Troels Ørting Jørgensen, Chairman at Bullwall, Expert Member at INTERPOL
Mr. Ørting is a globally recognized Cyber Security Expert. He has been working in cybersecurity ‘first line’ for over 4 decades. Throughout career, Mr. Ørting has been working with governments and corporations to advise on how they react to the increasing international cyber threats, and worked closely with law enforcement, intelligence services and cyber security businesses.
Formerly, with the Danish National Police, first as Director, Head of the Serious Organised Crime Agency and then as Director of Operations, Danish Security Intelligence Service; Deputy Head, ICT Department and Deputy Head, OC Department, Europol, EU’s Police Agency; Head of European Cybercrime Centre and Head of Europol Counter Terrorist and Financial Intelligence Centre. 2015-18, Group Chief Information Security Officer (CISO), Barclays. Chaired the EU Financial Cybercrime Coalition, of which most banks are partners, and has very strong experience in cyber security. Since 2018, Head of the Centre for Cybersecurity, World Economic Forum. Chairman of the Board of World Economic Forum Centre for Cybersecurity (C4C).
Troels Oerting
“WE, IN SECURITY, SHOULD NOT PROMOTE FEAR – BUT PROTECT HOPE”
BEFORE THE GLOBAL PANDEMIC HIT THE WORLD IN SPRING 2020, the digital transformation increased speed and magnitude. Fuelled by super-drivers like mobile/5G, IoT, Cloud and AI the number of users, applications, storage, connections and algorithms outpaced what we had seen before. The huge possibilities provided by the Internet created a ‘tech’ environment attracting the best brains the World could produce and geopolitical tensions between China, Russia, EU and US intensified the regional competition on ‘who controls the Internet’ and the subsequent influence, growth and wealth.
THE GLOBAL COVID PANDEMIC FORCED US TO MOVE APPROXIMATELY 1.2 BN WORKERS FROM THEIR OFFICES to work from homes in order to keep the wheels spinning. Internet enabled communication tools substituted physical meetings, teaching, marketing, trading, reading, accounting, watching and demand for online services surged and Accenture has estimated that globally we went through 3 years normal speedy digital transformation in just 3 months. This will continue. We will not go back to the ‘old days’ even after we get a vaccine. We will continue to work remotely – not necessarily from home but from anywhere. Both employers and employees have seen the benefits of this new flexible work-regime providing support from working both from offices and from anywhere.
“In the future everything will be connected, everything will be sensing, everything will be stored and everything will be used, sold or utilised in other ways”
THE FUTURE will provide more positive opportunities for the global, and connected, citizen – for businesses, education, healthcare, sustainability, climate, transparency and democracy. But it will also present challenges to security, privacy...
Operational space of digital (r)evolution requires an instantaneous reaction. Seeking knowledge has brought me far beyond my personal horizons of discernment.
With hope to create and scale globally an inclusive ‘authors-publisher-readers’ circle of wisdom and expertise; with channeled determination to gain understanding by carefully selecting the best information sources (Dis moi où cherche! Mais où?) and reading between the lines, I invited the Cyber Warriors ‘Men and Women on the Arena’ with hope to “Raise the Cybersecurity Curtain”.
A central topic of these thoughts is cybersecurity. A fundamental and delicate question at the heart of my work is: how to inspire readers' thirst for knowledge, for learning.
I hope readers will gain insights into how they can guide their career path to the success they desire and benefit the global security community through their unique contributions.
Preparing today for tomorrow’s threats.
When companies hear the word “security,” what concepts come to mind
— safety, protection or perhaps comfort? To the average IT administrator,
security conjures up images of locked-down networks and virus-free devices.
An attacker, state-sponsored agent or hactivist, meanwhile, may view security
as a way to demonstrate expertise by infiltrating and bringing down corporate
or government networks for profit, military goals, political gain — or even fun.
We live in a world in which cybercrime is on the rise. A quick scan of the
timeline of major incidents (See Figure 1, Page 9) shows the increasing
frequency and severity of security breaches — a pattern that is likely
to continue for years to come. Few if any organizations are safe from
cybercriminals, to say nothing of national security. In fact, experts even
exposed authentication and encryption vulnerabilities in the U.S. Federal
Aviation Administration’s new state-of-the-art multibillion-dollar air
traffic control system
This document discusses cyber security challenges posed by emerging technologies and trends. It summarizes that securing information has become a major challenge due to technologies enabling widespread data sharing. New threats include advanced persistent threats targeting specific systems and the movement of data to cloud services and mobile networks. Emerging technologies like cloud computing, mobile computing and the new IPv6 internet protocol also present security issues. Strong encryption, integrated security systems, mobile security, and updated policies are needed to address evolving cyber threats.
This document outlines the need for organizations to develop cyber resilience in the face of growing cyber threats. It discusses four trends - democratization, consumerization, externalization, and digitization - that are increasing cyber risks. It also notes that the human element is often the weakest link in cyber security. The document argues that as cyber threats become more sophisticated and organizations more interconnected, a traditional focus on security tools and firewalls is not sufficient - organizations need to develop a security culture that includes all employees to effectively manage growing cyber risks.
The document discusses the evolving cyber threat landscape and the need for organizations to take a proactive approach to cyber security. It outlines how cyber attacks have advanced from disruptive worms to sophisticated, targeted attacks from well-resourced state actors, hacktivists, and criminals seeking intellectual property, money, or political goals. The threats are constantly changing and can damage an organization's reputation, finances, and competitive advantage. To address these evolving threats, the document argues that cyber security needs to move beyond IT and become a whole-of-organization priority requiring strategic engagement from boards and executives.
This document discusses security threats that companies will face in 2020. It notes that cybercrime is increasing in frequency and severity. Emerging threats include the growth of connected devices and societies, vulnerabilities in medical devices, increased machine-to-machine interactions, reliance on mobile devices, growth of cloud services, and risks around big data. The document warns that security needs to protect all aspects of the enterprise from the data center to mobile devices and beyond. Adversaries are increasingly sophisticated and companies must manage security risks in a connected world.
This document is a technical report submitted by Nikhil Kumar Chaudhary on the topic of cyber crime and security. It includes an abstract, introduction, sections on what cyber crime means and different types of cyber crimes. It also discusses the threats of cyber crimes in India, trends in India, and ways to tackle cyber crimes. Tables and figures are included to illustrate country distributions of cyber crimes and the rise of cyber crimes in India.
Future of data - An initial perspective - Stephan Shakespeare, CEO and Co-Fou...Future Agenda
An initial perspective on the future of data by Stephan Shakespeare, CEO and Co-Founder, YouGov. This is the starting point for the global future agenda discussions taking place through 2015 as part of the the futureagenda2.0 programme. www.futureagenda.org
Operational space of digital (r)evolution requires an instantaneous reaction. Seeking knowledge has brought me far beyond my personal horizons of discernment.
With hope to create and scale globally an inclusive ‘authors-publisher-readers’ circle of wisdom and expertise; with channeled determination to gain understanding by carefully selecting the best information sources (Dis moi où cherche! Mais où?) and reading between the lines, I invited the Cyber Warriors ‘Men and Women on the Arena’ with hope to “Raise the Cybersecurity Curtain”.
A central topic of these thoughts is cybersecurity. A fundamental and delicate question at the heart of my work is: how to inspire readers' thirst for knowledge, for learning.
I hope readers will gain insights into how they can guide their career path to the success they desire and benefit the global security community through their unique contributions.
Preparing today for tomorrow’s threats.
When companies hear the word “security,” what concepts come to mind
— safety, protection or perhaps comfort? To the average IT administrator,
security conjures up images of locked-down networks and virus-free devices.
An attacker, state-sponsored agent or hactivist, meanwhile, may view security
as a way to demonstrate expertise by infiltrating and bringing down corporate
or government networks for profit, military goals, political gain — or even fun.
We live in a world in which cybercrime is on the rise. A quick scan of the
timeline of major incidents (See Figure 1, Page 9) shows the increasing
frequency and severity of security breaches — a pattern that is likely
to continue for years to come. Few if any organizations are safe from
cybercriminals, to say nothing of national security. In fact, experts even
exposed authentication and encryption vulnerabilities in the U.S. Federal
Aviation Administration’s new state-of-the-art multibillion-dollar air
traffic control system
This document discusses cyber security challenges posed by emerging technologies and trends. It summarizes that securing information has become a major challenge due to technologies enabling widespread data sharing. New threats include advanced persistent threats targeting specific systems and the movement of data to cloud services and mobile networks. Emerging technologies like cloud computing, mobile computing and the new IPv6 internet protocol also present security issues. Strong encryption, integrated security systems, mobile security, and updated policies are needed to address evolving cyber threats.
This document outlines the need for organizations to develop cyber resilience in the face of growing cyber threats. It discusses four trends - democratization, consumerization, externalization, and digitization - that are increasing cyber risks. It also notes that the human element is often the weakest link in cyber security. The document argues that as cyber threats become more sophisticated and organizations more interconnected, a traditional focus on security tools and firewalls is not sufficient - organizations need to develop a security culture that includes all employees to effectively manage growing cyber risks.
The document discusses the evolving cyber threat landscape and the need for organizations to take a proactive approach to cyber security. It outlines how cyber attacks have advanced from disruptive worms to sophisticated, targeted attacks from well-resourced state actors, hacktivists, and criminals seeking intellectual property, money, or political goals. The threats are constantly changing and can damage an organization's reputation, finances, and competitive advantage. To address these evolving threats, the document argues that cyber security needs to move beyond IT and become a whole-of-organization priority requiring strategic engagement from boards and executives.
This document discusses security threats that companies will face in 2020. It notes that cybercrime is increasing in frequency and severity. Emerging threats include the growth of connected devices and societies, vulnerabilities in medical devices, increased machine-to-machine interactions, reliance on mobile devices, growth of cloud services, and risks around big data. The document warns that security needs to protect all aspects of the enterprise from the data center to mobile devices and beyond. Adversaries are increasingly sophisticated and companies must manage security risks in a connected world.
This document is a technical report submitted by Nikhil Kumar Chaudhary on the topic of cyber crime and security. It includes an abstract, introduction, sections on what cyber crime means and different types of cyber crimes. It also discusses the threats of cyber crimes in India, trends in India, and ways to tackle cyber crimes. Tables and figures are included to illustrate country distributions of cyber crimes and the rise of cyber crimes in India.
Future of data - An initial perspective - Stephan Shakespeare, CEO and Co-Fou...Future Agenda
An initial perspective on the future of data by Stephan Shakespeare, CEO and Co-Founder, YouGov. This is the starting point for the global future agenda discussions taking place through 2015 as part of the the futureagenda2.0 programme. www.futureagenda.org
CIR Magazine - Cyber Readiness, key to survivalMorgan Jones
Cybersecurity risks pose an increasing threat to organizations as technological change accelerates. A review of cyber attacks in 2019 found a rise in ransomware attacks that disrupted company operations. Looking ahead, emerging technologies like artificial intelligence could introduce new vulnerabilities if not properly governed. Experts call for increased international cooperation to address ongoing and future cybersecurity challenges posed by new technologies.
The document discusses several aspects of internet safety including information security issues like viruses and privacy issues. It also discusses regulating obscene content and false information online. It describes international efforts through the UN and WSIS to address internet governance and build confidence in internet use. However, perceptions of threats may outweigh the actual risks to minors online. Proposed legislation to require data retention raises privacy and civil liberties concerns. Striking a balance between open access and protecting vulnerable groups is important for innovation.
The Future of Security in Australia: a Think Tank Report by BlackBerry. This white paper from BlackBerry, the mobile-native software and services company dedicated to securing the Enterprise of Things, features the analysis and thoughts from a 10-expert roundtable late last year looking at trends in cyber and mobile security.
The 5 Biggest Cybersecurity Trends In 2020 Everyone Should Know AboutBernard Marr
The vital role that cybersecurity plays in protecting our privacy, rights, freedoms, and everything up to and including our physical safety will be more prominent than ever during 2020.
The document is the U.S. Department of Homeland Security's Cybersecurity Strategy from 2018 to 2023. It outlines the department's vision to improve national cybersecurity risk management by 2023 through increasing security across government and critical infrastructure networks, decreasing illicit cyber activity, improving responses to incidents, and fostering a more secure cyber ecosystem.
The strategy identifies five pillars to manage national cybersecurity risks: risk identification, vulnerability reduction, threat reduction, consequence mitigation, and enabling cybersecurity outcomes. Under these pillars, the department has seven goals, such as assessing evolving risks, protecting federal systems and critical infrastructure, preventing criminal cyber activity, responding to incidents, and strengthening the overall cyber ecosystem.
This document provides an overview of cyber threats and recommendations for building a career in cyber security. It identifies major cyber threats for 2016 such as ransomware, attacks on critical infrastructure and payment systems, vulnerabilities in applications like Adobe Flash, and threats to emerging technologies like automobiles and wearables. It also provides tips for exploring a career in cyber security, including starting with general IT jobs and skills, gaining practical experience through self-directed learning and certifications, and developing specialized technical skills.
The document discusses cyber threats and forecasts for 2016. It predicts that ransomware, attacks on critical infrastructure, payment systems, automobiles, and wearables will increase. Nation-state cyber espionage and hacktivism will also continue. The document recommends increasing cybersecurity training and awareness, establishing international cooperation on cybercrime prosecution, and improving cyber resilience rather than just defense. It encourages pursuing a career in cybersecurity and lists example cybersecurity jobs.
The document discusses the growing threat of cyber attacks facing all organizations. It notes that no organization is safe from attacks, which are increasing in scale and sophistication. Some key points made include:
- Cyber attacks range from financially motivated crime to espionage to activism and warfare, with financial crime being the most commonly experienced by organizations.
- The boundary-less nature of cyber space and low costs of attacks relative to their impact make threats unpredictable and difficult to defend against.
- Effective cyber security requires looking outward beyond organizational boundaries and increasing collaboration both within sectors and between public and private sectors. However, collaboration is still not working effectively.
- Understanding online business models and protecting the data that represents organizational value are both critical
The document discusses the growing cyber threats facing organizations from both private and state actors. It notes that cyber attacks are increasing in scale and sophistication, with no organization considered completely safe. Effective cyber security requires an outward-looking approach that crosses organizational and national boundaries through increased collaboration between both public and private sectors. However, many organizations still face barriers to effective cyber security including a need for new skills, integrating security into business operations, and a lack of board-level understanding and prioritization of the issues.
Public Relations Campaign for SecureWorks for IMC 618: PR Concepts & Strategy. Campaign is focused on increasing brand awareness among both big and small businesses as well as potential investors.
Raise The Cybersecurity Curtain!
With a clear grasp of systems theory and revelation of pervasive, persistent, and resilient interconnectedness, I set out on the journey to interact with 100 "best of the best" Cybersecurity / Information Security professionals to learn about their own EXPERIENCES and gain INSIGHTS from their personal perspectives.
I was truly blessed to have had a wide variety of insightful conversations with leaders who are serving their organizations at various levels.
I sincerely wanted to expand the impact of the lessons I learned from these interactions by sharing them with Cybersecurity enthusiasts around the globe - people who are paving their own way towards a successful Cybersecurity career.
I hope readers will gain insights into how they can guide their career path to the success they desire and benefit the global security community through their unique contributions.
Some 2.4 billion global Internet users—34 percent of
the world’s population—spend increasing amounts
of time online.1 As our online activity expands,
it isn’t just creating new ways to do business. It’s
revolutionizing business. However, like any mass
movement with significant ramifications, the
Internet-enabled life has risks as well as benefits.
Some are willing to accept those risks without much
consideration. Others want to take the time for a
more contemplative response, but events are moving
too quickly for long debate. What we really need is
a Call to Action that addresses the risks demanding
urgent attention.
To balance the benefits of the digital life,
management needs to understand and grapple
with four equally powerful forces:
Democratization – The way customers insist
on interacting via the channels they prefer,
rather than the channels the organization
imposes.
Consumerization – The impact of the many
devices and applications that span work and
play in our digital lives.
Externalization – The ways in which cloud
computing slashes capital expenditure and
shakes up how data moves in and out of
organizations.
Digitization – The exponential connectivity
created when sensors and devices form the
“Internet of Things.” These forces interact in ways
that make eradicating Cyber Risk impossible;
eliminating it in one area simply shifts it to the
others.
However, by following best practices, it is possible
to reduce your organization’s exposure to Cyber
Risk across the board. By addressing the real and
growing risks we face as individuals, businesses, and
governments, we can begin to create an optimal
environment of Cyber Resilience. This Manifesto sets
out a road map for that process.
Top Cyber News MAGAZINE February 2022 Chuck D Brooks. Highest Resolution.pdfTopCyberNewsMAGAZINE
Chuck D. BROOKS, President of Brooks Consulting International
Mr. Brooks is a globally recognized thought leader and subject matter expert Cybersecurity and Emerging Technologies. LinkedIn named Chuck as one of “The Top 5 Tech People to Follow on LinkedIn.” He was named by Thompson Reuters as a “Top 50 Global Influencer in Risk, Compliance,” and by IFSEC as the “#2 Global Cybersecurity Influencer.” He was featured in the 2020 Onalytica "Who's Who in Cybersecurity" – as one of the top Influencers for cybersecurity issues. He was also named one of the Top 5 Executives to Follow on Cybersecurity by Executive Mosaic. He is also a Cybersecurity Expert for “The Network” at the Washington Post, Visiting Editor at Homeland Security Today, Expert for Executive Mosaic/GovCon, and a Contributor to FORBES.
In government, Chuck has received two senior Presidential appointments. Under President George W. Bush Chuck was appointed to The Department of Homeland Security (DHS) as the first Legislative Director of The Science & Technology Directorate at the Department of Homeland Security. He also was appointed as Special Assistant to the Director of Voice of America under President Reagan. He served as a top Advisor to the late Senator Arlen Specter on Capitol Hill covering security and technology issues on Capitol Hill.
In industry, Chuck has served in senior executive roles for General Dynamics as the Principal Market Growth Strategist for Cyber Systems, at Xerox as Vice President & Client Executive for Homeland Security, for Rapiscan and Vice President of R & D, for SRA as Vice President of Government Relations, and for Sutherland as Vice President of Marketing and Government Relations. He currently sits on several corporate and not-for-profit Boards in advisory roles.
In academia, Chuck is Adjunct Faculty at Georgetown University’s Graduate Applied Intelligence Program and the Graduate Cybersecurity Programs where he teaches courses on risk management, homeland security, and cybersecurity. He was an Adjunct Faculty Member at Johns Hopkins University where he taught a graduate course on homeland security for two years. He has an MA in International relations from the University of Chicago, a BA in Political Science from DePauw University, and a Certificate in International Law from The Hague Academy of International Law.
In media, Chuck has been a featured speaker at dozens of conferences and webinars (Recently, Chuck briefed the G-20 Energy Conference on operating systems cybersecurity). and has published more than 200 articles and blogs on cybersecurity, homeland security and technology issues. His writings have appeared on AT&T, IBM, Microsoft, General Dynamics, Xerox, Cylance, Checkpoint, and many other blogs.
1) Three trends were identified in cybersecurity for 2016: cybersecurity going mainstream; social media hacking escalating; and 2016 being a year of security training and certifications.
2) As technology evolves, cybersecurity will continue to grow mainstream. However, social media hacking poses a continued threat as hackers try new tactics to outsmart security professionals.
3) In response, security training and certification opportunities are increasing to broaden knowledge and help reduce attacks, though training and awareness efforts must continue going forward.
The National Cyber Security Strategy: Success Through CooperationMark Johnson
The document outlines the Netherlands' National Cyber Security Strategy. It discusses how society has become increasingly dependent on ICT and vulnerable to cyber threats. The strategy aims to improve cyber security through cooperation between public and private sectors. It establishes basic principles such as linking initiatives, public-private partnerships, individual responsibility, and proportional responses. The goal is to create a resilient digital infrastructure while respecting privacy and civil liberties.
This document is a magazine highlighting outstanding cybersecurity professionals from around the world. It contains short profiles and articles on various topics related to cybersecurity.
The magazine includes an editorial emphasizing the need for cybersecurity training focused on front-line roles to address skills shortages. It also contains articles on the importance of raising public awareness of cybersecurity, seeing cybersecurity as a journey rather than a destination, integrating other fields like psychology into cybersecurity, and taking a business-first approach to cybersecurity. The magazine profiles 19 cybersecurity professionals from different countries and continents working to create a more secure digital future.
Margo KONIUSZEWSKI’s motto in tackling cyber challenges is « Cybersecurity education is like a marathon, not a sprint. It calls for a sustained effort, crosscutting approach and questions that lead to novel thinking and action! »
She champions digital literacy, cybersecurity and lifelong learning as the new imperatives of Economy 4.0, from junior to senior.
Her Cybersecurity Challenge, that took place despite the COVID crisis, was the world’s first competition to bring together multi-disciplinary “tiger groups” - student teams from IT/engineering, business, law, medicine and military academies in tackling a massive and far-reaching cyber-crisis.
Building on this success she launched a Regional Cyber Labs network run by students for students and the wider community as centers of cyber competence to raise awareness and educate.
The project went worldwide with the Global Cyber Lab to promote cross-sectoral action between the private/public sectors, academia, and diplomats. Her « New Roadmap for Cybersecurity Education » report was adopted and commended by the United Nations Open Ended Working Group on Cybersecurity as a benchmark in cyber capacity-building for all 193 Member States to take-up to boost their cybersecurity landscape.
She then organized the first Global Cybersecurity Roadshow 2021-22 event as part of a year-long program of exchanges between university students from all continents and world class cybersecurity champions. She is now touring Poland with events and conferences around her new audiobook: “Striptease in the age of apps and algos” on technology and how the digital transformation is impacting every aspect of our lives.
For Margo, cybersecurity is too important to leave in the hands of bureaucrats or technicians. We must get everyone on board!
------------------------------------
Adam KONIUSZEWSKI is Adam Koniuszewski serves as President of the Warsaw Security Hub of the Swiss Embassy in Poland and as Executive in Residence at the Geneva Center for Security Policy (GCSP), an international think-tank on global affairs diplomacy to promote security and cooperation.
A social entrepreneur and philanthropist, he launched The Bridge Foundation with his wife Margo to promote awareness and cooperative action on pressing security, economic and social challenges.
Adam has extensive experience in a wide range of sectors including Big Four, Fortune 100, and global non-profit in close cooperation with the United Nations and international organizations. For close to a decade, he worked with President Mikhail Gorbachev as executive director of his international initiative to address global security and sustainability. He was particularly successful in developing partnerships with the private sector to implement development projects around the world.
Adam is actively engaged with the CPA and CFA organizations to promote the highest ethical standards and professional compliance for their members.
Adam holds a Graduate Diploma and ...
More Related Content
Similar to Top Cyber News MAGAZINE. Troels Oerting
CIR Magazine - Cyber Readiness, key to survivalMorgan Jones
Cybersecurity risks pose an increasing threat to organizations as technological change accelerates. A review of cyber attacks in 2019 found a rise in ransomware attacks that disrupted company operations. Looking ahead, emerging technologies like artificial intelligence could introduce new vulnerabilities if not properly governed. Experts call for increased international cooperation to address ongoing and future cybersecurity challenges posed by new technologies.
The document discusses several aspects of internet safety including information security issues like viruses and privacy issues. It also discusses regulating obscene content and false information online. It describes international efforts through the UN and WSIS to address internet governance and build confidence in internet use. However, perceptions of threats may outweigh the actual risks to minors online. Proposed legislation to require data retention raises privacy and civil liberties concerns. Striking a balance between open access and protecting vulnerable groups is important for innovation.
The Future of Security in Australia: a Think Tank Report by BlackBerry. This white paper from BlackBerry, the mobile-native software and services company dedicated to securing the Enterprise of Things, features the analysis and thoughts from a 10-expert roundtable late last year looking at trends in cyber and mobile security.
The 5 Biggest Cybersecurity Trends In 2020 Everyone Should Know AboutBernard Marr
The vital role that cybersecurity plays in protecting our privacy, rights, freedoms, and everything up to and including our physical safety will be more prominent than ever during 2020.
The document is the U.S. Department of Homeland Security's Cybersecurity Strategy from 2018 to 2023. It outlines the department's vision to improve national cybersecurity risk management by 2023 through increasing security across government and critical infrastructure networks, decreasing illicit cyber activity, improving responses to incidents, and fostering a more secure cyber ecosystem.
The strategy identifies five pillars to manage national cybersecurity risks: risk identification, vulnerability reduction, threat reduction, consequence mitigation, and enabling cybersecurity outcomes. Under these pillars, the department has seven goals, such as assessing evolving risks, protecting federal systems and critical infrastructure, preventing criminal cyber activity, responding to incidents, and strengthening the overall cyber ecosystem.
This document provides an overview of cyber threats and recommendations for building a career in cyber security. It identifies major cyber threats for 2016 such as ransomware, attacks on critical infrastructure and payment systems, vulnerabilities in applications like Adobe Flash, and threats to emerging technologies like automobiles and wearables. It also provides tips for exploring a career in cyber security, including starting with general IT jobs and skills, gaining practical experience through self-directed learning and certifications, and developing specialized technical skills.
The document discusses cyber threats and forecasts for 2016. It predicts that ransomware, attacks on critical infrastructure, payment systems, automobiles, and wearables will increase. Nation-state cyber espionage and hacktivism will also continue. The document recommends increasing cybersecurity training and awareness, establishing international cooperation on cybercrime prosecution, and improving cyber resilience rather than just defense. It encourages pursuing a career in cybersecurity and lists example cybersecurity jobs.
The document discusses the growing threat of cyber attacks facing all organizations. It notes that no organization is safe from attacks, which are increasing in scale and sophistication. Some key points made include:
- Cyber attacks range from financially motivated crime to espionage to activism and warfare, with financial crime being the most commonly experienced by organizations.
- The boundary-less nature of cyber space and low costs of attacks relative to their impact make threats unpredictable and difficult to defend against.
- Effective cyber security requires looking outward beyond organizational boundaries and increasing collaboration both within sectors and between public and private sectors. However, collaboration is still not working effectively.
- Understanding online business models and protecting the data that represents organizational value are both critical
The document discusses the growing cyber threats facing organizations from both private and state actors. It notes that cyber attacks are increasing in scale and sophistication, with no organization considered completely safe. Effective cyber security requires an outward-looking approach that crosses organizational and national boundaries through increased collaboration between both public and private sectors. However, many organizations still face barriers to effective cyber security including a need for new skills, integrating security into business operations, and a lack of board-level understanding and prioritization of the issues.
Public Relations Campaign for SecureWorks for IMC 618: PR Concepts & Strategy. Campaign is focused on increasing brand awareness among both big and small businesses as well as potential investors.
Raise The Cybersecurity Curtain!
With a clear grasp of systems theory and revelation of pervasive, persistent, and resilient interconnectedness, I set out on the journey to interact with 100 "best of the best" Cybersecurity / Information Security professionals to learn about their own EXPERIENCES and gain INSIGHTS from their personal perspectives.
I was truly blessed to have had a wide variety of insightful conversations with leaders who are serving their organizations at various levels.
I sincerely wanted to expand the impact of the lessons I learned from these interactions by sharing them with Cybersecurity enthusiasts around the globe - people who are paving their own way towards a successful Cybersecurity career.
I hope readers will gain insights into how they can guide their career path to the success they desire and benefit the global security community through their unique contributions.
Some 2.4 billion global Internet users—34 percent of
the world’s population—spend increasing amounts
of time online.1 As our online activity expands,
it isn’t just creating new ways to do business. It’s
revolutionizing business. However, like any mass
movement with significant ramifications, the
Internet-enabled life has risks as well as benefits.
Some are willing to accept those risks without much
consideration. Others want to take the time for a
more contemplative response, but events are moving
too quickly for long debate. What we really need is
a Call to Action that addresses the risks demanding
urgent attention.
To balance the benefits of the digital life,
management needs to understand and grapple
with four equally powerful forces:
Democratization – The way customers insist
on interacting via the channels they prefer,
rather than the channels the organization
imposes.
Consumerization – The impact of the many
devices and applications that span work and
play in our digital lives.
Externalization – The ways in which cloud
computing slashes capital expenditure and
shakes up how data moves in and out of
organizations.
Digitization – The exponential connectivity
created when sensors and devices form the
“Internet of Things.” These forces interact in ways
that make eradicating Cyber Risk impossible;
eliminating it in one area simply shifts it to the
others.
However, by following best practices, it is possible
to reduce your organization’s exposure to Cyber
Risk across the board. By addressing the real and
growing risks we face as individuals, businesses, and
governments, we can begin to create an optimal
environment of Cyber Resilience. This Manifesto sets
out a road map for that process.
Top Cyber News MAGAZINE February 2022 Chuck D Brooks. Highest Resolution.pdfTopCyberNewsMAGAZINE
Chuck D. BROOKS, President of Brooks Consulting International
Mr. Brooks is a globally recognized thought leader and subject matter expert Cybersecurity and Emerging Technologies. LinkedIn named Chuck as one of “The Top 5 Tech People to Follow on LinkedIn.” He was named by Thompson Reuters as a “Top 50 Global Influencer in Risk, Compliance,” and by IFSEC as the “#2 Global Cybersecurity Influencer.” He was featured in the 2020 Onalytica "Who's Who in Cybersecurity" – as one of the top Influencers for cybersecurity issues. He was also named one of the Top 5 Executives to Follow on Cybersecurity by Executive Mosaic. He is also a Cybersecurity Expert for “The Network” at the Washington Post, Visiting Editor at Homeland Security Today, Expert for Executive Mosaic/GovCon, and a Contributor to FORBES.
In government, Chuck has received two senior Presidential appointments. Under President George W. Bush Chuck was appointed to The Department of Homeland Security (DHS) as the first Legislative Director of The Science & Technology Directorate at the Department of Homeland Security. He also was appointed as Special Assistant to the Director of Voice of America under President Reagan. He served as a top Advisor to the late Senator Arlen Specter on Capitol Hill covering security and technology issues on Capitol Hill.
In industry, Chuck has served in senior executive roles for General Dynamics as the Principal Market Growth Strategist for Cyber Systems, at Xerox as Vice President & Client Executive for Homeland Security, for Rapiscan and Vice President of R & D, for SRA as Vice President of Government Relations, and for Sutherland as Vice President of Marketing and Government Relations. He currently sits on several corporate and not-for-profit Boards in advisory roles.
In academia, Chuck is Adjunct Faculty at Georgetown University’s Graduate Applied Intelligence Program and the Graduate Cybersecurity Programs where he teaches courses on risk management, homeland security, and cybersecurity. He was an Adjunct Faculty Member at Johns Hopkins University where he taught a graduate course on homeland security for two years. He has an MA in International relations from the University of Chicago, a BA in Political Science from DePauw University, and a Certificate in International Law from The Hague Academy of International Law.
In media, Chuck has been a featured speaker at dozens of conferences and webinars (Recently, Chuck briefed the G-20 Energy Conference on operating systems cybersecurity). and has published more than 200 articles and blogs on cybersecurity, homeland security and technology issues. His writings have appeared on AT&T, IBM, Microsoft, General Dynamics, Xerox, Cylance, Checkpoint, and many other blogs.
1) Three trends were identified in cybersecurity for 2016: cybersecurity going mainstream; social media hacking escalating; and 2016 being a year of security training and certifications.
2) As technology evolves, cybersecurity will continue to grow mainstream. However, social media hacking poses a continued threat as hackers try new tactics to outsmart security professionals.
3) In response, security training and certification opportunities are increasing to broaden knowledge and help reduce attacks, though training and awareness efforts must continue going forward.
The National Cyber Security Strategy: Success Through CooperationMark Johnson
The document outlines the Netherlands' National Cyber Security Strategy. It discusses how society has become increasingly dependent on ICT and vulnerable to cyber threats. The strategy aims to improve cyber security through cooperation between public and private sectors. It establishes basic principles such as linking initiatives, public-private partnerships, individual responsibility, and proportional responses. The goal is to create a resilient digital infrastructure while respecting privacy and civil liberties.
Similar to Top Cyber News MAGAZINE. Troels Oerting (20)
This document is a magazine highlighting outstanding cybersecurity professionals from around the world. It contains short profiles and articles on various topics related to cybersecurity.
The magazine includes an editorial emphasizing the need for cybersecurity training focused on front-line roles to address skills shortages. It also contains articles on the importance of raising public awareness of cybersecurity, seeing cybersecurity as a journey rather than a destination, integrating other fields like psychology into cybersecurity, and taking a business-first approach to cybersecurity. The magazine profiles 19 cybersecurity professionals from different countries and continents working to create a more secure digital future.
Margo KONIUSZEWSKI’s motto in tackling cyber challenges is « Cybersecurity education is like a marathon, not a sprint. It calls for a sustained effort, crosscutting approach and questions that lead to novel thinking and action! »
She champions digital literacy, cybersecurity and lifelong learning as the new imperatives of Economy 4.0, from junior to senior.
Her Cybersecurity Challenge, that took place despite the COVID crisis, was the world’s first competition to bring together multi-disciplinary “tiger groups” - student teams from IT/engineering, business, law, medicine and military academies in tackling a massive and far-reaching cyber-crisis.
Building on this success she launched a Regional Cyber Labs network run by students for students and the wider community as centers of cyber competence to raise awareness and educate.
The project went worldwide with the Global Cyber Lab to promote cross-sectoral action between the private/public sectors, academia, and diplomats. Her « New Roadmap for Cybersecurity Education » report was adopted and commended by the United Nations Open Ended Working Group on Cybersecurity as a benchmark in cyber capacity-building for all 193 Member States to take-up to boost their cybersecurity landscape.
She then organized the first Global Cybersecurity Roadshow 2021-22 event as part of a year-long program of exchanges between university students from all continents and world class cybersecurity champions. She is now touring Poland with events and conferences around her new audiobook: “Striptease in the age of apps and algos” on technology and how the digital transformation is impacting every aspect of our lives.
For Margo, cybersecurity is too important to leave in the hands of bureaucrats or technicians. We must get everyone on board!
------------------------------------
Adam KONIUSZEWSKI is Adam Koniuszewski serves as President of the Warsaw Security Hub of the Swiss Embassy in Poland and as Executive in Residence at the Geneva Center for Security Policy (GCSP), an international think-tank on global affairs diplomacy to promote security and cooperation.
A social entrepreneur and philanthropist, he launched The Bridge Foundation with his wife Margo to promote awareness and cooperative action on pressing security, economic and social challenges.
Adam has extensive experience in a wide range of sectors including Big Four, Fortune 100, and global non-profit in close cooperation with the United Nations and international organizations. For close to a decade, he worked with President Mikhail Gorbachev as executive director of his international initiative to address global security and sustainability. He was particularly successful in developing partnerships with the private sector to implement development projects around the world.
Adam is actively engaged with the CPA and CFA organizations to promote the highest ethical standards and professional compliance for their members.
Adam holds a Graduate Diploma and ...
Top Cyber News MAGAZINE. Dr. Bradford L. Sims. Capitol Technology UniversityTopCyberNewsMAGAZINE
Dr. Bradford L. Sims became Capitol Technology University's eighth president on June 1, 2017. An educator, administrator and construction project manager, Dr. Sims has extensive experience both in academia and industry.
Dr. Sims earned a Ph.D. in Curriculum and Instruction in 1999 from Purdue University, which is also his undergraduate alma mater; he received his B.S. in Building Construction Management there in 1990. He also holds a master's of science degree in Building Construction from the University of Florida. He is a member of the Sigma Lambda Chi International Construction Honor Society and the American Institute of Contractors, among many other honors and professional affiliations.
The Education Magazine has selected Dr. Bradford Sims one of the 10 Most Influential Educational Leaders of 2021. He leads Capitol Technology University with an education laser-focused on STEM or Management of STEM careers which uniquely positions students for top roles in the region's booming tech hub.
‘The education of the next generation of Cyber experts must start now’, include all those that have historically been limited to be part of this defence of our ways of life. ~ Dr. Ian McAndrew
Focused on STEM since its inception in 1927, Capitol Technology University has developed a robust, practical, and award-winning cybersecurity program for students at all levels to learn the skills necessary to become industry Leaders.
Capitol Tech, located in Laurel, Maryland, is home to nationally recognized cybersecurity degrees, with SC Media naming the university’s cybersecurity program as the 2020 Best Cybersecurity Program and the Chair of Cybersecurity, Dr. Willliam (Bill) Butler, as the 2021 Outstanding Educator.
Since 2003, the Department of Homeland Security (DHS) and the National Security Agency (NSA) also recognized the program as a Center of Academic
Excellence in Cyber-Defense, and in 2021 the university was selected by the NSA as the Northeast region’s Cybersecurity Hub. As the Hub, the university will mentor hundreds of institutions offering cybersecurity programs across 14 states and the District of Columbia to develop or enhance their cybersecurity programs.
This new title allows Capitol Tech to continue mentoring other universities in cyber program creation in addition to opportunities the preexisting CAE designation afforded the university. These include being selected by the NSA to supplement their development program for new security engineers with master’s courses, by over twenty Cyber Scholarship Program (CySP) scholars, and by the National Science Foundation (NSF) for two major multi-year grants to address the shortage of cybersecurity professionals.
Capitol Tech’s cybersecurity bachelor’s, master’s, and doctoral students are immersed in a hands-on education led by industry experts to learn in-demand skills. Undergraduate students learn UNIX O/S, C programming, networking, virtual machines, vulnerability scanning, packet capture and analysis,
Thomas Harrer holds the title of Distinguished Engineer and the Chief Technology Officer Server & Storage EMEA at IBM. He is a member of the IBM Academy of Technology (AoT), (Board) Member TEC DACH, and a computer scientist with a strong background in mathematics, computer architecture and application architecture.
In the mid-nineties, through his groundbreaking diploma thesis, he combined the world of genomics and Artificial Intelligence by leveraging the power of neural networks for analysing genes in the human genome. He is very open-minded and especially interested in cross-collaboration between different areas of expertise.
Since 1995, Thomas Harrer has been working with IBM as a client engineer and architect focused on infrastructure architecture helping clients to innovate with technology increasing cross-platform efficiency.
Starting 2017, Thomas has taken over the responsibilities of Chief Technology Officer for IBM Servers and Storage for Europe and more recently extended them to EMEA. In this technical leadership role, Thomas Harrer and his team deliver innovation with hybrid clouds and AI, leveraging all types of data and evolving the technology that enables clients to achieve business success.
With a strong foundation in computer/data science and extensive experience in IT infrastructure and technology, Thomas enjoys bringing different elements together to build the architecture of the future. He loves to discuss technology, trends, AI, data, blockchains and architectures for mission-critical hybrid cloud solutions.
Officer of the Order of the British Empire for Business (OBE), Christiane Wuillamie OBE started her technology career in 1980 after working for UNCHR setting up a resettlement camp for Vietnamese refugees.
Christiane has done every job in IT from coding, to running a software house, to being CIO in Financial Services. A transformational leader, she built and operationalised a strong, high performance culture in every role and every turnaround project.
She leverages technology to solve business challenges through developing people and joined-up process that deliver a competitive advantage. Her cyber security and technology management skills make her a valued Board member and advisor on digital transformation.
In the fast-changing cyber world, Christiane believes that only a strong culture of collaboration, transparency and responsible leadership can deliver safety and security for all.
Besides being a Non-Executive Board member, Christiane is the co-founder of a technology firm, PYXIS Culture Technologies that is quantifying the linkage between corporate culture, leadership and business results and helping senior leaders understand how culture impacts cyber security, safety, conduct risk, innovation and customer satisfaction.
“It’s time for the role of the CISO to change from information security to enterprise security.”
Christiane WUILLAMIE OBE
PYXIS Culture Technologies, Ltd is your business partner for cyber security. We differ from traditional consulting firms in two important areas. We combine over 40 years of experience in how culture impacts performance with deep operational experience in technology management, digital transformation, cyber security, and business turnarounds.
At PYXIS Culture Technologies we have pioneered an ecosystem modelling approach for understanding, measuring, and managing cyber security risks to improve business performance. Using systems analytics and proprietary algorithms along with internal company data, we can identify and map the causal factors inside your organization that have a significant impact on cyber security and business performance.
Find out more about PYXIS at www.pyxisculture.com
Or contact: info@pyxisculture.com
John R Childress is a pioneer in the field of leadership and corporate culture, advising CEOs and senior teams on the impact of company culture on business performance for almost 40 years.
Born in the Cascade Mountains of Oregon, he lived in Carmel Highlands, California during most of his early business career, before moving to London, England in 1996. John is a Phi Beta Kappa scholar with a BA degree (Magna cum Laude) from the University of California, a Masters Degree from Harvard University and was a PhD candidate at the University of Hawaii before deciding on a career as a business entrepreneur in the mid-70s. In 1968-69 he attended the American University of Beirut and it was there that his interest in cultures, leadership and group dynamics began to take shape.
Daniel Ehrenreich, BSc. is a leading Industrial Control System (ICS) expert and acting as consultant and lecturer at Secure Communications and Control Experts (SCCE) consulting entity, based in Israel.
Periodically conducting workshop sessions via Internet and in person for educating international participants on ICS cyber security risks and defense measures for a broad range of ICS verticals.
Studied CISSP in 2014 and is certified as a Lead Auditor for the ISO 27001-2013 standard by the Israeli Institute of Standards.
Daniel has over 30 years of engineering experience with ICS for: electricity, water, oil and gas and power plants as part of his activities at: Tadiran Electronics, Motorola Solutions, Siemens and Waterfall Security.
Reselected as the Chairman for the 6th ICS Cybersec AI&ML 2021 hybrid conference, organized by People and Computers.
Stewart A. Skomra is a rare individual defining the adage “experience trumps theory.”
He has immersed himself deep within myriad industries spanning multiple initiatives, cultures, and countries; accumulating knowledge and experience ‘walking-the-walk’ to support ‘talking-the-talk’ with a deep conviction of an ever-brighter, technology-enhanced, continually improving human experience.
Our collaboration on topics ranging from the sanctity of the individual to macro cyclical trends resulting from the confluence of Societal-Economic-Technology factors has enabled each of us to advance our thinking much further than we ever could have individually.
I look forward to continuing our journey to realize the vision of an ever-expanding, continually vibrant future.
We welcome all individuals oriented toward the pursuit of good built on a foundation of truth to join with us.
Top Cyber News Magazine. Carmen Marsh
The technologies of tomorrow are at the heart of our daily life and work, touching all aspects of our lives in countless ways. Organizations and individuals that prioritize digital innovation are achieving remarkable results. The advancement of technologies has seen new digital highways emerge, and on these highways, we desperately need to foster greater cybersecurity. Digitalization and cybersecurity must evolve hand in hand.
Cybersecurity is becoming the most important security topic of the future. The threat landscape is changing constantly and, probably, by the time you have finished reading this article, a new vulnerability was discovered. It is for this reason that the foundation of knowledge and best strategies is so important, and the need for skilled cybersecurity professionals is more crucial than ever.
In cybersecurity, and in tech in general the need to gather diverse input and perspective to meet cyber-threats and technology road-blocks grows by the minute.
To close industry’s skills gap, to continue developing the world’s cyber workforce of the future, we must make cybersecurity education an integral part of our culture, taught and evangelized across genders, ages, and organizational sectors. For statistically, global shortages in talent affecting 82% of organizations.
Now is the time for women to step into emerging technologies and cybersecurity industries. Reskilling is a great issue. Inclusion is as important as innovation. We will have to go into learning mode, be willing to be taught.
Founded by Carmen Marsh, 100 Women in 100 Days Cybersecurity Career Accelerator creates more career pathways for women wanting to further build security expertise, advance their security knowledge or start a career in cybersecurity.
Talented and highly qualified technologist, born leader and role model, Mrs. Carmen March invests her passion, knowledge and faith to educate and mentor women in cybersecurity.
The brightest stars are those who shine for the benefit of others. Carmen Marsh is this star.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIVladimir Iglovikov, Ph.D.
Presented by Vladimir Iglovikov:
- https://www.linkedin.com/in/iglovikov/
- https://x.com/viglovikov
- https://www.instagram.com/ternaus/
This presentation delves into the journey of Albumentations.ai, a highly successful open-source library for data augmentation.
Created out of a necessity for superior performance in Kaggle competitions, Albumentations has grown to become a widely used tool among data scientists and machine learning practitioners.
This case study covers various aspects, including:
People: The contributors and community that have supported Albumentations.
Metrics: The success indicators such as downloads, daily active users, GitHub stars, and financial contributions.
Challenges: The hurdles in monetizing open-source projects and measuring user engagement.
Development Practices: Best practices for creating, maintaining, and scaling open-source libraries, including code hygiene, CI/CD, and fast iteration.
Community Building: Strategies for making adoption easy, iterating quickly, and fostering a vibrant, engaged community.
Marketing: Both online and offline marketing tactics, focusing on real, impactful interactions and collaborations.
Mental Health: Maintaining balance and not feeling pressured by user demands.
Key insights include the importance of automation, making the adoption process seamless, and leveraging offline interactions for marketing. The presentation also emphasizes the need for continuous small improvements and building a friendly, inclusive community that contributes to the project's growth.
Vladimir Iglovikov brings his extensive experience as a Kaggle Grandmaster, ex-Staff ML Engineer at Lyft, sharing valuable lessons and practical advice for anyone looking to enhance the adoption of their open-source projects.
Explore more about Albumentations and join the community at:
GitHub: https://github.com/albumentations-team/albumentations
Website: https://albumentations.ai/
LinkedIn: https://www.linkedin.com/company/100504475
Twitter: https://x.com/albumentations
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
Building RAG with self-deployed Milvus vector database and Snowpark Container...Zilliz
This talk will give hands-on advice on building RAG applications with an open-source Milvus database deployed as a docker container. We will also introduce the integration of Milvus with Snowpark Container Services.
“An Outlook of the Ongoing and Future Relationship between Blockchain Technologies and Process-aware Information Systems.” Invited talk at the joint workshop on Blockchain for Information Systems (BC4IS) and Blockchain for Trusted Data Sharing (B4TDS), co-located with with the 36th International Conference on Advanced Information Systems Engineering (CAiSE), 3 June 2024, Limassol, Cyprus.
Introducing Milvus Lite: Easy-to-Install, Easy-to-Use vector database for you...Zilliz
Join us to introduce Milvus Lite, a vector database that can run on notebooks and laptops, share the same API with Milvus, and integrate with every popular GenAI framework. This webinar is perfect for developers seeking easy-to-use, well-integrated vector databases for their GenAI apps.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Securing your Kubernetes cluster_ a step-by-step guide to success !
Top Cyber News MAGAZINE. Troels Oerting
1. MAGAZINE
TOP CYBER NEWS
JANUARY 2022
WE IN SECURITY
PROTECT HOPE
“KNOW THYSELF” - TEN LEVERS
FOR CYBER RESILIENCE STRATEGY
ARTICLE BY
STEPHANE NAPPO
VICE PRESIDENT and GLOBAL CHIEF INFORMATION
SECURITY OFFICER at GROUPE SEB
TROELS OERTING
EXPERT MEMBER OF INTERPOL
GLOBAL CYBERCRIME EXPERT GROUP
CHAIRMAN OF THE BOARD at BULLWALL
FORMER CHAIRMAN OF THE BOARD OF WORLD
ECONOMIC FORUM CENTRE FOR CYBERSECURITY
,
,
WORKING IN CYBERSECURITY ‘FIRST LINE’ FOR OVER 4 DECADES, TROELS OERTING INFORMS AND EDUCATES CITIZENS, CORPORATIONS,
ADMINISTRATION AND USERS TO ENGAGE MORE ACTIVELY IN SECURING THE INTERNET FROM CRIME
2. WILL ADJUST
THE WORLD
YEAR TO SHINE
BE YOU
This Is Your
Happy New
TOP CYBER NEWS MAGAZINE - January 2022 - ALL RIGHTS RESERVED 2
3. WE ARE LIVING IN A WORLD OF DIGITAL FUSION AND CONSTANT CYBER RISK. Everything has become a
target, including banking accounts, credit cards, as much of our financial daily activities that are digitally
interconnected to servers, websites, and devices. Sensitive records, including personal medical histories are all
digitized and shared. All around us are sensors to Internet of Things connected devices expanding hacker
potential attack surfaces.
EVEN OUR INTERPERSONAL COMMUNICATIONS VIA SMARTPHONES AT SOCIAL MEDIA
APPLICATIONS HAVE BECOME A PLAYGROUND FOR CYBER-ATTACKERS. In the past year alone, hundreds
of millions, if not billions of private records from retail corporations, internet companies, and banks, have been
exposed. All critical infrastructure including the electric grid, healthcare, transportation, communications, and
financial networks are vulnerable and have been subject to cyber-attacks. The recent cycle of major industry and
governmental cyber breaches, including Solar Winds that touched agencies across governments and much of the
Fortune 500 companies, are emblematic of growing risks.
WITH THE EXPONENTIAL INTERCONNECTIVITY OF INDUSTRY 4.0 COMES MORE SECURITY AND
PRIVACY VULNERABILITIES. Hackers, criminal networks, and even adversarial nation states are actively
proliferating malware across commercial verticals and government agencies. Last year there was a 350 % increase
in ransomware attacks, much if it aimed against stressed healthcare infrastructures and less protect home offices
resulting from work from home necessities under the Covid19 pandemic.
THE CYBER IMPACT TO OUR DIGITAL FUSION INTERFACE NEEDS TO BE A GLOBAL PRIORITY. Our
algorithmic world becoming more automated by the day catalyzed by the emergence of via machine learning,
artificial, and other technologies. Enhanced and more capable next gen cybersecurity tools and processes will
likely be a core digital element that keeps us safe into the future. We must improve investments in technologies,
processes, and people to better be able to mitigate the multitude of new sophisticated cyber threats on the
horizon in our digitally fused ecosystems.
The Cybersecurity of Digital Fusion
Editorial by Chuck D. BROOKS
President at Brooks Consulting International
Chuck D. BROOKS
President at Brooks Consulting International,
Chuck D. Brooks is a globally recognized thought
leader and subject matter expert Cybersecurity &
Emerging Technologies, a featured speaker at
dozens of conferences & webinars. Mr. Brooks is
serving as Adjunct Faculty at Georgetown
University’s Graduate Applied Intelligence Program
and the Graduate Cybersecurity Programs.
TOP CYBER NEWS MAGAZINE - January 2022 - ALL RIGHTS RESERVED 3
5. TROELS ØRTING JØRGENSEN
Troels Ørting Jørgensen, Chairman at Bullwall, Expert Member at INTERPOL
Mr. Ørting is a globally recognized Cyber Security Expert. He has been working in cybersecurity ‘first
line’ for over 4 decades. Throughout career, Mr. Ørting has been working with governments and
corporations to advise on how they react to the increasing international cyber threats, and worked
closely with law enforcement, intelligence services and cyber security businesses.
Formerly, with the Danish National Police, first as Director, Head of the Serious Organised Crime
Agency and then as Director of Operations, Danish Security Intelligence Service; Deputy Head, ICT
Department and Deputy Head, OC Department, Europol, EU’s Police Agency; Head of European
Cybercrime Centre and Head of Europol Counter Terrorist and Financial Intelligence Centre. 2015-18,
Group Chief Information Security Officer (CISO), Barclays. Chaired the EU Financial Cybercrime
Coalition, of which most banks are partners, and has very strong experience in cyber security. Since
2018, Head of the Centre for Cybersecurity, World Economic Forum. Chairman of the Board of World
Economic Forum Centre for Cybersecurity (C4C).
Denmark
TOP CYBER NEWS MAGAZINE - January 2022 - ALL RIGHTS RESERVED 5
6. “WE, IN SECURITY, SHOULD NOT PROMOTE FEAR – BUT PROTECT HOPE”
BEFORE THE GLOBAL PANDEMIC HIT THE WORLD IN SPRING 2020, the digital transformation
increased speed and magnitude. Fuelled by super-drivers like mobile/5G, IoT, Cloud and AI the
number of users, applications, storage, connections and algorithms outpaced what we had seen
before. The huge possibilities provided by the Internet created a ‘tech’ environment attracting the
best brains the World could produce and geopolitical tensions between China, Russia, EU and US
intensified the regional competition on ‘who controls the Internet’ and the subsequent influence,
growth and wealth.
THE GLOBAL COVID PANDEMIC FORCED US TO MOVE APPROXIMATELY 1.2 BN WORKERS
FROM THEIR OFFICES to work from homes in order to keep the wheels spinning. Internet
enabled communication tools substituted physical meetings, teaching, marketing, trading, reading,
accounting, watching and demand for online services surged and Accenture has estimated that
globally we went through 3 years normal speedy digital transformation in just 3 months. This will
continue. We will not go back to the ‘old days’ even after we get a vaccine. We will continue to work
remotely – not necessarily from home but from anywhere. Both employers and employees have
seen the benefits of this new flexible work-regime providing support from working both from offices
and from anywhere.
“In the future everything will be connected, everything will be sensing, everything will be
stored and everything will be used, sold or utilised in other ways”
We, In Security, Protect Hope
Author: Troels OERTING
TOP CYBER NEWS MAGAZINE - January 2022 - ALL RIGHTS RESERVED 6
7. THE FUTURE will provide more positive opportunities for the global, and connected, citizen – for
businesses, education, healthcare, sustainability, climate, transparency and democracy. But it will also
present challenges to security, privacy, integrity and trust.
TRUST between the citizen and consumer on one side and governments and corporations on the other
side. Who can we entrust with our digital footprints and other assets, will our data become a commodity
including face recognition and other tracking and can we believe what we read or see? Will someone
‘hack’ opinions in the future and influence elections and public debate negatively?
THE NATION STATES normally regulate the level of domestic crime through the 3 P’s. Prevention,
Protection and Prosecution.
Due to the current lack of trust between states and governments – it is not possible for global law
enforcement to cooperate when fighting cybercrime.
“In reality cybercrime is presently a risk-free crime. Secondly, we have not been able
to agree on the ‘rules of the game’ for State Actors covert operations on the Internet
and in reality no written or unwritten rules regulate these operations”
“ WE HAVE NO CYBER GENEVA CONVENTION ”
By the Hon. Troels OERTING
TOP CYBER NEWS MAGAZINE - January 2022 - ALL RIGHTS RESERVED 7
By Troels OERTING
8. THE WORLD GETS MORE HYPER-CONNECTED AT PACE, BUT THE GOVERNANCE AROUND
THIS DEVELOPMENT DOES NOT MOVE
BASED ON THIS - we, as citizens, corporations, administration and users need to engage more actively
in securing the Internet from crime and regulating rules around privacy and integrity.
A few areas of importance come to mind:
The starting point must be a coalition of the willing who understand that sharing is caring.
SECURITY STAFF SHOULD STOP TALKING A ‘TRIBAL LANGUAGE’ and engage in a real discussion with
the public, the C-level and decision makers. If they do not understand what we say, we speak the wrong
language. As in many other areas the biggest improvement is always based on hygiene.
BACK TO BASIC. We need to focus on basic defence and risk based graduation of our overall security
posture. If you are not a VIP or your company is not in the hair-cross of foreign intelligence, the biggest
threat to your cybersecurity is from cybercriminals. Cybercriminals do not hack for fun and will not
invest 1 dollar to steal 50 cents. They might use advanced tools but they will be automated and if they
do not find the anticipated weaknesses - they will move on to the next target.
By Troels OERTING
TOP CYBER NEWS MAGAZINE - January 2022 - ALL RIGHTS RESERVED 8
9. THE TRICK IS TO HAVE A SECURITY LEVEL ABOVE THE CRIMINAL THRESHOLD
READING THROUGH THE VARIOUS PREDICTIONS FOR 2022 from multiple cybersecurity
companies and security agencies. A bit ‘the same procedure as last year’ and you feel you have read it
before. But no need we fool ourselves. 2022 will, for many reasons, be worse than 2021 in my opinion.
WIDER DISTRIBUTED IT ACCESS DUE TO WFH. More ransomware and affiliated crime with same
modus, fast development and distribution of advanced tools inside organized cyber crime networks,
more anti privacy and spy tools available and not least increasing geopolitical tension including with
Russia, China, Iran, North Korea, Ukraine and more.
ON THE POSITIVE SIDE IS THE SIGN that ‘the good guys’ - especially in private business - are
increasingly working together and sharing much more quality insight in real time to boost cyber defense
and resilience. And in the wider digital development we need to have a much closer look at ‘surveillance
capitalism’ and the mis-use of our digital footprints combined with fake news that will enable autocratic
and populist ‘leaders’ to hack ‘hearts and minds’ and influence elections, war and peace.
WE WILL PREVAIL but I fear 2022 will be a tough year on the digital security front. I wish us all good
luck and a Happy New Year and cross my fingers for more sectorial and cross sectorial cooperation
between likeminded.
HUMANITY WILL SURVIVE THE INTERNET. It will be a bumpy road. We better buckle up and get
started.
“ I AM A BORN OPTIMIST AND WISH US ALL GOOD LUCK “
By Troels OERTING
THE TONE FROM THE TOP IS IMPORTANT. We
are all dependent of the Internet and security and
privacy should be part of our personal and
corporate DNA. Create alliances, work
together, share best practice, develop and
innovate responsible and with security,
privacy and integrity in mind. Start
prevention early and realise it is a long
lasting effort.
TOP CYBER NEWS MAGAZINE - January 2022 - ALL RIGHTS RESERVED 9
10. “AS ORGANIZATIONS REASSESS THEIR PURPOSE, they are turning to technology to drive the
changes they need to make. Yet this technology must be managed correctly if it is to deliver the
benefits that stakeholders expect. By adhering to the principles of Tech for Life, those who create and
use technology can ensure it continues to be a force for good.
THROUGHOUT HISTORY, TECHNOLOGY HAS HELPED US MEET CHALLENGES. It has been an engine
for greater prosperity, equality and health. The printing press, the steam engine and the development
of electrical power have all transformed our world for the better. Today, whether augmenting our work
with robots, connecting us to our loved ones around the world or using Machine Learning to improve
tumor detection rates, technology has the potential to be an even greater force for good. Indeed,
technology is the force that will drive the transformation that organizations must undergo as they
develop a wider purpose.
FACED WITH EVEN THE GREATEST CHALLENGES ON THE PLANET, TECHNOLOGY IS
PROVIDING SOLUTIONS. We have the technology to make electricity sustainable, cheap and
available for all. To deliver this requires both the adoption of existing technologies as well as intelligent
electricity distribution and storage solutions.
AS LEADERS, WE MUST USE TECHNOLOGY CORRECTLY if we are to meet the expectations of
our new stakeholders. Yet we have seen how technology is open to abuse, misuse and malicious
intent. And, with the benefit of historical perspective, we have seen how many of the noble uses to
which technology has initially been put have given rise to unwelcome and unforeseen consequences.”
Tech For Life
Jim Hagemann SNABE
Chairman at Siemens (D), Chairman at A.P.
Moller - Maersk (DK), and Vice-Chairman
at Allianz (D). Serves as a Member of the
Board of Trustees at the World Economic
Forum; Adjunct Professor at Copenhagen
Business School (CBS). Former Co-Chief
Executive Officer of SAP. Master’s in
Operational Research from the University of
Aarhus, Denmark.
Jim Hagemann SNABE
Chairman at Siemens AG
TOP CYBER NEWS MAGAZINE - January 2022 - ALL RIGHTS RESERVED 10
11. Rhythm for security: Siemens' ProductCERT team regularly
informs its customers about current security vulnerabilities in
Siemens products and provides solutions to eliminate them.
The ProductCERT is connected – globally
Cybersecurity at
TOP CYBER NEWS MAGAZINE - January 2022 - ALL RIGHTS RESERVED 11
12. AS ORGANIZATIONS AND INDIVIDUALS EXPAND
THEIR CLOUD FOOTPRINT and leverage cloud
services out of necessity, digital identity has
become the true perimeter and key to protecting
the assets we value most. It’s no longer possible to
have a strong security posture without developing a
security architecture centered on digital identity and
the tenets of ZERO TRUST.
CLOUD ENVIRONMENTS OFFER MULTIPLE WAYS
TO MANAGE IDENTITY, and how we treat it needs
to be a foundational component of a cloud security
program. To ensure comprehensive oversight and
enable effective digital identity controls, it’s
necessary to have the right layers of governance
and tools in place to reduce the possibility of
leaving an open door for attackers.
IDENTITY PLAYS A ROLE IN EVERYTHING - from
people, to processes, to technology - and with our
growing digital environments, there is a continual
shift in our thinking of what digital identity is. In the
past we may have associated identity with a human
user and attributes like a name, number, or badge.
Now, the indicators used to assess identity include
things like behaviors and biometrics and the
definition of what is an identity includes things like
laptops, phones, APIs and Bots. All of these make
up what I like to call the “IDENTITY OF THINGS”.
“Identity is the gateway to cloud services and with the
rise of interconnectedness, digital transformation, and
API first strategies, digital identity has become even
more susceptible to attacks”
Identity in Depth
Securing the Digital IoT
(Identity of Things)
Author: Shinesa CAMBRIC
“Over the course of history, the greatest minds: scientists, philanthropists, educators, politicians, leaders,
philosophers, were fascinated with the way human brain works. From Michelangelo to Lomonosov, from
DaVinci to Einstein, there have been numerous attempts to uncover the mystery of human mind and to
replicate its working first through simple mechanical devices and later, in the 20th century, through
computing machines, software and robots.” ~ Marina L. Gavrilova and Roman V. Yampolskiy
A RECENT TECHCRUNCH REPORT indicated that
API calls through the Google Cloud Platform rose
47% from last year and that the platform now
handles about 2.2 trillion API calls a year, and in a
survey included in Salt Security’s "The State of API
Security – Q1 2021" report, they found that 91% of
surveyed participants had experienced an API
security incident in the past year.
DIGITAL IDENTITY IS CLEARLY THE GATEWAY TO
CLOUD SERVICES and as such, has become more
susceptible to attacks. The increased importance of
securing digital identities has become highly visible
in things such as Broken Access Control now being
named #1 on the OWASP (Open Web Application
Security Project) top 10 list of application security
risks.
“As our concept of identity matures and moves
beyond the traditional, to build a good identity
defense program we have to go beyond traditional
security defense thinking”
“RELYING SOLELY ON PASSWORDS AND FIREWALL
CONTROLS IS A RECIPE FOR TROUBLE”
“Expanding the way we secure identity requires we
look beyond the “who” of an identity. We also need
to consider the “how”, “when”, “what”, and “where”
of digital connectivity.”
ALTHOUGH MULTI-FACTOR AUTHENTICATION
(MFA) IS AN IMPORTANT IDENTITY CONTROL,
believing that MFA is the cure-all for protecting
identity can lull you into a false sense of security.
TOP CYBER NEWS MAGAZINE - January 2022 - ALL RIGHTS RESERVED 12
13. by Shinesa CAMBRIC
There are multiple studies regarding the number of
admins and highly privileged users who fail to turn
on MFA for their accounts, which highlights why
protecting digital identity requires a layered
approach. In the case of failure of one control, a
layered approach ensures you have other controls
in place to protect and defend access to important
assets.
DEFENSE IN DEPTH requires that we shift our
thinking to an “assume breach” mentality and build
in multiple security layers to protect from inevitable
attacks. In a digital environment, we should apply
this same approach to identity and its
corresponding attributes of access, authorization,
and authentication, creating the concept of
“IDENTITY IN DEPTH”.
SO HOW DO ORGANIZATIONS BEGIN BUILDING
AN IDENTITY IN DEPTH STRATEGY?
THEY SHOULD START by assessing their digital
identity security posture, defenses, and controls.
There are a few fundamental identity pillars to
review, as well as probing questions that will need
to be answered.
In terms of pillars, a DIGITAL IDENTITY ROADMAP
needs to be created for the areas of IDENTITY
GOVERNANCE (includes defining process, visibility,
auditing, logging), ACCESS MANAGEMENT
(includes provisioning, adaptive access, device
management), AUTHENTICATION (includes SSO,
MFA, Federation, SAML, verifiable identities), and
PRIVILEGED ACCOUNT MANAGEMENT (includes
admin users, high privileged roles).
THE PLAN AROUND EACH OF THESE AREAS
SHOULD ADDRESS protecting identity from both
the outside in (external attackers) and inside out
(insider risk), given that the impact of insider
threats can be just as damaging as attacks coming
from outside an organization. While building out a
strategy for these pillars, organizations should ask
several questions to establish boundaries around
the identities in their environment.
• WHO OR WHAT is on the other side of a given
connection or performing some activity?
• WHERE is the connection coming from?
• WHERE should it NOT be coming from?
• WHY is access required by the identity
connecting and for how long?
• WHEN should connectivity be taking place?
AN ORGANIZATION SHOULD INVEST TIME in
periodically assessing the maturity of their identity
program and alignment with a ZERO TRUST
ARCHITECTURE.
• THEY SHOULD UNDERSTAND THE POTENTIAL
IMPACT to their environment of maintaining
identities in various sources, using centralized
versus decentralized management approaches, and
the impact of multi-cloud environments on their
identity strategy.
• NEXT, IT WILL BE IMPORTANT TO INVEST IN THE
RIGHT TOOLING to help assess all the identities and
recertify access on a regular basis.
• INVENTORY all application/environment entry points
and trust boundaries
• BUILD a baseline of behaviors to detect behavioral
anomalies for all identities, and
• ENSURE logging is properly enabled and retained for
identifying and detecting suspicious behavior. Finally,
organizations should
• IDENTIFY privileged and over privileged users who
may be a risk to the company both from insider
threats and account takeovers.
With these items in mind, organizations will have a
STRONG FOUNDATION to begin building their IDENTITY
IN DEPTH STRATEGY and implementing LAYERED
PROTECTION for the keys to their DIGITAL KINGDOM.
13
TOP CYBER NEWS MAGAZINE - January 2022 - ALL RIGHTS RESERVED
14. SHINESA CAMBRIC
Shinesa CAMBRIC,(CCSP, CISSP, CISA, CISM, CDPSE) is a Cloud Security, Compliance, and
Identity Architect with strategic expertise in technical design and implementation of security
architecture and controls.
She currently works as a Principal Program Manager with Microsoft and her experience includes
designing identity management and governance solutions for cloud based platforms, building
insider threat programs, and providing unique subject matter expertise on the intersection of
governance, risk, and compliance with IT and application security.
She currently serves as the training lead for the Dallas chapter of Women’s Society of Cyberjutsu, a
member of the operational team for non-profit group CloudGirls (cloudgirls.org), as a job task and
cloud certification content advisor for CertNexus and CompTIA, and as an identity champion for
Identity Defined Security Alliance (IDSA).
Shinesa is an active member of
several other organizations, including
Women in Cyber Security (WiCyS),
ISACA, ISC2, Information Systems
Security Association (ISSA),
International Association of Privacy
Professionals (IAPP), AnitaB,
Executive Women’s Forum, and the
Identity Management Institute.
TOP CYBER NEWS MAGAZINE - January 2022 - ALL RIGHTS RESERVED 14
15. The ABCs of
A - AWARENESS – Awaken from the slumber that you could be tricked into falling victim to
some malicious software or social engineering scheme that is targeting you or your organization.
B - BELIEF – Be responsible for your behavior in that you can take proactive measures to protect
your personal information and the data that is entrusted to you by others in business and
personal relationships.
C - CHARACTER – Create a unique trusted quality based upon individual and collective
experiences to collaborate in creating positive cybersecurity culture for everyone.
More than the ABCs of Cybersecurity Culture, My DREAM is for a unified CYBER SOCIETY. It is
my hope that the ABCs for Cybersecurity Culture will spark conversations. It is my desire that
these thoughts will promote more collaboration. In the final outcome, collaboration will produce
a unified CYBER SOCIETY forged to help protect all organizations, nations and citizens from the
debilitating impact of cybercrime.
Cyber Security Culture
by Victor L. Malloy “Vic”
TOP CYBER NEWS MAGAZINE - January 2022 - ALL RIGHTS RESERVED 15
16. On 23 June 2021, THE EUROPEAN UNION (EU)
COMMISSION published its recommendation on
building a JOINT CYBER UNIT that would enhance
cybersecurity across the EU, stating that “the
purpose of this Recommendation is to identify the
actions necessary to coordinate EU efforts to
prevent, detect, discourage, deter, mitigate and
respond to large-scale cyber incidents and crises
through a Joint Cyber Unit.”
The recommendation further states the time frame
for the Joint Cyber Unit to become operational as
of 30 JUNE 2022. On 6 October 2021, the
Horizontal Working Party on Cyber Issues (HWPCI)
agreed on a need to further engage in developing
the EU cybersecurity crisis management framework
by exploring the potential of a Joint Cyber Unit and
defining the process and possible roles and
responsibilities that would be associated with this
initiative.
The consideration for a Joint Cyber Unit initiative
comes as the number of cyberattacks on the EU
organizations and Member States increases.
The EU Independent
Cyber Operational Capability
TOP CYBER NEWS MAGAZINE - January 2022 - ALL RIGHTS RESERVED 16
THE EUROPEAN UNION AGENCY FOR NETWORK
AND INFORMATION SECURITY (ENISA) reported
230,000 new malware infections were detected
every day between January 2019 to April 2020, and
EUROPOL's 2021 report on organized crime shows
an increase in the number of attacks against public
institutions, large companies and on local
governments and ministries.
Attacks are also increasing against public sector
organizations in healthcare and education, as well
as businesses in manufacturing, finance, energy,
and transport. These cyberattacks have not only
targeted EU institutions and bodies, but also the
critical infrastructure of Member States.
THE CYBERATTACKS have not only been about
infecting institutions but information sources
also indicate that some attacks are facilitating
DISINFORMATION OR CYBER ESPIONAGE.
Germany's Foreign Ministry published a report
in early September that attacks attributed to an
Eastern European State Actor are combining
conventional cyberattacks with disinformation in
order to influence elections.
Author: Prof. Annita Larissa SCIACOVELLI
17. Additionally, a report by Cybereason revealed that
an Asian State Actor operation, active since 2017,
used cyberattacks as a way to gain and maintain
continuous access to telecommunication providers
and collect sensitive information by further
compromising high-profile business assets.
We’ve reviewed some insights on the drives for a
joint cyber unit. Now let’s take a look at THE LEGAL
FRAMEWORK supporting such an initiative. In the
recommendation for establishing the joint cyber
unit, the commission highlights Article 7 of
Regulation (EU) 2019/881 of the European
Parliament as a supporting legal basis for a joint
task force. The first time this idea was presented
was by Ursula von der Leyen in her Political
Guidelines for the Next European Commission
2019-2024.
ALTHOUGH ENISA IS A POLICY AND
INFORMATION SHARING ENTITY, guidelines would
require the joint unit to work closely with them on
supporting the following objectives:
• TO DEVELOP and maintain a high level of
expertise; assist the Union institutions in
developing policies;
• ASSIST the Union institutions and the Member
States in implementing the policies;
• ASSIST the Union and the Member States in
enhancing and strengthening their capability
and preparedness to prevent, detect and
respond to network and information security
problems and incidents; and
• USE ITS EXPERTISE to stimulate broad
cooperation between actors from the public
and private sectors.
FURTHERING THE INITIATIVE, THE EU CYBER
SECURITY STRATEGY 2020 IDENTIFIES THE MAIN
STEPS TO ESTABLISH THE UNIT. These steps
include:
• MAPPING available capabilities at a national
and EU level;
• ESTABLISHING a framework for structured
cooperation and assistance; and finally
• IMPLEMENTING the framework by utilizing
resources provided by joint unit participants.
In addition to Article 7 of Regulation (EU) 2019/881
of the European Parliament that provides a legal
basis for a joint unit, Article 1 of NIS2 Directive
further elaborates (Article 19) on providing EU
coordinated risk assessments of critical supply
chains. This means that a joint cooperation group
would need to fulfil these activities in cooperation
with the Commission and ENISA.
Another brick in building the legal framework
comes from the Commission's Recommendation
for a Coordinated Response to Large Scale
Cybersecurity Incidents and Crises.
Clause 15 refers to the EU level and states that the
key actors involved in response to cybersecurity
crises include the NIS Directive, Computer Security
Incident Response Teams (CSIRTs) network, in
addition to ENISA, the European Cybercrime Centre
at Europol (Europol/EC3), and other relevant EU
Bodies.
From the above analysis, THERE IS A CLEAR
LEGAL FOUNDATION AND INCENTIVE FOR THE
ESTABLISHMENT OF THE PROPOSED JOINT
CYBER UNIT.
The EU foreign affairs representative Joseph Borrell
stated that “The need for more European defence
has never been as much evident as today after the
events in Afghanistan.”
European frustration after the withdrawal of US
troops from Afghanistan has renewed calls for an
EU military force and in Borrell’s view the EU needs
to create a “rapid response force” of 5,000 soldiers.
While the ambitious vision for a full-scale EU
military force is being discussed, creating a joint
cyber task force can serve as a pilot for the grand
plan.
TOP CYBER NEWS MAGAZINE - January 2022 - ALL RIGHTS RESERVED 17
by Prof. Annita Larissa SCIACOVELLI
18. The EU Commission recommendation on
building a Joint Cyber Unit to enhance
cybersecurity across the European Union, is
exactly what is needed. However, before we
proceed, we will need to first define a clear
mission.
In my view THE MISSION STATEMENT OF THE
JOINT CYBER UNIT should be as follows:
• COLLECT AND ASSESS intelligence on cyber
threats to the EU and Member States;
• CONDUCT defensive and offensive operations
to defend and foil cyberattacks on the EU
organizations and support the defense of EU
Member States;
• SUPPORT the anti-cyberterrorism, anti-
cybercrime, and anti-influence operations - in
cooperation with EUROPOL and Member
States;
• COORDINATE all operational activities with
Cyber Agencies of Member States and other
relevant bodies and Initiate international
cooperation for offensive and defensive
operations.
Considering all the factors, forming the European
Union (EU) independent cyber force will not be an
easy task. However,…
…BUILDING UPON THE INTEGRAL CAPABILITIES
OF ENISA will help while establishing a full force
development process to create, establish, and
sustain an enhanced set of intelligence and
operational functions that are capable of defending
and protecting against cyber attacks.
TOP CYBER NEWS MAGAZINE - January 2022 - ALL RIGHTS RESERVED 18
by Prof. Annita Larissa SCIACOVELLI
19. PROF. ANNITA LARISSA SCIACOVELLI
As a professor of international law at the University of Bari Aldo Moro in Italy (UNIBA), a
cybersecurity specialist and a teacher of international law at the University of International
Studies of Rome (UNINT), Prof. Adv. Annita Larissa Sciacovelli actively works to influence
the legal, cyber, and intelligence communities.
In addition to her position at UNIBA, Prof. Sciacovelli researched cybersecurity in the Cyber
Security Program at the Institute for National Security Studies, Tel Aviv University, Israel.
She is a registered lawyer with the Bar Association of Bari
and an active member of several organizations,
including the Advisory Board of the International
Institute for Peace in Vienna, the Cyber Security
and Warfare Commission of the Italian
Intelligence Society, the Italian Society of
International and EU Law, and is the current
Vice President of GP4AI (Global
Professionals for Artificial Intelligence).
Prof. Sciacovelli is also a member of the
scientific committee for the Journal of
Criminal Law and Globalization.
19
TOP CYBER NEWS MAGAZINE - January 2022 - ALL RIGHTS RESERVED
21. "Know Thyself"
Ten Levers For Cyber Resilience Strategy
THE ANCIENT GREEK APHORISM "KNOW THYSELF" (Greek: γνῶθι σεαυτόν, transliterated: gnōthi seauton; also ...
σαυτόν … sauton with the ε contracted), is one of the Delphic maxims and was first inscribed in the pronaos (forecourt)
of the Temple of Apollo at Delphi according to the Greek writer Pausanias. The phrase was later expounded upon by the
philosopher Socrates who taught that: “AN UNEXAMINED LIFE IS NOT WORTH LIVING”.
The rapid shift from analog to digital technology enables opportunities for the global economy. However, it also
creates new geopolitical threats and serious risk for corporates activities and prosperity. The business,
technology and threat fast evolution poses challenges in implementing effective cyber resilience strategy.
Software constantly evolves, leading to new issues and vulnerabilities for cyber-attacks. Furthermore, IT
infrastructure evolves, from on-premise systems to the cloud which introduces a new set of design and
implementation issues resulting in new risks.
“In such a changing and uncertain paradigm, the first reflex is often trying to manage the
unmanageable complexity and unpredictable threats. An alternative and effective approach
is to get to “know thyself”, discover your own weaknesses, identify your data and business
assets and their attractiveness or sensitivity to potential cyber threats”.
“Security, like life, has the colors that you give it.”
~ Stéphane NAPPO
TOP CYBER NEWS MAGAZINE - January 2022 - ALL RIGHTS RESERVED 21
AN UNEXAMINED BUSINESS TRANSFORMATION STRATEGY IS NOT WORTH IMPLEMENTING. To
facilitate and maintain the confidentiality, integrity, and availability of data and business operations, consider
creating roadmaps to digital transformation; designing a reliable system, where your security strategy is a part
of your digital transformation strategy. People are an imperative part of the system.
IN ESSENCE, AUTOMATION SHOULD NEVER CREATE A FUNCTION BY ITSELF. In the aim of preserving
corporate identity and user/customer experience, automation must be driven by a clear functional need and
relevant compliance knowledge. For automation (just a tool) to provide a global vision, monitoring,
interoperability, traceability, orchestration and steering features, NEW holistic and strategic vision is required.
To preserve corporate identity and adequate user experience, automation must be driven by a clear functional
need and relevant compliance knowledge.
Author: Stéphane NAPPO
22. AS TRULY SUCCESSFUL BUSINESS DECISION MAKING relies on a balance between deliberate &
instinctive thinking, so does successful digital transformation rely on interconnectedness &
interdependence of the state of the art technologies.
IN INFORMATION AND CYBER SECURITY, to identify adversaries; to find unknown security
vulnerabilities; to reduce cyber risks and envision potential future threat landscape
is CRUCIAL. To understand, develop and cultivate remarkable resilience is VITAL.
HAVE IN PLACE AN EVER EVOLVING CYBER RESILIENCE BLUEPRINT. Arm your business in the
face of future cyber threats. Mind the systemic nature of a cyber threat landscape.
'Know thyself' to increase your cyber-resilience.
STRIVE TO INFORM AND EDUCATE. Education has always been a profit-enabler for individuals
and the corporation. Education, both conception and delivery, must evolve quickly and
radically to keep pace with digital transition. Education is a part of the digital equation.
TEN LEVERS FOR CYBER RESILIENCE STRATEGY
While Identify, Protect, Detect, Respond and Recover remain fundamental keys,
these ten levers are crucial to achieve an effective cyber resilience:
• ALIGN information and security strategy with business digital transformation strategy.
• ADOPT a comprehensive cyber risk management attitude.
• IDENTIFY the most critical information and assets.
• FIND AND MANAGE vulnerabilities.
• REDUCE cyber risks in projects and production.
• OPTIMIZE strategically chosen systems reliability.
• EVOLVE your security to a prevention-based strategic architecture.
• PLEDGE to employ the state of the art digital and defence solutions.
• INSTRUCT regularly your teams to empower and strengthen their resilience.
• SCALE your success by sharing the knowledge and intelligence.
by Stéphane NAPPO
TOP CYBER NEWS MAGAZINE - January 2022 - ALL RIGHTS RESERVED 22
23. Stéphane NAPPO
TOP CYBER NEWS MAGAZINE - January 2022 - ALL RIGHTS RESERVED 23
“"The five most efficient cyber defenders are: Anticipation,
Education, Detection, Reaction and Resilience.”
~ Stéphane NAPPO
Senior-level cybersecurity executive with over two decades worth of experience in international finance,
banking, digital services, and industry, Stéphane Nappo is a multicultural leader and renowned Global Chief
Information Security Officer.
Mr. Nappo is a vice president and global chief information security officer at ‘Groupe SEB’, a global market
leader in the household equipment sector present in more than 150 countries around the world. Previously, he
was Global Chief Information Security Officer at Société Générale International Banking and Financial Services
responsible for cybersecurity of 40 major banks in 67 countries, and Group Information Security Officer at
OVHCloud, world class actor and European leader in cloud computing, with a presence in 138 countries.
As a proactive business strategist and advocate for the constructive deployment and implementation of digital
technologies, Mr. Nappo assembles talented, professional, and skills-based teams to carry an organization’s
transformation. He helps them locate, seize and embrace emerging business opportunities, all while providing
oversight, direction, and guidance.
Passionate about people, risk management, and problem solving, he has a genuine interest in others and is a
fond believer in strong communication, active listening, and flexibility, all geared towards working together for
a common goal. His innovative research, investigative analytical methodologies, and managerial international
experience have allowed him to develop and implement proactive and defensive cybersecurity strategies for a
wide range of stakeholders.
Mr. Nappo operates at the cutting edge of technology and innovative business models, integrating the issues
of culture, risk, innovation, and even chaos to solve the problems he encountered. Stéphane would rather
create the news instead of following trends, opinions, and the norms. This is how he has been able to teach,
examine, and work with hundreds of talented and devoted cybersecurity professionals around the globe.
Committed to share his knowledge through writing and public speaking, he has both the thirst to learn and
discover anything he can about reducing cyber risks around the world.
One of his favorite quotes is: "Le savoir est la seule matière qui s'accroit lorsqu'on la partage".
24. Social Listening
How is your brand perceived in social media? Find the
conversations, people, and topics that are relevant to your
market.
With NodeXL’s Twitter & other importers, you can
quickly find leads, get brand signals, analyze competitors,
anticipate threats and crises to your business and brand
reputation.
Sentiment Analysis
The applications of sentiment analysis are broad and
powerful. The ability to extract insights from social data is
a practice that is being widely adopted by organizations
across the world.
Sentiment Analysis enables you to anticipate threats and
crises to your business and brand reputation. Shifts in
sentiment on social media have been shown to correlate
with shifts in the stock market.
Network Visualization
Visualize your own network graph. Choose from various
layout algorithms. Set the color, shape, size, label, and
opacity of vertices and edges. See a range of example
network visualizations at the NodeXL Graph Gallery!
Automation & White-Labeling
The NodeXL scheduler can automatically harvest,
visualize and analyze data from social networks. The
results can be emailed to you, or your clients and branded
with your company identity.
Influencer Identification & Analysis
Influencer marketing is an arbitrage – with brands seeing a
return of $6 for every $1 spent. Use social network
analysis (SNA) to identify key actors (niche influencers,
connectors, hubs) in the social eco-systems most relevant
to you and your business.
Content Analysis & Ideation
Discover, create and share the right content at the right
time with the right audience.
Quickly find, import and analyze relevant, interesting data
using social network importers. NodeXL can perform
Text Analysis, Sentiment Analysis, Time Series Analysis
and produce reports of top items: Words/Word
pairs/URLs/Hashtags.
Advanced Network Metrics
Measure influence based on PageRank, Betweenness
Centrality, Closeness Centrality, Eigenvector Centrality
and more.
Great Customer Support
Got a technical issue or question about NodeXL? No
Problem! Our team is always on hand to answer questions
or handle technical issues. Email:
info@smrfoundation.org
NodeXL is the ‘Swiss Army Knife’ for Marketers & Brands Working in Digital
Extract, analyze and visualize data from social networks like Twitter & Youtube in Microsoft Office Excel™.
Leverage powerful Social Network Analysis (SNA) techniques to gain valuable data, insights and understanding of the
digital eco-systems surrounding any niche to drive your business forward – in just a few clicks!
Contact Us
Follow us
Phone: +1-425-241-9105
Email: info@smrfoundation.org
Working Days/Hours: Mon - Fri / 8:00 AM - 6:00 PM GMT-8 (California)
Competitor Analysis
Use NodeXL to harvest and analyze social data from the
social-media eco-system surrounding your competitors’
brands.
With an accurate network model of interactions NodeXL
Pro enables you to break down and quantify the effect of
competitors’ social media initiatives and tactics in terms of
performance and reach.
Track Emerging Trends, Memes &
Consumer Sentiment
NodeXL can be scheduled to regularly harvest social data
from various importers based on keywords and phrases
relevant to your business. Get automated detailed reports
on what’s hot and what’s not in your niche – at a
frequency that suits you.
Leverage the power of reactive marketing by keeping your
finger on the pulse of trends and news!
Social Data Reporting
NodeXL provides advanced reporting functionality: find
top influencers, the best performing content and content
types, along with the most linked-to URLs, hashtag
analysis and more.
And More!
Our team is constantly adding new data importers,
exporters, integrations and features to NodeXL. Got a
feature request? Get in touch!
24
25. 25
Ally of the Year
Awards 2022
Call for Nomination now OPEN
until February 28th
the United Cybersecurity Alliance and Inteligenca opened nominations for the
Ally of the Year 2022 awards in 11 categories
➢ COMPANY AYA 2022
➢ MALE ALLY OF THE YEAR 2022
➢ EDUCATOR AYA 2022
➢ INVESTOR AYA 2022
➢ PEOPLE'S CHOICE AYA 2022
➢ PROGRAM AYA 2022
➢ NON-PROFIT AYA 2022
➢ RECRUITER AYA 2022
➢ MEDIA AYA 2022
➢ PHILANTHROPY AYA 2022
➢ DEI CHAMPION AYA 2022
Nominate here https://leadmind.inteligenca.com/aya-2022/
The awards ceremony will take place at the RSA conference in
San-Francisco on June 5th, 2022.
Ally of the Year awards celebrate those who are going an extra mile to
build an inclusive work environment by using their influence,
knowledge, and organizational capital to advocate for women.
25
26. After
Word
We are living in a complex and messy system which cannot be controlled. Where every solution creates
a NEW problem.
WHY IS CYBERSECURITY SO HARD?
• It is not just a technical problem
• The rules of cyberspace are different from the physical world’s
• Cybersecurity law, policy, and practice are not yet fully developed
• There's not enough manpower in the world to make sure networks are 100% secure 100% of the
time, especially with the prevalence of a cloud-based infrastructure
• The definition of cybersecurity is at odds with management
• The training for personnel is often the first budget cut in a fiscal year
• The people making the decisions often do not understand the nature of the problem nor the
technical issues at the lowest level.
THE TECHNOLOGIES OF TOMORROW are at the heart of our daily life and work. Concurrently, you
cannot teach understanding, you construct it. Now is the time for calm, rational, holistic planning and
methodical action. Time for diversity and inclusion. Time for emerging technologies to create and add
positive values in societies and bring return on capital and human capital invested globally. Time to
embrace Augmented and Artificial Intelligence solving the humanity’s most burning problems. Time for
women to step on the dance floor of emerging technologies and cybersecurity industries. Reskilling is a
great issue. Inclusion is as important as innovation. We will have to go into learning mode, be willing to
be taught, by each other and by the systems, keeping in mind and making sure that trust, security and
ethics in technology is essential in the decades to come.
“LET’S FACE IT, THE UNIVERSE IS MESSY, IT IS NONLINEAR, TURBULENT, AND CHAOTIC.
Nevertheless, it is dynamic and fast moving in all directions at once. It spends it time in a transient
behavior on its way to somewhere else, not in mathematically neat equilibrium, for example entropy. It
self-organizes and evolves without any inputs from external sources. Thus, creating diversity, not
uniformity. That is what makes the world interesting, that is what makes it beautiful, beautiful, and that is
what makes it work.”
References: Donella Meadows. Dancing With Systems. Versions of this piece have been published in Whole Earth, winter 2001 and
The Systems Thinker, Vol. 13, No. 2 (March 2002). Retrieved from https://www.mendeley.com/guides/web-citation-guide
Ludmila M-B
TOP CYBER NEWS MAGAZINE - January 2022 - ALL RIGHTS RESERVED 26
28. MAGAZINE
TOP CYBER NEWS
PUT TECHNOLOGY AT THE FOREFRONT OF THE BUSINESS
Human Centered Communication Of
Technology, Innovation, and Cybersecurity
«It is time to stop being naive when it comes to cyber security.»
Jim Hagemann SNABE
Chairman,
Siemens AG and A.P.
«Rather than fearing or ignoring cyber-attacks, organizations should take them on
head-first. Organizations need to ensure cyber resiliency and regularly test their
security postures. In times of hyper-converged infrastructure platforms and
technologies, hyper-converged problems strive to create hyper-converged
solutions.»
Stéphane NAPPO
Vice President and Chief Information Security Officer
Groupe SEB
«Our technologies transform the everyday, by empowering our customers to create
agile factories, intelligent buildings and energy grids, sustainable transportation,
and better healthcare systems.» «Since we have a lead position in industrial
digitalization, we very quickly recognized that cybersecurity is an integral part of the
digital revolution. The industrial Internet of Things (IIoT) would be inconceivable
without cybersecurity.»
Dr. Roland BUSCH
President and Chief Executive Officer
Siemens AG
TOP CYBER NEWS MAGAZINE - January 2022 - ALL RIGHTS RESERVED 28