storage and transport of dangerous goods (e.g. chemical, biological, radiological and nuclear materials) Government (e.g. critical services, facilities, information networks, assets and key national sites and monuments). Media

15 Thank you! Copyright © 2015 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. 15 Ilias Chantzos Senior Director, Government Affairs - EMEA Symantec Ilias_Chantzos@Symantec.com

Download ppt "Ilias Chantzos Senior Director, Government Affairs - EMEA Symantec Cyber-security & cyber-resilience: Policy implications in smart cities."

Similar presentations

A strategy for a Secure Information Society –

A strategy for a Secure Information Society –
Philippine Cybercrime Efforts

Philippine Cybercrime Efforts
‘Changing environment – changing security’ - Cyber-threat challenges today – Budapest, September 17-18, 2012 1 Industry and the fight against cybercrime.

‘Changing environment – changing security’ - Cyber-threat challenges today – Budapest, September 17-18, Industry and the fight against cybercrime.
Threat Intelligence Use in Information Security: History, Theory and Practice Tim Gallo Cyber Security Field Engineering 1.

Threat Intelligence Use in Information Security: History, Theory and Practice Tim Gallo Cyber Security Field Engineering 1.
Security for Today’s Threat Landscape Kat Pelak 1.

Security for Today’s Threat Landscape Kat Pelak 1.
1 Getting Beyond Standalone Antivirus to Advanced Threat Protection Eric Schwake Sr. Product Marketing

1 Getting Beyond Standalone Antivirus to Advanced Threat Protection Eric Schwake Sr. Product Marketing
Backup Modernization with NetBackup Appliances

Backup Modernization with NetBackup Appliances
From devices to governance: ICT as a key enabler in Genoa Smart City Strategy.

From devices to governance: ICT as a key enabler in Genoa Smart City Strategy.
Global Information Systems

Global Information Systems
The Changing Face of Endpoint Security K Varadarajan Regional Manager, Enterprise Sales, Symantec Security Conference 2010_Bangalore.

The Changing Face of Endpoint Security K Varadarajan Regional Manager, Enterprise Sales, Symantec Security Conference 2010_Bangalore.
Focus Group on Smart Sustainable Cities ITU-T Giampiero Nanni Leader of the “Technical report on cyber-security, data protection & cyber-resilience in.

Focus Group on Smart Sustainable Cities ITU-T Giampiero Nanni Leader of the “Technical report on cyber-security, data protection & cyber-resilience in.
(Geneva, Switzerland, September 2014)

(Geneva, Switzerland, September 2014)
Symantec Vision and Strategy for the Information-Centric Enterprise Muhamed Bavçiç Senior Technology Consultant SEE.

Symantec Vision and Strategy for the Information-Centric Enterprise Muhamed Bavçiç Senior Technology Consultant SEE.
NIS Directive and NIS Platform

NIS Directive and NIS Platform
Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.

Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.
1 When Cloud Networking meets Cloud Computing: Software-Defined Networking (SDN) Customer Application Faan DeSwardt Infrastructure Architecture Manager.

1 When Cloud Networking meets Cloud Computing: Software-Defined Networking (SDN) Customer Application Faan DeSwardt Infrastructure Architecture Manager.
Comptroller of the Currency Administrator of National Banks E- Security Risk Mitigation: A Supervisor’s Perspective Global Dialogue World Bank Group September.

Comptroller of the Currency Administrator of National Banks E- Security Risk Mitigation: A Supervisor’s Perspective Global Dialogue World Bank Group September.
Cybercrime Outlook on African banks Adwo Heintjes Global Head IT Audit & Ops Rabobank.

Cybercrime Outlook on African banks Adwo Heintjes Global Head IT Audit & Ops Rabobank.
Resiliency Rules: 7 Steps for Critical Infrastructure Protection.

Resiliency Rules: 7 Steps for Critical Infrastructure Protection.
Your cybersecurity breach will happen! Here’s what to do to mitigate your risk Thursday, 25 September 2014.

Your cybersecurity breach will happen! Here’s what to do to mitigate your risk Thursday, 25 September 2014.

Similar presentations

Ads by Google