Το Ελληνικό Ινστιτούτο Στρατηγικών Μελετών (ΕΛΙΣΜΕ) και η Ερευνητική Ομάδα Maritime and Seapower Analysis Group (MSAG)
στην Εσπερίδα 'Νέες Τεχνολογίες και Απειλές στο Θαλάσσιο Περιβάλλον: Internet of Things & Κυβερνοπόλεμος’
την Πέμπτη 7 Νοεμβρίου 2018 στο ΕΛΙΣΜΕ.
https://www.facebook.com/events/251980868801123/
Global legal confex, dubai, october 2015Rahul Garg
DUBAI, May 29, 2015: In this uncertain world of globalization and emerging markets, Dubai’s economic and cultural growth is supported by a legal and regulatory framework developed to encourage significant local and international business creativity. The willingness of international businesses to set up and operate in Dubai, and the success of local Dubai businesses is a clear indication of Dubai’s robust and dynamic legal and regulatory framework.
An Integrated Security System Optimises Global Port SecurityEES Africa (Pty) Ltd
Due to global developments, it is becoming increasingly important to enhance and optimise the security of ships and port facilities worldwide. Ports are having to progressively improve safety and security strategies and systems to maintain global security compliance.
Ports are evolving from mere transportation centres to centres directly involved in more complex, value-added activities such as cargo processing and logistics. This requires new processes, practices and technological advances in control, integration and connectivity.
Cyprus Oil & Gas 2nd Nat Gas June 20th to 21st 2013Andy Varoshiotis
The document summarizes information about the Cyprus Oil & Gas Association (COGA). COGA was founded under the auspices of the Cyprus Chamber of Commerce and Industry to serve companies in Cyprus' oil and gas industry. Its objectives include promoting its members' interests, providing a forum for discussion, promoting cooperation and investment opportunities, and stimulating skills development in the industry. COGA organizes conferences and meetings for members and seeks to have a voice in industry developments in Cyprus.
Erinys Brochure (Subsidiary of RW Chelsea Group)Erica Jaffe
This document provides information about Erinys Iraq Limited, an internationally renowned security company operating in Iraq. It summarizes Erinys' services and experience, resources, health and safety practices, and social responsibility efforts. Erinys provides mobile and static security, risk consulting, safety training, and more. It has over a decade of experience in Iraq and employs over 600 local and international personnel with offices in Baghdad and Basra. The company aims to partner with clients to secure staff, facilities, and assets through local expertise and international standards.
This document provides an overview and summary of offshore business solutions available through V-Cube in Mauritius. It discusses several types of offshore structures that can be established including outsourcing companies, investment holding companies, trading companies, royalty companies, and asset protection companies. It highlights the tax benefits of establishing these different types of structures in Mauritius due to its network of double taxation treaties. The document also provides information on working, living, and retiring in Mauritius through various permit programs.
How to do International Business In DUBAI. Mac Donalds there.
History of Dubai, Legal Aspects, Trade and GDP information.
Trade and Business Set up information. About the Dubai Geography, culture, current trends and Tremendous Growth.
Costa Concordia: what comes next?
Slides from the Lloyd's List Costa Conccordia webinar held on 27th January.
Webinar contents -
•Casualty trends at Costa Concordia and the cruise sector
•Who lies behind the corporate veil
•The entities behind the Costa brand name
•What the vessel movements data tells us
•What lies ahead on the story
This document provides an overview of maritime cyber security and risks. It begins with some definitions and opinions on the increasing issues around cyber attacks. Statistics are presented showing cyber attacks are rising in both impact and likelihood. Various cyber threats are described, from hacking and espionage to disruption. Specific issues for the maritime industry are then covered, such as the increasing digitization of vessels and challenges around crew connectivity and access to the internet. The differences between information technology (IT) and operational technology (OT) are also discussed in the context of maritime cyber security.
Global legal confex, dubai, october 2015Rahul Garg
DUBAI, May 29, 2015: In this uncertain world of globalization and emerging markets, Dubai’s economic and cultural growth is supported by a legal and regulatory framework developed to encourage significant local and international business creativity. The willingness of international businesses to set up and operate in Dubai, and the success of local Dubai businesses is a clear indication of Dubai’s robust and dynamic legal and regulatory framework.
An Integrated Security System Optimises Global Port SecurityEES Africa (Pty) Ltd
Due to global developments, it is becoming increasingly important to enhance and optimise the security of ships and port facilities worldwide. Ports are having to progressively improve safety and security strategies and systems to maintain global security compliance.
Ports are evolving from mere transportation centres to centres directly involved in more complex, value-added activities such as cargo processing and logistics. This requires new processes, practices and technological advances in control, integration and connectivity.
Cyprus Oil & Gas 2nd Nat Gas June 20th to 21st 2013Andy Varoshiotis
The document summarizes information about the Cyprus Oil & Gas Association (COGA). COGA was founded under the auspices of the Cyprus Chamber of Commerce and Industry to serve companies in Cyprus' oil and gas industry. Its objectives include promoting its members' interests, providing a forum for discussion, promoting cooperation and investment opportunities, and stimulating skills development in the industry. COGA organizes conferences and meetings for members and seeks to have a voice in industry developments in Cyprus.
Erinys Brochure (Subsidiary of RW Chelsea Group)Erica Jaffe
This document provides information about Erinys Iraq Limited, an internationally renowned security company operating in Iraq. It summarizes Erinys' services and experience, resources, health and safety practices, and social responsibility efforts. Erinys provides mobile and static security, risk consulting, safety training, and more. It has over a decade of experience in Iraq and employs over 600 local and international personnel with offices in Baghdad and Basra. The company aims to partner with clients to secure staff, facilities, and assets through local expertise and international standards.
This document provides an overview and summary of offshore business solutions available through V-Cube in Mauritius. It discusses several types of offshore structures that can be established including outsourcing companies, investment holding companies, trading companies, royalty companies, and asset protection companies. It highlights the tax benefits of establishing these different types of structures in Mauritius due to its network of double taxation treaties. The document also provides information on working, living, and retiring in Mauritius through various permit programs.
How to do International Business In DUBAI. Mac Donalds there.
History of Dubai, Legal Aspects, Trade and GDP information.
Trade and Business Set up information. About the Dubai Geography, culture, current trends and Tremendous Growth.
Costa Concordia: what comes next?
Slides from the Lloyd's List Costa Conccordia webinar held on 27th January.
Webinar contents -
•Casualty trends at Costa Concordia and the cruise sector
•Who lies behind the corporate veil
•The entities behind the Costa brand name
•What the vessel movements data tells us
•What lies ahead on the story
This document provides an overview of maritime cyber security and risks. It begins with some definitions and opinions on the increasing issues around cyber attacks. Statistics are presented showing cyber attacks are rising in both impact and likelihood. Various cyber threats are described, from hacking and espionage to disruption. Specific issues for the maritime industry are then covered, such as the increasing digitization of vessels and challenges around crew connectivity and access to the internet. The differences between information technology (IT) and operational technology (OT) are also discussed in the context of maritime cyber security.
Czwarte wydanie magazynu GLOBAL poświęcone zostało właściwemu zabezpieczeniu obiektów przemysłowych oraz obiektów wysokiego ryzyka, które w szczególny sposób narażone są na ataki terrorystyczne. W numerze znalazły się również informacje dotyczące drzwi bezpieczeństwa produkowanych przez Gunnebo.
In this edition, Global talks to experts about the evolving threat faced by public areas and critical infrastructure sites. “Many more types of site are seen as potential terrorist targets and are therefore vulnerable,” says French security specialist, Jean-Charles Proskuryn. Global asks what approach should be taken.
Evolution of cyber threats and the development of new security architectureEY
EY presented at the 22 World Petroleum Congress, focusing on the current cyber threats for oil and gas companies, the impact of new security architecture and the rise of IIOT.
Get Ahead of Cyber Security by Tiffy Issac, Partner EY IndiaRahul Neel Mani
Internet of Things “IoT” can be defined as physical objects that connect to the internet through embedded systems and sensors, interacting with it to generate meaningful results and convenience to the end-user community. According to industry estimates, machine-to-machine communications
alone will generate approximately US$900 billion in revenues by 2020.
Cybersecurity - Dominic Nessi, Former CIO, Los Angeles World AirportsSITA
In the digital age of air transport – with its ever-more connected industry operations, passengers and aircraft – air transport faces a constant threat of cyber attacks, both on the critical infrastructure that keeps the wheels of air travel in motion, and on passenger data. The spotlight on threat intelligence, identity protection, data privacy and security in air transport has never been more intense. As we navigate deepening ‘lakes’ of data to become smarter at every step, how do we protect our operations and passengers, ensuring the utmost security and resilience across the air transport community?
The document is a technical report on information security breaches from a 2013 survey. Some key findings:
- Security breaches affecting UK businesses reached their highest levels, with over 90% of large organizations and 60% of small businesses experiencing a breach.
- Both external attacks from criminals/hackers and insider threats are significant issues. Large businesses now face attacks every few days on average.
- Small businesses are also seeing increasing attacks, with over 80% hit with denial-of-service attacks and 15% having networks successfully penetrated.
- The costs of breaches also increased, with companies experiencing about 50% more breaches on average than the previous year.
1) Ethnos provides IT security products and solutions to protect organizations from cyber threats through security appliances, services, and training.
2) They offer regulatory compliance services to help clients meet standards like PCI DSS and ISO.
3) Ethnos works with over 15 global security partners to deliver a comprehensive suite of solutions addressing threats across networks, data, and applications.
This document announces the 3rd Annual Chief Information Security Officer Middle East Summit & Roundtable to be held January 31-February 2, 2011 in Dubai, UAE. The event brings together CISOs and IT security professionals from business and government to share best practices for addressing rapidly changing security challenges in the Middle East region. The agenda includes keynote speeches and panels on topics such as securing mobility solutions, data breaches, identity management, cloud security, and emerging cyber threats. Attendees will have opportunities to network and benchmark security strategies with international peers.
In 2015 alone, hackers stole the records of - 11 million people from Premiere Blue Cross- 10 million people from Excellus BlueCross BlueShield- 80 million people from Anthem. We review the challenges, trends and opportunity of the cyberspace wars. Presented to APICS Ventura on March 8, 2016 by Gerry Poe - CEO of Santa Clarita Consultants. http://www.scc-co.com
1. Cybercrime costs the Dutch economy around €10 billion annually, or 1.5% of GDP, through value lost.
2. The report estimates potential "worst case" losses from cyber risks, known as Cyber Value at Risk (VaR), and finds it is typically 8 times higher than expected losses for large Dutch organizations.
3. The sectors facing the highest cyber risks are identified as Technology & Electronics, Defense & Aerospace, Public, and Banking. Technology & Electronics and Defense & Aerospace face the highest Cyber VaR at around 17% of income.
1. Cybercrime costs the Dutch economy around €10 billion annually, or 1.5% of GDP, in expected losses. The potential losses in a worst case scenario are typically 8 times higher.
2. The sectors facing the highest cyber risks are technology & electronics, defense & aerospace, public, and banking. Losses from disrupted systems and reduced control over assets are significant but often undetected.
3. Cyber espionage results in losses of intellectual property and strategic information, especially impacting technology & electronics and defense & aerospace. The report encourages organizations to quantify cyber risks, improve collaboration on cyber defense, and responsibly share cyber risk information.
The document discusses cybersecurity trends in South Africa. Some key points:
1. South Africa has a growing cybersecurity market due to increasing digital transformation and cyber attacks targeting sectors like financial services and healthcare.
2. The cybersecurity market in South Africa is expected to grow from $667 million in 2017 to over $1 billion by 2022, as enterprises allocate more of their IT budgets to security.
3. Common causes of data breaches in South Africa include malicious attacks and human errors, with the financial cost estimated to be around $200 million per year.
The document discusses the evolving cyber landscape and its impact on organizations. It notes that there has been a general increase in the volume and complexity of cyber threats from various actors. Additionally, it highlights that most organizations have little response capability to cyber incidents and lack recovery plans. The presentation outlines steps the Jersey Financial Services Commission is taking to enhance its cybersecurity, including developing new online platforms and services with security built-in, maintaining infrastructure through patching and monitoring, and educating employees on cybersecurity best practices. It also raises questions about establishing common cybersecurity standards for Jersey's financial services sector.
The document outlines an information security workshop presentation on the scope and importance of information security. It discusses 10 key domains of information security knowledge including access control, application security, risk management, cryptography, operations security, physical security, security architecture, telecommunications, and networks. The presenter has 10 years of IT consulting experience and various security certifications. The goals are to raise awareness of information security and the need for regional cooperation such as a Pacific Computer Emergency Response Team.
EY Principal and Cyber Threat Management Leader Anil Markose shows you best practices for cyber risk management and how to sense, resist, and react to cyber attacks on your company.
The presentation discusses the increasing risk of cyber attacks against the maritime sector. It notes that ships now rely heavily on computerized systems for navigation, cargo handling, and operations that may be vulnerable to attack. A successful cyber attack could endanger lives, damage ships or infrastructure, and cause significant economic losses by disrupting operations or cargo. While previous attacks were often financially motivated, modern threats increasingly aim to cause physical damage by hacking industrial control systems. The maritime sector is at high risk due to its reliance on computer networks and accessibility of critical onboard systems and infrastructure.
This document provides an overview of Ukraine's growing tech ecosystem. It discusses Ukraine's status as a digital state with nearly universal public services online. Ukraine has over 5000 IT companies and 240,000 IT specialists, representing 10% of the country's GDP. Kyiv is ranked as the number one outsourcing destination in Eastern Europe. Ukraine also has initiatives like DIIA City that provide a special legal framework to attract IT businesses with benefits like tax incentives and IP protections. The document highlights several Ukrainian tech companies that have found success, as well as organizations supporting the ecosystem like the European Business Association and Ukrainian Startup Fund. It argues that Ukraine has strong potential for future growth in the tech sector due to its talented workforce.
This document provides an overview of Ukraine's growing tech ecosystem. It discusses Ukraine's status as a digital state with nearly universal public services online. Ukraine has over 5000 IT companies and 240,000 IT specialists, representing 10% of the country's GDP. Kyiv is becoming a major tech hub in Europe, with a large pool of talented developers working for global companies. The document highlights several Ukrainian tech companies that have found success, as well as organizations supporting the ecosystem like the European Business Association and Ukrainian Startup Fund. It also introduces special economic zones like DIIA City that provide benefits for the IT industry. Overall, the document portrays Ukraine's tech sector as a hidden gem with promising opportunities for continued growth.
Developing a contingency plan and avoiding disruptions from a security breach involves the following steps:
1. Conduct a threat assessment to identify potential risks to the supply chain from security breaches.
2. Identify core business functions and conduct a business impact analysis to understand how disruptions could affect the business.
3. Apply prevention and mitigation measures by researching best practices, utilizing standards for business continuity and supply chain security, implementing supplier oversight and cargo controls, and vetting the supplier base.
4. Implement tests of the contingency plan and maintain the plan to ensure it remains effective over time.
Ο κ. Γεώργιος Τσόγκας, Υποναύαρχος ε.α. ΠΝ · Μέλος ΕΛΙΣΜΕ,
στην Ομιλία «Οι Σχέσεις Ευρωπαϊκής Ένωσης και ΝΑΤΟ»
την Πέμπτη 27/2/2020, στο Ελληνικό Ινστιτούτο Στρατηγικών Μελετών.
Εκδήλωση Facebook: https://www.facebook.com/events/201111964339462/
Ο κ. Γεώργιος Δουδούμης, Πρ. Οικονομικός Πρέσβης · Συγγραφέας · Μέλος ΔΣ, ΕΛΙΣΜΕ,
στη Γεωπολιτική ενημέρωση των μελών και φίλων του ΕΛΙΣΜΕ
την Πέμπτη 9/1/2020,
στο Ελληνικό Ινστιτούτο Στρατηγικών Μελετών (η παρουσίαση).
More Related Content
Similar to ΕΛΙΣΜΕ MSAG 20181107 Φώτης Σοφρώνης ‘Cyber Security στο Θαλάσσιο Περιβάλλον’
Czwarte wydanie magazynu GLOBAL poświęcone zostało właściwemu zabezpieczeniu obiektów przemysłowych oraz obiektów wysokiego ryzyka, które w szczególny sposób narażone są na ataki terrorystyczne. W numerze znalazły się również informacje dotyczące drzwi bezpieczeństwa produkowanych przez Gunnebo.
In this edition, Global talks to experts about the evolving threat faced by public areas and critical infrastructure sites. “Many more types of site are seen as potential terrorist targets and are therefore vulnerable,” says French security specialist, Jean-Charles Proskuryn. Global asks what approach should be taken.
Evolution of cyber threats and the development of new security architectureEY
EY presented at the 22 World Petroleum Congress, focusing on the current cyber threats for oil and gas companies, the impact of new security architecture and the rise of IIOT.
Get Ahead of Cyber Security by Tiffy Issac, Partner EY IndiaRahul Neel Mani
Internet of Things “IoT” can be defined as physical objects that connect to the internet through embedded systems and sensors, interacting with it to generate meaningful results and convenience to the end-user community. According to industry estimates, machine-to-machine communications
alone will generate approximately US$900 billion in revenues by 2020.
Cybersecurity - Dominic Nessi, Former CIO, Los Angeles World AirportsSITA
In the digital age of air transport – with its ever-more connected industry operations, passengers and aircraft – air transport faces a constant threat of cyber attacks, both on the critical infrastructure that keeps the wheels of air travel in motion, and on passenger data. The spotlight on threat intelligence, identity protection, data privacy and security in air transport has never been more intense. As we navigate deepening ‘lakes’ of data to become smarter at every step, how do we protect our operations and passengers, ensuring the utmost security and resilience across the air transport community?
The document is a technical report on information security breaches from a 2013 survey. Some key findings:
- Security breaches affecting UK businesses reached their highest levels, with over 90% of large organizations and 60% of small businesses experiencing a breach.
- Both external attacks from criminals/hackers and insider threats are significant issues. Large businesses now face attacks every few days on average.
- Small businesses are also seeing increasing attacks, with over 80% hit with denial-of-service attacks and 15% having networks successfully penetrated.
- The costs of breaches also increased, with companies experiencing about 50% more breaches on average than the previous year.
1) Ethnos provides IT security products and solutions to protect organizations from cyber threats through security appliances, services, and training.
2) They offer regulatory compliance services to help clients meet standards like PCI DSS and ISO.
3) Ethnos works with over 15 global security partners to deliver a comprehensive suite of solutions addressing threats across networks, data, and applications.
This document announces the 3rd Annual Chief Information Security Officer Middle East Summit & Roundtable to be held January 31-February 2, 2011 in Dubai, UAE. The event brings together CISOs and IT security professionals from business and government to share best practices for addressing rapidly changing security challenges in the Middle East region. The agenda includes keynote speeches and panels on topics such as securing mobility solutions, data breaches, identity management, cloud security, and emerging cyber threats. Attendees will have opportunities to network and benchmark security strategies with international peers.
In 2015 alone, hackers stole the records of - 11 million people from Premiere Blue Cross- 10 million people from Excellus BlueCross BlueShield- 80 million people from Anthem. We review the challenges, trends and opportunity of the cyberspace wars. Presented to APICS Ventura on March 8, 2016 by Gerry Poe - CEO of Santa Clarita Consultants. http://www.scc-co.com
1. Cybercrime costs the Dutch economy around €10 billion annually, or 1.5% of GDP, through value lost.
2. The report estimates potential "worst case" losses from cyber risks, known as Cyber Value at Risk (VaR), and finds it is typically 8 times higher than expected losses for large Dutch organizations.
3. The sectors facing the highest cyber risks are identified as Technology & Electronics, Defense & Aerospace, Public, and Banking. Technology & Electronics and Defense & Aerospace face the highest Cyber VaR at around 17% of income.
1. Cybercrime costs the Dutch economy around €10 billion annually, or 1.5% of GDP, in expected losses. The potential losses in a worst case scenario are typically 8 times higher.
2. The sectors facing the highest cyber risks are technology & electronics, defense & aerospace, public, and banking. Losses from disrupted systems and reduced control over assets are significant but often undetected.
3. Cyber espionage results in losses of intellectual property and strategic information, especially impacting technology & electronics and defense & aerospace. The report encourages organizations to quantify cyber risks, improve collaboration on cyber defense, and responsibly share cyber risk information.
The document discusses cybersecurity trends in South Africa. Some key points:
1. South Africa has a growing cybersecurity market due to increasing digital transformation and cyber attacks targeting sectors like financial services and healthcare.
2. The cybersecurity market in South Africa is expected to grow from $667 million in 2017 to over $1 billion by 2022, as enterprises allocate more of their IT budgets to security.
3. Common causes of data breaches in South Africa include malicious attacks and human errors, with the financial cost estimated to be around $200 million per year.
The document discusses the evolving cyber landscape and its impact on organizations. It notes that there has been a general increase in the volume and complexity of cyber threats from various actors. Additionally, it highlights that most organizations have little response capability to cyber incidents and lack recovery plans. The presentation outlines steps the Jersey Financial Services Commission is taking to enhance its cybersecurity, including developing new online platforms and services with security built-in, maintaining infrastructure through patching and monitoring, and educating employees on cybersecurity best practices. It also raises questions about establishing common cybersecurity standards for Jersey's financial services sector.
The document outlines an information security workshop presentation on the scope and importance of information security. It discusses 10 key domains of information security knowledge including access control, application security, risk management, cryptography, operations security, physical security, security architecture, telecommunications, and networks. The presenter has 10 years of IT consulting experience and various security certifications. The goals are to raise awareness of information security and the need for regional cooperation such as a Pacific Computer Emergency Response Team.
EY Principal and Cyber Threat Management Leader Anil Markose shows you best practices for cyber risk management and how to sense, resist, and react to cyber attacks on your company.
The presentation discusses the increasing risk of cyber attacks against the maritime sector. It notes that ships now rely heavily on computerized systems for navigation, cargo handling, and operations that may be vulnerable to attack. A successful cyber attack could endanger lives, damage ships or infrastructure, and cause significant economic losses by disrupting operations or cargo. While previous attacks were often financially motivated, modern threats increasingly aim to cause physical damage by hacking industrial control systems. The maritime sector is at high risk due to its reliance on computer networks and accessibility of critical onboard systems and infrastructure.
This document provides an overview of Ukraine's growing tech ecosystem. It discusses Ukraine's status as a digital state with nearly universal public services online. Ukraine has over 5000 IT companies and 240,000 IT specialists, representing 10% of the country's GDP. Kyiv is ranked as the number one outsourcing destination in Eastern Europe. Ukraine also has initiatives like DIIA City that provide a special legal framework to attract IT businesses with benefits like tax incentives and IP protections. The document highlights several Ukrainian tech companies that have found success, as well as organizations supporting the ecosystem like the European Business Association and Ukrainian Startup Fund. It argues that Ukraine has strong potential for future growth in the tech sector due to its talented workforce.
This document provides an overview of Ukraine's growing tech ecosystem. It discusses Ukraine's status as a digital state with nearly universal public services online. Ukraine has over 5000 IT companies and 240,000 IT specialists, representing 10% of the country's GDP. Kyiv is becoming a major tech hub in Europe, with a large pool of talented developers working for global companies. The document highlights several Ukrainian tech companies that have found success, as well as organizations supporting the ecosystem like the European Business Association and Ukrainian Startup Fund. It also introduces special economic zones like DIIA City that provide benefits for the IT industry. Overall, the document portrays Ukraine's tech sector as a hidden gem with promising opportunities for continued growth.
Developing a contingency plan and avoiding disruptions from a security breach involves the following steps:
1. Conduct a threat assessment to identify potential risks to the supply chain from security breaches.
2. Identify core business functions and conduct a business impact analysis to understand how disruptions could affect the business.
3. Apply prevention and mitigation measures by researching best practices, utilizing standards for business continuity and supply chain security, implementing supplier oversight and cargo controls, and vetting the supplier base.
4. Implement tests of the contingency plan and maintain the plan to ensure it remains effective over time.
Ο κ. Γεώργιος Τσόγκας, Υποναύαρχος ε.α. ΠΝ · Μέλος ΕΛΙΣΜΕ,
στην Ομιλία «Οι Σχέσεις Ευρωπαϊκής Ένωσης και ΝΑΤΟ»
την Πέμπτη 27/2/2020, στο Ελληνικό Ινστιτούτο Στρατηγικών Μελετών.
Εκδήλωση Facebook: https://www.facebook.com/events/201111964339462/
Ο κ. Γεώργιος Δουδούμης, Πρ. Οικονομικός Πρέσβης · Συγγραφέας · Μέλος ΔΣ, ΕΛΙΣΜΕ,
στη Γεωπολιτική ενημέρωση των μελών και φίλων του ΕΛΙΣΜΕ
την Πέμπτη 9/1/2020,
στο Ελληνικό Ινστιτούτο Στρατηγικών Μελετών (η παρουσίαση).
Ο κ. Γεώργιος Δουδούμης, Πρ. Οικονομικός Πρέσβης · Συγγραφέας · Μέλος ΔΣ, ΕΛΙΣΜΕ,
στη Γεωπολιτική ενημέρωση των μελών και φίλων του ΕΛΙΣΜΕ
την Πέμπτη 9/1/2020,
στο Ελληνικό Ινστιτούτο Στρατηγικών Μελετών (το κείμενο).
Οι κ. Πολυκλέτα Αθανασιάδου και Όλγα Γιαλή, Ερευνήτριες,
στην Ομιλία «Οι Ενεργειακές Ισορροπίες στην Κασπία και Πιθανότητες Κατασκευής του TCP»
την Πέμπτη 31/10/2019 18:30, στο Ελληνικό Ινστιτούτο Στρατηγικών Μελετών.
Εκδήλωση Facebook: https://www.facebook.com/events/807694226327063/
Ο κ. Ιωάννης Μπαλτζώης, Αντιστράτηγος ε.α. · μέλος ΔΣ ΕΛΙΣΜΕ,
στη Γεωπολιτική ενημέρωση των μελών και φίλων του ΕΛΙΣΜΕ
την Πέμπτη 31/10/2019,
στο Ελληνικό Ινστιτούτο Στρατηγικών Μελετών.
Ο κ. Ιωάννης Μπαλτζώης, Αντιστράτηγος ε.α. · μέλος ΔΣ ΕΛΙΣΜΕ,
στη Γεωπολιτική ενημέρωση των μελών και φίλων του ΕΛΙΣΜΕ
την Πέμπτη 12/9/2019 12:00,
στο Ελληνικό Ινστιτούτο Στρατηγικών Μελετών
Ο κ. Αλέξανδρος Δρίβας, Υποψήφιος Διδάκτορας «Ελληνοαμερικανικών Σχέσεων» · Γ.Γ., ΑΗΕΡΑ Solon HJ04 · ΤΘΣ, ΕΛΙΣΜΕ,
στην Ομιλία «Η αμερικανική εξωτερική πολιτική και ο άξονας του κακού στις μέρες μας»
την Πέμπτη 20/6/2019 19:00,
στο Ελληνικό Ινστιτούτο Στρατηγικών Μελετών.
Εκδήλωση Facebook: https://www.facebook.com/events/369364097262277/
Ο κ. Σταύρος Καλεντερίδης, Συγγραφέας · Αναλυτής,
στην Ομιλία «Πώς το Σύνταγμα επέτρεψε την υπογραφή της συμφωνίας των Πρεσπών»
την Πέμπτη 6/6/2019 19:00,
στο Ελληνικό Ινστιτούτο Στρατηγικών Μελετών.
Εκδήλωση Facebook: https://www.facebook.com/events/326303168048045/
Ο κ. Ιωάννης Μπαλτζώης, Αντιστράτηγος ε.α. · μέλος ΔΣ ΕΛΙΣΜΕ,
στη Γεωπολιτική ενημέρωση των μελών και φίλων του ΕΛΙΣΜΕ
την Πέμπτη 9/5/2019 12:00,
στο Ελληνικό Ινστιτούτο Στρατηγικών Μελετών
Ο κ. Ζήσης Κύργος, Απόφοιτος ΣΥΔ/ΠΑ · Φοιτητής, Πανεπιστήμιο του Μπόλτον,
στην Ομιλία «Νομική Προσέγγιση για τη Συνδρομή των Ε.Δ. στην Εσωτερική Εθνική Ασφάλεια»
την Πέμπτη 14/3/2019 12:00, στο Ελληνικό Ινστιτούτο Στρατηγικών Μελετών.
Εκδήλωση Facebook: https://www.facebook.com/events/809715146077184/
Ο κ. Χρήστος Μαλτέζος, Συγγραφέας,
στην Ομιλία «Η Νανοτεχνολογία σε προχωρημένα Οπλικά Συστήματα»
την Πέμπτη 21/2/2019 18:30, στο Ελληνικό Ινστιτούτο Στρατηγικών Μελετών.
📅 Εκδήλωση Facebook: https://www.facebook.com/events/250788259151098/
Ο κ. Ξενοφών Χαλάτσης, Νομικός · Συγγραφέας,
στην Ομιλία «Η Κρίση στο Μάλι το 2012. Τρέχουσα κατάσταση - Προοπτικές»
την Πέμπτη 7/2/2019 12:00,
στο Ελληνικό Ινστιτούτο Στρατηγικών Μελετών,
Νίκης 11 4ος όρ., Σύνταγμα, 105 57 Αθήνα.
Εκδήλωση Facebook: https://www.facebook.com/events/800968933591608/
Jennifer Schaus and Associates hosts a complimentary webinar series on The FAR in 2024. Join the webinars on Wednesdays and Fridays at noon, eastern.
Recordings are on YouTube and the company website.
https://www.youtube.com/@jenniferschaus/videos
Jennifer Schaus and Associates hosts a complimentary webinar series on The FAR in 2024. Join the webinars on Wednesdays and Fridays at noon, eastern.
Recordings are on YouTube and the company website.
https://www.youtube.com/@jenniferschaus/videos
Combined Illegal, Unregulated and Unreported (IUU) Vessel List.Christina Parmionova
The best available, up-to-date information on all fishing and related vessels that appear on the illegal, unregulated, and unreported (IUU) fishing vessel lists published by Regional Fisheries Management Organisations (RFMOs) and related organisations. The aim of the site is to improve the effectiveness of the original IUU lists as a tool for a wide variety of stakeholders to better understand and combat illegal fishing and broader fisheries crime.
To date, the following regional organisations maintain or share lists of vessels that have been found to carry out or support IUU fishing within their own or adjacent convention areas and/or species of competence:
Commission for the Conservation of Antarctic Marine Living Resources (CCAMLR)
Commission for the Conservation of Southern Bluefin Tuna (CCSBT)
General Fisheries Commission for the Mediterranean (GFCM)
Inter-American Tropical Tuna Commission (IATTC)
International Commission for the Conservation of Atlantic Tunas (ICCAT)
Indian Ocean Tuna Commission (IOTC)
Northwest Atlantic Fisheries Organisation (NAFO)
North East Atlantic Fisheries Commission (NEAFC)
North Pacific Fisheries Commission (NPFC)
South East Atlantic Fisheries Organisation (SEAFO)
South Pacific Regional Fisheries Management Organisation (SPRFMO)
Southern Indian Ocean Fisheries Agreement (SIOFA)
Western and Central Pacific Fisheries Commission (WCPFC)
The Combined IUU Fishing Vessel List merges all these sources into one list that provides a single reference point to identify whether a vessel is currently IUU listed. Vessels that have been IUU listed in the past and subsequently delisted (for example because of a change in ownership, or because the vessel is no longer in service) are also retained on the site, so that the site contains a full historic record of IUU listed fishing vessels.
Unlike the IUU lists published on individual RFMO websites, which may update vessel details infrequently or not at all, the Combined IUU Fishing Vessel List is kept up to date with the best available information regarding changes to vessel identity, flag state, ownership, location, and operations.
The Antyodaya Saral Haryana Portal is a pioneering initiative by the Government of Haryana aimed at providing citizens with seamless access to a wide range of government services
UN WOD 2024 will take us on a journey of discovery through the ocean's vastness, tapping into the wisdom and expertise of global policy-makers, scientists, managers, thought leaders, and artists to awaken new depths of understanding, compassion, collaboration and commitment for the ocean and all it sustains. The program will expand our perspectives and appreciation for our blue planet, build new foundations for our relationship to the ocean, and ignite a wave of action toward necessary change.
About Potato, The scientific name of the plant is Solanum tuberosum (L).Christina Parmionova
The potato is a starchy root vegetable native to the Americas that is consumed as a staple food in many parts of the world. Potatoes are tubers of the plant Solanum tuberosum, a perennial in the nightshade family Solanaceae. Wild potato species can be found from the southern United States to southern Chile
Synopsis (short abstract) In December 2023, the UN General Assembly proclaimed 30 May as the International Day of Potato.
RFP for Reno's Community Assistance CenterThis Is Reno
Property appraisals completed in May for downtown Reno’s Community Assistance and Triage Centers (CAC) reveal that repairing the buildings to bring them back into service would cost an estimated $10.1 million—nearly four times the amount previously reported by city staff.
ΕΛΙΣΜΕ MSAG 20181107 Φώτης Σοφρώνης ‘Cyber Security στο Θαλάσσιο Περιβάλλον’
1. The better the question. The better the answer.
The better the world works.
Maritime
Cyber Security
November 2018
Fotis Sofronis
Manager at EY Cybersecurity Services
2. Page 2
Maritime Industry
History
To transport the capacity of
a large container ship you
would need:
► 1,100 airplanes
► 35 trains
► 11,400 trucks
► Cargo ships have been used to transport commodities for over 3,000 years!!!
► 90% of world trade is carried by the maritime industry, a capacity increase of almost
20,000% in just 59 years
3. Page 3
“A ship in harbor is safe, but that is
not what ships are built for”
Grace Murray Hopper, pioneering computer
scientist and U.S. Navy Rear Admiral
5. Page 5
Maritime systems vulnerabilities
Vulnerable on-board systems include
► Propulsion and engine controls (ICS, SCADA,
Remote management)
► Cargo management (RFID, Tracking systems)
► Navigation and positioning systems (AIS GPS,
ECDIS)
► Communication systems (NavTex, VSAT, WII,
Email, VoIP)
► Crew and passenger management and welfare
systems
► Alarm and access control systems
► Cargo management systems (RFID, Tracking
systems, inspection systems)
► Cargo handling systems (ICS, SCADA)
► Ground systems for vessels (Mooring, tracking,
maintenance)
► Alarm and access control systems
► Passenger management systems
► Personnel and stevedore management systems
► Corporate IT systems (Email, intranet…)
Vulnerable port systems include
6. Page 6
Maritime cyber attacks
People
Propulsion
Cargo
Systems
Navigation
systems
On shore
systems
On board
(ship)
systems
Attack Surface
Maritime
cyber
attacks
Cyber-attack on
the Islamic
Republic of Iran
Shipping Lines –
The attacks damaged
all the data related to
rates, loading, cargo
number, date and
place resulting in
severe financial
losses.
APT attacks on
Japanese and South
Korean maritime and
shipbuilding groups
Malware was uploaded
into the main computing
system of the MODUFirst case of
ghost shipping -
Drug traffickers hacked
into the computer
controlling shipping
containers at the port of
Antwerp
Multiple
ransomware
cases in the
Greek market
7. Page 7
The cyber attack
Maersk
Imagine a company where a ship with 20,000 containers would enter a port every 15 minutes, and for ten days you have
no IT
MAERSK, 2017
► Hit by the malware NotPetya
► 76 port terminals closed around the world Cost to
the business USD $300m
► They went back to basics and did everything on
paper
8. Page 8
The cyber attack
Limassol - Cyprus
Shipping Company - Cyprus, 2015
► August 2015, received an email purportedly from their fuel supplier in Africa, requesting money
owed be paid to a different account than usual
► Shipping company complied, paid roughly $644,000
► Later received email from fuel company asking for payment
► Cyber crime (Interpol) has traced the money in Poland
9. Page 9
The cyber attack
Houston – Oil rig
Oil rig stability/security – Houston, 2013
► Hackers seized command of the petrochemical plant’s computerized control-and-safety system
► Infiltrated the safety system’s firmware and inserted a ‘Remote Access Trojan’ (RAT) which
allowed them to go inside the computer system and issue instructions via a hidden, electronic
“back door”
► Malicious software unintentionally downloaded by offshore oil workers through laptops and
USB drives, from online sources through satellite (pornography, music piracy)
10. Page 10
The cyber attack
Port of Antwerp - Brussels
Port of Antwerp – Brussels, 2013
► Hackers working with a drug-
smuggling gang repeatedly breached
digital tracking systems to locate
containers holding large quantities of
drugs
► Sneaked hackers into the docks'
offices and fitted special key-logging
devices onto computer terminals
► They then dispatched their own drivers
to retrieve the containers ahead of the
scheduled collection time.
The scam has echoes of a plot in the hit US crime thriller, The Wire, in which a drug smuggling gang at a port in the city
of Baltimore hire corrupt dockworkers to alter the computer records of containers with drugs planted in them.
11. Page 11
Global Information Security Survey
Maritime industry
► Careless or unaware employees
► Outdated information security
controls or architecture
► Unauthorized access
► Malware
► Cyber-attacks to steal financial
information
► Phishing
What are your prorities?
1 Cyber Resilience
2 Data leakage / data loss
prevention
3Security awareness
Top
Threats
Top
Vulns
Source: EY - Global Information Security Survey 2017-Transportation Sector results
44%
of responders
► Do not have any type of SOC function
► Do not have a threat intelligence program
► Do not have or have an informal vulnerability management program
87%
of board members and C-level
executives have said they lack
confidence in their organisation’s level
of cybersecurity
of responders say they need up
to 50% more budget
86%
of responders have had a
recent cybersecurity
incident
57%
12. Page 12
Global Information Security Survey
Maritime industry
► Ports, vessels and infrastructure becoming increasingly
connected
15. Page 15
EU Cyber Security
Strategy (COM)
eIDAs Directive –
article 19
EU Cloud Computing Strategy
and Partnership (COM)
Telecom Package –
article 13 a, art. 4
ENISA II – new mandate
The NIS Directive
EU’s CIIP action plan
General Data
Protection
Regulation (GDPR)
Digital Single Market Strategy
(DSM)
cPPP
16. Page 16
Emerging technologies
What to expect?
► IoT applications that improves the safety of ship operations and
improves crew well-being - applied to smart ships by 2019
► Block chain technology to improve operations in the global
supply chain by increasing data and information sharing (e.g.
smart contracts, increase security, cost saving, full transparency,
etc.) - joint venture between EY and Guardtime
► Crewless ships that will be computer controlled vessels by
2020. Safer, cheaper and less polluting
► R&D projects will include a new marine fleet management center
to allow remote monitoring and data analysis
► Big Data on fuel consumption, navigational information, system
performance, optimization
Ports increasingly rely on communications systems to keep operations running smoothly, and any IT glitches can create major disruptions for complex logistic supply chains.
Ships do not usually have the luxury of 50+Mb broadband: many share a single 64Kb Inmarsat connection between a number of onboard systems. This means that in the event of attack or infection, any files required to rebuild or repair an onboard PC-based system must be on the ship already, rather than having to be downloaded (something that could take a day using Inmarsat). Most vessels currently do not have operating system disks on board, let alone proprietary software, drivers or patches. This connectivity constraint also provides a single point of failure and vulnerability.
Maritime Industry is based on IT solutions with global interfaces to improve efficiency and international networking. Technical dimensions of shipping and of ships themselves are not depending on technology only for communication purposes. The progress of information technologies will definitely proceed and as a logical consequence, turn into complex risk scenarios which current
Ports increasingly rely on communications systems to keep operations running smoothly, and any IT glitches can create major disruptions for complex logistic supply chains.
Ships do not usually have the luxury of 50+Mb broadband: many share a single 64Kb Inmarsat connection between a number of onboard systems. This means that in the event of attack or infection, any files required to rebuild or repair an onboard PC-based system must be on the ship already, rather than having to be downloaded (something that could take a day using Inmarsat). Most vessels currently do not have operating system disks on board, let alone proprietary software, drivers or patches. This connectivity constraint also provides a single point of failure and vulnerability.
Cyber threat actors
Hactivism: promote a political agenda or a social change
Cyber terrorism: the politically motivated use of computers and information technology to cause severe disruption or widespread fear
Much of that is due to laxity in security practices. Ninety-nine percent of successful attacks on maritime system are through known but unpatched system vulnerabilities.
Security is often limited to protecting system perimeters, with thought rarely given to detecting intruders who have penetrated the perimeter or stopping them from penetrating further.
Σύστημα πρόωσης
Much of that is due to laxity in security practices. Ninety-nine percent of successful attacks on maritime system are through known but unpatched system vulnerabilities.
Security is often limited to protecting system perimeters, with thought rarely given to detecting intruders who have penetrated the perimeter or stopping them from penetrating further.
There were no indications that GPS and other electronic navigation aids were affected by this week’s attack, but security specialists say such systems are vulnerable to signal loss from deliberate jamming by hackers.
Last year, South Korea said hundreds of fishing vessels had returned early to port after its GPS signals were jammed by North Korea, which denied responsibility.
Icefog: Kaspersky revealed virus from 2001 to 2013 on Japanese and Korean Assets. Targets of the phishing included “governmental institutions, military contractors, maritime and shipbuilding groups, telecom operators, industrial and high-tech companies and mass media
Ghost Shipping: Between 2011 and 2013, Dutch drug traffickers employed computer savvy counterparts to hide cocaine inside containers enroute to the Port of Antwerp by infiltrating networks responsible for managing what was inside each TEU.47 According to CyberKeel, the hackers were able “to have remote access to the terminal systems, and thereby they [drug traffickers] were able to release containers to their own truckers without knowledge of the port or the shipping line.”
Mobile offshore drilling units: In 2013, while drilling in the Gulf of Mexico, workers from a U.S.-based oil company accidently uploaded malware onto the main computing system of the MODU. The effects of this attack paralyzed the rig, particularly from communicating with the rig’s navigation system
The cyber attack was among the biggest-ever disruptions to hit global shipping. Several port terminals run by a Maersk division, including in the United States, India, Spain, the Netherlands, were still struggling to revert to normal operations on Thursday after experiencing massive disruptions.
In an example of the turmoil that ensued, the unloading of vessels at the group’s Tacoma terminal was severely slowed on Tuesday and Wednesday, said Dean McGrath, president of the International Longshore and Warehouse Union Local 23 there.
The terminal is a key supply line for the delivery of domestic goods such as milk and groceries and construction materials to Anchorage, Alaska.
“They went back to basics and did everything on paper,” McGrath said.
Impersonate seller, send emails requesting payment be made to a different account = funds sent into scammer’s account
However, whilst the maritime industry might not seem a likely target, reports of successful cyber-attacks are not unknown. Take, for example, the Port of Antwerp, where hackers working with a drug-smuggling gang repeatedly breached digital tracking systems to locate containers holding large quantities of drugs. They then dispatched their own drivers to retrieve the containers ahead of the scheduled collection time.
Cyber Resilience (ελαστικότητα)
Cybersecurity refers to your methods and processes of protecting electronic data, including identifying it and where it resides, and implementing technology and business practices that will protect it. Cyber Resilience you can think of it as your organization’s ability to withstand or quickly recover from cyber events that disrupt usual business operations
Security Architecture:
Implement robust security frameworks
Build and manage secure systems.
Develop a security architecture framework for current, intermediate and target architectures.
Security solutions, that meet business needs.
Assess your security architecture against good practice, internal policies and industry peers.
Change Programs:
Improved processes, measures, indicators and controls that will protect people, property, technology, data and supply chains.
Tailored around requirements, combining technical and industry experience.
Focussed on most critical improvement areas and to identify where to invest.
Deliver and implementing the organisational and operational change required.
IAM:
IAM maturity, and provide analysis on your process documentation.
Latest trends and technologies, regulations, and best practice.
Technical planning of an IAM program
Education services allow clients to become more proficient in the use of IAM toolsets.
Define and review IAM strategies and roadmaps.
Education and Awareness:
Awareness and technical training
Build a capability framework to identify skills landscape and potential gaps.
Establish a staff training program and develop a method for testing employees knowledge.
Produce security policies
Run external courses for your company.
Cloud and Digital Mobile
Manage use of the cloud, whether that be handling privacy risks or transforming your records management processes.
Secure and transition to a cloud based solution.
Compliance with multiple jurisdictions and data protection laws for global organisations.
Manage digital risk and get the most out of transferring to the cloud.
Achieve security from new technologies such as mobile banking and social media.
Cyber Exercises:
Cyber attacks based on a range of scenarios. Security policies, staffs security skills, your managements response, and help you deal with media interest and enquiries.
Red-teaming activities can be performed to measure response to a real-life attack systems.
Establish areas for improvement that have been confirmed through simulated real-life situations.
Application Security
Test and assess the security of an organisations web applications, mobile applications, cloud based applications, and bespoke client-server applications.
Define an application assurance policy, and establish an application inventory.
Identify mitigating controls, plan a remediation policy, implement the mitigating controls, and re-scan applications.
Penetration Testing
Provide independent and objective assessment of an organisations technology systems and infrastructure.
Identify security risks associated with an organisations infrastructure in order to prioritise mitigation steps.
Test an organisations authentication, configuration, web based services, firewalls and session management.
Asset discovery, penetration testing, configuration reviews, and code reviews.
Skilled testers enable to perform 24/7, follow-the-sun, off and on-site penetration testing.
Incident Response
Define, design and implement security architecture strategies, frameworks and processes, and end-to-end security solutions.
Develop current, intermediate and target reference security architectures.
Measure the maturity of your security architecture.
Perform Incident Response activities in the event that your organisation suffers a breach or a security incident.