Ladies and Gentlemen, The contribution from the UK's Office for 28-30 October should already be Cyber Security is a brief introduction to marked in your diaries a long time ago. the UK’s first Cyber Security Strategy, The date of the 5th which was published in June 2009 Annual Meridian describing the UK Government’s Conference is fast strategy to help keep cyber space approaching, with DHS secure. It underlines the growing and the Program importance of cyber space to the UK. Committee putting the finishing touches on a The article submitted by ICANN gives a conference full of good description on the importance inspiring topics. More behind the activities of the organization. countries and more The Internet is inevitably the critical attendees are expected information infrastructure. The abuse of than at any previous DNS is a serious problem. The article conference. This already introduces the programs and activities ensures a great success. that ICANN pursues to enhance the So, as there are still about two weeks security, stability and resiliency of the until 28 October, last minute Internet. registrations are still open for invited parties. You can read a brief update on As the EU presidency of the second half the conference on the next page. of 2009, Sweden will deal with two A word from the editor ...1 proposals from the EU Commission With this edition of the newsletter, we concerning the security and resilience of Cyber Security Awareness believe we bring you a powerful mix of electronic communications. The first Month ...2 relevant articles. As the cyber world is proposal concerns a review of the changing, nations and organizations regulatory framework for electronic UK Cyber Security ...4 must adapt to keep up with the pace. communications. The second proposal This edition brings good examples from concerns how the EU is to address several fields: ICANN in securing our matters concerning critical information ICANN Role in Enhancing DNS space, the UK in updating its infrastructure protection. Both of these Internet Security, Stability strategy for cyber security, Sweden, as proposals will be discussed at the and Resiliency ...6 the current EU president, organizing a conference in Stockholm on 5 conference on the resilience of e- November. Network security in focus at communications, the Netherlands the PTS EU conference ...8 promoting information exchanges for all by a boxed product. Information Exchange in a box ...9 News and Events ...10 The Dutch article is the result of a Hope these articles will be of interest, cooperation between NICC, CPNI and and you will once again enjoy the ENISA to create a product for the benefit readings. See you in Washington DC! of all. Many public and private sector organizations are involved in ensuring Sincerely, and maintaining the security of vital infrastructures. To be successful, they Ferenc Suba need to collaborate. All the parties Editor-in-Chief, Meridian Newsletter involved need to be prepared to share General Manager, CERT-Hungary their knowledge and exchange Vice-Chair, ENISA MB information with the others. Information Exchange in a box helps set up an own information-sharing network. Our Shared Responsibility Cybersecurity is the responsibility of everyone that uses the Internet. To remind us of the importance of this, October has been designated as National Cyber Security Awareness Month in the United States. The month is devoted to educating all citizens and key public and private sector partners about www.dhs.gov cyber threats and how to safeguard themselves at home, work and school. As stated in a proclamation issued by President Barak Obama on October 1st, “During National Cybersecurity Awareness Month, we rededicate ourselves to promoting cybersecurity initiatives that ensure the confidentiality of sensitive information, the integrity of e-commerce, and the resilience of digital infrastructures.” This October marks the sixth anniversary of the Awareness Month campaign and seeks to reinforce the theme of “Our Shared Responsibility.” Throughout the month of October, the Department of Homeland Security’s (DHS) National Cyber Security Division (NCSD) promotes educational efforts to improve Americans’ understanding about the consequences of unsafe computing practices, and the importance of protecting computers at home and in the office. By protecting yourself on the Internet, you also protect others. Over the past five years NCSD has made great strides in raising awareness during October and, in turn, are better protecting the nation’s cyber infrastructure. President Obama also reinforced the importance of cybersecurity awareness earlier this year in his Cyberspace Policy Review, which called for increasing awareness of cyber threats and risks. DHS Secretary Janet Napolitano kicked-off Awareness Month in Washington, DC on October 1st together with Deputy Secretary of Defense William J. Lynn III, White House National Security Staff Acting Senior Director for Cybersecurity Chris Painter, Deputy Under Secretary and Director of the National Cybersecurity Center Phil Reitinger, and Director of the Secret Service Mark Sullivan. In her speech the Secretary highlighted the importance of cybersecurity by noting that, "effective cybersecurity requires all partners-individuals, communities, government entities and the private sector and international community - to work together to protect our networks and strengthen our cyber resiliency." Because cyberspace is borderless, international cooperation and collaborative action are essential to protecting cyberspace and critical information infrastructure. Only by working together can we best address these challenges, enhance cybersecurity, and reap the full benefits of the digital age.As a key element of its efforts to support National Cybersecurity Awareness Month, DHS welcomes the opportunity to host the Fifth Annual Meridian Conference from October 28-30, 2009 in Washington DC. In line with Awareness Month, the theme of this year’s conference is “Critical Information Infrastructure Protection: Our Shared Responsibility.” Meridian 2009 will focus on better understanding CIIP challenges, bridging the gap between the role of policymakers and the technical community, utilizing cyber exercises to advance CIIP objectives, and building CIIP awareness within all sectors, from industry to academia. This year’s conference will feature speakers ranging from global leaders in cybersecurity policy to DHS senior leadership. Secretary Napolitano will give the keynote address. Additionally, the program will include contributions by CIIP leaders from around the world. This forum will provide the opportunity for nations to discuss the challenges they are facing and the national approaches they are implementing. Representatives observing from international organizations will also highlight some of key initiatives they are partaking in the field of CIIP. Through interactive workshops, robust discussions, and the participation of subject matter experts, Meridian 2009 promises to empower senior policymakers to work together to address information infrastructure protection challenges. In addition, participants will build strategies that promote greater security both domestically and internationally. We are pleased to announce over 40 countries will participate in this year’s conference. DHS thanks all the international partners who share our commitment to a secure cyberspace and looks forward to continuing to build enduring relationships that spread awareness of these real risks to each nation. Registration, Travel, and Accommodations Registration, travel and hotel information can be found at the conference website: http://www.meridian2009.org. The Meridian Conference will take place at The Fairfax at Embassy Row in Washington, DC, located at 2100 Massachusetts Avenue, N.W., Washington, DC, 20008. A block of rooms is being held for Conference attendees. Attendees should first register for the conference. Registrants will then receive a confirmation email, which will provide important information necessary for booking accommodations at the Fairfax. Safety, security and resilience in cyber space This is a brief introduction to the UK’s first Cyber Security Strategy, which was published in June 2009 describing the UK Government’s strategy to help keep cyber space secure. It underlines the growing importance of cyber space to the UK. Growing Dependence The Government’s Digital Britain strategy showed very clearly just how critical cyber space is to the underlying health of our nation - the £50 Billion of online consumer sales and purchases that take place on a yearly basis illustrate just how vital the new technology of cyber space is to our national prosperity. Cyber space increasingly underpins the business of government, the work of organisations across all sectors, and the activities of individual members of the public, including banking, social networking and shopping online, to name but a few examples. These networked, digital activities offer a phenomenal number of benefits and opportunities, and we need to ensure that the UK is well-placed to take advantage of them. We also have to recognise, however, that balanced against the opportunities are a number of real and rapidly-evolving threats; there are people who would seek to do us harm through cyber space. What is more, technological developments and changing patterns of utilisation make cyber space a dynamic and challenging environment: we have to keep pace. That is why we have produced a Cyber Security Strategy that sets out what Government is doing to ensure that we minimise the risks and make the most of the opportunities, now and in the future. Evolving threats To expand on the nature of the threat: it is the low cost and anonymous nature of cyber space that makes it particularly attractive for use by malicious actors. A low barrier to entry, coupled with the difficulties associated with detection and attribution, mean that organised criminals, hostile states, and terrorists can and do exploit cyber space for their own ends. We must be alive to the fact that a number of actors have a level of intent and capability that amounts to a real threat to our security and prosperity. Sophisticated state-led cyber espionage is of course a most serious issue, but we must also keep in mind that criminals continue to exploit vulnerabilities in government, corporate and personal IT systems using a range of methods, from phishing to the use of malware. Aside from the financial harm for which online fraud is responsible, there is also the fundamental issue of making sure people have the confidence to live and work online. So we must consider and pre-empt attacks on government systems and our essential infrastructure and attacks on individuals and businesses. Existing Work The new strategy should not detract from the substantial The Home Office, Serious Organised Crime Agency and amount of effort, resource and expertise already the Police all work to combat the activities of criminals in devoted to UK cyber security. This isn’t a new problem, cyber space. Recent initiatives have seen the formation and the Government has been taking action to secure of new units dedicated to tackling online crime: the Child cyber space for several years now, on a number of Exploitation and Online Protection Centre, and the different fronts. The 2003 National Information Police Central e-crime Unit. In June, the Association of Assurance Strategy addressed the first steps for the UK Chief Police Officers published an e-crime strategy that in assuring the integrity, availability and confidentiality of will form the basis for a more consistent operational Information & Communications Technology systems and approach by increasing skills and capacity, and by the information they handle: the Cyber Security Strategy bringing e-crime into mainstream policing and law builds on this work. There is a good deal of work already enforcement. going on to protect the UK from cyber threats – in Government and in conjunction with industry and other sectors. The Centre for the Protection of National Infrastructure All Government Departments have access to the (CPNI) provides advice on electronic or cyber protective Government Secure Intranet (gsi) which securely security measures to the businesses and organisations connects around 200 government departments and that comprise the UK’s critical national infrastructure agencies and CESG, a part of GCHQ and the National (i.e. the nine sectors which deliver essential services: Technical Authority for Information Assurance, provides energy, food, water, transport, communications, government departments with advice and guidance on government and public services, emergency services, how to protect against, detect and mitigate various types and health and finance). CPNI also runs a Computer of cyber attack. CESG runs GovCertUK which provides Emergency Response Team (CERT) service which warnings, alerts and assistance in resolving serious IT responds to reported attacks on private sector networks incidents for the public sector. in the National Infrastructure. A shared responsibility All users of cyber space have a part to play in safeguarding it: the onus is on Government and business to work together to provide more secure products and services, to operate their information systems safely and to protect individuals’ privacy. The individual member of the public also has a responsibility to take simple security measures to protect themselves, their families, and others in society. An un-patched home computer that is infected with malware and harnessed as part of a botnet can be used to attack institutional targets, and this illustrates the interconnected nature of networked threats. It also highlights the importance of getting the message out that cyber security is something that can only succeed through a collaborative approach. This is why the Government co-sponsors the joint public and private sector initiative “Get Safe Online”, which aims to raise awareness of internet safety amongst the general public and small businesses. Next Steps The new strategy will help to keep will provide strategic leadership relationships, and looked at other the UK safe by building on existing across Government, and a multi- industry areas for further input, the work, identifying gaps and overlaps agency Cyber Security Operations Strategy will investigate how we can in work areas, and putting in place Centre in Cheltenham will actively optimise them to suit the needs of two new organisations that will monitor the health of cyber space both Industry and the Government. design, initiate and oversee a and co-ordinate incident response, We are also progressing work on E- programme of work to address enable better understanding of crime to build the most effective them. The Cyber Security Strategy attacks against UK networks and structure that enables close provides the strategic framework for users, and provide better advice and cooperation between SOCA, the doing this systematically, centred information about the risk to Metropolitan Police and other around clear high-level objectives: business and the public. stakeholders to tackle the threats reducing risk from the UK’s use of Both organisations will be working faced. On international engagement cyber space; exploiting the towards an embryonic capacity the UK is fully represented in all the opportunities that cyber space capable of releasing early products relevant fora, as cyber becomes presents; with both of these enabled in Autumn 2009. One early priority increasingly discussed, and we are through action to improve the will be the Cyber Security Industrial building strong partnerships with knowledge, capabilities and Strategy, which aims to identify all other like-minded nations. Lastly we decision-making we need. To ensure the different ways in which Industry are examining the doctrine that progress towards the Strategy’s and the Government interact in the underpins Cyber Security; it is a objectives, the initial establishment field, from procurement to new area which will require careful of a new Office of Cyber Security regulation. Having identified these planning in this regard. Transnational partnerships for a transnational problem Cyber space is a transnational domain. As threat actors don’t respect international boundaries – in fact, they often look to exploit them – the need for international co-ordination of cyber security efforts with our allies is self-evident. There are strong links already in place between the UK government organisations that have a cyber security role and their counterparts overseas – now we need to build on the existing links, bring greater coherence across them, and establish new ones where we identify gaps. The OCS will lead work on the UK’s International Engagement on cyber security issues, co-ordinating the development and deployment of the UK’s key messages in key fora − this will bring greater coherence to the UK’s work with overseas partners and international organisations. Conclusion We have to secure our position in cyber space in order to give our people and businesses the confidence needed to operate safely in that environment. There is a lot to do, and we do not underestimate the scale of the task ahead – but with publication of the strategy we have made real progress and built a solid foundation; now we have to maintain this momentum, and make sure it delivers. References: Digital Britain Report: http://www.culture.gov.uk/what_we_do/broadcasting/6216.aspx Cyber Security Strategy: http://www.cabinetoffice.gov.uk/reports/cyber_security.aspx National IA Strategy: http://www.cabinetoffice.gov.uk/media/cabinetoffice/csia/assets/nia_strategy.pdf As the Internet becomes part of the everyday life, activity in this environment involves a wide variety of systems, stakeholders, opportunities and risks. The ecosystem supports governments, corporations, individuals. The functioning of the Internet is essential to public and private activities across the globe. The Internet also supports the conduct of conflicts and criminal conduct. email@example.com Those responsible for the governance and the operation of the Internet must attend to the rising challenges to cyber security. ICANN (Internet Corporation for Assigned Names and Numbers) is an international, public benefit, non-profit organization coordinating the global community activities supporting the Internet unique identifier systems including the Domain Name System (DNS). The DNS underpins a wide range of interactions that occur in today’s Internet and we understand this system is part of critical information infrastructure. The article introduces the programs and activities that ICANN pursues to enhance the security, stability and resiliency of the Internet. ICANN focuses these programs on its core missions related to the coordination of the DNS. As of 1 October, US Department of Commerce and ICANN have entered into a new Affirmation of Commitments that addresses a range of concerns with the preservation of security, stability and resiliency as one of four major areas of joint commitment. Given the nature of ICANN responsibilities under its by- We have a small laws it is important to delineate its role in the areas of security team - is a Chief Internet Security security. ICANN is not involved in the broader national Advisor and responsible for coordinating security issues of cyber-espionage and cyber war and ICANN’s security, stability and resiliency does not have a role in what constitutes illicit content in efforts with a team of 4 other security experts. the Internet. However ICANN has and will engage in a ICANN’s activities in this area are conducted continuing way in activities with both Internet collaboratively by organizations and individuals across communities and cyber security communities to combat the ICANN community, not only by its security team. A abuse of the DNS and to ensure its resiliency. ICANN detailed description of these activities and future plans works with a wide range of organizations, some is available in ICANN Board approved, “ICANN Plan for contractually obligated in the generic top-level domain Enhancing Internet Security Stability and Resiliency.” space, collaboratively in the country code top-level This document and other information related to domain space, to ensure the system as a whole is more ICANN’s activities in this arena can be found at: stable, secure and resilient. http://www.icann.org/en/security. Key Initiatives ICANN's highest priority in this area is the effective and Within ICANN’s efforts to ensure compliance with secure functioning of the Internet Assigned Names approved registrars to ensure the proper Authority or IANA function, in particular the implementation of key security related features in orchestration of updates to the DNS root zone in connection with the WHOIS databases, we’ve placed conjunction with the US Department of Commerce and increased attention upon the obligations that come with VeriSign. Within IANA operations, the implementation of the revised Registrar Accreditation Agreement (RAA). DNS Secure Extensions or DNSSEC signing for the The revised RAA is available at root zone is clearly a major portion of that effort, along www.icann.org/en/registrars/ra-agreement-21may09- with joint working with our partners in that area. The en.htm. As we move forward into the establishment announcement of the joint ICANN, Department of new gTLDs, ICANN foresees an increasing role in Commerce, VeriSign agreement related to DNSSEC ensuring with the gTLDs that contractual obligations are signing of the root zone is available at taken into account by our contracted parties, and that http://www.icann.org/en/announcements/announcement there are increasing staff to conduct audits and take -2-03jun09-en.htm. More broadly in collaboration with corrective measures if problems are identified. the DNS root server operators, ICANN continues to Additionally, ICANN has developed a concept for seek mutual recognition of roles and responsibilities community review for a voluntary verification program and to initiate a voluntary effort to conduct contingency to validate a higher level of security in registry and planning and exercises. registrar operations. The High Security Zone Verification Program concept paper is available at With the generic TLD registries, ICANN’s focus is very www.icann.org/en/topics/new-gtlds/high-security-zone- much on the effective establishment of new gTLDs with verification-04oct09-en.pdf. proper attention to security, stability, and resiliency. ICANN has analysed the issues surrounding the ICANN also collaborates closely with country code TLD potential for increased malicious conduct resulting from community. ICANN works with the ccTLDs registries implementation of new gTLDs and is proposing a set of directly, in collaborative security incident response in mitigation measures to address these concerns. An situations such as the combating of Conficke. ICANN is explanatory memo related to these measures is also conducting a program jointly with the regional available at www.icann.org/en/topics/new- ccTLD associations to provide basic training regarding gtlds/mitigating-malicious-conduct-04oct09-en.pdf. how to dedal with the attack and contingency planning Additionally, ICANN has undertaken a focused study for the smaller, resource constrained ccTLDs. Active related to understanding how increasing the number of discussions are on-going within the ccTLD community new gTLDs, undertaking the implementation of that was affected by the Conficker worm, as to how well Internationalized Domain Names in native scripts, as they reacted and what they need do to collaborate well as pursing technical implementations, such as going forward in these situations. ICANN have been DNSSEC and IPv6, all within a compressed time very much a part of that dialogue and want to continue period, may present challenges at the root zone level. to enable all those involved in operating and using the The initial study results have been posted for public DNS to ensure a secure system. review at www.icann.org/en/committees/dns-root/root- scaling-study-report-31aug09-en.pdf. Way Forward ICANN plans to continue to improve its contributions to the security, stability and resiliency of the Internet, focused on its principal role in helping coordinate the Domain Name System. We are keen to work more with international and national cyber security authorities in linking the efforts conducted within the DNS community to raise the awareness of the need to treat the DNS as critical Infrastructure and ensure all stakeholders – governments, operators and users – understand DNS-related security threats and undertake appropriate measure to mitigate the growing risks. Sweden's communications agency, the Swedish Post and Telecom Agency (PTS), will hold an international conference entitled “Resilient Electronic Communications – A Multistakeholder Challenge” in Stockholm on 5 November. This international conference is held in association with the Swedish Presidency of the EU. firstname.lastname@example.org As the EU presidency of the second half of 2009, Sweden will deal with two proposals from the EU Commission concerning the security and resilience of electronic communications. The first proposal concerns a review of the regulatory framework for electronic communications. The second proposal concerns how the EU is to address matters concerning critical information infrastructure protection. Both of these proposals will be discussed at the conference in Stockholm on 5 November. “Very timely” In addition to these proposals, there are ongoing discussions in Europe concerning how industry and government can work together in public-private partnerships to meet the security challenges in the electronic communications sector. A number of Member States have established Government CERTs (Computer Emergency Response Teams) in Europe. There are now plans in other Member States to establish such organisations. The conference is divided into three tracks: Regulatory Policy, Public-Private Partnerships and Government CERT Policy. There will be three sessions with three speakers in each. PTS is seeking to promote an interactive conference and each session will consequently have scheduled time for discussions. The government network security chiefs of Finland, Denmark and Norway will chair and moderate the respective tracks. “It’s these three areas, which are interlinked, that the conference will be looking at. The conference is therefore very timely,” says Dr Marianne Treschow, Director-General of PTS. International speakers The majority of the speakers at the conference will be non-Swedish (primarily European speakers). The Swedish Minister of Infrastructure Ms Åsa Torstensson, representing the Presidency, and the President of the German Federal Network Agency and Chair of the European Regulators Group, Mr Matthias Kurth, will deliver keynote speeches. The incoming Executive Director of the European Network and Information Security Agency, ENISA, Dr Udo Helmbrecht, will deliver an opening speech. “The conference will provide an excellent forum for discussing how we can create a robust and secure information society. It is our hope that participants will be able to take with them many good initiatives that they can apply at home,” says Dr Treschow. In the afternoon of 4 November, PTS will hold preparatory presentations in connection with the Internetdagarna (Internet Days) conference, Sweden’s most premier Internet community event. These presentations will deal with how work on European policy in the area of network and information security is conducted. They will also provide an introduction to the three tracks of the conference. Registrants of the international conference are invited to participate in the preparatory presentations. The conference is free of charge. For more information and for registering, see eu2009.pts.se. “The conference will provide an excellent forum for discussing how we can create a robust and secure information society,” says Dr Marianne Treschow, Director-General of PTS. Many public and private sector organizations are involved in ensuring and maintaining the security of vital infrastructures. To be successful, they need to collaborate. All the parties involved need to be prepared to share their knowledge and exchange information with the others. Information Exchange email@example.com in a box helps you set up your own information-sharing network. Information Exchange in a box is an idea developed jointly by the Centre for the Protection of National Infrastructure (CPNI) in the United Kingdom and the National Infrastructure against Cybercrime (NICC) programme in the Netherlands. The idea is supported by the European Network and Information Security Agency (ENISA). These three organizations have accumulated a great deal of knowledge and experience in the area of firstname.lastname@example.org knowledge sharing and information exchange. They know the circumstances and conditions under which people are willing and keen to share delicate information and have developed brochures and tools on the subject. The most important of these have been brought together in Information Exchange in a box, and the CPNI, NICC and ENISA are distributing the box in order to share their knowledge with as many other organizations as possible. How to start up your own Information Exchange The box contains the CPNI Sharing Culture Assessment Workbook, which introduces the spider’s web model and teaches you to what extent you yourself are ready to begin sharing knowledge with others in your network. The CPNI and the NICC combined their experience in a booklet with Membership Guidelines for setting up you own Information Exchange. An NICC brochure describes the successful start up of the Dutch public-private Information Exchange. It also includes an ENISA report on their European stock taking investigation into good practices in information sharing in the telecom sector. Information sharing is a state of mind Setting up your own Information Exchange takes more than just absorbing facts and using tools however. The most important prerequisite for its successful formation is having an open state of mind. It is for this reason that the CPNI, NICC and ENISA also include a game in the box: the Cyber Challenge. This game was originally developed by the NICC as a way of discovering how, and under what conditions, the sharing of knowledge can work – and whether you are ready to do so yourself. The Cyber Challenge game was played for the first time at the European FI-ISAC meeting in Amsterdam last April. This made it very apparent that people are naturally inclined to keep valuable information to themselves. Sharing it is not an inherent human behavioural trait but rather an ability that needs to be acquired and trained. Accept the Cyber Challenge Playing this game with your co-workers or network partners is both an entertaining and very effective way to gain insight into the way you solve problems. Are you willing and able to trust others and risk sharing information? How effective is it really to keep valuable information all to yourself? Accept the Cyber Challenge and find out! You can order Information Exchange in a box via email@example.com. A digital version of the Cyber Challenge will be available on the Internet at the end of the year. Soon, ENISA will facilitate workshops for those countries that are planning to set up their own Information Exchange. 20-21 October 2009 Warsaw, Poland SECURE 2009 secure.edu.pl/en/index.html SECURE is the oldest IT security conference in Poland. Every year current issues concerning security matters of IT systems and networks are discussed there. In this year's program we make use of the experience of specialist from CERT Polska at NASK and foreign response teams - members of the international Forum of Incidents Response and Security Teams (FIRST). Expected are also experts from other leading CERT-type teams, as well as from the ENISA. The main topic of this year conference will be responsible internet traffic filtering related to the most dangerous internet threats as well as blocking internet illegal content resources. 20-22 October 2009 London, UK RSA Conference Europe 2009 www.rsaconference.com/2009/europe/ Join us for the most comprehensive forum in information security. Come and learn about the latest trends and technologies, get access to new best practices, and gain insight into the practical and pragmatic perspectives on the most critical business issues facing you today. Connect and collaborate. Build your professional network. And mingle with the industry’s best and brightest. 25-30 October 2009 Seoul, Korea ICANN no. 36 sel.icann.org In the past several days, ICANN has announced recent milestones regarding changes in how the Internet community will use the Internet in the near future. These important developments include the plan for deployment of Internationalized Domain Names (IDNs) in the next few months and significant progress in developing the model for delegating new generic top-level domains (gTLDs). Among other topics, these will be discussed at the 36th International Public Meeting in Seoul. Meridian 2009 The Meridian Conference and Process aims to exchange ideas and initiate actions for the cooperation of governmental bodies on Critical Information Infrastructure Protection (CIIP) issues globally. It explores the benefits and opportunities of cooperation between governments and provides an 28-30 October 2009 opportunity to share best practices from Washington, DC, USA around the world. www.meridian2009.org International Conference on Resilience The purpose of the conference is for international representatives of the business sector and public administrations to exchange their experiences related to initiatives to meet the challenges involved in creating a robust and secure information society. 4-5 November 2009 Stockholm, Sweden eu2009.pts.se 9-10 November 2009 Bern, Switzerland European Financial ISAC workshop firstname.lastname@example.org The organizers wish to create a trusted environment for the participants from the banking sector, law enforcement and cyber incident response to be able to freely discuss relevant topics threatening banks and their customers. Participation is by invitation only, more information from the Swiss host, MELANI. Manage IT! Process Control Security Event The 4th Process Control Security Event is about the lessons learned from the Industrial Control Systems Cyber Security Advanced Training in Idaho. More than 30 participants from Dutch organisations within Critical Infrastructure, vendors, academia and security companies attend this training in Idaho from 9-13 November. During our Process Control Security Event we try to translate these lesson learned to a message that will be understood by the managers. So "How do I tell my boss"! 1 December 2009 Amsterdam, The Netherlands 3-4 February 2010 Hong Kong, China SCADA 2009 www.scadasummit.com/Event.aspx SCADA Northeast Asia will focus on case studies and key developments in SCADA from countries that include Hong Kong, Japan, South Korea and Taiwan. Key topics of discussion will highlight and include: Developments on how to better control, supervise and detect infrastructure assets Assessing advanced systems as used by countries who have significant advances in the field in Europe and the United States Looking into how to integrate SCADA systems with existing and newer systems, such as MES and SMART Grid Contact information: Editor-in-Chief: Ferenc Suba To subscribe please send an e-mail to: CIIP Matters is the quarterly newsletter email@example.com compiled by the Theodore Puskas Foundation of Hungary, supervised by an editorial committee on behalf of the Steering Comitee. The editors wish to thank all contributions, and would like to provide the opportunity for submitting materials of CIIP interest to be published in future editions.
Pages to are hidden for
"A word from the editor Cyber Security Awareness Month UK Cyber "Please download to view full document