The document discusses the establishment of the Center for Cyber and Information Security (CCIS) in Norway. It notes that modern societies have become dependent on information and communication technologies, making them vulnerable to cyber threats. In response, key national cybersecurity stakeholders in Norway have partnered to create CCIS, a national center for research, training, and education in cyber and information security. CCIS aims to strengthen Norway's cybersecurity expertise and skills through research, training programs, collaboration, and developing the workforce. It will involve partnerships between universities, government agencies, and private companies.
The SECO-Institute and TNO, the Netherlands Organisation for Applied Scientific Research, today announced that they have entered into a licence agreement. The agreement is intended to make TNOâs unparalleled Dark Web expertise available to security professionals all over the world.
The C3i Group is a national-international outreach venture providing strategic leadership in Cybersecurity, Cybercrime, and Cyber Intelligence.
The C3i Group facilitates open dialog, communication, and information sharing among key public-private entities, enabling them to DISCOVER what is at cyber-counterintelligence risk, how to DEFEND against it, and how to ENSURE cyber-secure competitiveness in the digital global economy.
As an independent organization, CSCSS delivers a uniquely positioned and unbiased third party, globally focused, well-defined, strategic objective. We present clear cyber and cyberspace- based security goals for government and the public-private sector, leveraging on best practices, and lessons learned, and not affected by any particular point-of-view.
In the global forum, we are the only independent, multilateral, not for profit, cyberspace and security science group in operation, working to generate international strategies and scientific research that clearly articulates strategic priorities, goals, and objectives, providing unbiased intelligence reports for better decision making.
The C3i Group works with inter-agency partners and the security industry, collecting information intelligence related to risks emanating from cyberspace. We provide direction and leadership to industry, focusing on the intrinsic risks and threats posed by: potential shortcomings in the cyber information security infrastructure; actions of non-state actors, cyber- terrorists, and criminals; foreign business competitors and governments intent on illegitimately acquiring proprietary information and trade secrets.
C/DIG offers a spectrum of Intelligence products. At the strategic level we track national players to determine their policies, and intentions. At the operational level C/DIG documents their Tactics, Techniques and Procedures (TTP).
At the tactical level we provide threat analysis, identification and forensic analysis. All of this data is used for awareness, education, prevention and defence from cyber-attacks and in support of contingency operations to protect your organization.
NATO ve AB siber uzayda ne gibi adÄąmlar attÄąlar? NATO ve AB'nin siber savaĹa bakĹŠaçĹsÄą nedir? NATO Siber Savunma MĂźkemmeliyet Merkezinin kuruluĹ nedeni ve faaliyetleri nelerdir? Kilitli Kalkan Siber Savunma tatbikatÄąnÄąn Ăśnemi nedir? nasÄąl iĹletilmektedir? Tallinn Manual uluslararasÄą siber hukukta neden Ăśnemlidir? NATO ve AB iĹ fÄąrsatlarÄą nelerdir?
The SECO-Institute and TNO, the Netherlands Organisation for Applied Scientific Research, today announced that they have entered into a licence agreement. The agreement is intended to make TNOâs unparalleled Dark Web expertise available to security professionals all over the world.
The C3i Group is a national-international outreach venture providing strategic leadership in Cybersecurity, Cybercrime, and Cyber Intelligence.
The C3i Group facilitates open dialog, communication, and information sharing among key public-private entities, enabling them to DISCOVER what is at cyber-counterintelligence risk, how to DEFEND against it, and how to ENSURE cyber-secure competitiveness in the digital global economy.
As an independent organization, CSCSS delivers a uniquely positioned and unbiased third party, globally focused, well-defined, strategic objective. We present clear cyber and cyberspace- based security goals for government and the public-private sector, leveraging on best practices, and lessons learned, and not affected by any particular point-of-view.
In the global forum, we are the only independent, multilateral, not for profit, cyberspace and security science group in operation, working to generate international strategies and scientific research that clearly articulates strategic priorities, goals, and objectives, providing unbiased intelligence reports for better decision making.
The C3i Group works with inter-agency partners and the security industry, collecting information intelligence related to risks emanating from cyberspace. We provide direction and leadership to industry, focusing on the intrinsic risks and threats posed by: potential shortcomings in the cyber information security infrastructure; actions of non-state actors, cyber- terrorists, and criminals; foreign business competitors and governments intent on illegitimately acquiring proprietary information and trade secrets.
C/DIG offers a spectrum of Intelligence products. At the strategic level we track national players to determine their policies, and intentions. At the operational level C/DIG documents their Tactics, Techniques and Procedures (TTP).
At the tactical level we provide threat analysis, identification and forensic analysis. All of this data is used for awareness, education, prevention and defence from cyber-attacks and in support of contingency operations to protect your organization.
NATO ve AB siber uzayda ne gibi adÄąmlar attÄąlar? NATO ve AB'nin siber savaĹa bakĹŠaçĹsÄą nedir? NATO Siber Savunma MĂźkemmeliyet Merkezinin kuruluĹ nedeni ve faaliyetleri nelerdir? Kilitli Kalkan Siber Savunma tatbikatÄąnÄąn Ăśnemi nedir? nasÄąl iĹletilmektedir? Tallinn Manual uluslararasÄą siber hukukta neden Ăśnemlidir? NATO ve AB iĹ fÄąrsatlarÄą nelerdir?
Governments, military, organizations, financial institutions, universities and other businesses collected, process and store a large amount of confidential information and data on computers and transmit that data over networks to other computers. With the continuous rapid growth of volume and sophistication of cyberattacks, quick attempts are required to secure sensitive business and personal information, as well as to protect national security. The paper details about the nature of cyberspace and shows how the internet is unsecure to transmit the confidential and financial information. We demonstrate that hacking is now common and harmful for global economy and security and presented the various methods of cyber attacks in India and worldwide. M. Swetha | L. Prabha | S. Rajadharani "Cyber Security Intelligence" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-6 , October 2019, URL: https://www.ijtsrd.com/papers/ijtsrd29261.pdf Paper URL: https://www.ijtsrd.com/computer-science/computer-security/29261/cyber-security-intelligence/m-swetha
Information Risk Insurance Concept and Basic Aspectsijtsrd
Â
The article discusses the essence and history of the emergence of information insurance, identifies the stages, features and problems of the development of insurance of information risks at the present time. The article touches upon such an urgent topic for modern reality as insurance of information risks. Analyzed the characteristic features and the need for this type of insurance. The author considers insurance as the main financial method of information risk management. Particular attention is paid to information risks and their insurance. The work describes in detail the objects of insurance, types of insurance risks. The insurance contract is considered, the main stages of its life cycle are reflected. Holboev A. Yu. "Information Risk Insurance: Concept and Basic Aspects" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-6 | Issue-1 , December 2021, URL: https://www.ijtsrd.com/papers/ijtsrd47910.pdf Paper URL: https://www.ijtsrd.com/management/other/47910/information-risk-insurance-concept-and-basic-aspects/holboev-a-yu
Troels Ărting Jørgensen, Chairman at Bullwall, Expert Member at INTERPOL
Mr. Ărting is a globally recognized Cyber Security Expert. He has been working in cybersecurity âfirst lineâ for over 4 decades. Throughout career, Mr. Ărting has been working with governments and corporations to advise on how they react to the increasing international cyber threats, and worked closely with law enforcement, intelligence services and cyber security businesses.
Formerly, with the Danish National Police, first as Director, Head of the Serious Organised Crime Agency and then as Director of Operations, Danish Security Intelligence Service; Deputy Head, ICT Department and Deputy Head, OC Department, Europol, EUâs Police Agency; Head of European Cybercrime Centre and Head of Europol Counter Terrorist and Financial Intelligence Centre. 2015-18, Group Chief Information Security Officer (CISO), Barclays. Chaired the EU Financial Cybercrime Coalition, of which most banks are partners, and has very strong experience in cyber security. Since 2018, Head of the Centre for Cybersecurity, World Economic Forum. Chairman of the Board of World Economic Forum Centre for Cybersecurity (C4C).
Troels Oerting
âWE, IN SECURITY, SHOULD NOT PROMOTE FEAR â BUT PROTECT HOPEâ
BEFORE THE GLOBAL PANDEMIC HIT THE WORLD IN SPRING 2020, the digital transformation increased speed and magnitude. Fuelled by super-drivers like mobile/5G, IoT, Cloud and AI the number of users, applications, storage, connections and algorithms outpaced what we had seen before. The huge possibilities provided by the Internet created a âtechâ environment attracting the best brains the World could produce and geopolitical tensions between China, Russia, EU and US intensified the regional competition on âwho controls the Internetâ and the subsequent influence, growth and wealth.
THE GLOBAL COVID PANDEMIC FORCED US TO MOVE APPROXIMATELY 1.2 BN WORKERS FROM THEIR OFFICES to work from homes in order to keep the wheels spinning. Internet enabled communication tools substituted physical meetings, teaching, marketing, trading, reading, accounting, watching and demand for online services surged and Accenture has estimated that globally we went through 3 years normal speedy digital transformation in just 3 months. This will continue. We will not go back to the âold daysâ even after we get a vaccine. We will continue to work remotely â not necessarily from home but from anywhere. Both employers and employees have seen the benefits of this new flexible work-regime providing support from working both from offices and from anywhere.
âIn the future everything will be connected, everything will be sensing, everything will be stored and everything will be used, sold or utilised in other waysâ
THE FUTURE will provide more positive opportunities for the global, and connected, citizen â for businesses, education, healthcare, sustainability, climate, transparency and democracy. But it will also present challenges to security, privacy...
CYBERFORT Technologies seeks to impart quality Information Security programs that would equip Information Security professionals with the necessary tools and education to help them avert Cyber-crimes, Cyber espionage, Cyber terrorism and if the need arises, Cyber wars.
Vision: By 2023, the Department of Homeland Security will have improved national
cybersecurity risk management by increasing security and resilience across government
networks and critical infrastructure; decreasing illicit cyber activity; improving responses to
cyber incidents; and fostering a more secure and reliable cyber ecosystem through a unified
departmental approach, strong leadership, and close partnership with other federal and
nonfederal entities.
UNCLASSIFIED//FOR OFFICIAL USE ONLY
May 15, 2018
U.S. DEPARTMENT OF HOMELAND SECURITY
CYBERSECURITY STRATEGY
i
TABLE OF CONTENTS
INTRODUCTION......................................................................................................................... 1
SCOPE .......................................................................................................................................... 1
THE CYBER THREAT .................................................................................................................... 2
MANAGING NATIONAL CYBERSECURITY RISK ............................................................................ 3
GUIDING PRINCIPLES ................................................................................................................... 5
DEVELOPMENT AND IMPLEMENTATION ....................................................................................... 6
PILLAR I â RISK IDENTIFICATION ...................................................................................... 7
GOAL 1: ASSESS EVOLVING CYBERSECURITY RISKS ................................................................... 7
PILLAR II â VULNERABILITY REDUCTION ...................................................................... 8
GOAL 2: PROTECT FEDERAL GOVERNMENT INFORMATION SYSTEMS .......................................... 8
GOAL 3: PROTECT CRITICAL INFRASTRUCTURE ......................................................................... 11
PILLAR III: THREAT REDUCTION ..................................................................................... 15
GOAL 4: PREVENT AND DISRUPT CRIMINAL USE OF CYBERSPACE ............................................ 15
PILLAR IV â CONSEQUENCE MITIGATION .................................................................... 19
GOAL 5: RESPOND EFFECTIVELY TO CYBER INCIDENTS ............................................................ 19
PILLAR V â ENABLE CYBERSECURITY OUTCOMES ................................................... 22
GOAL 6: STRENGTHEN THE SECURITY AND RELIABILITY OF THE CYBER ECOSYSTEM ............... 22
GOAL 7: IMPROVE MANAGEMENT OF DHS CYBERSECURITY ACTIVITIES ................................. 25
CONCLUSION ........................................................................................................................... 27
APPENDIX: DHS CYBERSECURITY AUTHORITIES .................................................... A-1
1
INTRODUCTION
...
Cyber Security Challenges and Emerging Trendsijtsrd
Â
Cyber security plays an important role in the field of Information Communication and Technology. Securing information have become the major challenges in the present day. As the dependence on ICT is deepening across the globe, cyber threats appear likely to penetrate every nook and corner of national economies and infrastructure indeed, the growing dependence on computers and Internet based networking has been accompanied by increased cyber attack incidents around the world, targeting individuals, businesses, and governments. Meanwhile, ICT is increasingly being seen by some governments as both a strategic asset to be exploited for the purposes of national security and as a battlefield where strategic conflicts can be fought. This paper examines the primacy of cyber security in the contemporary security debate, deepening the analysis by looking at the domain of cyber security from the perspective of India. Dr. S. Krishnan | Yogesh Kalla "Cyber Security Challenges and Emerging Trends" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-6 | Issue-1 , December 2021, URL: https://www.ijtsrd.com/papers/ijtsrd47939.pdf Paper URL: https://www.ijtsrd.com/management/law-and-management/47939/cyber-security-challenges-and-emerging-trends/dr-s-krishnan
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
Â
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
Governments, military, organizations, financial institutions, universities and other businesses collected, process and store a large amount of confidential information and data on computers and transmit that data over networks to other computers. With the continuous rapid growth of volume and sophistication of cyberattacks, quick attempts are required to secure sensitive business and personal information, as well as to protect national security. The paper details about the nature of cyberspace and shows how the internet is unsecure to transmit the confidential and financial information. We demonstrate that hacking is now common and harmful for global economy and security and presented the various methods of cyber attacks in India and worldwide. M. Swetha | L. Prabha | S. Rajadharani "Cyber Security Intelligence" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-6 , October 2019, URL: https://www.ijtsrd.com/papers/ijtsrd29261.pdf Paper URL: https://www.ijtsrd.com/computer-science/computer-security/29261/cyber-security-intelligence/m-swetha
Information Risk Insurance Concept and Basic Aspectsijtsrd
Â
The article discusses the essence and history of the emergence of information insurance, identifies the stages, features and problems of the development of insurance of information risks at the present time. The article touches upon such an urgent topic for modern reality as insurance of information risks. Analyzed the characteristic features and the need for this type of insurance. The author considers insurance as the main financial method of information risk management. Particular attention is paid to information risks and their insurance. The work describes in detail the objects of insurance, types of insurance risks. The insurance contract is considered, the main stages of its life cycle are reflected. Holboev A. Yu. "Information Risk Insurance: Concept and Basic Aspects" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-6 | Issue-1 , December 2021, URL: https://www.ijtsrd.com/papers/ijtsrd47910.pdf Paper URL: https://www.ijtsrd.com/management/other/47910/information-risk-insurance-concept-and-basic-aspects/holboev-a-yu
Troels Ărting Jørgensen, Chairman at Bullwall, Expert Member at INTERPOL
Mr. Ărting is a globally recognized Cyber Security Expert. He has been working in cybersecurity âfirst lineâ for over 4 decades. Throughout career, Mr. Ărting has been working with governments and corporations to advise on how they react to the increasing international cyber threats, and worked closely with law enforcement, intelligence services and cyber security businesses.
Formerly, with the Danish National Police, first as Director, Head of the Serious Organised Crime Agency and then as Director of Operations, Danish Security Intelligence Service; Deputy Head, ICT Department and Deputy Head, OC Department, Europol, EUâs Police Agency; Head of European Cybercrime Centre and Head of Europol Counter Terrorist and Financial Intelligence Centre. 2015-18, Group Chief Information Security Officer (CISO), Barclays. Chaired the EU Financial Cybercrime Coalition, of which most banks are partners, and has very strong experience in cyber security. Since 2018, Head of the Centre for Cybersecurity, World Economic Forum. Chairman of the Board of World Economic Forum Centre for Cybersecurity (C4C).
Troels Oerting
âWE, IN SECURITY, SHOULD NOT PROMOTE FEAR â BUT PROTECT HOPEâ
BEFORE THE GLOBAL PANDEMIC HIT THE WORLD IN SPRING 2020, the digital transformation increased speed and magnitude. Fuelled by super-drivers like mobile/5G, IoT, Cloud and AI the number of users, applications, storage, connections and algorithms outpaced what we had seen before. The huge possibilities provided by the Internet created a âtechâ environment attracting the best brains the World could produce and geopolitical tensions between China, Russia, EU and US intensified the regional competition on âwho controls the Internetâ and the subsequent influence, growth and wealth.
THE GLOBAL COVID PANDEMIC FORCED US TO MOVE APPROXIMATELY 1.2 BN WORKERS FROM THEIR OFFICES to work from homes in order to keep the wheels spinning. Internet enabled communication tools substituted physical meetings, teaching, marketing, trading, reading, accounting, watching and demand for online services surged and Accenture has estimated that globally we went through 3 years normal speedy digital transformation in just 3 months. This will continue. We will not go back to the âold daysâ even after we get a vaccine. We will continue to work remotely â not necessarily from home but from anywhere. Both employers and employees have seen the benefits of this new flexible work-regime providing support from working both from offices and from anywhere.
âIn the future everything will be connected, everything will be sensing, everything will be stored and everything will be used, sold or utilised in other waysâ
THE FUTURE will provide more positive opportunities for the global, and connected, citizen â for businesses, education, healthcare, sustainability, climate, transparency and democracy. But it will also present challenges to security, privacy...
CYBERFORT Technologies seeks to impart quality Information Security programs that would equip Information Security professionals with the necessary tools and education to help them avert Cyber-crimes, Cyber espionage, Cyber terrorism and if the need arises, Cyber wars.
Vision: By 2023, the Department of Homeland Security will have improved national
cybersecurity risk management by increasing security and resilience across government
networks and critical infrastructure; decreasing illicit cyber activity; improving responses to
cyber incidents; and fostering a more secure and reliable cyber ecosystem through a unified
departmental approach, strong leadership, and close partnership with other federal and
nonfederal entities.
UNCLASSIFIED//FOR OFFICIAL USE ONLY
May 15, 2018
U.S. DEPARTMENT OF HOMELAND SECURITY
CYBERSECURITY STRATEGY
i
TABLE OF CONTENTS
INTRODUCTION......................................................................................................................... 1
SCOPE .......................................................................................................................................... 1
THE CYBER THREAT .................................................................................................................... 2
MANAGING NATIONAL CYBERSECURITY RISK ............................................................................ 3
GUIDING PRINCIPLES ................................................................................................................... 5
DEVELOPMENT AND IMPLEMENTATION ....................................................................................... 6
PILLAR I â RISK IDENTIFICATION ...................................................................................... 7
GOAL 1: ASSESS EVOLVING CYBERSECURITY RISKS ................................................................... 7
PILLAR II â VULNERABILITY REDUCTION ...................................................................... 8
GOAL 2: PROTECT FEDERAL GOVERNMENT INFORMATION SYSTEMS .......................................... 8
GOAL 3: PROTECT CRITICAL INFRASTRUCTURE ......................................................................... 11
PILLAR III: THREAT REDUCTION ..................................................................................... 15
GOAL 4: PREVENT AND DISRUPT CRIMINAL USE OF CYBERSPACE ............................................ 15
PILLAR IV â CONSEQUENCE MITIGATION .................................................................... 19
GOAL 5: RESPOND EFFECTIVELY TO CYBER INCIDENTS ............................................................ 19
PILLAR V â ENABLE CYBERSECURITY OUTCOMES ................................................... 22
GOAL 6: STRENGTHEN THE SECURITY AND RELIABILITY OF THE CYBER ECOSYSTEM ............... 22
GOAL 7: IMPROVE MANAGEMENT OF DHS CYBERSECURITY ACTIVITIES ................................. 25
CONCLUSION ........................................................................................................................... 27
APPENDIX: DHS CYBERSECURITY AUTHORITIES .................................................... A-1
1
INTRODUCTION
...
Cyber Security Challenges and Emerging Trendsijtsrd
Â
Cyber security plays an important role in the field of Information Communication and Technology. Securing information have become the major challenges in the present day. As the dependence on ICT is deepening across the globe, cyber threats appear likely to penetrate every nook and corner of national economies and infrastructure indeed, the growing dependence on computers and Internet based networking has been accompanied by increased cyber attack incidents around the world, targeting individuals, businesses, and governments. Meanwhile, ICT is increasingly being seen by some governments as both a strategic asset to be exploited for the purposes of national security and as a battlefield where strategic conflicts can be fought. This paper examines the primacy of cyber security in the contemporary security debate, deepening the analysis by looking at the domain of cyber security from the perspective of India. Dr. S. Krishnan | Yogesh Kalla "Cyber Security Challenges and Emerging Trends" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-6 | Issue-1 , December 2021, URL: https://www.ijtsrd.com/papers/ijtsrd47939.pdf Paper URL: https://www.ijtsrd.com/management/law-and-management/47939/cyber-security-challenges-and-emerging-trends/dr-s-krishnan
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
Â
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
DevOps and Testing slides at DASA ConnectKari Kakkonen
Â
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Â
Are you looking to streamline your workflows and boost your projectsâ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, youâre in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part âEssentials of Automationâ series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Hereâs what youâll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
Weâll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Donât miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
Â
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Â
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Â
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
Â
As AI technology is pushing into IT I was wondering myself, as an âinfrastructure container kubernetes guyâ, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefitâs both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
Â
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
Â
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Â
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Â
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But thereâs more:
In a second workflow supporting the same use case, youâll see:
Your campaign sent to target colleagues for approval
If the âApproveâ button is clicked, a Jira/Zendesk ticket is created for the marketing design team
Butâif the âRejectâ button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
Â
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
Â
CCIS Brochure English (Nov 2014)
1. Center for Cyber and
Information Security
a shared commitment to the nationâs research and expertise development
2. ccis.no
Welcome!
The Center for Cyber and
Information Security
2 3
We read daily about things that
should worry us but we barely
understand. Identity theft, industrial
espionage, cybercrime, online extor-tion,
cyberwar, cyberattack, data leak,
international surveillance programs, and
challenges to privacy.
Our modern societies have become
totally dependent on computer
based information and communica-tion
technologies (ICT), and thus on
their robustness and resilience against
accidents and crimes. Today, compu-ter
systems control everything from
traffic lights and surgical equipment in
hospitals to telephone communications
and electricity distribution. Further
more, computer systems harbours
information and knowledge that must
be sheltered from unauthorized access;
including engineering solutions, business
secrets, information about your bank
accounts, defense secrets, purchasing
habits and emails. This is about you, it is
about what kind of society you want to
live in, it is about your companyâs ability
to survive, and it is about our govern-mentâs
ability to protect us, to protect
our welfare and to protect our privacy.
All countries today need to develop
their education and research capacity
to meet this future. As a significant
national contribution, a number of
organizations have partnered to create
a center for research and education
in information and cyber security in
Norway.
By the end of 2014, the center will
have a core group of 25 scientists
of a total of 70-80 people, including
non-permanent and adjunct positions
as for instance Ph.D. students and post-docs.
In addition, there will be 200-300
bachelor and master students at the
Centre.
August 15, 2014, we officially
opened the center. find very inte-resting.
With regards,
The National Police Directorate,
Eidsiva, the Norwegian National
Security Authorities, the Norwegian
Cyber Defence, the Police ICT Service,
the National Criminal Investigation
Service - Kripos, the National Authority
for Investigation and Prosecution of
Economic and Environmental Crime -
Ăkokrim, the Police University College,
the Norwegian Defence Cyber Academy,
the Norwegian Defence Research
Establishment - FFI, Gjøvik University
College, Telenor, Statkraft, Statnett,
mnemonic, IBM, PwC, Oppland County,
Lillehammer University College, the
Norwegian National Identity Center,
Oslo Police District, the Police Security
Service, NC-Spectrum, Vestoppland
Police District, Watchcom Security Group,
the Norwegian Centre for Information
Security - NorSIS.
will strengthen our expertise and skills to
prevent, detect, respond to, and investigate
undesirable and criminal computer based ac-tivities.
The centre will undertake actions towards:
⢠Building research capacity and research groups at top level interna-tionally
in disciplines that are relevant for our partners and for Nor-way.
⢠Providing training and study programs of high quality and with great
societal relevance.
⢠Contributing to Norwayâs international collaboration where partners
can participate and apply their knowledge and expertise.
⢠Helping to increase the recruitment of students and researchers for
the Norwegian education and training in security and for research
environments.
⢠Contributing to the long term competence development strategy
and research and education strategy.
⢠Cooperating with and contributing to organizations whose mission is
to inform and raise awareness about security.
⢠Strengthening cooperation, exchanging knowledge, and sharing of
skills among sectors, among application/innovation environments,
among academic institutions, and among national and international
projects, centres and organizations.
⢠Becoming a knowledge and expertise node in Europeâs ability to
compete for international research funding.
3. OUR INCREASED VULNERABILITY
Our increased reliance on Information
and Communication Technologies (ICT)
will create in the years ahead new,
large, and increasingly complex security
challenges; confronting these challenges
will require an increased focus on
higher education, more efficiency in
resource development, improved
research capacity, and broad cross-sector
collaboration among industry,
infrastructure providers, the police and
other government security agencies,
and academia.
In the last few years we have seen a
number of examples of how everything
from pacemakers and cars to electricity
generators, public transportation, or
intellectual property may be exposed
to criminal activity and destroyed from
a distance - even from the other side
of the globe. Thousands of events
have brought up information security
and cyber security to the public
debate, including security breaches in
government computer systems, lack
of protection of personal information,
loss of credit card information, and
4 5
espionage at high level. The virus that
put 35,000 computers out of work
in Saudi Aramco, the worldâs largest
oil company; the cyber attack on
Georgia, ahead of Russiaâs invading the
country; industrial espionage against
the Scandinavian telecom operator
Telenor; the Americansâ access to
communication information in other
countries; the cyber attacks on the
Nobel Institute and the International
Monetary Fund (IMF), the nuclear
enriching programmes of Iran and
Estonia; a strong increase in identity
theft and relentless attacks on our
financial institutions; and the Swedish
monitoring law (FRA) that provides the
Swedish intelligence service full access
to the content of communications
of their neighbour countries that is
transmitted across Swedish soil.
It is said that what can go wrong will
go wrong. ICT has opened up a whole
new dimension of how things can go
wrong - be it by themselves or due to
malicious acts. We must be prepared.
4. 6 EXAMPLES FROM AROUND
THE WORLD
1
2
3
4
5
6
While 20,000 Norwegians are exposed to pickpocketing every year,
60,000 are victim of identity thefts that result in financial loss.
In March 2013 the telecom operator Telenor announced that several of
its senior management team had been subjected to extensive and
organised cyber espionage.
In the U.S. a cyber attack happens every three minutes on average.
In December 2012, more than 55,000 computers at Saudi Aramco,
the worldâs largest oil company, were incapacitated by a virus attack.
450,000 names and passwords were stolen from Yahoo in May 2012.
After The New York Times investigated allegations of economic nepotism
among the Chinese prime ministerâs family members, the newspaperâs
servers and a number of laptops were tapped over several months. The
Washington Post, The Wall Street Journal and several other newspapers
and news media have experienced similar espionage.
Denial of Service attacks can be purchased online. The websites of
the Nobel Committee were attacked when it awarded the Peace Price
to a Chinese dissident in 2010, and later a number of organizations in
Norway, including Norwegian security agencies, political parties, and
businesses, experienced similar attacks.
Iranâs nuclear program was delayed due to a targeted attack using the
Stuxnet computer worm. When Norway joined military operations in
Libya in 2011, the Norwegian Armed Forces were victim of a sophisti-cated
6 7
attack.
â... an inadequate national focus on areas such
as cyber security poses potential real threats
to Norwayâs security.â
âWe must confront new dangers, like cyber
attacks, that threaten our nationâs infrastructure,
businesses and people,â President Barack Obama
wrote in his introduction message to the 2014
budget.
Our new, large and increasingly complex security
challenges require efficiency in the development
of resources, training and research, sophisticated
and dynamically evolving study programmes and
applied research, and well developed relations
among stakeholders and good collaboration
across sectors.
However, the dramatic increase in cyber
security challenges has demanded a focus on
achieving operational capacity, creating a critical
undercapacity in research and education. The
funding for developing relevant skills and carrying
out research is still limited, and collaborative
relations between stakeholders and academia
are poorly developed. All this is putting security
stakeholders under pressure.
Some countries have responded to these
challenges. For instance, the U.S. state budget for
2014 allocates $500 million to the Department of
Homeland Security for cyber security research.
In the Nordic countries the response has been
slower. For instance, an independent international
committee evaluating ICT research in Norway
concluded that Norwayâs inadequate national
research strategy on cyber security âposes
potential real threats to security in Norway.â
To this concern, the Center for Cyber and
Information Security (CCIS) is an answer.
5. United for a Security Center
Gjøvik University College will establish a centre for information security with up to 80 employees and ten
professors, with the participation of Defence, the National Police, Industry and Academia.
Kjetil Nilsen, Director of National Security Authority, Benedicte Bjørnland, Director of the Police Security Service,
Major General Roar Sundseth, Head of Cyber Defence, Odd-Reidar HumlegĂĽrd, Director of the Police Directorate
Computerworld 11.06.2013,
Text & Photo: Leif Martin Kirknes
Odd Reidar HumlegĂĽrd, Director of The Norwegian Police Directorate congratulates Morten Irgens, Chair of CCIS
8 9
with the opening.
4 university colleges are partners in CCIS
6. In Norway, key national cyber security stakeholders
have initiated a partnership to establish the Center
for Cyber and Information Security (CCIS), a national
centre for research, training, and education in cyber and
information security.
Center for Cyber and Information Security will become
one of the largest academic environments in cyber
and information security in Europa and will position
itself as a national resource and the contact point for
international partners.
10 11
Statkraft is Europeâs largest generator of re-newable
energy and is the leading power com-pany
in Norway. The company owns, produces
and develops hydropower, wind power, gas power
and district heating. Statkraft is a major player in
European power trading and has 3500 employees
in more than 20 countries. Statkraft works actively
with cyber security issues across all business areas
and geographies.
Statnett is the Norwegian TSO and is responsi-ble
for Norway´s national electricity grid, an infra-structure
that is increasingly becoming dependent
on ICT for its operations. Statnett is constantly
working to maintain a long-term information secu-rity
strategy, and to strengthen the ability to deal
with information security threats and incidents.
Eidsiva Energy is a regional power producer
and supplier, and the largest in the eastern part
of Norway. Eidsiva has undertaken a particularly
supportive role for developing competence in
the Innland region. CCISâ objectives and role are
in line with Eidsivaâs efforts to strengthen its own
security strategy.
The Norwegian National Security Au-thority
(NSM) is a cross-sectoral professional
and supervisory authority within the protective
security services in Norway. The authority is re-sponsible
for the national cyber security, and oper-ates
the national Computer Emergency Response
Team (NorCERT). NSM delivers threat analyses
on a national level, working with experts on cyber
security and cryptology.
The Norwegian Cyber Defence (CY-FOR)
is the branch of the Norwegian Armed
Forces responsible for protecting and defending
military CIS in Norway.
The Norwegian Defence Research
Establishment (FFI) is Norwayâs prime
institution responsible for defense-related research
and development. A prioritized task is to study
challenges and opportunities related to informa-tion
assurance and cyber systems.
The Ministry of Justice and Public
Security (JD) is responsible for societal se-curity
and preparedness, crime prevention and
correctional services, immigration, courts and the
legislative work for law enforcement.
The National Police Directorate (POD)
is responsible for Norwayâs police districts and
special police agencies, with the exception of the
Police Security Service (PST). POD has undertak-
en responsibility for establishing closer contact
between the police and the applied research
sector in Norway.
Watchcom Security Group is a long-term
business partner specializing in cyber and
information security, contributing to secure the
common valuables of our society. Knowledge
sharing is central to their business.
The National Criminal Investigation
Service (Kripos) is a special agency within
the Norwegian Police Service with responsibil-ity
for investigating organized crime and major
crime. It is Norwayâs contact point for Interpol
and Europol and their respective competence
centres for fighting cyber crime.
The National Authority for Inves-tigation
and Prosecution of Eco-nomic
and Environmental Crime
(ĂKOKRIM) is the national authority for
investigations, and prosecution of economic
and environmental crime. Digital evidence is
essential in its investigations, but the volume is
strongly increasing. Ăkokrim will together with
CCIS develop more advanced methodologies
for information analyses to support the fight
against crime.
The Police Security Service (PST) is
the police agency for home security in Norway.
PST will contribute its insight and expertise
to CCIS in order to increase national security,
enhance the ability to ward off, understand and
investigate incidents, and provide the Norwegian
government with the best possible threat as-sessment
and advice.
Oslo Police District is the capitalâs police
district, and the nationâs largest with nearly
2,600 employees. The Police Authority has a
number of national tasks.The Police Authority
has focused on using technology effectively in
the solution of police work, and has built up a
solid unit - Digital Forensics Unit - which
primary role is to utilize the potential of the
technology track. The Unit will collaborate
closely with CCIS on developing new methods
in forensics.
The Norwegian ID Centre (NID) has a
national responsibility for identity and document
expertise. Norwegian ID Centre is a key part-ner
to the Norwegian Biometrics Laboratory
at CCIS. Norwegian ID Centre has a national
responsibility for identity and document exper-tise.
Norwegian ID Centre is a key partner to
the Norwegian Biometrics Laboratory at CCIS.
7. 12 13
Telenor Group is one of the leading mobile
operators in the world, with 172 million mobile
subscriptions. Telenor has mobile operations
in 13 markets, as well as an interest of 33 % in
VimpelCom Ltd., operating in 17 markets. Telenor
contributes into CCIS with its expertise in cyber
security of electronic communications.
Vestoppland Police District
It is the districtâs police â the local police â who
meets the community every day and accounts
for everyday preparedness in relation to crime
prevention and community safety. Many cases
begin with the local police and then taken over
by specialist agencies. The local police must have
modern skills to prevent, detect and prosecute
serious crimes, but also in relation to more every-day
challenges.
mnemonic is one of the largest specialists in
information security within the Nordic region. We
supply products and services to some
of the leading private and public sector enter-prises.
Our services cover all areas of information
security from risk management and
application security to detecting, preventing and
respond to security incidents via our service Ar-gus
Managed Defence.
NCâSpectrum delivers consultancy services in
engineering, project development, and operation
of infrastructure in the public and private sectors.
NC-Spectrum works closely with its customers
to develop cyber security for communication
networks and critical infrastructure.
PriceWaterhouse Coopers (PwC) is a
multinational professional services firm. It pro-vides
a range of integrated cyber security services.
The International Business Machines
Corporation (IBM) IBM is an American mul-tinational
technology and consulting corporation.
The company has several centres of expertise in
cyber security.
The Oppland County (OFK) has been an
early supporter of CCIS, a financing agent and a
strong and enthusiastic promoter of CCIS. The
county council cooperates actively in the effort
to improve information security in the countyâs
municipalities and businesses.
The Norwegian Police University
College (PHS) offers education a three-year
bachelor program in police studies, in-service train-ing
and post-graduate studies, including a master
program in police science. PHS conducts research
and development work in its areas. of focus. PHS
has a central role in CCIS and contribute to the
centre with expertise, research capacity and study
programs in various aspects of cyber crime.
Gjøvik University College (GUC) estab-lished
its research group in information security
11 years ago and built it up to become one of
Europeâs largest open academic research groups in
the field. Today GUC leads the National Research
School in Information Security (COINS) and is
offering dedicated undergraduate programmes in
information security at bachelor, master and PhD
level, in addition to its undergraduate programs at
these three levels in Computer Science. GUC is
host institution for CCIS, and provides CCIS with
offices, ICT services and administrative support
The Norwegian Defence Cyber
Academy (FIH) FIHâs study program awards
bachelor degrees in military education and de-velops
research capacity in cyber defence. FIH
cooperates closely with GUC.
Lillehammer University College (LUC)
established its bachelor program in law six years
ago. LUC will be a cornerstone in CCISâ work on
developing a research group in privacy, cyber law
and the connection information security and law.
The Norwegian Centre for Information
Security (NorSIS) has a national mandate to
increase the information security expertise of in-dividuals
and businesses through raising awareness
about threats and vulnerabilities, disseminating spe-cific
measures through the news, providing advice
and guidance, and trying to influence positive at-titudes
in information security. NorSISâ participation
in CCIS will enhance the centreâs ability to deliver
a broad dissemination of knowledge and practices
on information security and to this purpose it will
collaborate with the local authorities and SMEs.
8. Photo: Anders Gimmestad Gule, Høgskolen i Gjøvik/CCIS
OPENING CEREMONY
25 partner organisations established on Friday
15th August 2014 a national research and educa-tion
14 15
center for cyber and information security -
Center for Cyber and Information Security - CCIS.
The establishment of the centre was celebrated
with an opening conference in Gjøvik that was
attended by almost 300 participants. Many state-ments
and presentations were made during the
opening, including by Odd Reidar HumlegĂĽrd, the
Norwegian Police Director; Kjetil Nilsen, Director
of the National Security Authority; General Major
Odd Egil Pedersen, Head of Cyber Defence;
Berit Svendsen, CEO of Telenor; Bjørn Erik Thon,
Director of the Data Inspectorate; Troels Oerting
Joergensen, Head of Europol Computer Crime
Research Center in the Netherlands; Kimmo
Ulkuniemi, Assistant Director of the Cyber Crime
Centre of Interpol in Singapore, and as well as
several other.
Four university colleges Gjøvik University College
(GUC), Lillehammer University College (LUC),
the Norwegian Defence University College
(FIH), and the Police University College (PUC)
collaborate through CCIS. GUC and PUC have
established a common experience-based masterâs
degree in information security. The target group
of applicants for the program are members of the
police, military and other actors in the public and
private sectors. In his speech, the principal of PUC,
HĂĽkon Skulstad, emphasized on the importance of
this agreement to confront the developments of
crime.
The Police Director, Odd Reidar HumlegĂĽrd, made a
clear space for the Police in the center. HumlegĂĽrd
stated that this investment in research would help to
make sure that all the police agencies, including National
Criminal Investigation Service (Kripos), Norwegian
National Authority for Investigation and Prosecution of
Economic and Environmental Crime (Ăkokrim), and the
Police University College, attain their long-term goals.
Defence was also decisively represented. âI, on behalf
of the Chief of Defence, set two professorships avail-able
for CCISâ, said the Chief of Cyber Defence, Major
General Odd Egil Pedersen, and added, âthe center
will help to strengthen the knowledge in cyber security,
assisting with education and expertise, and not least,
will constitute an arena in which actors in the field can
come together and share their knowledge, experiences
and opinions for the common goodâ.
Any actor alone cannot handle serious incidents in the
cyber domain. âWe believe that the establishment of
CCIS will help to strengthen the nationâs ability to coun-ter
the threat of cyber domainâ, said Berit Svendsen,
CEO of Telenor.
âIt is a great pleasure that so many actors of the soci-ety,
both in the public and private sector, have seen the
benefits of this powerful collaboration and contribute
to pay salaries of researchersâ, said Rector Jørn Wrold-sen
from Gjøvik University College, the host institution.
While he thanked partners for their support, Wroldsen
expressed his hope for the government to take a politi-cal
decision and provide funding to secure the long-term
operation of the center.
Photo: Anders Gimmestad Gule, Høgskolen i Gjøvik/CCIS
9. The 22 July Committee presents its report to the
media
BROAD POLITICAL SUPPORT
CCIS has received strong interdisciplinary
political support, including the direct and
explicit support of several parliamentary
committees and parliamentâs documents.
The White Paper 207 S, (2011-2012),
from the Special Committee report to the
Minister of Justice and Minister of Defence
from the Parliamentâs meeting held on 10
November 2011, concerning the attacks
22 July, explicitly and unanimously recom-mends
16 17
that the Centre receives support.
(Chapter15, page15): âThe Committee
welcomes the establishment of the centre
and believes that the government should
assess how the centre can be supported
to develop its workâ.
âThe White Paper 29 (2011-2012) on
societal security has a separate section on
the centreâs initiative and describes a com-prehensive
task force that has been set
up to consider further actions (Chapter 9,
page 107). The Justice Committee decided
to emphasise this in its report. Recom-mendation
of the Justice Committee on
terror preparedness (NOU 2012:14 Fol-low
up Report of 22 July Commission)
emphasises the importance of establishing
Norwegian expertise in information se-curity:
âEspecially the work carried out at
GUC is of interestâ, points out the Com-mittee
in White Paper 207 S.
The Government supports the centre with
5 million NOK in 2014, from the Ministry
of Justice and Public Security and the
Ministry of Local Governments and
Modernisation.
6 REASONS WHY THE CENTER IS
IMPORTANT
The centre is important because an increasing amount of criminal activities
are dependent on information and communication technologies (ICT).
Crime, whether it takes place in cyberspace alone or not, most likely
leaves digital traces. At the same time it is a challenge to find, understand,
assemble and secure such evidence in a way that it safeguards individual
rights and forensic correctness.
The centre is important because the threat landscape changes. The
increased mobility and open borders, climate change, increased
unemployment and social pressures in Europe, resource scarcity, terrorism,
pandemics and resistant infections, and Norwayâs participation in
international military operations all help to increase the possibility of criminal
acts, attacks and terrorism against Norwegians, Norwegian infrastructure
and interests.
The centre is important because orivacy and security, two central citizen
rights, are under pressure and need good technological, legal and societal
understanding and research
The centre is important because education, skills and research in cyber and
information security will help to combat increasing threats, vulnerabilities
and offences in the cyberspace.
The centre is important because there is a need for extensive international
cooperation and long-term research to prepare for tomorrowâs challenges.
The centre is important because there is a need to educate and train new
experts and to develop skills within the Norwegian central institutions, at
the bachelor, master and PhD levels.
1
2
3
4
5
6
10. Wireless Security
Legal Aspects of Information Security
Financial Crime Investigation
Ethical Hacking
Privacy-Enhancing Technologies
Image and Video Analysis
Biometrics
Security Administration
Cloud Security
Network Security
Data Hiding
Computational Forensics
Risk Management ¡
Cryptology
Digital Forensics
Information Warfare
Big Data Forensics
Cyber Defense
M e d i a S e c u r i t y Socio-technical Systems Security
Malware and Botnet Detection
The Center for Cyber and Information Security (CCIS) is not only a research
centre. It establishes competence transfer across agencies, companies and
sectors. It facilitates research projects that connects industry and government
agencies with international research networks. It connects research with study
programmes and students to research, linking operational environments to aca-demic
study programmes and research. CCIS connects research, applications and
Center for Cyber and
Information Security
18 19
Authentication
Web Security
Protection of Critical Infrastructure
Incidence Management Malware and Botnet Detection
Information Warfare
Security by Design
Mobile Security
U s a b i l i t y f o r S e c u r i t y
Intrusion Detection
and Prevention
Information
Management
Every aspect of the challenge
Cyber and Information Security is a discipline that must be understood in its full
dimension, technological, psychological, social, economic, and organizational aspects
interact and influence the outcome. Therefore, the centre promotes an exchange of
knowledge and competence not only among academia and the applications areas, sectors,
agencies and institutions, but also among the different fields in cyber and information
security. Thus, CCIS academic degrees at bachelor, master and PhD level are specifically
dedicated to information and cyber security. This is in contrast with how information
security is taught at most other universities; as courses that are part of a computer science
degree.
APPLICATIONS
RESEARCH
CCIS
DISSEMINATION
TRAINING
study programmes with communication and dissemination capabilities.
EDUCATION
11. PhD in Information Security
PhD in Computer Science
Master in Information Security
Master in Cyber Crime Investigation
Master in Applied Computer Science
Bachelor in Network Management
Bachelor in Information Security
Bachelor in Telematics
Bachelor in Software Development
Bachelor in Computer Engineering
One year program in Information
Security
One year program in Software
Development
Courses & training packages
Conferences, workshops, seminars
12 Study programmes
7 Study programmes dedicated to
information security, cyber security,
cyber defence and cybercrime, with:
20 PhD students
80 Master students
240 Bachelor students
20 21
CCIS delivers, through its core partners, a
number of Bachelor programs in information
security, network management and computer
science, as well as a BSc in Telematics at the
Norwegian Defence Cyber Academy (FIH),
also known as the education of the militaryâs
âcyber warriorsâ.
CCIS also delivers a MSc program in infor-mation
security with three study tracks, in-formation
security management, forensics,
and security technologies. The centre is also
delivering a flexible, experience-based master
with a a study track in the investigation of
digital evidence and cyber crime, a collabora-tion
between the CCIS partners the Police
University College (PHS) and GUC.
CCISâ dedicated information security pro-grams
cover the full scope of cyber and
information security. In addition, the
centre has a number of associated com-puter
sscience programs with security-oriented
activities at all levels, including
applications of image and video process-ing,
games and mobile computing tech-nologies.
The Centreâs PhD program in cyber and
information security will have 15 PhD stu-dents
at start up in 2014 and 25 students
two years later. In addition, the centre will
have a number of associated PhD students in
computer security research.
The centre provides flexible courses, training
packages, corporate courses and lectures, in
collaboration with the Norwegian Centre for
Information Security (NorSIS).
PhD i informatikk
Center
for Cyber and
Information
Security CCIS
Gjøvik University College
Police University College
Norwegian Defence Cyber Academy
NorSIS
12. National Academic Network
22 23
Core research partners in CCIS includes
Gjøvik University College, the Police
University College, the Norwegian
Defence Cyber Academy, and the Nor-wegian
Defence Research Establishment.
CCIS is developing substantial collabora-tion
between these, on research, degree
programmes, research network develop-ment,
and international training programs.
Each academic partner has quite different
international networks, giving a strong
potential for innovative international col-laborations
and research projects.
CCIS leads the Norwegian Research
School of Computer and Information
Security (COINS). COINS integrates
Norwegian research groups in
Information Security to a larger entity by
integrating the course portfolio for
research school members, builds stronger
relationships between doctoral students
in the network, establishes more incen-tives
to excel and increases student mo-bility
through access to a larger network.
COINS also increases Norwayâs interna-tional
student mobility, hosts internation-ally
recognised researchers, and offers
âfree flow of goods and servicesâ in Infor-mation
Security Research in Norway. At
any time, 40 PhD students are members
of COINS.
COINS provides a significant added value
to PhD students at CCIS, while CCIS
provides COINS with a strong national
and international network, including busi-nesses,
end users, and security agencies.
PhD i informatikk
Norwegian University of Science and Technology - NTNU
University of Agder
University of Stavanger
University of Tromsø
University of Bergen
University of Oslo
Gjøvik University College
Police University College
Norwegian Defence Cyber Academy
Lillehammer University College
COINS:
National Research
School of Computer
and Information
Security
CCIS:
Center
for Cyber and
Information
Security
13. Information Security
Management
Group
24 25
Research Groups
The centre covers all major areas of information and cyber security. Multidisciplinary expertise is assembled in
research groups and labs to address specific application areas. Other research groups will be established, includ-ing
information security in the health sector, product and software security and cyber security Innovation.
The Norwegian
Biometrics
Laboratory
Center
for Cyber and
Information Security
CCIS
Critical Information
Infrastructure
Protection Group
Norwegian Cyber
Defence
Research Group
Testimon Forensics
Research Group
Testimon Forensics Research Group
Digital evidence derived from information and
communication technology using forensics tech-niques
is playing an increasingly important role,
e.g. in corporate compliance activities, criminal
investigations, counter terrorism and intelligence
operations. Technologies such as Cloud Computing,
online Social Networks, the growing use of mobile
and embedded devices as well as cross-border
multi-jurisdictional collaboration on digital evidence
and forensic readiness, pose challenges. The volume,
velocity and variety of data is increasing exponen-tially.
For example, sensor signals in the Internet of
Things, text documents, images or audio-video data,
are produced, shared and consumed using many
heterogeneous devices, communication technolo-gies,
and software applications. This presents a scale
and complexity that demands continuous improve-ment
of the methods and techniques applied in dig-ital
investigations, i.e. to prevent, detect and analyze
fraud and criminal activities.
The research conducted in the CCIS / Testimon
Forensics Group (Testimon) aims to gain new
knowledge, to derive legal & privacy regulations, to
develop and to evaluate novel techniques, that will
address the aforementioned challenges in both the
state-of-the-art and the state-of-the-practice. Cur-rent
activities include, but are not limited to:
* Gain new knowledge on large-scale fraud detec-tion,
crime investigation & prevention in compliance
with privacy and legal regulations.
* Explore socio-technical controls to balance
forensics-by-design & privacy-by-design.
* Work towards sustainable investigation methods
that follow sound forensic principles.
* Develop software methods & infrastructures to
increase efficiency in large-scale forensic investiga-tions.
* Support search & analysis through terabytes of
electronic data stored within closed systems and
open Internet.
Unique study and training programs are made avail-able
by Testimon through the close cooperation
among its partners within CCIS, i.e.
* PhD in Information Security / Digital and Compu-tational
Forensics
* Master of Science in Information Security / Digital
Forensics and Cyber Crime Investigation
* Experience-Based Master of Science in Informa-tion
Security / Digital Forensics and Cyber Crime
Investigation
* Nordic Computer Forensics Investigators (Mod-ule
1 & 2)
Partners within the Testimon Forensics Group
bring in diverse backgrounds and expertise from
academia, the public and private sector. Most
prominent are the Norwegian police agencies, i.e.
the Norwegian Police University College (Politihøg-skolen),
Norwayâs National Criminal Investigation
Service (KRIPOS), the Norwegian National Security
Authority (NSM), the Norwegian National Author-ity
for Investigation and Prosecution of Economic
and Environmental Crime (ĂKOKRIM), the Norwe-gian
Police Directorate (POD), and other regional
law enforcement agencies, e.g. the Oslo Politidistrikt
and Vestoppland Politidistrikt.
Since its beginning Testimon is evolving steadily. It
was established originally as academic research
group under the Norwegian Information Security
Laboratory (NISlab) in 2010, and is today recog-nized
nationally and internationally. For example,
Testimon maintains close collaborations with the
Netherlands Forensics Institute (NFI), The Neth-erlands,
Ericsson, Sweden, the University College
Dublin (UCD), Irland, the National Institute of
Standards and Technology (NIST), USA, the Uni-versity
of California Santa Cruz (UCSC), USA, the
Kyushu Institute of Technology (Kyutech), Japan, the
Center for Advanced Security Research Darmstadt
(Cased), and the Ecole polytechnique federale de
Lausanne (EPFL), Switzerland.
The Norwegian Biometrics Laboratory
The activity in the biometrics group in CCIS is
based around the Norwegian Biometrics Labora-tory
(NBL, (http://www.nislab.no/biometrics_lab)
14. and its long lasting partnership with the Norwegian
ID Centre.
NBL is a discussion forum to brainstorm, to gener-ate
new ideas and projects and to present interme-diate
results. The group represents an active focus
point with currently four international research
projects. Further it is the intention to increase the
awareness of biometrics in Norway via the Nor-wegian
Biometric Forum (http://www.frisc.no/frisc-biometrics-
forum/) and its potential involvement in
the Norwegian legislation and to contribute to the
international standardization in the field. Along this
intention the biometrics group will host in 2015 the
International Standardisation conference of ISO/
IEC JTC1 SC37, which will run from June 22 to 26,
2015.
NBL is an active member in the European Associa-tion
for Biometrics and co-organizer of the interna-tional
conference BIOSIG as well as participating in
the organization of other biometric events like the
IEEE ICB, IEEE IJCB, IEEE IIH-MSP. Moreover NBL
represents Norway in the European expert net-work
COST Action IC1106 and furthermore NBL
26 27
is hosting the COST Action International Work-shop
on Biometrics and Forensics on March 3 and
4, 2015.
The biometric research is covering various physio-logical
and behavioral biometrics including 2D- and
3D-face recognition, iris and eye recognition, finger-print
recognition, finger vein recognition, ear recog-nition,
signature recognition, gait recognition, key-stroke
recognition, gesture recognition and mouse
dynamics. The research activities of NBL are also
presented during its annual workshop (NBLAW),
which will take place on March 2, 2015.
Furthermore NBL focuses on privacy enhancing
technologies such as biometric template protec-tion
and integration in physical and logical access
control. The lab serves also as independent testing
institution for biometric performance evaluations
based on its in-house biometric databases.
The Information Security Management
Group
In an ever more rapidly digitized connect world
Cyber- and information security threats, vulner-ability,
risks and solutions to protect our digital and
non-digital assets need to be continuously modeled,
measured, evaluated and managed. The Information
Security Management Group performance both
theoretical, empirical and applied research on the
modeling measuring and managing of technical and
procedural problems and solutions in the informa-tion
security management area.
The group has a special responsibility for the in-formationâs
security management track of the MSc
at University College Gjøvik. Consequently itâs
research based teaching methods bring together a
broad spectrum of socio-technical systems security
research results that cover the social, organizational,
psychological, legal, ethical, cultural, political, rhetori-cal
educational and technical aspect of cyber- and
information security management.
Dissemination of both solutions and problems in
the information security management area are
an important focus of the group. Members of the
group cooperate closely with NorSIS and partici-pate
in the Norwegian National Information Se-curity
Month, which is held in October every year.
They also assist NorSIS in the Information Security
Top Leader Round table discussions that are held 3
times a year.
On the research front members of the group are
part of the Norwegian Forum for Research and In-novation
in Security and Communications (FRISC)
which primary role is to be a meeting place for
Norwegian information security researcher to share
and exchange ideas.
Critical Information Infrastructure
Protection Group
The CCIS Security of Critical Infrastructures (SCI)
group was formed around a long-standing research
group at Gjøvik University College studying se-lected
aspects of the security and dependability of
critical infrastructures at different abstraction levels
ranging from national level and supranational de-pendency
and interdependency models to proto-cols,
sensor, and actuator security in process control
systems.
The SCI group was established in collaboration
with and is supported by industrial partners includ-ing
Statnett, Statkraft, Eidsiva, Telenor, and NC-Spec-trum
with a strong research track record in the
telecommunications and energy sectors. Research
in the SCI group also has strong and natural syner-gies
with the CCIS Cyber Defence group (CDG),
and also collaborates closely with national authori-ties
and international organisations. Critical infra-structures
pose a number of highly interesting and
challenging research problems.
Many are inherently cyber-physical systems and re-quire
an in-depth understanding of the often non-linear
coupling and underlying models to capture all
threats and vulnerabilities.
Even the failure of a single critical infrastructure by
definition has grave consequences up to loss of
life or severe economic impact, but in many cases
â particularly for energy and telecommunications
- strong interdependencies would cause cascading
failures. Such failure modes must be understood
and mitigated where possible, requiring not only
the study of interactions within and among infra-structures,
but also of possible responses when co-ordination
and control is hampered or even actively
targeted.
Threats range from random faults to deliberate at-tacks
by non-state and state actors, which must be
assumed to have substantial resources at their dis-posal
and may prepare attacks over a long period.
Beyond purely technical issues, a further key chal-lenge
to understanding threats but also for dealing
with incidents and attacks is the timely and efficient
sharing of relevant information that will often need
to transcend individual organisations or even sec-tors.
As many infrastructure sectors are privately owned
and operated, such information may be com-mercially
sensitive, whilst sharing intelligence from
national authorities also raises operational and
technical challenges. The CCIS SCI group seeks to
address these core challenges in close collaboration
with national and international partners.
Norwegian Cyber Defence
Research Group
The research group specializes in various aspects
of national cyber. It draws its members from the
Norwegian Cyber Defence, GUC, the Norwegian
Defence Research Establishment (FFI) and the Nor-wegian
Defence Cyber Academy (FIH). The group
contributes to the BSc, MSc and PhD programs
in information security at GUC and FIHâs BSc in
telematics, known as the âcyber warriorâ education.
The implementation of network based defence has
introduced both new opportunities and threats in
military operations.
The improvements in communication networks,
information management systems and operational
awareness comes at the cost of increased depend-ability
of commercial off the shelf products, in-creased
dependability of civilian infrastructure and
larger systemic exposure surface. The Cyber De-fence
group should conduct research that increased
an organizations ability to administrate, operate and
defend their ICT-systems, networks and technologi-cal
platforms.
15. Associated Groups and Organizations
The Media Technology Laboratory
(MTL)
CCIS shares offices with the Media Technology
Lab. MTL delivers research and study programs
(on BSc, MSc and PhD level) in various areas of
computer science. Of particular interest to CCIS
is its research in mobile security, biometric meth-ods,
user design for security and safety applica-tions
of augmented reality, mobile phones, tablets,
game consoles, digital interfaces and visors (e.g.
Google glasses). MTLâs Colour and Vision Re-search
Laboratory works in security with applica-tions
such as video analysis of gait recognition and
the design of counterfeit-resistant bank notes.
NorSIS
CCIS will share offices with the Norwegian
Centre for Information Security (NorSIS). NorSIS is
part of the Norwegian Governmentâs overall com-mitment
to information security and reports to the
Ministry of Justice and Public Security. NorSIS works
to ensure that information security becomes a natu-ral
part of every dayâs life of citizens and businesses
through raising awareness about threats and vulner-abilities
and informing on security measures, NorSIS
operates the online service slettmeg.no and the na-tional
identity theft project. With NorSIS, CCIS gets a
partner highly experienced in communication, with an
excellent network of SMEs, Norwegian municipalities
and governmental agencies. NorSIS and CCIS will col-laborate
on media management, marketing resources,
research dissemination, conferences and workshops.
CCIS and NorSIS will in collaboration continue to
deliver the Top Level Security Meeting which brings
together security chief executives for discussions un-der
28 29
Chatham House Rule.
Electro Section
CCIS shares campus with the Section of Elec-tronics
at GUC. In particular, the Electro Section
supports CCIS in a number of security areas,
including investigations of electronic equipment
in criminal cases, electronic implementations of
biometrics methods, combination of biometrics,
Near Field Communication and mobile phones,
and random number generation in programmable
logic. The Electro Section has several associ-ate
professors with PhD degrees in information
security.
Health Care and Nursing
CCIS shares campus location at GUC with the
Faculty of Health Care and Nursing, which devel-ops
expertise in patient safety and security, includ-ing
information security in the health sector.
FRISC
CCIS works in close collaboration with the
Forum for Research and Innovation in Security
and Communications (FRISC), a value network
supported by the Norwegian Research Council.
The mission of FRISC is to create meeting places
for research and innovation in information securi-ty
where information sharing and the value-added
utilization of results can happen with an interna-tional
perspective.
Health Care
The Norwegian
Biometrics
Laboratory
Center
for Cyber and
Information
Security CCIS
Critical Information
Infrastructure
Protection Group
Information Security
Management
Group
Testimon Forensics
Research Group
Media Technology
Laboratory FRISC
Forum for
Research & Innovation
in Security and
COINS Research Communications
School
Electro Section
NorSIS
Norwegian Centre
for Information
Security
Norwegian Cyber
Defence
Research Group
16. 30 31
CCIS
50% presence at CCIS
Developing cross-sectoral projects
Developing curricula
Identifying student resources
Developing research networks
Attracting team members
Partner-funded researchers develop the col-laboration
between CCIS, its partners and
networks and the funding partner organiza-tion.
âPartner researchersâ have the responsi-bility
to help recruiting talented students for
partner institutions, influence the develop-ment
of degree programs in a direction that
best supports the partner institutionâs needs,
and connect partner organization to the
Centreâs other partners and to international
networks.
Scientists who build bridges
THE PARTNER INSTITUTION
50% presence at the partner institution
Identifying skills and competence needs
Identifying potential projects
Mobilizing the partnerâs professional network
Attracting team participants
Partner researchers will support the partner
institutions in their long term strategic
development, and are responsible for
identifying their needs for competence
development and research.
Partner researchers recruit
resources and networks to
CCIS projects.
17. A partner researcher shall draw on resources at
the partner institution and CCIS to develop a
team that will contribute to activities
and projects that will further the ob-jectives
of the partner and CCIS in the
particular focus areas of the partner.
Team members comes from the partner institution,
as well as doctoral candidates, researchers, PhD
students, master students, bachelor students and
experts, at CCIS and among CCISâ partners and
their networks. The partner researcher is expect-ed
to spend some time doing fundraising and write
CCIS emphasizes good collaboration in an excellent
PhD-student
Master student
Domain Expert from partner
organization
32 33
proposals to finance the team.
PhD-student
Guest researcher
Associate professor
Professor
Post-Doc candidate
Researchers who build teams
research environment, where social challenges,
professional dialogue, and cooperation
are central. CCIS focus
on eminent research and professional
development that connect partner organizations,
engineers, security experts, leading expertise and top
scholars. It also closely connects applied research,
teaching and real world information security
experience and needs. This calls for a
good organization that include research
groups, focus laboratories,
professional groups, and a
good cooperation rhythm.
Technician
18. MORE REASONS WHY
CCIS IS IMPORTANT
CCIS is important because society as a whole and its critical infrastructure have
become completely dependent on ICT, and therefore dependent on ICT security
- from command and control systems, financial structures, food production, food
distribution, banking, payroll and electricity distribution to hospital management, and
transportation.
CCIS is important because the consequences of security breaches have become
very high.
CCIS is important because inadequate information security costs society large
amounts of financial resources. The global cost of cyber crime is estimated to be
between 0.4% and 1.4% of global GDP.
CCIS is important because an arena for knowledge exchange across information
security actors, including defence, law enforcement, police, administration, finance,
and business, is necessary for developing effective security capacity.
CCIS is important because effective information security measures rely on under-standing
the security interdepence of technological, economical, legal and political
measures.
CCIS is important because information security actors, including security agencies
and businesses, have much to gain from collaborating with long-term research, while
research has much to gain from learning from the so-called âreal worldâ.
CCIS is important because security has become a necessary part of products and
services. Insufficient security can drive products and firms off the market. High
cyber security gives manufacturing companies higher uptimes, shorter delivery times
and improved margins.
CCIS is important because information security in itself is a large global market, both
for products and services.
CCIS is important because it will give its participants, who have significant national
importance, increased cyber and information security competence.
CCIS is important because it will increase the number of students in information
security at all levels.
34 35
7
89
10
11
12
13
14
15
16
Delivery
2 years
CCIS will have
-established a research
group on cyber crime
-established a research
group on cyber defence
-established a research
group on cyber security of
critical infrastructure
-strengthened and
integrated degree programs
in information security
-started an experience-based
masterâs program on
cyber crime investigation
-established the presence
of 25 PhD students at the
centre and 64 associated
via COINS, two post-doc-toral
candidates, 40 master
students and 240 under-graduates
4 years
CCIS will have
-become a strong support
for the Norwegian authori-ties
in their national and
international work on cyber
security
-established a research
group in privacy and cyber
aspects of rule of law
- established a Nordic Cen-tre
of Expertise in Cyber
Crime Prevention and Inves-tigation
-recruited 30 PhD students
at the Centre and with 90
associated via COINS, and
10 postdoctoral candidates
-recruited 25 partners
8 years
CCIS will have
-been on track to eliminate
societyâs critical shortage of
experts
-led the Norwegian re-search
in cyber security
from being fragmented into
being a national consolida-tion
of meeting space for
the dissemination of re-search
and innovation
-established a centre for
cyber security innovation
to help industry partners
turn the results from CCIS
into commercially successful
products and services
The Center for Cyber and Information Security (CCIS)
works continually to obtain additional financing for projects
and research groups and laboratories.
19. Š 2014 Center for Cyber and Information Security
Contact information:
Morten Irgens, Chair of the interim board
morten.irgens@ccis.no, +47 46 54 19 41
Nils Kalstad Svendsen,
Dean of IMT, Gjøvik University College
(NISlab), nils.svendsen@ccis.no, +47 454 92 425
Thank you for your interest. CCIS is a
resource for its partners and collaborators.
Your comments and ideas on how CCIS
can be made even better will be most
appreciated. CCIS invites your organisation
to participate as partner.
www.ccis.no
facebook.com/centerforcis
twitter.com/ccisno
36