Ladies and Gentlemen,
The contribution from the UK's Office for
28-30 October should already be Cyber Security is a brief introduction to
marked in your diaries a long time ago. the UK’s first Cyber Security Strategy,
The date of the 5th which was published in June 2009
Annual Meridian describing the UK Government’s
Conference is fast strategy to help keep cyber space
approaching, with DHS secure. It underlines the growing
and the Program importance of cyber space to the UK.
Committee putting the
finishing touches on a The article submitted by ICANN gives a
conference full of good description on the importance
inspiring topics. More behind the activities of the organization.
countries and more The Internet is inevitably the critical
attendees are expected information infrastructure. The abuse of
than at any previous DNS is a serious problem. The article
conference. This already introduces the programs and activities
ensures a great success. that ICANN pursues to enhance the
So, as there are still about two weeks security, stability and resiliency of the
until 28 October, last minute Internet.
registrations are still open for invited
parties. You can read a brief update on As the EU presidency of the second half
the conference on the next page. of 2009, Sweden will deal with two
A word from the editor ...1
proposals from the EU Commission
With this edition of the newsletter, we concerning the security and resilience of
Cyber Security Awareness believe we bring you a powerful mix of electronic communications. The first
Month ...2 relevant articles. As the cyber world is proposal concerns a review of the
changing, nations and organizations regulatory framework for electronic
UK Cyber Security ...4 must adapt to keep up with the pace. communications. The second proposal
This edition brings good examples from concerns how the EU is to address
several fields: ICANN in securing our matters concerning critical information
ICANN Role in Enhancing DNS space, the UK in updating its infrastructure protection. Both of these
Internet Security, Stability strategy for cyber security, Sweden, as proposals will be discussed at the
and Resiliency ...6 the current EU president, organizing a conference in Stockholm on 5
conference on the resilience of e- November.
Network security in focus at communications, the Netherlands
the PTS EU conference ...8 promoting information exchanges for all
by a boxed product.
in a box ...9
News and Events ...10
The Dutch article is the result of a Hope these articles will be of interest,
cooperation between NICC, CPNI and and you will once again enjoy the
ENISA to create a product for the benefit readings. See you in Washington DC!
of all. Many public and private sector
organizations are involved in ensuring Sincerely,
and maintaining the security of vital
infrastructures. To be successful, they Ferenc Suba
need to collaborate. All the parties Editor-in-Chief, Meridian Newsletter
involved need to be prepared to share General Manager, CERT-Hungary
their knowledge and exchange Vice-Chair, ENISA MB
information with the others. Information
Exchange in a box helps set up an own
Our Shared Responsibility
Cybersecurity is the responsibility of everyone that uses the Internet. To
remind us of the importance of this, October has been designated as National
Cyber Security Awareness Month in the United States. The month is devoted
to educating all citizens and key public and private sector partners about www.dhs.gov
cyber threats and how to safeguard themselves at home, work and school.
As stated in a proclamation issued by President Barak Obama on October
1st, “During National Cybersecurity Awareness Month, we rededicate
ourselves to promoting cybersecurity initiatives that ensure the confidentiality
of sensitive information, the integrity of e-commerce, and the resilience of
digital infrastructures.” This October marks the sixth anniversary of the
Awareness Month campaign and seeks to reinforce the theme of “Our
Throughout the month of October, the Department of Homeland Security’s
(DHS) National Cyber Security Division (NCSD) promotes educational efforts
to improve Americans’ understanding about the consequences of unsafe
computing practices, and the importance of protecting computers at home
and in the office. By protecting yourself on the Internet, you also protect
others. Over the past five years NCSD has made great strides in raising awareness during October and,
in turn, are better protecting the nation’s cyber infrastructure. President Obama also reinforced the
importance of cybersecurity awareness earlier this year in his Cyberspace Policy Review, which called for
increasing awareness of cyber threats and risks.
DHS Secretary Janet Napolitano kicked-off Awareness Month in Washington, DC on October 1st together
with Deputy Secretary of Defense William J. Lynn III, White House National Security Staff Acting Senior Director for
Cybersecurity Chris Painter, Deputy Under Secretary and Director of the National Cybersecurity Center Phil
Reitinger, and Director of the Secret Service Mark Sullivan. In her speech the Secretary highlighted the importance
of cybersecurity by noting that, "effective cybersecurity requires all partners-individuals, communities, government
entities and the private sector and international community - to work together to protect our networks and
strengthen our cyber resiliency."
Because cyberspace is borderless, international cooperation and collaborative action are essential to protecting
cyberspace and critical information infrastructure. Only by working together can we best address these
challenges, enhance cybersecurity, and reap the full benefits of the digital age.As a key element of its efforts to
support National Cybersecurity Awareness Month, DHS welcomes the opportunity to host the Fifth Annual
Meridian Conference from October 28-30, 2009 in Washington DC. In line with Awareness Month, the theme of
this year’s conference is “Critical Information Infrastructure Protection: Our Shared Responsibility.”
Meridian 2009 will focus on better understanding CIIP challenges, bridging
the gap between the role of policymakers and the technical community,
utilizing cyber exercises to advance CIIP objectives, and building CIIP
awareness within all sectors, from industry to academia.
This year’s conference will feature speakers ranging from global leaders in
cybersecurity policy to DHS senior leadership. Secretary Napolitano will give
the keynote address. Additionally, the program will include contributions by
CIIP leaders from around the world. This forum will provide the opportunity
for nations to discuss the challenges they are facing and the national
approaches they are implementing. Representatives observing from
international organizations will also highlight some of key initiatives they
are partaking in the field of CIIP.
Through interactive workshops, robust discussions, and the participation of
subject matter experts, Meridian 2009 promises to empower senior policymakers
to work together to address information infrastructure protection challenges. In
addition, participants will build strategies that promote greater security both
domestically and internationally.
We are pleased to announce over 40 countries will participate in this year’s
conference. DHS thanks all the international partners who share our commitment
to a secure cyberspace and looks forward to continuing to build enduring
relationships that spread awareness of these real risks to each nation.
Registration, Travel, and Accommodations
Registration, travel and hotel information can be found at the conference website: http://www.meridian2009.org.
The Meridian Conference will take place at The Fairfax at Embassy Row in Washington, DC, located at 2100
Massachusetts Avenue, N.W., Washington, DC, 20008. A block of rooms is being held for Conference
attendees. Attendees should first register for the conference. Registrants will then receive a confirmation email,
which will provide important information necessary for booking accommodations at the Fairfax.
Safety, security and resilience in cyber space
This is a brief introduction to the UK’s first Cyber Security Strategy, which
was published in June 2009 describing the UK Government’s strategy to help
keep cyber space secure. It underlines the growing importance of cyber
space to the UK.
The Government’s Digital Britain strategy showed very clearly just how
critical cyber space is to the underlying health of our nation - the £50 Billion of
online consumer sales and purchases that take place on a yearly basis
illustrate just how vital the new technology of cyber space is to our national
prosperity. Cyber space increasingly underpins the business of government,
the work of organisations across all sectors, and the activities of individual
members of the public, including banking, social networking and shopping
online, to name but a few examples. These networked, digital activities offer a
phenomenal number of benefits and opportunities, and we need to ensure
that the UK is well-placed to take advantage of them. We also have to
recognise, however, that balanced against the opportunities are a number of
real and rapidly-evolving threats; there are people who would seek to do us
harm through cyber space. What is more, technological developments and
changing patterns of utilisation make cyber space a dynamic and challenging
environment: we have to keep pace. That is why we have produced a Cyber
Security Strategy that sets out what Government is doing to ensure that we
minimise the risks and make the most of the opportunities, now and in the future.
To expand on the nature of the threat: it is the low cost and anonymous nature of cyber space that makes
it particularly attractive for use by malicious actors. A low barrier to entry, coupled with the difficulties
associated with detection and attribution, mean that organised criminals, hostile states, and terrorists can and do
exploit cyber space for their own ends. We must be alive to the fact that a number of actors have a level of intent
and capability that amounts to a real threat to our security and prosperity. Sophisticated state-led cyber espionage
is of course a most serious issue, but we must also keep in mind that criminals continue to exploit vulnerabilities in
government, corporate and personal IT systems using a range of methods, from phishing to the use of malware.
Aside from the financial harm for which online fraud is responsible, there is also the fundamental issue of making
sure people have the confidence to live and work online. So we must consider and pre-empt attacks on government
systems and our essential infrastructure and attacks on individuals and businesses.
The new strategy should not detract from the substantial The Home Office, Serious Organised Crime Agency and
amount of effort, resource and expertise already the Police all work to combat the activities of criminals in
devoted to UK cyber security. This isn’t a new problem, cyber space. Recent initiatives have seen the formation
and the Government has been taking action to secure of new units dedicated to tackling online crime: the Child
cyber space for several years now, on a number of Exploitation and Online Protection Centre, and the
different fronts. The 2003 National Information Police Central e-crime Unit. In June, the Association of
Assurance Strategy addressed the first steps for the UK Chief Police Officers published an e-crime strategy that
in assuring the integrity, availability and confidentiality of will form the basis for a more consistent operational
Information & Communications Technology systems and approach by increasing skills and capacity, and by
the information they handle: the Cyber Security Strategy bringing e-crime into mainstream policing and law
builds on this work. There is a good deal of work already enforcement.
going on to protect the UK from cyber threats – in
Government and in conjunction with industry and other
The Centre for the Protection of National Infrastructure All Government Departments have access to the
(CPNI) provides advice on electronic or cyber protective Government Secure Intranet (gsi) which securely
security measures to the businesses and organisations connects around 200 government departments and
that comprise the UK’s critical national infrastructure agencies and CESG, a part of GCHQ and the National
(i.e. the nine sectors which deliver essential services: Technical Authority for Information Assurance, provides
energy, food, water, transport, communications, government departments with advice and guidance on
government and public services, emergency services, how to protect against, detect and mitigate various types
and health and finance). CPNI also runs a Computer of cyber attack. CESG runs GovCertUK which provides
Emergency Response Team (CERT) service which warnings, alerts and assistance in resolving serious IT
responds to reported attacks on private sector networks incidents for the public sector.
in the National Infrastructure.
A shared responsibility
All users of cyber space have a part to play in safeguarding it: the onus is on Government and business to work
together to provide more secure products and services, to operate their information systems safely and to protect
individuals’ privacy. The individual member of the public also has a responsibility to take simple security measures
to protect themselves, their families, and others in society. An un-patched home computer that is infected with
malware and harnessed as part of a botnet can be used to attack institutional targets, and this illustrates the
interconnected nature of networked threats. It also highlights the importance of getting the
message out that cyber security is something that can only succeed through a collaborative
approach. This is why the Government co-sponsors the joint public and private sector
initiative “Get Safe Online”, which aims to raise awareness of internet safety amongst the
general public and small businesses.
The new strategy will help to keep will provide strategic leadership relationships, and looked at other
the UK safe by building on existing across Government, and a multi- industry areas for further input, the
work, identifying gaps and overlaps agency Cyber Security Operations Strategy will investigate how we can
in work areas, and putting in place Centre in Cheltenham will actively optimise them to suit the needs of
two new organisations that will monitor the health of cyber space both Industry and the Government.
design, initiate and oversee a and co-ordinate incident response, We are also progressing work on E-
programme of work to address enable better understanding of crime to build the most effective
them. The Cyber Security Strategy attacks against UK networks and structure that enables close
provides the strategic framework for users, and provide better advice and cooperation between SOCA, the
doing this systematically, centred information about the risk to Metropolitan Police and other
around clear high-level objectives: business and the public. stakeholders to tackle the threats
reducing risk from the UK’s use of Both organisations will be working faced. On international engagement
cyber space; exploiting the towards an embryonic capacity the UK is fully represented in all the
opportunities that cyber space capable of releasing early products relevant fora, as cyber becomes
presents; with both of these enabled in Autumn 2009. One early priority increasingly discussed, and we are
through action to improve the will be the Cyber Security Industrial building strong partnerships with
knowledge, capabilities and Strategy, which aims to identify all other like-minded nations. Lastly we
decision-making we need. To ensure the different ways in which Industry are examining the doctrine that
progress towards the Strategy’s and the Government interact in the underpins Cyber Security; it is a
objectives, the initial establishment field, from procurement to new area which will require careful
of a new Office of Cyber Security regulation. Having identified these planning in this regard.
Transnational partnerships for a transnational problem
Cyber space is a transnational domain. As threat actors don’t respect international boundaries – in fact, they often
look to exploit them – the need for international co-ordination of cyber security efforts with our allies is self-evident.
There are strong links already in place between the UK government organisations that have a cyber security role
and their counterparts overseas – now we need to build on the existing links, bring greater coherence across them,
and establish new ones where we identify gaps. The OCS will lead work on the UK’s International Engagement on
cyber security issues, co-ordinating the development and deployment of the UK’s key messages in key fora − this
will bring greater coherence to the UK’s work with overseas partners and international organisations.
We have to secure our position in cyber space in order to give our people and businesses the confidence needed to
operate safely in that environment. There is a lot to do, and we do not underestimate the scale of the task ahead –
but with publication of the strategy we have made real progress and built a solid foundation; now we have to
maintain this momentum, and make sure it delivers.
Digital Britain Report: http://www.culture.gov.uk/what_we_do/broadcasting/6216.aspx
Cyber Security Strategy: http://www.cabinetoffice.gov.uk/reports/cyber_security.aspx
National IA Strategy: http://www.cabinetoffice.gov.uk/media/cabinetoffice/csia/assets/nia_strategy.pdf
As the Internet becomes part of the everyday life, activity in this environment
involves a wide variety of systems, stakeholders, opportunities and risks. The
ecosystem supports governments, corporations, individuals. The functioning
of the Internet is essential to public and private activities across the globe.
The Internet also supports the conduct of conflicts and criminal conduct. email@example.com
Those responsible for the governance and the operation of the Internet must
attend to the rising challenges to cyber security.
ICANN (Internet Corporation for Assigned Names and Numbers) is an
international, public benefit, non-profit organization coordinating the global
community activities supporting the Internet unique identifier systems
including the Domain Name System (DNS). The DNS underpins a wide range
of interactions that occur in today’s Internet and we understand this system is
part of critical information infrastructure. The article introduces the programs
and activities that ICANN pursues to enhance the security, stability and
resiliency of the Internet. ICANN focuses these programs on its core missions
related to the coordination of the DNS. As of 1 October, US Department of
Commerce and ICANN have entered into a new Affirmation of Commitments
that addresses a range of concerns with the preservation of security, stability
and resiliency as one of four major areas of joint commitment.
Given the nature of ICANN responsibilities under its by- We have a small
laws it is important to delineate its role in the areas of security team - is a Chief Internet Security
security. ICANN is not involved in the broader national Advisor and responsible for coordinating
security issues of cyber-espionage and cyber war and ICANN’s security, stability and resiliency
does not have a role in what constitutes illicit content in efforts with a team of 4 other security experts.
the Internet. However ICANN has and will engage in a ICANN’s activities in this area are conducted
continuing way in activities with both Internet collaboratively by organizations and individuals across
communities and cyber security communities to combat the ICANN community, not only by its security team. A
abuse of the DNS and to ensure its resiliency. ICANN detailed description of these activities and future plans
works with a wide range of organizations, some is available in ICANN Board approved, “ICANN Plan for
contractually obligated in the generic top-level domain Enhancing Internet Security Stability and Resiliency.”
space, collaboratively in the country code top-level This document and other information related to
domain space, to ensure the system as a whole is more ICANN’s activities in this arena can be found at:
stable, secure and resilient. http://www.icann.org/en/security.
ICANN's highest priority in this area is the effective and Within ICANN’s efforts to ensure compliance with
secure functioning of the Internet Assigned Names approved registrars to ensure the proper
Authority or IANA function, in particular the implementation of key security related features in
orchestration of updates to the DNS root zone in connection with the WHOIS databases, we’ve placed
conjunction with the US Department of Commerce and increased attention upon the obligations that come with
VeriSign. Within IANA operations, the implementation of the revised Registrar Accreditation Agreement (RAA).
DNS Secure Extensions or DNSSEC signing for the The revised RAA is available at
root zone is clearly a major portion of that effort, along www.icann.org/en/registrars/ra-agreement-21may09-
with joint working with our partners in that area. The en.htm. As we move forward into the establishment
announcement of the joint ICANN, Department of new gTLDs, ICANN foresees an increasing role in
Commerce, VeriSign agreement related to DNSSEC ensuring with the gTLDs that contractual obligations are
signing of the root zone is available at taken into account by our contracted parties, and that
http://www.icann.org/en/announcements/announcement there are increasing staff to conduct audits and take
-2-03jun09-en.htm. More broadly in collaboration with corrective measures if problems are identified.
the DNS root server operators, ICANN continues to Additionally, ICANN has developed a concept for
seek mutual recognition of roles and responsibilities community review for a voluntary verification program
and to initiate a voluntary effort to conduct contingency to validate a higher level of security in registry and
planning and exercises. registrar operations. The High Security Zone
Verification Program concept paper is available at
With the generic TLD registries, ICANN’s focus is very www.icann.org/en/topics/new-gtlds/high-security-zone-
much on the effective establishment of new gTLDs with verification-04oct09-en.pdf.
proper attention to security, stability, and resiliency.
ICANN has analysed the issues surrounding the ICANN also collaborates closely with country code TLD
potential for increased malicious conduct resulting from community. ICANN works with the ccTLDs registries
implementation of new gTLDs and is proposing a set of directly, in collaborative security incident response in
mitigation measures to address these concerns. An situations such as the combating of Conficke. ICANN is
explanatory memo related to these measures is also conducting a program jointly with the regional
available at www.icann.org/en/topics/new- ccTLD associations to provide basic training regarding
gtlds/mitigating-malicious-conduct-04oct09-en.pdf. how to dedal with the attack and contingency planning
Additionally, ICANN has undertaken a focused study for the smaller, resource constrained ccTLDs. Active
related to understanding how increasing the number of discussions are on-going within the ccTLD community
new gTLDs, undertaking the implementation of that was affected by the Conficker worm, as to how well
Internationalized Domain Names in native scripts, as they reacted and what they need do to collaborate
well as pursing technical implementations, such as going forward in these situations. ICANN have been
DNSSEC and IPv6, all within a compressed time very much a part of that dialogue and want to continue
period, may present challenges at the root zone level. to enable all those involved in operating and using the
The initial study results have been posted for public DNS to ensure a secure system.
review at www.icann.org/en/committees/dns-root/root-
ICANN plans to continue to improve its contributions to the security, stability and resiliency of the Internet, focused
on its principal role in helping coordinate the Domain Name System. We are keen to work more with international
and national cyber security authorities in linking the efforts conducted within the DNS community to raise the
awareness of the need to treat the DNS as critical Infrastructure and ensure all stakeholders – governments,
operators and users – understand DNS-related security threats and undertake appropriate measure to mitigate the
Sweden's communications agency, the Swedish Post and Telecom Agency
(PTS), will hold an international conference entitled “Resilient Electronic
Communications – A Multistakeholder Challenge” in Stockholm on 5
November. This international conference is held in association with the
Swedish Presidency of the EU.
As the EU presidency of the second half of 2009, Sweden will deal with two
proposals from the EU Commission concerning the security and resilience of
electronic communications. The first proposal concerns a review of the
regulatory framework for electronic communications. The second proposal
concerns how the EU is to address matters concerning critical information
infrastructure protection. Both of these proposals will be discussed at the
conference in Stockholm on 5 November.
In addition to these proposals, there are ongoing discussions in Europe
concerning how industry and government can work together in public-private
partnerships to meet the security challenges in the electronic
communications sector. A number of Member States have established
Government CERTs (Computer Emergency Response Teams) in Europe.
There are now plans in other Member States to establish such organisations.
The conference is divided into three tracks: Regulatory Policy, Public-Private
Partnerships and Government CERT Policy. There will be three sessions with three speakers in each.
PTS is seeking to promote an interactive conference and each session will consequently have scheduled
time for discussions. The government network security chiefs of Finland, Denmark and Norway will chair
and moderate the respective tracks.
“It’s these three areas, which are interlinked, that the conference will be looking at. The conference is
therefore very timely,” says Dr Marianne Treschow, Director-General of PTS.
The majority of the speakers at the conference will be non-Swedish (primarily European speakers). The Swedish
Minister of Infrastructure Ms Åsa Torstensson, representing the Presidency, and the President of the German
Federal Network Agency and Chair of the European Regulators Group, Mr Matthias Kurth, will deliver keynote
speeches. The incoming Executive Director of the European Network and Information Security Agency, ENISA, Dr
Udo Helmbrecht, will deliver an opening speech.
“The conference will provide an excellent forum for discussing how we can create a robust and secure
information society. It is our hope that participants will be able to take with them many good initiatives that they
can apply at home,” says Dr Treschow.
In the afternoon of 4 November, PTS will hold preparatory presentations in connection
with the Internetdagarna (Internet Days) conference, Sweden’s most premier Internet
community event. These presentations will deal with how work on European policy in
the area of network and information security is conducted. They will also provide an
introduction to the three tracks of the conference. Registrants of the international
conference are invited to participate in the preparatory presentations.
The conference is free of charge. For more information and for registering, see
“The conference will provide an excellent forum for discussing how we can
create a robust and secure information society,” says Dr Marianne
Treschow, Director-General of PTS.
Many public and private sector organizations are involved in ensuring and
maintaining the security of vital infrastructures. To be successful, they need to
collaborate. All the parties involved need to be prepared to share their
knowledge and exchange information with the others. Information Exchange firstname.lastname@example.org
in a box helps you set up your own information-sharing network.
Information Exchange in a box is an idea developed jointly by the Centre for
the Protection of National Infrastructure (CPNI) in the United Kingdom and
the National Infrastructure against Cybercrime (NICC) programme in the
Netherlands. The idea is supported by the European Network and
Information Security Agency (ENISA). These three organizations have
accumulated a great deal of knowledge and experience in the area of email@example.com
knowledge sharing and information exchange. They know the circumstances
and conditions under which people are willing and keen to share delicate
information and have developed brochures and tools on the subject. The
most important of these have been brought together in Information Exchange
in a box, and the CPNI, NICC and ENISA are distributing the box in order to
share their knowledge with as many other organizations as possible.
How to start up your own Information Exchange
The box contains the CPNI Sharing Culture Assessment Workbook, which
introduces the spider’s web model and teaches you to what extent you
yourself are ready to begin sharing knowledge with others in your network.
The CPNI and the NICC combined their experience in a booklet with
Membership Guidelines for setting up you own Information Exchange. An
NICC brochure describes the successful start up of the Dutch public-private
Information Exchange. It also includes an ENISA report on their European
stock taking investigation into good practices in information sharing in the
Information sharing is a state of mind
Setting up your own Information Exchange takes more than just absorbing facts and using tools however. The
most important prerequisite for its successful formation is having an open state of mind. It is for this reason that
the CPNI, NICC and ENISA also include a game in the box: the Cyber Challenge. This game was originally
developed by the NICC as a way of discovering how, and under what conditions, the
sharing of knowledge can work – and whether you are ready to do so yourself.
The Cyber Challenge game was played for the first time at the European FI-ISAC
meeting in Amsterdam last April. This made it very apparent that people are
naturally inclined to keep valuable information to themselves. Sharing it is not an
inherent human behavioural trait but rather an ability that needs to be acquired and
Accept the Cyber Challenge
Playing this game with your co-workers or network partners is both an entertaining and very effective way to
gain insight into the way you solve problems. Are you willing and able to trust others and risk sharing
information? How effective is it really to keep valuable information all to yourself? Accept the Cyber Challenge
and find out!
You can order Information Exchange in a box via firstname.lastname@example.org. A digital version of the Cyber Challenge will be
available on the Internet at the end of the year. Soon, ENISA will facilitate workshops for those countries that
are planning to set up their own Information Exchange.
20-21 October 2009
SECURE is the oldest IT security
conference in Poland. Every year current
issues concerning security matters of IT
systems and networks are discussed there.
In this year's program we make use of the experience of
specialist from CERT Polska at NASK and foreign response
teams - members of the international Forum of Incidents
Response and Security Teams (FIRST). Expected are also
experts from other leading CERT-type teams, as well as from
The main topic of this year conference will be responsible
internet traffic filtering related to the most dangerous internet
threats as well as blocking internet illegal content resources.
20-22 October 2009
RSA Conference Europe 2009
Join us for the most comprehensive
forum in information security. Come
and learn about the latest trends
and technologies, get access to new best practices,
and gain insight into the practical and pragmatic
perspectives on the most critical business issues facing
you today. Connect and collaborate. Build your
professional network. And mingle with the industry’s
best and brightest.
25-30 October 2009
ICANN no. 36
In the past several days, ICANN has
announced recent milestones regarding
changes in how the Internet community
will use the Internet in the near future. These important
developments include the plan for deployment of
Internationalized Domain Names (IDNs) in the next few
months and significant progress in developing the model for
delegating new generic top-level domains (gTLDs). Among
other topics, these will be discussed at the 36th
International Public Meeting in Seoul.
The Meridian Conference and Process aims to
exchange ideas and initiate actions for the cooperation
of governmental bodies on Critical Information
Infrastructure Protection (CIIP) issues globally. It
explores the benefits and opportunities of cooperation
between governments and provides an
28-30 October 2009 opportunity to share best practices from
Washington, DC, USA around the world.
International Conference on Resilience
The purpose of the conference is for international
representatives of the business sector and public
administrations to exchange their experiences
related to initiatives to meet the challenges involved
in creating a robust and
secure information society. 4-5 November 2009
9-10 November 2009
European Financial ISAC workshop
The organizers wish to create a trusted
environment for the participants from the
banking sector, law enforcement and cyber
incident response to be able to freely discuss relevant topics
threatening banks and their customers. Participation is by
invitation only, more information from the Swiss host, MELANI.
Manage IT! Process Control Security Event
The 4th Process Control Security Event is about the lessons
learned from the Industrial Control Systems Cyber Security
Advanced Training in Idaho. More than 30 participants from
Dutch organisations within Critical Infrastructure, vendors,
academia and security companies attend this training in Idaho
from 9-13 November. During our Process Control Security
Event we try to translate these lesson learned to a message
that will be understood by the managers.
So "How do I tell my boss"! 1 December 2009
Amsterdam, The Netherlands
3-4 February 2010
Hong Kong, China SCADA 2009
www.scadasummit.com/Event.aspx SCADA Northeast Asia will focus on case
studies and key developments in SCADA from
countries that include Hong Kong, Japan,
South Korea and Taiwan.
Key topics of discussion will highlight and include:
Developments on how to better control, supervise and
detect infrastructure assets
Assessing advanced systems as used by countries who
have significant advances in the field in Europe and the
Looking into how to integrate SCADA systems with existing
and newer systems, such as MES and SMART Grid
Editor-in-Chief: Ferenc Suba
To subscribe please send an e-mail to:
CIIP Matters is the quarterly newsletter
compiled by the Theodore Puskas Foundation
of Hungary, supervised by an editorial
committee on behalf of the Steering Comitee.
The editors wish to thank all contributions, and would like
to provide the opportunity for submitting materials of CIIP
interest to be published in future editions.