Information Security and Internet of Things
|
|
- Emory McDaniel
- 8 years ago
- Views:
Transcription
1 Information Security and Internet of Things 2 nd Open China ICT Thematic Workshop On Internet of Things and Future Internet Beijing, 23 August 2013 Contents The growing Internet of Things Internet of Things Policy Challenges Internet of Things Network Security Industry developments of secure protocols Regulatory Environment: China Recommendations
2 The growing Internet of Things The growing Internet of Things the connection of physical devices to the Internet will rapidly expand the number of connected devices integrated into our everyday lives. More Than 30 Billion Devices Will Wirelessly Connect to the Internet of Everything in 2020 * * Source: ABI Research, 2013 Internet of Things: Policy Challenges A number of policy challenges need consideration for the healthy developmentof IoT: [non exhaustive] Network Security; Privacy and data protection; Identity management, naming and interoperability; Fostering innovation 2
3 Internet of Things: Network Security Every smart thing/object could be connected to the global Internet and is able to communicate with other objects, resulting in new security and privacy problems, e.g.: Confidentiality Integrity of data sensed and exchanged by things/objects. Authenticity Ensure secure end to end communications between objects/systems through the use of secure identities and authentication As the Internet is global, a global approach based on international standards and/or best practices is needed Secure connections are enabled by encryption Industry developments of secure protocols (1) Consumer demands have increasingly called for product features such as encryption that better protect security and privacy in and across a variety of ICT products and systems including in the area of Internet of Things The use of encryption has become widespread: as result, the great majority of applications of encryption involve every day commercial products, commonly used & traded in the global marketplace. Regulations that directly or indirectly favor specific technologies, limit market access or lead to forced transfer of intellectual property stifle domestic innovation and, in the case of encryption and the Internet of Things, prevent access to the strongest available security technologies in the market place, resulting in less secure products. 3
4 Industry development of secure protocols (2) As demand for connected devices increases and devices become subject to the [cyber] threats, manufacturers implement solutions to provide secure, tested protocols and algorithms: Encryption Identification Authentication Global or international open security standards, whose details and implementation have been peer reviewed, are more secure than proprietary solutions that rely on secrecy Regulatory environment in China: CERs The Office of the State Commercial Cypher Administration (OSCCA s) current Commercial Encryption Regulations (CER) effectively exclude Foreign Invested Enterprises (FIEs) from some areas of the Chinese market by not allowing FIEs to attain required certification. FIEs are not eligible to apply for various encryption certificates: Require majority Chinese stake in the company applying Use of some national algorithms that FIEs cannot access. Were FIEs to be able to attain certification, security relevant parts of the source code are still required to be disclosed China s Commercial Encryption Regulations are currently revised 4
5 Regulatory environment in China: MLPS The Multi level Protection Scheme (MLPS) aims to impose information security compliance requirements for enterprises and administrations of essential security interest. MLPS states that information security components in critical information systems cannot contain foreign intellectual property, meaning that the procuring the most secure technologies in the global marketplace will be restricted However, the scope of application extends vastly beyond provisions required to protect essential national security interests Risks that development of the IoT in China will be hampered because major IoT application areas will not be accessible for foreign entities Case study: USB Tokens/Keys In 2007, the China national algorithm SM2 was included for USB token/keys used by Chinese Banks Started with the government enforcing greater uptake of SM2 and led to new regulations to stringently implement SM2 Some banks are require to use OSCCA approved USB token/keys, even when not using the China national algorithm By 2012, it was mandated that 2 nd generation USB token/keys to use China national algorithms. 5
6 Recommendations (1) Strongly encourage: Global collaboration Open markets Use of global security standards for commercial encryption technologies, as they inherently promote more secure and innovative ICT products. Recommendations (2) As security functions are growing in most ICT applications including in the Internet of things, interoperability has become more critical and thus international security standards will increase in importance Using standard cryptography as part of common protocols and specifying encryption algorithms to be used (along with making provisions for handling key management, etc.), enables an infrastructure to achieve global interoperability between security functions in products and systems. Global or International security standards are essential to avoid fracturing the global digital infrastructure and creating unnecessary obstacles to trade. 6
7 Recommendations (3) Greater Internationalisation is required: Policies that attempt to provide secrecy through constraining choice have long been demonstrated to lead to weakened products. Robust and internationally peer reviewed encryption solutions are the best way to reduce security risks and ensure cutting edge products Involvement of international stakeholders from Governments and industry in the consultation for the revision of CERs to facilitate an environment and open markets with best in class solutions and international interoperability in China. Recommendations (4) Ensure China has access to the best products in the marketplace through open, transparent and non discriminatory licensing schemes Increase China participation in international standardisation bodies and agreements Open Chinese TCs and WGs developing standards and algorithms to full participation of FIEs and disclose all national commercial algorithms 7
8 Thank You 8
engagement will not only ensure the best possible law, but will also promote the law s successful implementation.
US-China Business Council Comments on The Draft Cybersecurity Law On behalf of the approximately 210 members of the US-China Business Council (USCBC), we appreciate the opportunity to provide comments
More informationDIGITALEUROPE and European Services Forum (ESF) response to the Draft Supervision Rules on Insurance Institutions Adopting Digitalised Operations
DIGITALEUROPE and European Services Forum (ESF) response to the Draft Supervision Rules on Insurance Institutions Adopting Digitalised Operations Brussels, October 2015 INTRODUCTION On behalf of the European
More informationOn the features and challenges of security and privacy in distributed internet of things. C. Anurag Varma achdc@mst.edu CpE 6510 3/24/2016
On the features and challenges of security and privacy in distributed internet of things C. Anurag Varma achdc@mst.edu CpE 6510 3/24/2016 Outline Introduction IoT (Internet of Things) A distributed IoT
More informationSecure communications via IdentaDefense
Secure communications via IdentaDefense How vulnerable is sensitive data? Communication is the least secure area of digital information. The many benefits of sending information electronically in a digital
More informationNational Cyber Security Policy -2013
National Cyber Security Policy -2013 Preamble 1. Cyberspace 1 is a complex environment consisting of interactions between people, software and services, supported by worldwide distribution of information
More informationRE: Comments on Vietnam s Draft Law on Information Security, version 2.22
July 10, 2013 Ministry of Information and Communications 18 Nguyen Du Hanoi, Vietnam RE: Comments on Vietnam s Draft Law on Information Security, version 2.22 Dear Sir/Madam: The Information Technology
More informationViewpoint: Implementing Japan s New Cyber Security Strategy*
Presented by: The ACCJ s Internet Economy Task Force Valid Through November 2014 The 2013 Cyber Security Strategy, released in June 2013, and the International Strategy on Cybersecurity Cooperation, released
More informationVodafone response to the European Commission consultation on governance of the Internet of Things
Vodafone response to the European Commission consultation on governance of the Internet of Things Vodafone welcomes comments or questions on the views expressed in this submission. They should be directed
More informationWhy Cloud Standards Matter
Storm in the Cloud - the OASIS weather report Why Cloud Standards Matter You Fang, Huawei, OASIS Board of Directors 1 5000 多 名 专 家 参 与, 来 自 600 家 公 司, 政 府 和 个 人 OASIS Open is a global standards organization
More informationCOMMUNIQUÉ ON PRINCIPLES FOR INTERNET POLICY-MAKING OECD HIGH LEVEL MEETING ON THE INTERNET ECONOMY,
COMMUNIQUÉ ON PRINCIPLES FOR INTERNET POLICY-MAKING OECD HIGH LEVEL MEETING ON THE INTERNET ECONOMY, 28-29 JUNE 2011 The Seoul Declaration on the Future of the Internet Economy adopted at the 2008 OECD
More informationCanada 2017! A Digital Nation Focus on ICT
Canada 2017! A Digital Nation Focus on ICT Growing Canada s Prosperity Used for Ministerial Briefing www.itac.ca Page 1 Introduction ICT & Canada s prosperity Importance of ICT to Canada s prosperity:
More informationICT Research in Norway The road ahead. Till Christopher Lech The Research Council of Norway
ICT Research in Norway The road ahead Till Christopher Lech The Research Council of Norway, The remainder of this presentation: The view back The view on the present The view forward Public investments
More informationNational Cybersecurity Challenges and NIST. Donna F. Dodson Chief Cybersecurity Advisor ITL Associate Director for Cybersecurity
National Cybersecurity Challenges and NIST Donna F. Dodson Chief Cybersecurity Advisor ITL Associate Director for Cybersecurity Though no-one knows for sure, corporate America is believed to lose anything
More informationElectronic Payment Schemes Guidelines
BANK OF TANZANIA Electronic Payment Schemes Guidelines Bank of Tanzania May 2007 Bank of Tanzania- Electronic Payment Schemes and Products Guidleness page 1 Bank of Tanzania, 10 Mirambo Street, Dar es
More informationSources of Protection For Prohibit Information
Introduction to Corporate Information Security Law Andrea M. Matwyshyn a-matwyshyn@law.northwestern.edu Adjunct Professor of Law, Northwestern University Affiliate, Manufacturing and Technology Policy
More informationACS CLOUD COMPUTING CONSUMER PROTOCOL. Response from AIIA
ACS CLOUD COMPUTING CONSUMER PROTOCOL Response from AIIA AUGUST 2013 INTRODUCTION The Australian Information Industry Association (AIIA) is the peak national body representing multinational and domestic
More informationStrong Authentication for Future Web Applications
Strong Authentication for Future Web Applications Chris Williams Leidos, Inc. July 18, 2014 For W3C Identity in the Browser Workshop Abstract Leidos (formerly SAIC), has been using strong authentication
More informationBefore the FEDERAL COMMUNICATIONS COMMISSION Washington, DC 20554
Before the FEDERAL COMMUNICATIONS COMMISSION Washington, DC 20554 In the Matter of ) ) Preserving the Open Internet ) GN Docket No. 09-191 ) Broadband Industry Practices ) WC Docket No. 07-52 Comments
More informationSolving for the Future: Addressing Major Societal Challenges Through Innovative Technology and Cloud Computing
Solving for the Future: Addressing Major Societal Challenges Through Innovative Technology and Cloud Computing As economic challenges persist in communities, nations, and regions around the world, the
More informationHow To Respect The Agreement On Trade In Cyberspace
CHAPTER 14 ELECTRONIC COMMERCE Article 14.1: Definitions For the purposes of this Chapter: computing facilities means computer servers and storage devices for processing or storing information for commercial
More informationEUROPEAN COMMISSION ENTERPRISE AND INDUSTRY DIRECTORATE-GENERAL. Space, Security and GMES Security Research and Development
Ref. Ares(2011)193990-22/02/2011 EUROPEAN COMMISSION ENTERPRISE AND INDUSTRY DIRECTORATE-GENERAL Space, Security and GMES Security Research and Development Brussels, 17 th February 2011 M/487 EN PROGRAMMING
More informationBSA GLOBAL CYBERSECURITY FRAMEWORK
2010 BSA GLOBAL CYBERSECURITY FRAMEWORK BSA GLOBAL CYBERSECURITY FRAMEWORK Over the last 20 years, consumers, businesses and governments 1 around the world have moved online to conduct business, and access
More informationBefore the DEPARTMENT OF COMMERCE National Telecommunications and Information Administration Washington, DC 20230 ) ) ) ) )
Before the DEPARTMENT OF COMMERCE National Telecommunications and Information Administration Washington, DC 20230 In the Matter of Stakeholder Engagement on Cybersecurity in the Digital Ecosystem Docket
More informationEvolution from FTP to Secure File Transfer
IPSWITCH FILE TRANSFER WHITE PAPER Evolution from FTP to Secure File Transfer www.ipswitchft.com Do you know where your organization s confidential and sensitive files were transferred today? Are you sure
More informationMedical Devices. Safe, but are they secure? Dan Stoker, Consultant Professional Services, Coalfire
Medical Devices Safe, but are they secure? Dan Stoker, Consultant Professional Services, Coalfire Introduction This perspective paper aims to help organizations understand the emerging issue of security
More informationNovember 03, 2009. Via Electronic Mail to www.regulations.gov
November 03, 2009 Via Electronic Mail to www.regulations.gov Ms. Gloria Blue Executive Secretary, Trade Policy Staff Committee Office of the U.S. Trade Representative 600 17th Street, N.W. Washington,
More informationChina pushes change in IT infrastructure by strengthening regulation of cyber security
April 2015 China pushes change in IT infrastructure by strengthening regulation of cyber security China pushes change in IT infrastructure by strengthening regulation of cyber security The CBRC s recent
More informationAttn: Cybersecurity RFC 2015, Request for Comment on Stakeholder Engagement on Cybersecurity in the Digital Ecosystem
May 27, 2015 Allan Friedman National Telecommunications and Information Administration U.S. Department of Commerce 1401 Constitution Ave, NW Room 4725 Attn: Cybersecurity RFC 2015 Washington, DC 20230
More informationRE: ITI Comments on Korea s Proposed Bill for the Development of Cloud Computing and Protection of Users
August 19, 2012 Korean Communications Commission Via e-mail to: ycs@kcc.go.kr RE: ITI Comments on Korea s Proposed Bill for the Development of Cloud Computing and Protection of Users Dear Director Yang:
More informationCPNI VIEWPOINT 01/2010 CLOUD COMPUTING
CPNI VIEWPOINT 01/2010 CLOUD COMPUTING MARCH 2010 Acknowledgements This viewpoint is based upon a research document compiled on behalf of CPNI by Deloitte. The findings presented here have been subjected
More informationGLOBAL BUSINESS DIALOGUE ON ELECTRONIC COMMERCE CYBER SECURITY AND CYBER CRIME SEPTEMBER 26, 2000. CEO EDS Corporation
GLOBAL BUSINESS DIALOGUE ON ELECTRONIC COMMERCE CYBER SECURITY AND CYBER CRIME SEPTEMBER 26, 2000 Issue Chair: Issue Sherpa: Dick Brown CEO EDS Corporation Bill Poulos EDS Corporation Tel: (202) 637-6708
More informationMay 23, 2016. Background and Introduction
Public Comments of the Application Developers Alliance on the Benefits, Challenges, and Potential Roles for the Government in Fostering the Advancement of the Internet of Things Docket No: 160331306-6306-01
More informationPromoting Cross Border Data Flows Priorities for the Business Community
Promoting Cross Border Data Flows Priorities for the Business Community The movement of electronic information across borders is critical to businesses around the world, but the international rules governing
More informationMobile Cloud Computing and Regulatory Issues
Mobile Cloud Computing and Regulatory Issues 1 Have you ever used Mobile Cloud Computing? 2 Mobile Processor Storage Network Power Sensors/gadgets Personal Small Small Constant Change! Limited Battery
More informationTop Ten Security and Privacy Challenges for Big Data and Smartgrids. Arnab Roy Fujitsu Laboratories of America
1 Top Ten Security and Privacy Challenges for Big Data and Smartgrids Arnab Roy Fujitsu Laboratories of America 2 User Roles and Security Concerns [SKCP11] Users and Security Concerns [SKCP10] Utilities:
More informationChapter 1: Introduction
Chapter 1 Introduction 1 Chapter 1: Introduction 1.1 Inspiration Cloud Computing Inspired by the cloud computing characteristics like pay per use, rapid elasticity, scalable, on demand self service, secure
More informationMaster of Science in Information Systems & Security Management. Courses Descriptions
Master of Science in Information Systems & Security Management Security Related Courses Courses Descriptions ISSM 530. Information Security. 1 st Semester. Lect. 3, 3 credits. This is an introductory course
More informationComments on CBRC Draft Regulations Affecting Technology Purchases. 14 September 2015
Introduction Comments on CBRC Draft Regulations Affecting Technology Purchases 14 September 2015 The American Chamber of Commerce in China, American Chamber of Commerce in Shanghai, Asia Securities Industry
More informationETNO Reflection Document in reply to the EC consultation on Future networks and the Internet early challenges regarding the Internet of things
ETNO Reflection Document in reply to the EC consultation on Future networks and the Internet early challenges regarding the Internet of things November 2008 Executive Summary The Internet of the future
More informationADVANCEMENT OF CYBER SECUIRTY THROUGH PUBLIC PRIVATE PARTENERSHIP ICT WEEK AUC 4-6 DEC 2013
ADVANCEMENT OF CYBER SECUIRTY THROUGH PUBLIC PRIVATE PARTENERSHIP ICT WEEK AUC 4-6 DEC 2013 1 CONTENT INTRODUCTION COMESA CYBER SECUIRTY PROGRAMME CYBER SECURITY ECONOMICS WHY PPPs? PPPs ACTORs CHALLENGES
More informationInternet of things (IOT) applications covering industrial domain. Dev Bhattacharya dev_bhattacharya@ieee.org
Internet of things (IOT) applications covering industrial domain Dev Bhattacharya dev_bhattacharya@ieee.org Outline Internet of things What is Internet of things (IOT) Simplified IOT System Architecture
More informationIoT Security Concerns and Renesas Synergy Solutions
IoT Security Concerns and Renesas Synergy Solutions Simon Moore CTO - Secure Thingz Ltd Agenda Introduction to Secure.Thingz. The Relentless Attack on the Internet of Things Building protection with Renesas
More informationThe Internet of Things
The Internet of Things Powe re d by IPv6 Jeff Apcar Distinguished Services Engineer, Cisco Systems March 14 th 2014, ida IPv6 Conference IoT Definition ** A collection of things Cisco Confidential 2 IoE/IoT/M2M
More informationVACANCY NOTICE FOR THE POSITION OF SENIOR EXPERT IN SECURITY TOOLS AND ARCHITECTURE Ref. ENISA/TA/AD/2007/13
VACANCY NOTICE FOR THE POSITION OF SENIOR EXPERT IN SECURITY TOOLS AND ARCHITECTURE Ref. Applications are invited for the position of Senior Expert in Security Tools and Architecture at the European Network
More informationII. Types of Restrictions on the Free Flow of Information on the Internet (Question 1)
Intel Corporation is pleased to file comments on the Department of Commerce National Telecommunications and Information Administration s Notice of Inquiry, Global Free Flow of Information on the Internet.
More informationTHE DIGITAL TRADE IMBALANCE AND ITS IMPLICATIONS FOR INTERNET GOVERNANCE
THE DIGITAL TRADE IMBALANCE AND ITS IMPLICATIONS FOR INTERNET GOVERNANCE Susan Ariel Aaronson, George Washington University Cavalho Fellow, Government Accountability Project PAPER FINDINGS Trade agreements
More informationRE: ITI s Comments on Korea s Revised Proposed Bill for the Development of Cloud Computing and Protection of Users
July 3, 2013 Jung-tae Kim Director Smart Network & Communications Policy Division Ministry of Science, ICT, and Future Planning (MSIP) Via e-mail to: kchu@msip.go.kr RE: ITI s Comments on Korea s Revised
More informationA. Background. In this Communication we can read:
On RFID The Next Step to THE INTERNET OF THINGS Information of the Presidency 2832nd Council meeting, Competitiveness (Internal Market, Industry and Research), Brussels, 22-23 November 2007 A. Background
More informationTowards Effective Internet Governance
Towards Effective Internet Governance Risaburo NEZU Director Science, Technology and Industry OECD APEC e- commerce convention May 15, 2000 Tokyo Japan ISSUES 1. Tax 2. Tariffs 3. Privacy protection 4.
More informationSystems of Discovery The Perfect Storm of Big Data, Cloud and Internet-of-Things
Systems of Discovery The Perfect Storm of Big Data, Cloud and Internet-of-Things Mac Devine CTO, IBM Cloud Services Division IBM Distinguished Engineer wdevine@us.ibm.com twitter: mac_devine Forecast for
More informationSDN Security Challenges. Anita Nikolich National Science Foundation Program Director, Advanced Cyberinfrastructure July 2015
SDN Security Challenges Anita Nikolich National Science Foundation Program Director, Advanced Cyberinfrastructure July 2015 Cybersecurity Enhancement Act 2014 Public-Private Collaboration on Security (NIST
More informationBEFORE THE PUBLIC UTILITIES COMMISSION OF THE STATE OF CALIFORNIA ) ) ) ) ) )
BEFORE THE PUBLIC UTILITIES COMMISSION OF THE STATE OF CALIFORNIA Order Instituting Rulemaking on the Commission s Own Motion to Improve Distribution Level Interconnection Rules and Regulations for Certain
More informationCyber Security and Privacy
Cyber Security and Privacy Jovan Golić CySeP Winter School, Stockholm, 2014 EIT ICT Labs EIT ICT Labs is one of the first Knowledge and Innovation Communities set up in 2010 by the European Institute of
More informationPrivyLink Cryptographic Key Server *
WHITE PAPER PrivyLink Cryptographic Key * Tamper Resistant Protection of Key Information Assets for Preserving and Delivering End-to-End Trust and Values in e-businesses September 2003 E-commerce technology
More informationA Best Practice Guide
A Best Practice Guide Contents Introduction [2] The Benefits of Implementing a Privacy Management Programme [3] Developing a Comprehensive Privacy Management Programme [3] Part A Baseline Fundamentals
More informationSecuring the Cloud Infrastructure
EXECUTIVE STRATEGY BRIEF Microsoft recognizes that security and privacy protections are essential to building the necessary customer trust for cloud computing to reach its full potential. This strategy
More informationComments on the Online Trust Alliance s Proposed Internet of Things Best Practices Framework. September 14, 2015
Comments on the Online Trust Alliance s Proposed Internet of Things Best Practices Framework September, 05 Recently, the Online Trust Alliance (OTA) published a request for comments on their Internet of
More informationLTE Congestion Management. Enabling Innovation and Improving the Consumer Experience
LTE Congestion Management Enabling Innovation and Improving the Consumer Experience January 2015 Copyright 2015 Rysavy Research, LLC. All rights reserved. http://www.rysavy.com Table of Contents NOTICE...
More informationCYBER SECURITY LEGISLATION AND POLICY INITIATIVES - UGANDA CASE
CYBER SECURITY LEGISLATION AND POLICY INITIATIVES - UGANDA CASE 2009 ITU Regional Cybersecurity Forum for Africa and Arab States Tunis, 4-5 June 2009 Patrick Mwesigwa, Director/Technology & Licensing,
More informationThe Next Generation of Security Leaders
The Next Generation of Security Leaders In an increasingly complex cyber world, there is a growing need for information security leaders who possess the breadth and depth of expertise necessary to establish
More informationEmpirical Analysis of Software Usage to Drive Policy Recommendations. May 19, 2015 USCD Jared W. Ragland BSA The Software Alliance
Empirical Analysis of Software Usage to Drive Policy Recommendations May 19, 2015 USCD Jared W. Ragland BSA The Software Alliance Outline Introduction to BSA Global Studies and their Methodology 2014 BSA
More informationThe Panoptix Building Efficiency Solution: Ensuring a Secure Delivery of Building Efficiency
logo The Panoptix Building Efficiency Solution: Ensuring a Secure Delivery of Building Efficiency Understanding the Multiple Levels of Security Built Into the Panoptix Solution Published: October 2011
More informationJOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015
JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015 The following consists of the joint explanatory statement to accompany the Cybersecurity Act of 2015. This joint explanatory statement
More informationCYBERBOK Cyber Crime Security Essential Body of Knowledge: A Competency and Functional Framework for Cyber Crime Management
CYBERBOK Security Essential Body of Knowledge: A Competency and Functional Framework for Security Workforce Development aligned with ISO 31000* risk management principles and guidelines. *Note : ISO 31000
More informationE-procurement. NEVI-PIANOo conference. Status of the e-procurement policy. Marco Tardioli e-procurement and economic analysis of procurement markets
E-procurement Status of the e-procurement policy NEVI-PIANOo conference Marco Tardioli e-procurement and economic analysis of procurement markets The e-procurement policy - Proposal for revision of Public
More informationXEP-0210: Requirements for Encrypted Sessions
XEP-0210: Requirements for Encrypted Sessions Ian Paterson mailto:ian.paterson@clientside.co.uk xmpp:ian@zoofy.com 2007-05-30 Version 0.2 Status Type Short Name Deferred Standards Track N/A This document
More informationehealth in support of safety, quality and continuity of care within and across borders
ehealth in support of safety, quality and continuity of care within and across borders Gerard Comyn Acting Director Information Society & Media DG European Commission http://europa.eu.int/information_society/activities/health/index_en.htm
More informationEnergy Cybersecurity Regulatory Brief
Energy Understand the regulations that impact the energy industry and accelerate information security initiatives. Contents Overview 3 A Highly Vulnerable Energy Industry 4 Key Regulations to Consider
More informationCESG Certification of Cyber Security Training Courses
CESG Certification of Cyber Security Training Courses Supporting Assessment Criteria for the CESG Certified Training (CCT) Scheme Portions of this work are copyright The Institute of Information Security
More informationNIST Cyber Security Activities
NIST Cyber Security Activities Dr. Alicia Clay Deputy Chief, Computer Security Division NIST Information Technology Laboratory U.S. Department of Commerce September 29, 2004 1 Computer Security Division
More informationCybersecurity, Privacy and Data Protection. Jay Taylor Director Global Standards, Code and Environment Jay.Taylor@schneider-electric.
Cybersecurity, Privacy and Data Protection Jay Taylor Director Global Standards, Code and Environment Jay.Taylor@schneider-electric.com Executive Summary ICT Enables Personal Productivity Telecom/ICT Is
More informationBusiness Continuity and Disaster Recovery Solutions in Government
> Business Continuity and Disaster Recovery Solutions in Government Protecting Critical Data Flow for Uninterrupted Services WHITE PAPER January 2010 J. Asenjo, CISSP www.thalesgroup.com/iss Information
More informationProcurement Innovation for Cloud Services in Europe
Procurement Innovation for Cloud Services in Europe Author: Bob Jones (CERN) on behalf of the PICSE consortium www.picse.eu/ @PICSEPROCURE Focus: cloud service procurement and the Digital Single Market
More informationCyber Security Recommendations October 29, 2002
Cyber Security Recommendations October 29, 2002 Leading Co-Chair (Asia/Oceania) Co-Chair (Americas) Co-Chair (Europe/Africa) Dr. Hiroki Arakawa Executive Vice President NTT Data Corporation Richard Brown
More informationSymantec DLP Overview. Jonathan Jesse ITS Partners
Symantec DLP Overview Jonathan Jesse ITS Partners Today s Agenda What are the challenges? What is Data Loss Prevention (DLP)? How does DLP address key challenges? Why Symantec DLP and how does it work?
More informationPrivacy by Design. Ian Brown, Prof. of Information Security and Privacy Oxford Internet Institute, University of Oxford @IanBrownOII
Privacy by Design Ian Brown, Prof. of Information Security and Privacy Oxford Internet Institute, University of Oxford @IanBrownOII Privacy by Design principles 1. Proactive not Reactive; Preventative
More informationPKI: THE SECURITY SOLUTION FOR THE INTERNET OF THINGS
PKI: THE SECURITY SOLUTION FOR THE INTERNET OF THINGS TABLE OF CONTENTS 2 EXECUTIVE SUMMARY 3 THE EMERGENCE OF THE INTERNET OF THINGS 4 SECURITY RISKS IN NETWORKED DEVICES 6 PKI S FOUNDATION OF STRONG
More informationRSA Solution Brief RSA. Encryption and Key Management Suite. RSA Solution Brief
RSA Encryption and Key Management Suite The threat of experiencing a data breach has never been greater. According to the Identity Theft Resource Center, since the beginning of 2008, the personal information
More informationInformation Governance Strategy
Information Governance Strategy THCCGCG9 Version: 01 The information governance strategy outlines the CCG governance aims and the key objectives of its governance policies. The Chief officer has the overarching
More informationESKISP6054.01 Conduct security testing, under supervision
Overview This standard covers the competencies required to conduct security testing under supervision. In order to contribute to the determination of the level of resilience of an information system to
More informationTrust No One Encrypt Everything!
Trust No One Encrypt Everything! Business Primer March 2014 This white paper explores cloud users requirements for data access and sharing, especially in relation to trends in BYOD and personal cloud storage
More informationSECURITY ORGANISATION Security Awareness and the Five Aspects of Security
SECURITY ORGANISATION Security Awareness and the Five Aspects of Security Shift Security simply used to protect information vs. Enabling business initiatives with security Bolt-on/add-on structure to business
More information(U) Appendix E: Case for Developing an International Cybersecurity Policy Framework
(U) Appendix E: Case for Developing an International Cybersecurity Policy Framework (U//FOUO) The United States lacks a comprehensive strategic international policy framework and coordinated engagement
More informationThe RFID agenda of the European Commission. Florent Frederix European Commission Directorate General Information Society and Media
The RFID agenda of the European Commission RFID i Danmark 2011 May 3, 2011, IT-University in Copenhagen Florent Frederix European Commission Directorate General Information Society and Media This document
More informationMicrosoft appreciates the opportunity to respond to the Cloud Computing Consumer Protocol: ACS Discussion Paper July 2013 (the protocol).
Microsoft Submission to ACS Cloud Protocol Discussion Paper General Comments Microsoft appreciates the opportunity to respond to the Cloud Computing Consumer Protocol: ACS Discussion Paper July 2013 (the
More informationStandards in the Digital Single Market: setting priorities and ensuring delivery
Case Id: c2b48264-98a2-4dab-b05c-7e21b2b028b9 Date: 24/12/2015 15:19:42 Standards in the Digital Single Market: setting priorities and ensuring delivery Fields marked with are mandatory. General information
More informationSTATE BANK OF PAKISTAN
STATE BANK OF PAKISTAN on e-payment Gateway i P a g e Table of Contents ACRONYMS... 1 DEFINITIONS... 2 SCOPE OF THE DOCUMENT... 4 INTRODUCTION... 5 PURPOSE & BENEFITS OF E-PG... 6 FUNCTIONS OF E- PG...
More informationEXECUTIVE STRATEGY BRIEF. Securing the Cloud Infrastructure. Cloud. Resources
EXECUTIVE STRATEGY BRIEF Securing the Cloud Infrastructure Cloud Resources 01 Securing the Cloud Infrastructure / Executive Strategy Brief Securing the Cloud Infrastructure Microsoft recognizes that trust
More informationCloud Computing: Contracting and Compliance Issues for In-House Counsel
International In-house Counsel Journal Vol. 6, No. 23, Spring 2013, 1 Cloud Computing: Contracting and Compliance Issues for In-House Counsel SHAHAB AHMED Director Legal and Corporate Affairs, Microsoft,
More informationPOLICIES TO MITIGATE CYBER RISK
POLICIES TO MITIGATE CYBER RISK http://www.tutorialspoint.com/information_security_cyber_law/policies_to_mitigate_cyber_risk.htm Copyright tutorialspoint.com This chapter takes you through the various
More information'Namgis First Nation. 1.0 Overview. 2.0 Purpose. 3.0 Scope. 4.0 Policy
Created: 2/18/2011 Page 1 of 8 'Namgis First Nation is hereinafter referred to as "the government." 1.0 Overview Though there are a number of reasons to provide a user network access, by far the most common
More informationCyber Governance Preparing for the Inevitable Perimeter Breach
SAP Brief SAP Extensions SAP Regulation Management by Greenlight, Cyber Governance Edition Objectives Cyber Governance Preparing for the Inevitable Perimeter Breach Augment your preventive cybersecurity
More informationObjectives and Principles of Securities Regulation
Objectives and Principles of Securities Regulation International Organization of Securities Commissions June 2010 CONTENTS Page Foreword and Executive Summary 3 A Principles Relating to the Regulator 4
More informationSecureCom Mobile s mission is to help people keep their private communication private.
About SecureCom Mobile SecureCom Mobile s mission is to help people keep their private communication private. We believe people have a right to share ideas with each other, confident that only the intended
More informationResponse of the German Medical Association
Response of the German Medical Association To the Green Paper on mobile Health ( mhealth ) of the European Commission Berlin, 3 July 2014 Bundesärztekammer Herbert-Lewin-Platz 1 10623 Berlin We are grateful
More informationFramework for Improving Critical Infrastructure Cybersecurity
Framework for Improving Critical Infrastructure Cybersecurity Implementation of Executive Order 13636 8 April 2015 cyberframework@nist.gov Agenda Mission of NIST Cybersecurity at NIST Cybersecurity Framework
More informationHong Kong Information Technology Federation
HKITF Response to the Consultation on Mainland / Hong Kong Closer Economic Partnership Arrangement 1. The Hong Kong Information Technology Federation (HKITF) strongly supports the effort of the Hong Kong
More informationForeign Affairs, Defence and Trade Committee. Financial Review FY2013/14. for. Vote: Foreign Affairs and Trade Additional Questions
Foreign Affairs, Defence and Trade Committee Financial Review FY2013/14 for Vote: Foreign Affairs and Trade Additional Questions Page 2 of 8 291. The Committee notes the auditor's advice that, at the time
More informationInternet of the future: Europe must be a key player
SPEECH/09/-- Viviane Reding Member of the European Commission responsible for Information Society and Media Internet of the future: Europe must be a key player Future of the Internet initiative of the
More information