This document discusses combating cyber terrorism through effective cyber security cooperation. It argues that while cyberspace is increasingly being used for terrorist activities, there is little cyber security cooperation between nations. It proposes establishing regional cyber security hubs to facilitate cooperation, sharing of best practices, and protection of critical infrastructure. However, effective regional cooperation faces challenges from differing foreign policies, security preferences, alliance biases, and perceptions about internet governance.
Application Security - Your Success Depends on itWSO2
Traditional information security mainly revolves around network and operating system (OS) level protection. Regardless of the level of security guarding those aspects, the system can be penetrated and the entire deployment can be brought down if your application's security isn't taken into serious consideration. Information security should ideally start at the application level, before network and OS level security is ensured. To achieve this, security needs to be integrated into the application at the software development phase.
In this session, Dulanja will discuss the following:
The importance of application security - why network and OS security is insufficient.
Challenges in securing your application.
Making security part of the development lifecycle.
The current presentation is based on different Cyber Security Threats for 2017 published in Internet. All threats are explained at a high level but at the end of this presentation all references URL are present if you want to investigate deeply any threat.
Cyberterrorism is the use of Internet based attacks in terrorist activities, including acts of deliberate, large-scale disruption of computer networks, especially of personal computers attached to the Internet, by the means of tools such as computer viruses.
Cyberterrorism is a controversial term. Some authors choose a very narrow definition, relating to deployments, by known terrorist organizations, of disruption attacks against information systems for the primary purpose of creating alarm and panic. By this narrow definition, it is difficult to identify any instances of cyberterrorism.
Cyberterrorism can be also defined as the intentional use of computer, networks, and public internet to cause destruction and harm for personal objectives.[1] Objectives may be political or ideological since this is a form of terrorism[citation needed].
There is much concern from government and media sources about potential damages that could be caused by cyberterrorism, and this has prompted official responses from government agencies.
Application Security - Your Success Depends on itWSO2
Traditional information security mainly revolves around network and operating system (OS) level protection. Regardless of the level of security guarding those aspects, the system can be penetrated and the entire deployment can be brought down if your application's security isn't taken into serious consideration. Information security should ideally start at the application level, before network and OS level security is ensured. To achieve this, security needs to be integrated into the application at the software development phase.
In this session, Dulanja will discuss the following:
The importance of application security - why network and OS security is insufficient.
Challenges in securing your application.
Making security part of the development lifecycle.
The current presentation is based on different Cyber Security Threats for 2017 published in Internet. All threats are explained at a high level but at the end of this presentation all references URL are present if you want to investigate deeply any threat.
Cyberterrorism is the use of Internet based attacks in terrorist activities, including acts of deliberate, large-scale disruption of computer networks, especially of personal computers attached to the Internet, by the means of tools such as computer viruses.
Cyberterrorism is a controversial term. Some authors choose a very narrow definition, relating to deployments, by known terrorist organizations, of disruption attacks against information systems for the primary purpose of creating alarm and panic. By this narrow definition, it is difficult to identify any instances of cyberterrorism.
Cyberterrorism can be also defined as the intentional use of computer, networks, and public internet to cause destruction and harm for personal objectives.[1] Objectives may be political or ideological since this is a form of terrorism[citation needed].
There is much concern from government and media sources about potential damages that could be caused by cyberterrorism, and this has prompted official responses from government agencies.
Welcome to Cyber Threat Simulation Training powered by Tonex. Cyber Threat Simulation Training covers standards of cyber threats, progressed cyber fighting and threat simulation standards.
Cyber Threat Simulation Training is splitted into different parts comprising of essential cyber security, progressed cyber security, standards of cyber threat and hands-on threat simulation works out.
Learn about:
Basic cyber threat principles
Principles on threat environment
Principles of cyber simulation and modeling
Cyber threat simulation principles
Web application cyber threat fundamentals
Network and application reconnaissance
Data exfiltration & privilege escalation
Exploit application misconfigurations and more
Firewall and Threat Prevention at work
Tools to model and simulate cyber threat
Tools to monitor attack traffic
Who Should Attend:
Cyber Threat Analysts
Digital Forensic Analysts
Incident Response Team Members
Threat Hunters
Federal Agents
Law Enforcement Officials
Military Officials
Course Modules:
Cyberwarfare and Cyberterrorism
Overview of Global Cyber Threats
Principles of Cyber Threat Simulation
Cyber Threat Intelligence
Simulating Cyber Threats
Incident Detection
Response Threat Simulation
Cyber Threat Simulation Training.Price: $3,999.00 . Length: 3 Days.
Request more info about this Cyber Threat Simulation Training. Call +1-972-665-9786. Visit www.tonex.com/training-courses/cyber-threat-simulation-training/
Its is project based on one of the most interesting and wide topic of Computer Science, named Cyber Security
CONTENT :
1. What is Cyber Security
2. Why Cyber Security is Important
3. Brief History
4. Security Timeline
5. Architecture
6. Cyber Attack Methods
7. Technology for Cyber Secuirty
8. Development in Cyber Security
9. Future Trend in Cyber Security
Overview of Internet and network security protocols and architectures.
Network and Internet security is about authenticity, secrecy, privacy, authorization, non-repudiation, data integrity and protection from denial of service (DOS) attacks.
In the early days of the Internet, security was not a concern so most protocols were developed without protection from various kinds of attacks in mind. The Internet is now infested with malware like worms, viruses, trojan horses and killer packets. Unprotected hosts run the risk of being seized by hackers and become part of botnets to launch even more elaborate attacks.
Careful protection of hosts in a network is therefore of paramount importance. Hosts that need not be reachable from the Internet are typically placed in a protected LAN. Hosts with reachability requirements like mail and web servers are placed in a special network zone called DMZ (DeMilitarized Zone).
Firewalls protect the different networks. Firewall functionality ranges from simple port and address filters up to stateful application and deep packet inspection firewalls that provide more protection.
In general, security policies should be as restrictive as reasonable possible. So usually something not explicitly allowed should be classified as forbidden and thus be blocked.
In present world, where computers/laptops and smart phone made it possible to extract other's secrets, a need has been imminent to handle such problems by Cyber Security Regime, which not only be launched by individuls(IT Expert) of organizations but the governments of the country should also play a vital role.
This power-point present Explain about security risk by internet to government offices. here is some important tools and method for safely handheld internet
Designated IT security experts in Europe and Asia have been interviewed by RadarServices, the European market leader for managed security services, with regards to future IT security trends and challenges. They shared their views concerning the development of cyber attacks and security technologies until 2025.
Introduction
What is Cyber Crime?
Computer crime, or cybercrime, is crime that involves a computer and a network. The computer may have been used in the commission of a crime, or it may be the target.
What is Cyber Security?
C
yber security, also known as computer security or IT security, is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. It includes controlling physical access to the hardware, as well as protecting against harm that may come via network access, data and code injection and due to malpractice by operators,whether intentional, accidental, or due to them being tricked into deviating from secure procedures.
The field is of growing importance due to the increasing reliance on computer systems in most societies and the growth of "smart" devices,including smartphones, televisions and tiny devices as part of the Internet of Things – and of the Internet and wireless network such as Bluetooth and Wi-Fi.
Some organizations are turning to big data platforms, such as Apache Hadoop, to extend data accessibility and machine learning to detect advanced persistent threats.
Vulnerabilities and Attacks
Vulnerability is a system susceptibility or flaw, and much vulnerability are documented in the Common Vulnerabilities and Exposures (CVE) database and vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities as they are discovered.
An exploitable vulnerability is one for which at least one working attack or "exploit" exists.
To secure a computer system, it is important to understand the attacks that can be made against it, and these threats can typically be classified into one of the categories below.
Cyber-Espionage: Understanding the Advanced Threat LandscapeAaron White
Cutting through the APT hype to help businesses prevent, detect and mitigate advanced threats.
Sophisticated cyber-espionage operations aimed at pilfering
trade secrets and other sensitive data from corporate networks currently present the biggest threat to businesses. Advanced threat actors ranging from nation-state adversaries to organized cyber-crime gangs are using zero-day exploits, customized malware toolkits and clever social engineering tricks to break into corporate networks, avoid detection,
and steal valuable information over an extended period
of time.
In this presentation, we will cut through some of the hype
surrounding Advanced Persistent Threats (APTs), explain the
intricacies of these attacks and present recommendations to
help you improve your security posture through prevention,
detection and mitigation.
Welcome to Cyber Threat Simulation Training powered by Tonex. Cyber Threat Simulation Training covers standards of cyber threats, progressed cyber fighting and threat simulation standards.
Cyber Threat Simulation Training is splitted into different parts comprising of essential cyber security, progressed cyber security, standards of cyber threat and hands-on threat simulation works out.
Learn about:
Basic cyber threat principles
Principles on threat environment
Principles of cyber simulation and modeling
Cyber threat simulation principles
Web application cyber threat fundamentals
Network and application reconnaissance
Data exfiltration & privilege escalation
Exploit application misconfigurations and more
Firewall and Threat Prevention at work
Tools to model and simulate cyber threat
Tools to monitor attack traffic
Who Should Attend:
Cyber Threat Analysts
Digital Forensic Analysts
Incident Response Team Members
Threat Hunters
Federal Agents
Law Enforcement Officials
Military Officials
Course Modules:
Cyberwarfare and Cyberterrorism
Overview of Global Cyber Threats
Principles of Cyber Threat Simulation
Cyber Threat Intelligence
Simulating Cyber Threats
Incident Detection
Response Threat Simulation
Cyber Threat Simulation Training.Price: $3,999.00 . Length: 3 Days.
Request more info about this Cyber Threat Simulation Training. Call +1-972-665-9786. Visit www.tonex.com/training-courses/cyber-threat-simulation-training/
Its is project based on one of the most interesting and wide topic of Computer Science, named Cyber Security
CONTENT :
1. What is Cyber Security
2. Why Cyber Security is Important
3. Brief History
4. Security Timeline
5. Architecture
6. Cyber Attack Methods
7. Technology for Cyber Secuirty
8. Development in Cyber Security
9. Future Trend in Cyber Security
Overview of Internet and network security protocols and architectures.
Network and Internet security is about authenticity, secrecy, privacy, authorization, non-repudiation, data integrity and protection from denial of service (DOS) attacks.
In the early days of the Internet, security was not a concern so most protocols were developed without protection from various kinds of attacks in mind. The Internet is now infested with malware like worms, viruses, trojan horses and killer packets. Unprotected hosts run the risk of being seized by hackers and become part of botnets to launch even more elaborate attacks.
Careful protection of hosts in a network is therefore of paramount importance. Hosts that need not be reachable from the Internet are typically placed in a protected LAN. Hosts with reachability requirements like mail and web servers are placed in a special network zone called DMZ (DeMilitarized Zone).
Firewalls protect the different networks. Firewall functionality ranges from simple port and address filters up to stateful application and deep packet inspection firewalls that provide more protection.
In general, security policies should be as restrictive as reasonable possible. So usually something not explicitly allowed should be classified as forbidden and thus be blocked.
In present world, where computers/laptops and smart phone made it possible to extract other's secrets, a need has been imminent to handle such problems by Cyber Security Regime, which not only be launched by individuls(IT Expert) of organizations but the governments of the country should also play a vital role.
This power-point present Explain about security risk by internet to government offices. here is some important tools and method for safely handheld internet
Designated IT security experts in Europe and Asia have been interviewed by RadarServices, the European market leader for managed security services, with regards to future IT security trends and challenges. They shared their views concerning the development of cyber attacks and security technologies until 2025.
Introduction
What is Cyber Crime?
Computer crime, or cybercrime, is crime that involves a computer and a network. The computer may have been used in the commission of a crime, or it may be the target.
What is Cyber Security?
C
yber security, also known as computer security or IT security, is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. It includes controlling physical access to the hardware, as well as protecting against harm that may come via network access, data and code injection and due to malpractice by operators,whether intentional, accidental, or due to them being tricked into deviating from secure procedures.
The field is of growing importance due to the increasing reliance on computer systems in most societies and the growth of "smart" devices,including smartphones, televisions and tiny devices as part of the Internet of Things – and of the Internet and wireless network such as Bluetooth and Wi-Fi.
Some organizations are turning to big data platforms, such as Apache Hadoop, to extend data accessibility and machine learning to detect advanced persistent threats.
Vulnerabilities and Attacks
Vulnerability is a system susceptibility or flaw, and much vulnerability are documented in the Common Vulnerabilities and Exposures (CVE) database and vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities as they are discovered.
An exploitable vulnerability is one for which at least one working attack or "exploit" exists.
To secure a computer system, it is important to understand the attacks that can be made against it, and these threats can typically be classified into one of the categories below.
Cyber-Espionage: Understanding the Advanced Threat LandscapeAaron White
Cutting through the APT hype to help businesses prevent, detect and mitigate advanced threats.
Sophisticated cyber-espionage operations aimed at pilfering
trade secrets and other sensitive data from corporate networks currently present the biggest threat to businesses. Advanced threat actors ranging from nation-state adversaries to organized cyber-crime gangs are using zero-day exploits, customized malware toolkits and clever social engineering tricks to break into corporate networks, avoid detection,
and steal valuable information over an extended period
of time.
In this presentation, we will cut through some of the hype
surrounding Advanced Persistent Threats (APTs), explain the
intricacies of these attacks and present recommendations to
help you improve your security posture through prevention,
detection and mitigation.
Research paper-a-synopsis-on-cyber-terrorism-and-warfare-by-shreedeep-rayamajhiShreedeep Rayamajhi
This Research was done as Part of the Diplo Foundation internet Governance Capacity Building program 2009. It deals with the basic Idea of Cyber warfare and terrorism and its impact on today's world. Cyber security has been an important issues where this research report highlights the vulnerabilities
A look at why Caribbean cyber security is important, Caribbean experiences achieving cyber security, why an effective strategy is critical and the importance of an effective Information Governance strategy.
Saigf 15 thematic-paper 7 - A case for multi-stakeholder partnerships for cri...Cade Zvavanjanja
Southern African Internet Governance Forum 2015
(SAIGF-15) Thematic Paper No. 7
“A Case for Multi-stakeholder partnerships for critical Internet resources
security in the SADC Region”
Produced by: Southern African Development Community (SADC) Secretariat
Prepared by: Mr. Cade Zvavanjanja
Abstract: With much of SADC‟s Member State‟s critical Internet resources being in the hands of both private and public sector, it seems a natural solution for industry,
Government, civic society and private citizens to work together in ensuring it is both secure and resilient. This cooperation in the form of Multi-stakeholder Partnerships (MPs) is needed in and among Member States and at different times, depending on the environment, culture and legal framework. There is no common definition of what constitutes a MP addressing this area. Diversity is strength when making networks and systems resilient, yet there also exist a need for interworking and a common understanding, especially when making a case for SADC view. There is also a need for a global view as there is a growing awareness for a truly global approach to Critical Internet resources security (CIRS). No country can create a CIRS approach in isolation, as there are no national boundaries on the Internet. The paper makes a case for MPs for CIRS in SADC while addressing the Why, Who, How, What and When questions associated with establishing and maintaining MPs for CIRS in SADC. It uses data from both public and private sector stakeholders across 14 SADC countries. This is not a prescriptive guide, but has a focus on clarity of purpose and approach so that stakeholders can easily choose those aspects that will add value to their endeavours in establishing and maintaining MPs.
BGF-UNESCO-at-UCLA conference - Madness - The dynamics of International Cyber...Boston Global Forum
This conference was an official event to establish the Global Citizenship Education Network (GCEN) between UNESCO, UCLA and the Boston Global Forum (BGF) . We had several important dialogues concerning Global Citizenship Education in Cyber Civil Defense
The C3i Group is a national-international outreach venture providing strategic leadership in Cybersecurity, Cybercrime, and Cyber Intelligence.
The C3i Group facilitates open dialog, communication, and information sharing among key public-private entities, enabling them to DISCOVER what is at cyber-counterintelligence risk, how to DEFEND against it, and how to ENSURE cyber-secure competitiveness in the digital global economy.
Cybersecurity in ASEAN and Singapore Columbia - Lecture for Columbia SIPA 202...Benjamin Ang
Lecture on cybersecurity in ASEAN and Singapore
- Definitions of cybersecurity in ASEAN (vs western definitions)
- Cyber threat landscape in ASEAN / types of cyber incidents and cyber crime in ASEAN
Why ASEAN is vulnerable
- Characteristics of ASEAN in cyberspace
non-interference, sovereignty
non-attribution of cyber attackers
- ASEAN cooperation in cyberspace
AMCC (ASEAN Ministers Cyber Conference)
ACICE (ADMM Cyber Info Centre of Excellence)
INTERPOL
Rutkowski OASIS CTI F2F Cybersecurity Act Preso 20160115James Bryce Clark
Shared with permission from author. Analysis from individual members of OASIS, presented at a recent meeting of the OASIS Cyber Threat Intelligence TC (the development platform for STIX/TAXII). Extracted from a broader set posted to: https://lists.oasis-open.org/archives/cti/201601/msg00000/_cybersecurity_act_reference-model_1.1.pptx
This information is provided for information, but does not represent the output or official views of OASIS or its technical committees..
Rutkowski OASIS CTI F2F Cybersecurity Act Preso 20160115
cyber terrorism
1. COMBATING CYBER TERRORISM
THROUGH AN EFFECTIVE SYSTEM OF
CYBER SECURITY COOPERATION
DR TUGHRAL YAMIN
ASSOCIATE DEAN CENTRE FOR INTERNATIONAL PEACE &
STABILITY (CIPS)
NATIONAL UNIVERSITY FOR SCIENCES TECHNOLOGY (NUST)
ISLAMABAD
tughralyamin.wordpress.com
www.islamabadcalling.com
COUNTER TERRORISM
EXPERTS CONFERENCE
13-14 OCTOBER 2015
CENTER OF EXCELLENCE
DEFENSE AGAINST
TERRORISM
2. MAIN POINTS OF MY PRESENTATION
• TERRORISM IS CONSIDERED
ILLEGAL ACTIVITY
INTERNATIONALLY,
REGIONALLY & NATIONALLY
• CYBERSPACE IS
INCREASINGLY BEING USED
FOR TERRORIST ACTIVITIES
• VERY LITTLE CYBER
SECURITY COOPERATION
AMONG NATIONS, GROUPS
& ALLIANCES ON ISSUES
RELATED TO CYBER
SECURITY
TERRORISM
C
Y
B
E
R
S
P
A
C
E
CYBER
COOP
3. DEFINITION OF TERRORISM
TO CAUSE OR SPREAD
TERROR IN PURSUIT OF
POLITICAL AIMS
THROUGH
UNAUTHORIZED USE OF
VIOLENCE &
INTIMIDATION
SOURCE: US DEPARTMENT OF STATE
COUNTRY REPORTS ON TERRORISM 2012
6. INTERNATIONAL TREATIES ON
TERRORISM
• SOUTH ASIAN ASSOCIATION FOR REGIONAL COOPERATION
REGIONAL CONVENTION (SAARC) ON SUPPRESSION OF TERRORISM
(1987)
• ARAB CONVENTION ON THE SUPPRESSION OF TERRORISM (1998)
• TREATY ON COOPERATION AMONG STATES MEMBERS OF THE
COMMONWEALTH OF INDEPENDENT STATES (CIS) IN COMBATING
TERRORISM (1999)
• CONVENTION OF THE ORGANIZATION OF THE ISLAMIC
CONFERENCE (OIC) ON COMBATING INTERNATIONAL TERRORISM
(1999)
• ORGANIZATION OF AFRICAN UNITY (AU) CONVENTION ON THE
PREVENTION AND COMBATING OF TERRORISM (1999)
• INTER-AMERICAN CONVENTION AGAINST TERRORISM (2002)
• ASSOCIATION OF SOUTHEAST ASIAN NATIONS (ASEAN)
CONVENTION ON COUNTER TERRORISM (2007)
7. INTERNET & THE REVOLUTION IN
MILITARY AFFAIRS
GENERAL
COLONEL MAJOR CAPTAIN SOLDIER
8. INTERNET HAS INCREASED THE
TERRORIST OUTREACH
TERRORIST
MASTERMIND
SYMPATHI
SERS
RECRUITS
FINANCIERS
9. CYBER TERRORISM, CYBER WARFARE
& CYBER WARFARE
• CYBER TERRORISM –
BY NON STATE
ACTORS
• CYBER CRIME – BY
CRIMINALS
• CYBER WARFARE –
AMONG STATES
CYBER
TERRORISM
CYBER CRIME
CYBER WARFARE
10. USE OF INTERNET BY TERRORISTS
• RADICALIZATION & RECRUITMENT
• PROPAGANDA & HATE SPEECH
• FUND RAISING & TRANSFEREING OF
FUNDS
• MEANS OF COMMUNICATION
• TRAINING & PLANNING
11. RECRUITMENT, TRAINING,
PROPAGANDA & COMMUNICATION VIA
THE INTERNET
• EXTREMISTS USE CHAT
ROOMS, DEDICATED SERVERS,
WEBSITES & SOCIAL
NETWORKING TOOLS
• YOUTUBE CHANNELS &
FACEBOOK PAGES OF
EXTREMIST SUPPORTERS
MOTIVATE & TRAIN YOUNG
PEOPLE FOR TERRORIST
ACTIVITY
• THESE ALSO PROVIDE A MEANS
FOR COMMUNICATION
BETWEEN LONE WOLF ACTORS
& LARGER ORGANIZED
NETWORKS OF TERRORISTS
12.
13. FUND RAISING
• SOLICITING DONATIONS ON
THE INTERNET
• ONLINE DONATIONS FROM
RELIGIOUS & IDEOLOGICAL
GROUPS
• ONLINE DONATIONS TO
CHARITIES & NGOs WITH
QUESTIONABLE
CREDENTIALS
• INTERNET FRAUD &
CYBERCRIME
14. CYBER SECURITY & CYBER SECURITY
COOPERATION
CYBER SECURITY
• THE BODY OF
TECHNOLOGIES, PROCESSES
& PRACTICES DESIGNED TO
PROTECT NETWORKS,
COMPUTERS, PROGRAMS
AND DATA FROM ATTACK,
DAMAGE OR
UNAUTHORIZED ACCESS
CYBER SECURITY COOPERATION
• AMONG COUNTRIES,
GROUPS & ALLIANCE
SYSTEMS IS NOT
– UNIFORM OR STANDARDISED
– IN SOME CASES IT IS ENTIRELY
MISSING
15. THE POSITION OF THE UN SECRETARY
GENERAL ON CYBER SECURITY
“THE INTERNET IS A PRIME EXAMPLE OF HOW
TERRORISTS CAN BEHAVE IN A TRULY
TRANSNATIONAL WAY; IN RESPONSE, STATES
NEED TO THINK AND FUNCTION IN AN
EQUALLY TRANSNATIONAL MANNER”
BAN KI-MOON
SECRETARY-GENERAL OF THE UN
16. UN POSITION ON CYBER SECURITY
COOPERATION
• IN 2013, THE UN GROUP OF GOVERNMENTAL
EXPERTS (GGE), COMPRISING FIFTEEN
COUNTRIES INCLUDING THE US, RUSSIA & CHINA
REACHED A LANDMARK AGREEMENT
• THAT THE SAME INTERNATIONAL LEGAL
PRINCIPLES, SUCH AS THE UN CHARTER AND THE
LAW OF STATE RESPONSIBILITY, THAT HAVE
PROMOTED PREDICTABILITY AND STABILITY
BETWEEN STATES DURING CONFLICT IN THE
KINETIC SPACE APPLY EQUALLY IN CYBERSPACE
17. CYBER COOPERATION AMONG
REGIONAL GROUPS/ALLIANCES
• ASEAN REGIONAL FORUM
• AFRICAN UNION
• ARAB LEAGUE
• ECOWAS
• ENISA
• NATO
• SCO
18. CYBER EUROPE
• EU AGENCY FOR NETWORK & INFORMATION SECURITYY (ENISA) FACILITATES THE
PROCESS OF PLANNING, CONDUCTING & EVALUATING PAN EUROPEAN CYBER
CRISIS COOPERATION EXERCISES
• AS PER THE NEW POLICY PLAN OF THE EUROPEAN COMMISSION, ENISA SUPPORTS
EU-WIDE CYBER SECURITY PREPAREDNESS EXERCISES AS ONE OF THE MAIN
ACTIONS OF THE DIGITAL AGENDA FOR EUROPE
• ENISA’S NEW PROPOSED MANDATE ALSO HIGHLIGHTS THE IMPORTANCE OF CYBER
SECURITY PREPAREDNESS EXERCISES IN ENHANCING TRUST & CONFIDENCE IN
ONLINE SERVICES ACROSS EUROPE
• IN THIS CONTEXT, ENISA ALSO FACILITATES THE PROCESS OF PLANNING,
CONDUCTING AND EVALUATING PAN-EUROPEAN EXERCISES
• IT HAS ORGANISED & CONDUCTED EXERCISES SUCH AS:
– CYBER EUROPE 2010. 1ST PAN EUROPEAN EXERCISE ON CRITICAL INFORMATION
INFRASTRUCTURE PROTECTION (CIIP), WAS ORGANISED BY EU MEMBER STATES WITH THE
SUPPORT FROM ENISA AND THE JOINT RESEARCH CENTRE (JRC) IN NOVEMBER 2010
– CYBER EUROPE 2012. 2ND PAN EUROPEAN CYBER SECURITY EXERCISE, WITH AMBITIOUS
OBJECTIVES TO DEVELOP TRUST & COOPERATION OF KEY ACTORS IN EUROPE IN THE AREA OF
CIIP
– CYBER EUROPE 2014. 3RD PAN EUROPEAN EXERCISE ORGANIZED BY ENISA WITH EU MEMBER
STATES AND EUROPEAN FREE TRADE ASSOCIATION (EFTA) COUNTRIES WAS THE LARGEST &
MOST COMPLEX EXERCISE ORGANISED IN EUROPE
• ENISA ALSO ORGANIZES WITH THIRD COUNTRIES JOINT ACTIVITY LIKE THE EU-US
CYBER ATLANTIC EXERCISE
20. NATO CYBER SECURITY PLAN
• INTEGRATES CYBER DEFENCE CONSIDERATIONS INTO NATO
STRUCTURES & PLANNING PROCESSES IN ORDER TO PERFORM
NATO’S CORE TASKS OF COLLECTIVE DEFENCE & CRISIS
MANAGEMENT
• FOCUS ON PREVENTION, RESILIENCE & DEFENCE OF CRITICAL
CYBER ASSETS TO NATO AND ALLIES
• DEVELOP ROBUST CYBER DEFENCE CAPABILITIES & CENTRALISE
PROTECTION OF NATO’S OWN NETWORKS
• DEVELOP MINIMUM REQUIREMENTS FOR CYBER DEFENCE OF
NATIONAL NETWORKS CRITICAL TO NATO’S CORE TASKS
• PROVIDE ASSISTANCE TO THE ALLIES TO ACHIEVE A MINIMUM
LEVEL OF CYBER DEFENCE AND REDUCE VULNERABILITIES OF
NATIONAL CRITICAL INFRASTRUCTURES
• ENGAGE WITH PARTNERS, INTERNATIONAL ORGANISATIONS, THE
PRIVATE SECTOR & ACADEMIA
21. SHANGHAI COOPERATION ORGANISATION
(SCO) STANCE ON CYBER SECURITY
• THE PRIMARY FOCUS OF SCO IS COUNTER TERRORISM
• IT CONSIDERS INFORMATION AND CYBER SECURITY A UNIVERSAL CONCERN OF
THE INTERNATIONAL COMMUNITY, WITH PRIVACY OF CITIZENS AND NATIONAL
SOVEREIGNTY BEING VIOLATED ON A LARGE SCALE IN THE CYBER WORLD
• RUSSIAN RESOLUTION ON THE DEVELOPMENTS IN THE FIELD OF INFORMATION &
TELECOMMUNICATIONS IN THE CONTEXT OF INTERNATIONAL SECURITY (1998)
ADOPTED WITHOUT A VOTE BY UN GENERAL ASSEMBLY RESOLUTION 53/70
• SINCE THEN THERE HAVE BEEN ANNUAL RESOLUTIONS CALLING FOR THE VIEWS
OF UN MEMBER STATES ON THE ISSUE OF INFORMATION SECURITY
• IN JUNE 2009, AN AGREEMENT AMONG THE GOVERNMENTS OF SCO MEMBER
STATES ON COOPERATION IN THE FIELD OF ENSURING INTERNATIONAL
INFORMATION SECURITY WAS CONCLUDED AT YEKATERINBURG
• ON 12 SEPTEMBER 2011, FOUR MEMBERS OF THE SCO SUBMITTED A DRAFT
INTERNATIONAL CODE OF CONDUCT FOR INFORMATION SECURITY TO THE UN
GENERAL ASSEMBLY
• IN 2015, AN EXPANDED GROUP OF SIX MEMBERS SUBMITTED A NEW DRAFT TO
THE UN GENERAL ASSEMBLY
22. SCO ON CYBER SECURITY
• IN SEPTEMBER 2011, CHINA, TOGETHER WITH RUSSIA,
TAJIKISTAN AND UZBEKISTAN, SUBMITTED TO THE 66TH
SESSION OF THE UN GENERAL ASSEMBLY AN “INTERNATIONAL
CODE OF CONDUCT FOR INFORMATION SECURITY,” WHICH
ATTRACTED INTERNATIONAL ATTENTION & PROMOTED THE
FORMULATION PROCESS OF SUCH NORMS & RULES
• IN JANUARY 2015 CHINA, KAZAKHSTAN, KYRGYZSTAN, RUSSIA,
TAJIKISTAN, AND UZBEKISTAN, THE SIX MEMBERS OF SCO,
PROPOSED AN UPDATED DRAFT OF INTERNATIONAL CODE OF
CONDUCT FOR INFORMATION SECURITY TO THE UN
• THE DRAFT CALLED ON NATIONS TO FURTHER DISCUSS THE
TOPIC UNDER THE UN FRAMEWORK AND REACH AT AN EARLY
DATE AN AGREEMENT ON INTERNATIONAL CODE OF
CONDUCT TO REGULATE INFORMATION AND CYBERSPACE
ACTIVITIES.
23. PROPOSED CYBER SECURITY
COOPERATION AMONG REGIONAL
GROUPS
ASIA PACIFIC HUB
CENTRAL ASIAN
HUB
SOUTH ASIAN
HUB
CYBER SECURITY
INTERNATIONAL
HUB
25. ADVANTAGES IN REGIONAL
COOPERATION
• TRUST BUILDING
• SYNERGY IN JOINT COUNTER TERRORISM
• SHARING OF BEST PRACTICES
• ISOLATING TERRORISTS
• ELIMINATING THE POSSIBILITY OF ATTACKS ON
CRITICAL INFRASTRUCTURE
26. PROBLEMS IN REGIONAL CYBER
SECURITY COOPERATION
DIFFERING:
• FOREIGN POLICY OBJECTIVES
• NATIONAL CYBER SECURITY PREFERENCES
• ALLIANCE BIASES
• PERCEPTIONS ABOUT INTERNET
GOVERNANCE, CENSORSHIP ETC