Big data: At the heart

Size: px
Start display at page:

Download "Big data: At the heart"

Transcription

1 CRISIS RESPONSE Women & radicalisation Paris terror attacks Wildfires in South Africa Mudslide in US Big data, resilience & cyber security Civil-military co-operation V O L : 10 I S S U E : 3 APRIL 2015 CRISIS RESPONSE VOL:10 ISSUE:3 APRIL J O U R N A L Protection Prevention Preparedness Response Resilience Recovery Big data: At the heart of everything PLUS: Landslide Search & Rescue; Wildfires in South Africa; Humanitarian-civil-military co-operation; Cyber security; Urban resilience; Safer cities; Pakistan school shootings; France terror attacks

2 The international resource for resilience, response and security planning print - online - digital Now in its tenth year Read Crisis Response Journal in print, on Tablet or online Individual, Institutional (including unlimited digital downloads). Digital only and student rates available Subscribe now: Contact us on +44 (0) Or

3 April 2015 vol:10 issue:3 Editor in Chief Emily Hough Design and Production Tim Baggaley Subscriptions and administration Emma Wayt Director Colin Simpson Director Peter Stephenson Subscriptions Crisis Response Journal is published quarterly; it is available by subscription in hard copy, digital format and online. Association discounts, institutional and multiple rates are available; visit our website or contact us for more details Tel: +44 (0) Back issues Existing subscribers: 25 (US$45; 36) per hard copy issue (free-of-charge with online access) Non subscribers: 40 (US$72; 58) per issue Tel: +44 (0) Published by FireNet International Ltd POB 6269, Thatcham, RG19 9JX United Kingdom Tel: +44 (0) COPYRIGHT FireNet International Ltd 2015 Articles published in Crisis Response Journal may not be reproduced in any form without the prior written permission of the Editor in Chief Printed in England by Buxton Press ISSN contents News 4 Comment Is humanity the collateral damage of terror? 8 Governments and societies should react in a measured manner to incidents such as the Charlie Hebdo attacks in France, or the Martin Place siege in Australia, says Christine Jessup Women and violent extremism 12 Mehdi Knani examines measures to prevent and counter violent radicalisation among women and girls Terror & Security January attacks in France 14 Christophe Libeau describes the operational, tactical and strategic operations during the Charlie Hebdo attacks and subsequent hostage-takings Hardening businesses against terrorism 16 Chris Phillips describes simple actions all businesses should be taking to protect themselves and their staff SMEs also need to protect themselves 18 How can operators of smaller soft targets protect themselves from attack? Lina Kolesnikova investigates Pakistan school attack 20 Luavut Zahid reports from Peshawar, where terrorists gunned down 145 pupils and staff in a military school Asymmetric attacks at sea 22 Dave Sloggett reflects on the growing levels of instability in the maritime domain South Africa wildfires p24 Disasters & urban resilience Wildfires in South Africa 24 Firefighters faced one of the worst blazes ever experienced around the Cape Peninsula, writes Hilary Phillips SAR after US mudslide 26 Thomas J Richardson shares a USAR team s experience in a very different environment to its usual operations Resilience starts with people 32 Where poverty is widespread and resources scarce, social capital is more essential than ever, says Katrina Borromeo Co-operation: A case study 33 Jay Levinson details story behind the headlines in the Middle East that gives hope to those who wish for a future of tranquillity and co-operation Collective intelligence 34 Alejandro Salazar Ortuño describes a Spanish initiative to create smart and resilient communities Big data, cyber security Making sense of big data 36 A galaxy of user-generated data points is providing a near-unimaginable quantity of data that can improve disaster preparedness and response. But first there are some problems to overcome, warn Ian Portelli, Ramin Bajoghli, Megan Mantaro and Amanda Horowitz Cyber-consequences 39 An effective and credible response to cyber attacks could demand a diverse, agile and eclectic approach to emergency response, according to Andy Marshall Cyber threats: protection advice p44 Resources, links, pictures, videos and much more are available for subscribers in our digital and online editions join the CRJ LinkedIn group follow us on Craig McIver NSRI Eiko Ojala 2 CRJ s Sponsoring Partners are leading specialists in the crisis, security and emergency response disciplines

4 Cover story: Big data and disaster response its potential and its pitfalls, p36 CRISIS RESPONSE Main image: Eiko Ojala comment Cyber threats: The ever-changing spectre 42 Cyber threats are dynamic and asymmetric, requiring a change in organisational approach, says Chris Morgan Humanitarian sector and cyber threats 44 David Prior warns that most cyber attackers nation state or criminal alike do not care that you are a humanitarian or rescue operation Planning for the breach 48 It a matter of when, not if, your systems are breached, says Regina Phelps. Exercise and test your response International co-operation 50 It is time to tighten up collaboration, according to Annemarie Zielstra, Eric Luiijf and Hanneke Duijnhoven Interview 52 Emily Hough talks to Todd Rosenblum, the Pentagon s former Assistant Secretary for Homeland Defence Experiences of the military and disaster 54 Alois Hirschmugl shares his thoughts and experience Shaping humanitarian-civil co-operation 56 Eugene Gepte emphasises the importance of both sectors maintaining their respective identities An ECHO perspective 59 Vera Mazzara outlines EU civil-military engagement Improving collaboration 60 Heiko Herkel describes the work of the Civil Military Co-operation Centre of Excellence Civil-military interaction p60 shutterstock NATO s civil emergency planning 64 Günter Bretschneider explains how NATO works with others to ensure the most effective use of civil resources in an emergency In Depth A look towards Time is running out if we are to build truly resilient cities for the future, according to Brett Lovegrove ICDO Part III 70 A look at civil defence organisation in Jordan Staff rotation in a crisis 72 Marijn Ornstein lists the factors that affect deployment times on a crisis team at management level Situational awareness 74 Friedrich Steinhäusler introduces the first part of a series describing a system that incorporates UAVs, a computer-based expert system and 3-D modelling to provide situational awareness in emergencies Hurricane Ivan ten years on 76 Jeremy Collymore traces the path of the hurricane that devastated much of the Caribbean ten years ago, looking at what lessons have been learnt Regulars Events 80 Calendar dates 83 Looking back 84 EU ECHO 85 Frontline 86 Migrant rescue p86 At the WCDRR in Sendai, Japan, this March (p4), it was striking how in the space of around a decade the holistic nature of disaster risk reduction has been so widely embraced. The breadth of organisations involved has grown dramatically, as has the diversity of the NGOs and sectors represented. Health, finance and economics, science and technology, education, heritage, food security as well as the private sector, businesses, communities and many more are now all actively engaged. The theme of partnerships and involvement, both in response and preparedness, runs through this issue. In the face of today s risks and threats, no sector, discipline or individual should be ignored, or choose to be excluded. Agreed, this can sometimes make for slightly uncomfortable bedfellows, as is evident from our civil-military feature. The humanitarian and military sectors have increasingly been sharing the same operational space in largescale crises and this can be an uneasy relationship. Each must work out how to co-operate and fulfill its own mission or mandate without endorsing or jeopardising the safety of the other, or blurring the delineations between military and humanitarian action. Our cyber security feature also highlights evolving partnerships, especially those between government and private sector entities that might be targets. On p39 Andy Marshall questions what parameters should be set for the plethora of responding organisations during a cyber attack that affects a community or region. The authors on p50 call for co-operation to be enshrined on an international scale. And on p52 Todd Rosenblum spans both features, describing the dynamic between the military and state emergency responders, then making the case for bringing the private sector into a new war cabinet to ensure the US can respond to a massive cyber breach in real time. The multiplicity of actors involved in disaster reduction, security, response or resilience can be daunting. But all have the same aim: a safer, more secure, sustainable world for communities and businesses, and an efficient, humane and compassionate response for people affected by disasters when they occur. It is therefore vital to eliminate both isolation and duplication of effort. Emily Hough join the CRJ LinkedIn group follow us on Crisis Response Journal 10:3 April

5 Cyber security and big data, resilience, cyber security consequence management An effective and credible response to the threat of cyber attacks could demand one of the most diverse, agile and eclectic partnership approaches to emergency response that we have yet witnessed, according to Andy Marshall The attack on Sony Pictures Entertainment in the wake of the release of The Interview in November 2014, immediately followed by the hacking of the US Army s Central Command Twitter and YouTube accounts, demonstrate that the threat of cyber attacks is more real than ever before and shows little sign of abating. Real, but by no means new and perhaps not fully understood. According to the UK s National Crime Agency, cybercrime already costs the British economy several billion pounds a year, yet in 2013 alone only an estimated two per cent of online fraud was reported to the Police by businesses. This is mirrored by US research that puts global losses attributable to cybercrime in 2014 at anywhere between $375 and $575 ( 337 and 517) billion, the significant variation stemming from the global inconsistency around what is actually reported. In response to the growing threat, the US and UK Governments are planning coordinated action. Greater bilateral collaboration is promised, along with war games to test preparedness of financial institutions and Critical National Infrastructure, alongside moves to boost the number and capability of the next generation of cyber security technical experts. Set in the context of what UK Prime Minister David Cameron calls: One of the big modern threats we face, such action is surely welcomed. But are we in danger of digging half a hole in our response to cyber attacks? Specifically, are we in danger of focusing too much effort on the technical response to cyber attacks, proactively and reactively, at the expense of our wider ability to deal with the complex societal impacts of a concerted attack? When it floods in the UK, the consequences are well understood and responders, communities and individuals are well prepared for a range of implications that may follow. It is not unreasonable for a high degree of prior intelligence (weather and flood warning messages) to have been shared pre-emptively, followed perhaps by the establishment of a formal multiagency command and control structure. This can bring together subject matter experts and a pre-identified leader to establish an agreed way forward that can be executed with a high degree of control and oversight at the strategic, tactical and operational levels. Specific plans, many of which are already in existence as an outcome of ongoing, riskbased integrated emergency management, can be invoked in support of a response and recovery operation at the local (UK Police Force) level. These can cover all facets of a multiagency operation, from flood response, Consider a situation where cash machines suddenly cease working, where petrol stations are unable to dispense fuel, domestic power and heating are disrupted and benefits are unpaid Rob Byron Shutterstock warning and informing, media handling, evacuation and shelter, public health and humanitarian assistance, to name just a few. Now consider this multiagency response and recovery construct specifically in the context of a cyber attack on a town or city in the UK. From a consequence management perspective, there are chilling similarities with a flooding scenario. The impacts could have a significant bearing on individual resilience and community cohesion. Consider a situation where ATMs suddenly cease working, where petrol stations are unable to dispense fuel, domestic power and heating are disrupted and benefits are unpaid. Other than the actual cause, the potential consequences are arguably no different from those of a flood, when the co-ordinated multiagency operation outlined above would be invoked. Moreover, this is what communities expect to happen and this is what responders prepare for because the nature of the risk is well known and there is collective responsibility and a legal driver (the Civil Contingencies Act 2004 CCA 2004 in the case of a major incident in the UK) to respond to communities needs. So if the consequences are similar, does it therefore follow that a multiagency response and recovery operation using the exact same structures, systems and processes would be the approach of choice to a cyber attack in the UK? I discussed this at length with Assistant Chief Constable Richard Berry from Gloucestershire Police, the National Policing Lead for Communication Data and Cyber Training and Development. He outlined that the Local Resilience Forum (LRF) partnership would most likely form the cornerstone of any response and, indeed, Berry has first-hand experience of commanding a strategic response of multiagency partners through the LRF structure as a result of a credible and recognised cyber attack. What this confirmed to me was that join the CRJ LinkedIn group follow us on Crisis Response Journal 10:3 April

6 while the LRF may be the logical home of response, there is a range of open questions that merit further consideration if this is to be captured beyond anything other than assumption or locally agreed practice. These are discussed below. Are the risk and/or threat clearly identified? Do we know enough about the nature of cyber threats at a local level and are these accurately and consistently shown on Community Risk Registers so that planning can be prioritised? Effective local understanding can only start with a combination of clear national guidance, credible technical expertise and effective local engagement (ie to generate the appetite to commit to dealing with the risk). Is the risk/threat clearly owned? Cyber threats know no boundaries between nation states, individuals, public bodies and private companies. Once the risk is identified, who or what can actually take ownership of co-ordinated action around mitigation, warning and informing etc? Straddling fault lines How is information shared on cyber threats? The 9/11 Commission concluded that one of the contributing factors to the success of the attacks in New York was the prevalence of the need to know principle over the need to share. Cyber threats straddle the fault line between these competing demands. Effective and timely sharing of cyber intelligence to promote preparedness is potentially hampered by concerns of national security, the sensitivity of sharing commercial information (particularly if it suggests weakness or actual compromise) and access to and sharing of personal data. How would response be co-ordinated and who would lead? If a local response is invoked to deal with the consequences of a cyber attack, the most likely organisation to lead the response would be the Police. Is this right? If so, do the Police have the necessary legal powers to respond, not only to the immediate consequences of an attack but to the potentially significant forensic operation that may well be required as part of this? In addition, who would be invited to participate in a response operation and how would they be mobilised in time, particularly given that a significant number of affected organisations may be private companies, not all of which are prescribed by the CCA 2004 (ie banks and outsourced providers of key services)? President Obama echoed this in his January 2014 comment that: Neither government, nor the private sector can defend the nation alone. It s going to have to be a shared mission government and industry working hand in hand. Where does recovery fit in? In the UK, leadership of recovery and recovery coordinating groups lies with top tier local authorities. Do they have the jurisdiction, knowledge and skills to recover and remediate individuals, communities and businesses in the aftermath of a cyber attack? The stark reality around recovery is that it is often a more complex, enduring and costly phase than response. In terms of economic and reputational impact, Cleaning up in the aftermath of a cybercrime is expensive, often more expensive than the crime itself. How do responders train for a cyber attack? Given the nature of the threat, it is safe to assume that specific skills will be required in the preparation, response and recovery phases. These could include interpretation of specific technical information, awareness of legal powers, handling sensitive data/information, liaison with the security services, how to build situational awareness and how, who and when to warn and inform. Currently, very little specific training is delivered on response to and recovery from cyber attacks to LRFs in the UK. How do responders exercise for a cyber attack? Cyber attack exercises at LRF level are also the exception rather than the rule. While simulating the consequence management implications of a cyber attack could be done in a low-tech way, for example through a table-top or workshop, truly understanding the implications would require some form of controlled shut-down of real-time services, or a computer-based simulation. The former is both disruptive and fraught with reputational danger (consider closing benefits payments for a day) and the latter is likely to be prohibitively expensive. Either way, to be as realistic as possible, any exercise approach would require significant buy-in from community, business, responder and national and sub-national actors. How do we prepare businesses and communities for a cyber attack? What expectations should be placed on non-responder organisations in terms of their actions, reactions and behaviour during and after a cyber attack? Are they expected to gather and share information? Are they expected to carry 40 Resources, links, pictures, videos and much more are available for subscribers in our digital and online editions

7 big data, resilience, cyber security out or not carry out specific actions? Can non-state actors be compelled to do this? Do we have our terminology right? Is there an agreed lexicon in place, ideally at the international level, to help ensure that we are all talking about the same thing? Do we see cyber attacks as a threat or a risk? Are they both? For example do we term a completely non-malicious, unintentional act of data corruption that shuts down a key function as a cyber attack? Are we talking about cyber security, cyber terrorism, cyber vandalism, cyber fraud, hacking and hacktivism as one and the same thing or not? Are we attracting the right people? Are we looking ahead to the future needs of the crisis response and emergency planning fields to ensure that we are recruiting and developing the leaders of the future who have a cyber-savvy mind-set? How is preparation funded? Ultimately, if we take the cyber threat seriously across such a broad range of state, non-state, community and individual actors, who pays? So where does this put us in terms of local response in the UK? High profile cases such as the Sony attack and the more recent Twitter and Facebook shutdown in January 2015 appear to have registered the need for a more joinedup, collaborative approach to cyber attacks in the UK. This is echoed by the formation of the UK-US Collaboration on Resilience and Security (ColoRS) in November 2014, which is looking to promote closer academic working on the response to cyber attacks on both sides of the Atlantic. The effect of this could well be further enhanced by promoting ties with other programmes, initiatives and groups to help the sharing of key information, encouraging the combination of experts from academic and practitioner backgrounds to develop a shared sense of purpose. An example of the potential for greater joined-up working is an outreach programme to be led by Gloucestershire Police in 2015 that will seek to engage with and help prepare businesses for what Berry describes as proactive, pre-event positioning. When I met with Nick Baveystock, Director General of the UK Institution of Civil Engineers (ICE), in February 2015, he seemed to share Berry s emphasis on people being very much at the centre of preparedness for emerging challenges such as cyber threats. Resilience of infrastructure is about behaviour, he explained, and behaviour can increasingly be influenced by big data, a pool of information that is fed by personal, organisational and geographical data that people can increasingly Neither government nor the private sector can defend the nation alone, it s going to have to be a shared mission President Barack Obama, USA access anywhere at any time. Resilience is therefore less about owners not knowing or preparing their organisations in the case of cyber threats, not having robust measures in place to prevent or mitigate hostile attack but more about how effectively and quickly people can receive key information, assimilate it and then adapt their behaviours in response. Baveystock stressed: The data is out there. Treating infrastructure more as a service than an asset in the future will, he believes, help to improve access to this data for individuals, communities and businesses. Could cyber consequence management and the individual be two sides of the same coin? The US provides an interesting parallel to the current UK position in response to the cyber threat. Ann Lesperance and Steve Stein from the Pacific Northwest National Laboratory (PNNL) and key contributors to the ColoRS Programme, outline a similar challenge to the UK in building situational awareness of a cyber attack, understanding what the actual intent of a cyber attack is and then understanding how best to coordinate a multi-agency response, particularly when most of the cyber infrastructure is owned by private sector operators. Lesperance believes that a more co-ordinated response to a cyber attack is required. In the US we have an established National Incident Management System that brings together experts from the federal, state and local levels during emergencies, co-ordinated through an Emergency Operations Centre (EOC). The main challenges in a cyber attack would be to ensure that there are clear reporting lines into an EOC that are agreed through a formal protocol with private sector operators. So with the right information being passed to responders, what are the wider challenges? Getting the right people to the table is the most important factor, as with any emergency. We then need to ensure that we are all using a common lexicon and that any plans we use have been regularly updated, something that the rapidly changing nature of the cyber threat will absolutely demand, she says. Above all, Lesperance emphasises: Taking an all-hazards approach will not only use our existing framework for incident response and recovery, but it will give us the flexibility to act either from the local or state level, essentially bottom-up or top-down. PNNL highlights a case study, led by Matthew Modarelli from the Washington State Emergency Management Department in Seattle, to indicate what an integrated approach to cyber preparedness might look like. The Community Cybersecurity model is an inclusive and progressive approach that focuses on Four Ps : Partnerships; Policy; Preparedness; and People. Capability and capacity within these areas is built progressively across public and private sector partners through five steps of maturity: Initial; Advanced; Self-Assessed; Integrated and Vanguard. This supports effective coordination of control of the programme, to include awareness-raising, training and multi-level exercising, before declaring operating capability and an agreed Strategic Plan for Washington State by June The challenges either side of the Atlantic in responding to cyber threats appear to be extremely similar. Understanding the nature of the threat is key, while not blindly assuming that cyber security is wholly the preserve of techies or spooks, or that it is something that the private sector or public sector should be expected to manage in isolation. Whatever form an attack takes, it may have significant, tangible consequences that affect the economy, business and potentially every corner of our digitallyenabled world. An effective and credible response to this threat could, therefore, demand one of the most diverse, agile and eclectic partnership approaches to emergency response that we have yet witnessed. Sources Russell, J (2015): Outdated police are swamped by cybercrime, The Sunday Times; Center for Strategic and International Studies (2014) Net Losses: Estimating the Global Costs of Cybercrime: Economic impact of cybercrime II; Corera, G (2015): Cyber attack war games to be staged by US and UK, BBC news online (www.bbc.co.uk); and Perera, D (2015): Information Sharing at top of Obama Cyber Agenda, Author Andy Marshall is Principal Consultant with Rhead Group, Former Director of Civil Contingencies at Staffordshire Civil Contingencies Unit, UK and a Member of CRJ s Editorial Advisory Panel join the CRJ LinkedIn group follow us on Crisis Response Journal 10:3 April

Big data: At the heart

Big data: At the heart CRISIS RESPONSE Women & radicalisation Paris terror attacks Wildfires in South Africa Mudslide in US Big data, resilience & cyber security Civil-military co-operation V O L : 10 I S S U E : 3 APRIL 2015

More information

THE STRATEGIC POLICING REQUIREMENT. July 2012

THE STRATEGIC POLICING REQUIREMENT. July 2012 THE STRATEGIC POLICING REQUIREMENT July 2012 Contents Foreward by the Home Secretary...3 1. Introduction...5 2. National Threats...8 3. Capacity and contribution...9 4. Capability...11 5. Consistency...12

More information

Playing Our Part in Responding to National Threats

Playing Our Part in Responding to National Threats Agenda Item 7 Report of: The Secretary of the Police and Crime Panel Date: 1 February 2016 1. Purpose of Report Playing Our Part in Responding to National Threats 1.1 This report provides Members with

More information

Section A: Introduction, Definitions and Principles of Infrastructure Resilience

Section A: Introduction, Definitions and Principles of Infrastructure Resilience Section A: Introduction, Definitions and Principles of Infrastructure Resilience A1. This section introduces infrastructure resilience, sets out the background and provides definitions. Introduction Purpose

More information

CYBER SECURITY AND CYBER DEFENCE IN THE EUROPEAN UNION OPPORTUNITIES, SYNERGIES AND CHALLENGES

CYBER SECURITY AND CYBER DEFENCE IN THE EUROPEAN UNION OPPORTUNITIES, SYNERGIES AND CHALLENGES CYBER SECURITY AND CYBER DEFENCE IN THE EUROPEAN UNION OPPORTUNITIES, SYNERGIES AND CHALLENGES By Wolfgang Röhrig, Programme Manager Cyber Defence at EDA and Wg Cdr Rob Smeaton, Cyber Defence Staff Officer

More information

Cyber Security Strategy

Cyber Security Strategy NEW ZEALAND S Cyber Security Strategy 2015 A secure, resilient and prosperous online New Zealand Ministerial Foreword The internet and technology have become a fundamental element in our lives. We use

More information

Business Continuity Management Systems. Protecting for tomorrow by building resilience today

Business Continuity Management Systems. Protecting for tomorrow by building resilience today Business Continuity Management Systems Protecting for tomorrow by building resilience today Vital statistics 31% 40% of UK businesses have been affected by bad weather related transport problems, power

More information

NOT PROTECTIVELY MARKED Agenda Item: 8

NOT PROTECTIVELY MARKED Agenda Item: 8 NOT PROTECTIVELY MARKED Agenda Item: 8 TO: FROM: Business Co-ordination Board Chief Constable DATE: 22 May 2013 THE NATIONAL POLICING REQUIREMENT 1. Purpose of Paper This paper provides an overview of

More information

CYBER SECURITY Audit, Test & Compliance

CYBER SECURITY Audit, Test & Compliance www.thalescyberassurance.com CYBER SECURITY Audit, Test & Compliance 02 The Threat 03 About Thales 03 Our Approach 04 Cyber Consulting 05 Vulnerability Assessment 06 Penetration Testing 07 Holistic Audit

More information

SUFFOLK COASTAL DISTRICT COUNCIL DOMESTIC FLOOD PROTECTION POLICY

SUFFOLK COASTAL DISTRICT COUNCIL DOMESTIC FLOOD PROTECTION POLICY SUFFOLK COASTAL DISTRICT COUNCIL DOMESTIC FLOOD PROTECTION POLICY 1. Introduction 1.1 The Council recognises the threat to local communities from flooding following severe weather events and as a result

More information

OUTCOME OF PROCEEDINGS

OUTCOME OF PROCEEDINGS Council of the European Union Brussels, 18 November 2014 15585/14 COPS 303 POLMIL 103 CYBER 61 RELEX 934 JAI 880 TELECOM 210 CSC 249 CIS 13 COSI 114 OUTCOME OF PROCEEDINGS From: Council On: 17 18 November

More information

ESSEX FIRE AUTHORITY Essex County Fire & Rescue Service

ESSEX FIRE AUTHORITY Essex County Fire & Rescue Service ESSEX FIRE AUTHORITY Essex County Fire & Rescue Service MEETING Essex Fire Authority AGENDA ITEM 14 MEETING DATE 5 September 2012 REPORT NUMBER SUBJECT REPORT BY Risk and Business Continuity Department

More information

CYBER-ATTACKS THE GLOBAL RESPONSE

CYBER-ATTACKS THE GLOBAL RESPONSE R E P R I N T CYBER-ATTACKS THE GLOBAL RESPONSE REPRINTED FROM: Risk, Governance & Compliance for Financial Institutions 2015 RISK GOVERNANCE & COMPLIANCE for F I N A N C I A L INSTITUTIONS 2 0 1 5 Visit

More information

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown Cyber Resilience Implementing the Right Strategy Grant Brown specialist, CISSP @TheGrantBrown 1 2 Network + Technology + Customers = $$ 3 Perfect Storm? 1) Increase in Bandwidth (extended reach) 2) Available

More information

THE ROLE OF LEAD GOVERNMENT DEPARTMENTS IN PLANNING FOR AND MANAGING CRISES

THE ROLE OF LEAD GOVERNMENT DEPARTMENTS IN PLANNING FOR AND MANAGING CRISES THE ROLE OF LEAD GOVERNMENT DEPARTMENTS IN PLANNING FOR AND MANAGING CRISES THE FRAMEWORK FOR ACTION 1. Most incidents are handled at a local level by the emergency services and by the appropriate local

More information

Cyber Defence Capability Assessment Tool (CDCAT ) Improving cyber security preparedness through risk and vulnerability analysis

Cyber Defence Capability Assessment Tool (CDCAT ) Improving cyber security preparedness through risk and vulnerability analysis Cyber Defence Capability Assessment Tool (CDCAT ) Improving cyber security preparedness through risk and vulnerability analysis An analogue approach to a digital world What foundations is CDCAT built on?

More information

CYBER SECURITY, A GROWING CIO PRIORITY

CYBER SECURITY, A GROWING CIO PRIORITY www.wipro.com CYBER SECURITY, A GROWING CIO PRIORITY Bivin John Verghese, Practitioner - Managed Security Services, Wipro Ltd. Contents 03 ------------------------------------- Abstract 03 -------------------------------------

More information

A NEW APPROACH TO CYBER SECURITY

A NEW APPROACH TO CYBER SECURITY A NEW APPROACH TO CYBER SECURITY We believe cyber security should be about what you can do not what you can t. DRIVEN BY BUSINESS ASPIRATIONS We work with you to move your business forward. Positively

More information

London 2012 Olympic Safety and Security Strategic Risk. Mitigation Process summary Version 2 (January 2011) Updated to reflect recent developments

London 2012 Olympic Safety and Security Strategic Risk. Mitigation Process summary Version 2 (January 2011) Updated to reflect recent developments London 2012 Olympic Safety and Security Strategic Risk Assessment (OSSSRA) and Risk Mitigation Process summary Version 2 (January 2011) Updated to reflect recent developments Introduction London 2012

More information

On the European experience in critical infrastructure protection

On the European experience in critical infrastructure protection DCAF a centre for security, development and the rule of law On the European experience in critical infrastructure protection Valeri R. RATCHEV ratchevv@yahoo.com @ratchevv DCAF/CSDM 1 This presentation

More information

The Asian Event Dedicated to Homeland and Civil Security

The Asian Event Dedicated to Homeland and Civil Security The Asian Event Dedicated to Homeland and Civil Security In a market with strong needs in security matters, Asia Pacific Homeland Security responds to the expectations of governments, urban local administrations,

More information

Managing Cyber Attacks

Managing Cyber Attacks Managing Cyber Attacks Regulators and Industry Participants Discuss Ways to Strengthen Defenses By Joanne Morrison June 25, 2015 Cybersecurity risks and testing are a major concern of regulators and market

More information

1 FOCUS Foresight Security Scenarios

1 FOCUS Foresight Security Scenarios New Security Studies Rachel Suissa (Ph.D) University of Haifa, Israel In today s globalised setting, the challenge of maintaining security is no longer limited to the traditional foreign-policy and military

More information

AGENDA ITEM: 5E STRATEGIC POLICING REQUIREMENT (SPR)

AGENDA ITEM: 5E STRATEGIC POLICING REQUIREMENT (SPR) REPORT TO: STRATEGIC SCRUTINY MEETING DATE: Monday 23 December 2013 AGENDA ITEM: 5E STRATEGIC POLICING REQUIREMENT (SPR) SUBJECT: SPR Update Background The Strategic Policing Requirement (SPR) outlines

More information

TEXAS HOMELAND SECURITY STRATEGIC PLAN 2015-2020: PRIORITY ACTIONS

TEXAS HOMELAND SECURITY STRATEGIC PLAN 2015-2020: PRIORITY ACTIONS TEXAS HOMELAND SECURITY STRATEGIC PLAN 2015-2020: PRIORITY ACTIONS INTRODUCTION The purpose of this document is to list the aligned with each in the Texas Homeland Security Strategic Plan 2015-2020 (THSSP).

More information

Cyber ROI. A practical approach to quantifying the financial benefits of cybersecurity

Cyber ROI. A practical approach to quantifying the financial benefits of cybersecurity Cyber ROI A practical approach to quantifying the financial benefits of cybersecurity Cyber Investment Challenges In 2015, global cybersecurity spending is expected to reach an all-time high of $76.9

More information

CYBER LIABILITY RISKS SEMINAR Programme overview. THURSDAY 1 OCTOBER 2015 8.30am 1.00pm Green Park Conference Centre, Reading

CYBER LIABILITY RISKS SEMINAR Programme overview. THURSDAY 1 OCTOBER 2015 8.30am 1.00pm Green Park Conference Centre, Reading CYBER LIABILITY RISKS SEMINAR Programme overview THURSDAY 1 OCTOBER 2015 8.30am 1.00pm Green Park Conference Centre, Reading JLT Specialty (JLT) would like to invite you to a highly informative technical

More information

A GOOD PRACTICE GUIDE FOR EMPLOYERS

A GOOD PRACTICE GUIDE FOR EMPLOYERS MITIGATING SECURITY RISK IN THE NATIONAL INFRASTRUCTURE SUPPLY CHAIN A GOOD PRACTICE GUIDE FOR EMPLOYERS April 2015 Disclaimer: Reference to any specific commercial product, process or service by trade

More information

Threat Intelligence. Benefits for the enterprise

Threat Intelligence. Benefits for the enterprise Benefits for the enterprise Contents Introduction Threat intelligence: a maturing defence differentiator Understanding the types of threat intelligence: from the generic to the specific Deriving value

More information

The UK cyber security strategy: Landscape review. Cross-government

The UK cyber security strategy: Landscape review. Cross-government REPORT BY THE COMPTROLLER AND AUDITOR GENERAL HC 890 SESSION 2012-13 12 FEBRUARY 2013 Cross-government The UK cyber security strategy: Landscape review 4 Key facts The UK cyber security strategy: Landscape

More information

Emergency management in Cardiff. A practical guide

Emergency management in Cardiff. A practical guide Emergency management in Cardiff A practical guide Emergency management in Cardiff Introduction It is very unlikely that any of us will ever be caught up in an emergency or disaster, but by being informed

More information

NIMS ICS 100.HCb. Instructions

NIMS ICS 100.HCb. Instructions NIMS ICS 100.HCb Instructions This packet contains the NIMS 100 Study Guide and the Test Questions for the NIMS 100 final exam. Please review the Study Guide. Next, take the paper test - record your answers

More information

HMG Security Policy Framework

HMG Security Policy Framework HMG Security Policy Framework Security Policy Framework 3 Foreword Sir Jeremy Heywood, Cabinet Secretary Chair of the Official Committee on Security (SO) As Cabinet Secretary, I have a good overview of

More information

National Cyber Security Strategies

National Cyber Security Strategies May 2012 National Cyber Security Strategies About ENISA The European Network and Information Security Agency (ENISA) is an EU agency created to advance the functioning of the internal market. ENISA is

More information

STRATEGIC POLICING REQUIREMENT

STRATEGIC POLICING REQUIREMENT STRATEGIC POLICING REQUIREMENT Briefing to the Police and Crime Panel Assistant Chief Constable James Vaughan WHAT IS IT? Issued by Home Secretary as part of her statutory duty Outlines national threats

More information

Cyber Security Evolved

Cyber Security Evolved Cyber Security Evolved Aware Cyber threats are many, varied and always evolving Being aware is knowing what is going on so you can figure out what to do. The challenge is to know which cyber threats are

More information

Business Continuity Management Framework

Business Continuity Management Framework Business Continuity Management Framework Date of Issue: November 2013 Review Date: November 2014 Written by: Jackie Orchard Risk & Business Continuity Manager Authorised by: Signed off by: DCC Francis

More information

Australian Strategic Policy Institute National Security Dinner West Tower Suite, Level 35, Sofitel Hotel 25 Collins Street, Melbourne 21 August 2008

Australian Strategic Policy Institute National Security Dinner West Tower Suite, Level 35, Sofitel Hotel 25 Collins Street, Melbourne 21 August 2008 Australian Strategic Policy Institute National Security Dinner West Tower Suite, Level 35, Sofitel Hotel 25 Collins Street, Melbourne 21 August 2008 Introduction Thank you Chris it s a great pleasure to

More information

Cyber Security. CYBER SECURITY presents a major challenge for businesses of all shapes and sizes. Leaders ignore it at their peril.

Cyber Security. CYBER SECURITY presents a major challenge for businesses of all shapes and sizes. Leaders ignore it at their peril. Cyber Security Personal and commercial information is the new commodity of choice for the virtual thief, argues Adrian Leppard, Commissioner for City of London Police, as he sets out the challenges facing

More information

Keynote. Professor Russ Davis Chairperson IC4MF & Work Shop Coordinator for Coordinator for Technology, Innovation and Exploitation.

Keynote. Professor Russ Davis Chairperson IC4MF & Work Shop Coordinator for Coordinator for Technology, Innovation and Exploitation. Keynote Professor Russ Davis Chairperson IC4MF & Work Shop Coordinator for Coordinator for Technology, Innovation and Exploitation 6 & 7 Nov 2013 So many of us now don t just work online but live part

More information

Cyber Security - What Would a Breach Really Mean for your Business?

Cyber Security - What Would a Breach Really Mean for your Business? Cyber Security - What Would a Breach Really Mean for your Business? August 2014 v1.0 As the internet has become increasingly important across every aspect of business, the risks posed by breaches to cyber

More information

Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model

Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model Stéphane Hurtaud Partner Governance Risk & Compliance Deloitte Laurent De La Vaissière Director Governance Risk & Compliance

More information

NATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA

NATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA NATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA JOÃO MANUEL ASSIS BARBAS Coronel de Artilharia. Assessor de Estudos do IDN INTRODUCTION Globalization and information and communication technologies

More information

Cybersecurity: Mission integration to protect your assets

Cybersecurity: Mission integration to protect your assets Cybersecurity: Mission integration to protect your assets C Y B E R S O L U T I O N S P O L I C Y O P E R AT I O N S P E O P L E T E C H N O L O G Y M A N A G E M E N T Ready for what s next Cyber solutions

More information

Keeping sight of your business Hot topics facing Financial Services organisations in IT Internal Audit

Keeping sight of your business Hot topics facing Financial Services organisations in IT Internal Audit Keeping sight of your business Hot topics facing Financial Services organisations in IT Internal Audit 2014 Welcome to our third annual review of the IT hot topics facing Internal Audit functions within

More information

CYBERSECURITY IN FINANCIAL SERVICES POINT OF VIEW CHALLENGE 1 REGULATORY COMPLIANCE ACROSS GEOGRAPHIES

CYBERSECURITY IN FINANCIAL SERVICES POINT OF VIEW CHALLENGE 1 REGULATORY COMPLIANCE ACROSS GEOGRAPHIES POINT OF VIEW CYBERSECURITY IN FINANCIAL SERVICES Financial services institutions are globally challenged to keep pace with changing and covert cybersecurity threats while relying on traditional response

More information

Be Prepared. For Anything. Cyber Security - Confronting Current & Future Threats The role of skilled professionals in maintaining cyber resilience

Be Prepared. For Anything. Cyber Security - Confronting Current & Future Threats The role of skilled professionals in maintaining cyber resilience Cyber Security - Confronting Current & Future Threats The role of skilled professionals in maintaining cyber resilience Mike O Neill Managing Director Graeme McGowan Associate Director of Cyber Security

More information

Cyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft

Cyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft Cyber Security and Privacy Services Working in partnership with you to protect your organisation from cyber security threats and data theft 2 Cyber Security and Privacy Services What drives your security

More information

Crisis Prevention and Response Services. NYA International. Crisis Prevention and Response Services. Crisis Prevention and Response Services

Crisis Prevention and Response Services. NYA International. Crisis Prevention and Response Services. Crisis Prevention and Response Services NYA International B Effective risk management begins with a comprehensive understanding of the threat and an organisation s vulnerability, and the application of appropriate mitigation measures. Operating

More information

National Cyber Security Policy -2013

National Cyber Security Policy -2013 National Cyber Security Policy -2013 Preamble 1. Cyberspace 1 is a complex environment consisting of interactions between people, software and services, supported by worldwide distribution of information

More information

AISA NATIONAL CONFERENCE 2015 TRUST IN INFORMATION SECURITY. 14 October 2015 OPENING ADDRESS LYNWEN CONNICK

AISA NATIONAL CONFERENCE 2015 TRUST IN INFORMATION SECURITY. 14 October 2015 OPENING ADDRESS LYNWEN CONNICK 1 AISA NATIONAL CONFERENCE 2015 TRUST IN INFORMATION SECURITY 14 October 2015 OPENING ADDRESS LYNWEN CONNICK Thanks Arno, and good morning everyone. Welcome to Australian Information Security Association

More information

Essex Fire Authority

Essex Fire Authority Internal Audit Report (2.13/.14) FINAL with the Civil Contingencies Act 1 October 2013 Contents Section Page Executive Summary 1 Action Plan 5 Findings and Recommendations 6 Debrief meeting 15 August 2013

More information

Beyond the Hype: Advanced Persistent Threats

Beyond the Hype: Advanced Persistent Threats Advanced Persistent Threats and Real-Time Threat Management The Essentials Series Beyond the Hype: Advanced Persistent Threats sponsored by Dan Sullivan Introduction to Realtime Publishers by Don Jones,

More information

C DIG COMMITTED TO EXCELLENCE IN CYBER DEFENCE. ONE MISSION. ONE GROUP. CSCSS / DEFENCE INTELLIGENCE GROUP

C DIG COMMITTED TO EXCELLENCE IN CYBER DEFENCE. ONE MISSION. ONE GROUP. CSCSS / DEFENCE INTELLIGENCE GROUP C DIG CSCSS / DEFENCE INTELLIGENCE GROUP COMMITTED TO EXCELLENCE IN CYBER DEFENCE. ONE MISSION. ONE GROUP. CENTRE FOR STRATEGIC CSCSS CYBERSPACE + SECURITY SCIENCE C DIG CSCSS / DEFENCE INTELLIGENCE GROUP

More information

Government Decision No. 1139/2013 (21 March) on the National Cyber Security Strategy of Hungary

Government Decision No. 1139/2013 (21 March) on the National Cyber Security Strategy of Hungary Government Decision No. 1139/2013 (21 March) on the National Cyber Security Strategy of Hungary 1. The Government hereby approves the National Cyber Security Strategy of Hungary laid down in Annex No.

More information

Mike Smart Cyber Strategist & Enterprise Security Solutions, EMEA. Cyber: The Catalyst to Transform the Security Program

Mike Smart Cyber Strategist & Enterprise Security Solutions, EMEA. Cyber: The Catalyst to Transform the Security Program Cyber: The Catalyst to Transform the Security Program Mike Smart Cyber Strategist & Enterprise Security Solutions, EMEA A Common Language? Hyper Connected World Rapid IT Evolution Agile Targeted Threat

More information

Business Plan 2012/13

Business Plan 2012/13 Business Plan 2012/13 Contents Introduction 3 About the NFA..4 Priorities for 2012/13 4 Resources.6 Reporting Arrangements.6 Objective 1 7 To raise the profile and awareness of fraud among individuals,

More information

BUSINESS CONTINUITY MANAGEMENT IN THE PUBLIC SECTOR A ROUGH GUIDE

BUSINESS CONTINUITY MANAGEMENT IN THE PUBLIC SECTOR A ROUGH GUIDE BUSINESS CONTINUITY MANAGEMENT IN THE PUBLIC SECTOR A ROUGH GUIDE Introduction 1. Recently many organisations both public and private have directed much more time, money and effort towards protecting service

More information

Smart Security. Smart Compliance.

Smart Security. Smart Compliance. Smart Security. Smart Compliance. SRM are dedicated to helping our clients stay safe in the information environment. With a wide range of knowledge and practical experience, our consultants are ready to

More information

Sytorus Information Security Assessment Overview

Sytorus Information Security Assessment Overview Sytorus Information Assessment Overview Contents Contents 2 Section 1: Our Understanding of the challenge 3 1 The Challenge 4 Section 2: IT-CMF 5 2 The IT-CMF 6 Section 3: Information Management (ISM)

More information

Federal Emergency Preparedness and Response System

Federal Emergency Preparedness and Response System Annex L Federal Emergency Preparedness and Response System Date of Latest Version: October 2006 Summary of Significant Changes: Reflects the establishment of the new department Public Safety and Emergency

More information

Pol 24/15 Appendix 2. National Policing Fraud Protect Strategy

Pol 24/15 Appendix 2. National Policing Fraud Protect Strategy National Policing Fraud Protect Strategy Draft prepared by the National Police Coordinator for Economic Crime V2.1 February 2015 1 PROTECTING THE COMMUNITY FROM FRAUD Introduction: This is the draft National

More information

Cybersecurity The role of Internal Audit

Cybersecurity The role of Internal Audit Cybersecurity The role of Internal Audit Cyber risk High on the agenda Audit committees and board members are seeing cybersecurity as a top risk, underscored by recent headlines and increased government

More information

[CRISIS COMMUNICATIONS 2012: SOCIAL MEDIA & NOTIFICATION SYSTEMS]

[CRISIS COMMUNICATIONS 2012: SOCIAL MEDIA & NOTIFICATION SYSTEMS] 2012 A Continuity Insights Special Report [CRISIS COMMUNICATIONS 2012: SOCIAL MEDIA & NOTIFICATION SYSTEMS] A survey of more than 250 organizations designed to determine how social media platforms are

More information

Why Crisis Response and Business Continuity Plans Fail

Why Crisis Response and Business Continuity Plans Fail Why Crisis Response and Business Continuity Plans Fail 10 Lessons Learned from Real-World Experience Many organizations invest considerable time, money and effort in developing Crisis Response and Business

More information

Cyber crime: Police Roles and Responsibilities Within a Collaborative Framework

Cyber crime: Police Roles and Responsibilities Within a Collaborative Framework Executive Report to the CACP Board of Directors from CACP Global 2015 Cyber crime: Police Roles and Responsibilities Within a Collaborative Framework In the fall of 2014, the CACP Board of Directors assigned

More information

E-SECURITY REVIEW 2008 DISCUSSION PAPER FOR PUBLIC CONSULTATION

E-SECURITY REVIEW 2008 DISCUSSION PAPER FOR PUBLIC CONSULTATION 1. Introduction E-SECURITY REVIEW 2008 DISCUSSION PAPER FOR PUBLIC CONSULTATION Australia s national security and economic and social well-being rely upon the use and availability of a range of Information

More information

The CSO/CISO Roundtable

The CSO/CISO Roundtable The CSO/CISO Roundtable 27th October 2014 - Meeting notes Organised by the Security Awareness Special Interest Group in association with ASIS International and The Security Company (International) Limited

More information

The Senior Executive s Role in Cybersecurity. By: Andrew Serwin and Ron Plesco.

The Senior Executive s Role in Cybersecurity. By: Andrew Serwin and Ron Plesco. The Senior Executive s Role in Cybersecurity. By: Andrew Serwin and Ron Plesco. 1 Calling All CEOs Are You Ready to Defend the Battlefield of the 21st Century? It is not the norm for corporations to be

More information

UCF Office of Emergency Management. 2013-2018 Strategic Plan

UCF Office of Emergency Management. 2013-2018 Strategic Plan UCF Office of Emergency Management 2013-2018 Strategic Plan Table of Contents I. Introduction... 2 Purpose... 2 Overview... 3 Mission... 5 Vision... 5 II. Mandates... 6 III. Accomplishments and Challenges...

More information

Commonwealth Approach to Cybergovernance and Cybersecurity. By the Commonwealth Telecommunications Organisation

Commonwealth Approach to Cybergovernance and Cybersecurity. By the Commonwealth Telecommunications Organisation Commonwealth Approach to Cybergovernance and Cybersecurity By the Commonwealth Telecommunications Organisation Trends in Cyberspace Cyberspace provides access to ICT Bridging the digital divide and influencing

More information

Financial Sector Cybersecurity: who s in charge? Aquiles A. Almansi Lead Financial Sector Specialist WBG-Finance & Markets

Financial Sector Cybersecurity: who s in charge? Aquiles A. Almansi Lead Financial Sector Specialist WBG-Finance & Markets Financial Sector Cybersecurity: who s in charge? Aquiles A. Almansi Lead Financial Sector Specialist WBG-Finance & Markets Issues in the Governance of Central Banks (BIS 2009) Financial Sector Cybersecurity:

More information

Cybercrime: risks, penalties and prevention

Cybercrime: risks, penalties and prevention Cybercrime: risks, penalties and prevention Cyber attacks have been appearing in the news with increased frequency and recent victims of cybercrime have included well-known companies such as Sony, LinkedIn,

More information

Faculdade de Direito, Lisboa, 02-Jul-2014. The Competitive Advantage of Cybersecurity

Faculdade de Direito, Lisboa, 02-Jul-2014. The Competitive Advantage of Cybersecurity Faculdade de Direito, Lisboa, 02-Jul-2014 The Competitive Advantage of Cybersecurity Thales Key highlights (I) A global company with 65,000 employees and 14,2 billion in revenues, R&D 2,5 billion * We

More information

Cyber Security Operations Centre Reveal Their Secrets - Protect Our Own Defence Signals Directorate

Cyber Security Operations Centre Reveal Their Secrets - Protect Our Own Defence Signals Directorate Cyber Security Operations Centre Reveal Their Secrets - Protect Our Own Defence Signals Directorate Contents Message from the Director 3 Cyber Security Operations Centre 5 Cyber Security Strategy 7 Conversation

More information

Emma Dodgson, Senior Emergency Planning Officer Emergency Plans Service, Essex County Council. tel: 01245 430366 email: Emma.Dodgson@essex.gov.

Emma Dodgson, Senior Emergency Planning Officer Emergency Plans Service, Essex County Council. tel: 01245 430366 email: Emma.Dodgson@essex.gov. Emma Dodgson, Senior Emergency Planning Officer Emergency Plans Service, Essex County Council tel: 01245 430366 email: Emma.Dodgson@essex.gov.uk What Kind of Emergencies? Flooding Release of Hazardous

More information

Cyber Security for audit committees

Cyber Security for audit committees AUDIT COMMITTEE INSTITUTE Cyber Security for audit committees An introduction kpmg.com/globalaci 2 Audit Committee Institute An introduction to cyber security for audit committees Audit committees have

More information

CYBER SECURITY PROTECTING YOUR BUSINESS James Hatch Director, Cyber Services BAE Systems Applied Intelligence 1 CYBER SECURITY AT BAE SYSTEMS Professional Services Technical Services Prepare Protect Cyber

More information

ACE European Risk Briefing 2012

ACE European Risk Briefing 2012 #5 ACE European Risk Briefing 2012 IT and cyber risk respondent profiles The research was carried out between 13 April and 3 May 2012. The sample comprised 606 European risk managers, CROs, CFOs, COOs

More information

NORTH HAMPSHIRE CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY MANAGEMENT POLICY AND PLAN (COR/017/V1.00)

NORTH HAMPSHIRE CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY MANAGEMENT POLICY AND PLAN (COR/017/V1.00) NORTH HAMPSHIRE CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY MANAGEMENT POLICY AND PLAN (COR/017/V1.00) Subject and version number of document: Serial Number: Business Continuity Management Policy

More information

Assistant Chief Officer (ACO) Application to Attend the Strategic Command Course (SCC)

Assistant Chief Officer (ACO) Application to Attend the Strategic Command Course (SCC) Assistant Chief Officer (ACO) Application to Attend the Strategic Command Course (SCC) Guidance Notes for Applications 2014 Limited (2014) All rights reserved. No part of this publication may be reproduced,

More information

Staffordshire County Council. Civil Contingencies Policy

Staffordshire County Council. Civil Contingencies Policy Staffordshire County Council Civil Contingencies Policy Version 1 September 2012 Staffordshire County Council s Civil Contingencies Policy 1.1 Introduction The County Council aims to protect the wellbeing

More information

LFRS Business Continuity Planning

LFRS Business Continuity Planning LFRS Business Continuity Planning 1.1 INTRODUCTION The LFRS Business Continuity Plan provides a framework for the activation, allocation and deployment of Lancashire Fire and Rescue Services resources

More information

2 Gabi Siboni, 1 Senior Research Fellow and Director,

2 Gabi Siboni, 1 Senior Research Fellow and Director, Cyber Security Build-up of India s National Force 2 Gabi Siboni, 1 Senior Research Fellow and Director, Military and Strategic Affairs and Cyber Security Programs, Institute for National Security Studies,

More information

FOCUS. Security. Research projects. Innovation serving Comprehensive Protection! In this edition: No 1 - November 2014

FOCUS. Security. Research projects. Innovation serving Comprehensive Protection! In this edition: No 1 - November 2014 FOCUS Security Research projects No 1 - November 2014 In its role as technical platform and forum for gathering and expressing members ideas, UIC is able to synthesise these research needs, along with

More information

Monetary Authority of Singapore BUSINESS CONTINUITY MANAGEMENT GUIDELINES

Monetary Authority of Singapore BUSINESS CONTINUITY MANAGEMENT GUIDELINES Monetary Authority of Singapore BUSINESS CONTINUITY MANAGEMENT GUIDELINES June 2003 TABLE OF CONTENTS 1.0 INTRODUCTION... 1 1.1 READINESS IS YOUR ONLY PROTECTION... 1 1.2 APPLICATION OF THE GUIDELINES...

More information

The European Response to the rising Cyber Threat

The European Response to the rising Cyber Threat SPEECH/12/315 Cecilia Malmström European Commissioner responsible for Home Affairs The European Response to the rising Cyber Threat Transatlantic Cyber Conference organised by the Center for Strategic

More information

BUSINESS CONTINUITY MANAGEMENT FRAMEWORK

BUSINESS CONTINUITY MANAGEMENT FRAMEWORK BUSINESS CONTINUITY MANAGEMENT FRAMEWORK Document Author: Civil Contingencies Service - Authorised by the CCS Joint Management Board - Version 1.0. Issued December 2012 Page 1 FRAMEWORK STATEMENT Business

More information

DRAFT Revised Guide to the National CDEM Plan 2015 July 2015

DRAFT Revised Guide to the National CDEM Plan 2015 July 2015 19. Planning Summary Planning involves the proactive coordination of CDEM Group and agency activities in the medium to long term, with the intention of achieving a unified effort that works towards a common

More information

Maritime Insurance Cyber Security Framing the Exposure. Tony Cowie May 2015

Maritime Insurance Cyber Security Framing the Exposure. Tony Cowie May 2015 Maritime Insurance Cyber Security Framing the Exposure Tony Cowie May 2015 Table of Contents / Agenda What is cyber risk? Exposures - Should we be concerned about "Cyber"? Is Cyber covered under a Marine

More information

Portal Storm: A Cyber/Business Continuity Exercise. Cyber Security Initiatives

Portal Storm: A Cyber/Business Continuity Exercise. Cyber Security Initiatives Portal Storm: A Cyber/Business Continuity Exercise Cyber Security Initiatives Commonwealth of Pennsylvania Office of Administration Tony Encinias, Chief Information Officer Project Initiated: January 2013

More information

KPMG Information Risk Management Business Continuity Management Peter McNally, KPMG Asia Pacific Leader for Business Continuity

KPMG Information Risk Management Business Continuity Management Peter McNally, KPMG Asia Pacific Leader for Business Continuity INFORMATION RISK MANAGEMENT KPMG Information Risk Management Business Continuity Management Peter McNally, KPMG Asia Pacific Leader for Business Continuity ADVISORY Contents Agenda: Global trends and BCM

More information

(U) Appendix E: Case for Developing an International Cybersecurity Policy Framework

(U) Appendix E: Case for Developing an International Cybersecurity Policy Framework (U) Appendix E: Case for Developing an International Cybersecurity Policy Framework (U//FOUO) The United States lacks a comprehensive strategic international policy framework and coordinated engagement

More information

Middle Class Economics: Cybersecurity Updated August 7, 2015

Middle Class Economics: Cybersecurity Updated August 7, 2015 Middle Class Economics: Cybersecurity Updated August 7, 2015 The President's 2016 Budget is designed to bring middle class economics into the 21st Century. This Budget shows what we can do if we invest

More information

London Business Interruption Association Technology new risks and opportunities for the Insurance industry

London Business Interruption Association Technology new risks and opportunities for the Insurance industry London Business Interruption Association Technology new risks and opportunities for the Insurance industry Kiran Nagaraj Senior Manager, KPMG LLP February 2014 Agenda Introduction The world we live in

More information

Det talte ord gælder

Det talte ord gælder Thank you for the invitation. I m pleased to be given this opportunity to speak to you about Homeland Security, seen from my point of view. Homeland Security is a concept we ve all grown very familiar

More information

Enhanced resilience for major emergencies Proven capability solutions to deliver the resilience you need

Enhanced resilience for major emergencies Proven capability solutions to deliver the resilience you need Enhanced resilience for major emergencies Proven capability solutions to deliver the resilience you need 1 The Alliance Value Proposition Alliance Value Proposition The threat posed today Terrorist threats

More information

CyberSecurity Solutions. Delivering

CyberSecurity Solutions. Delivering CyberSecurity Solutions Delivering Confidence Staying One Step Ahead Cyber attacks pose a real and growing threat to nations, corporations and individuals globally. As a trusted leader in cyber solutions

More information