Cyber News Global: Issue 5 by Cyber News Global

A.I. Focus

How companies can preempt cyberattacks What AI will bring over the coming years The defence case for AI regulation Cybersecurity woman of the world Secrets from the frontline Ethical Hacking: In the modern digital age Should marketing of cyber be regulated?

CRI M I NALS USI NG TH E DARK WEB TH I N K YOU CAN'T SEE TH EM. WITH SEARCH LIGHT CYBER, YOU CAN.

Our dark web monitoring solutions can help you identify criminals targeting your corporate or industrial infrastructure on forums, marketplaces, and hidden sites. This provides invaluable early warning to cyber threats, critical time to adjust your defenses, and the opportunity to prevent cyberattacks.

FOLLOW TH E QR CODE TO ACCESS TH E LET'S TALK CYBER PODCAST TO LEARN MORE.

Contents

4 How energy companies can preempt cyberattacks Scotland Youth Volunteers 8 Police Become Cyber Aware Warriors

Dear Reader, Welcome to Cyber News Global, this collaborative publication has been brought together by the UK’s leading Energy Sector Publication OGV Energy and UK Cyber Security Specialists, OSP Group Limited. A combined wealth of experience, networks and specialists will ensure that CNG becomes a leading platform for the Cyber Sector in the UK, USA and Middle East. Thomas McCarthy

CEO, Cyber News Global

Kenny Dooley

Director, OGV Energy

10 Cyber...Much more than just a technical career! 14 Work from anywhere. Securely. AI will bring to Industry over the 16 What coming years

20 The defence case for AI regulation 25 Cybersecurity Woman of the World Edition 2023

30 Secrets from the frontline Hacking: 44 Ethical A necessity in the modern digital age

48 Should the Marketing of Cyber be Regulated?

If you have a contribution of relevant industry news please email media@cybernewsglobal.com

Have an inspiring day and read on!

What AI will bring to Industry over the coming years Dr Jassim Haji - ‘President, International Group of Artificial Intelligence’.

Official Partner

Secrets from the frontline

Cyber Security Woman of the World 2023

Ethical Hacking

Header

HOW ENERGY COMPANIES CAN PREEMPT CYBERATTACKS BY MONITORING THE DARK WEB By Dr Gareth Owenson, Co-Founder and CTO of Searchlight Cyber

The “dark web” has more than earnt the negative connotation that comes with its name. While there are some specific positive uses for this anonymised area of the internet, we know from our own research that the vast majority of activity on the dark web is explicitly illegal. This includes its use by cybercriminal gangs who target energy companies and other organisations from hacking forums where they believe they can act anonymously. While this sounds scary, cybersecurity professionals are increasingly realising that the dark web offers them an opportunity. By monitoring the dark web, they can gain a better understanding of their adversaries, inform their defences, and even potentially spot attacks against them before they are launched. Indeed, our recent survey of CISOs found that 72 percent of oil and gas companies are gathering data from the dark web for defensive purposes.1

cybernewsglobal.com

However, while this is a promising start, there is still a long way to go. The energy industry uses dark web data less than comparable high risk industries such as financial services (85 percent), manufacturing (83 percent), and transportation (81 percent). Even more concerningly, more than a quarter (27 percent) of oil and gas CISOs still believe that activity on the dark web has no impact on their company at all. This article will break that misconception by explaining what the dark web is, how energy organisations are targeted on it, and what they can do about it.

What is the dark web? The dark web is distinct from the wider internet in that its sites are not indexed on standard search engines (like Google or Bing) and can’t be accessed via standard web browsers (like Chrome or Safari). It can only be accessed through specialist software such as The Onion Router (Tor), which has been designed to protect users’ anonymity when they search the web or host websites.

This perception of anonymity has made the dark web popular with cybercriminals who believe they can act with impunity, out of reach of law enforcement or cybersecurity professionals. However, while it is true that using the dark web does make the individuals harder to identify, their actions are far from invisible. In fact, cybersecurity professionals are increasingly monitoring the dark web to gather intelligence on threat actors operating on dark web forums and marketplaces, where they are effectively planning their attacks. This type of threat intelligence is known as “preattack intelligence”, as it refers to the activity of cybercriminals before a cyberattack is launched. Pre-attack intelligence is incredibly valuable to a cybersecurity team because it gives them a chance to take preemptive defensive actions before their network is breached, providing a rare opportunity to completely prevent a cyberattack.

1 https://www.slcyber.io/whitepapers-reports/proactive-defence-how-enterprises-are-using-dark-web-threat-intelligence/ 2 https://www.slcyber.io/whitepapers-reports/dark-web-threats-against-the-energy-industry/

Preempting Cyberattacks

For example, with the information the seller provides on the revenue, location, and technology of the organisation, a security team could identify if they fit the profile of the victim. In some cases the company name is even given, which means that if the security team is monitoring the dark web they would be able to immediately identify that they are being targeted and take mitigative action. The seller also names the technology that has been compromised (a Fortinet Remote Desktop Protocol), which would give the security team a starting point for their internal investigation. Other types of access we commonly observe being sold include Virtual Private Networks (VPNs) and stolen corporate credentials.

How are energy companies targeted on the dark web? Our recent research found that the energy companies are primarily targeted in dark web forum “auctions”, where cybercriminals sell initial access to energy companies’ networks to other cybercriminals for them to exploit.2 The image below is a real example of a typical post that we have labelled to show the key components:

Threats to ICS and OT While it is less common, our research also uncovered cybercriminals discussing ICS and OT systems on dark web forums and sharing files and resources to help others conduct attacks. Compromised critical infrastructure is undoubtedly the highest priority concern of cybersecurity professionals at energy organisations and many will be concerned to hear that this technology is openly discussed on the dark web. However, once again, this simply highlights the need for security professionals to continuously monitor for evidence that their infrastructure is being targeted. With intelligence on what systems are being discussed, what information the cybercriminals have, and what vulnerabilities they might be looking to exploit - security professionals can make far more informed decisions on applying additional security controls and monitoring their ICS for suspicious activity.

The case for dark web monitoring

The “Start, Step, Blitz” terminology used in this post is a common approach to auctioning initial access on dark web forums. In this case, it means that bidding starts at $1500 and bids will be placed at increments of $500. However, if an individual wanted to purchase the access outright they could do so at the “blitz” price of $2500. Initial Access Broker posts like these are a good example of pre-attack intelligence because, while this information is shared with the intention of attracting buyers, it also offers cybersecurity professionals a valuable opportunity to determine if their organisation has been compromised andis the subject of this dark web ad.

The unfortunate reality is that energy organisations are increasingly in the crosshairs of cybercriminals. While they may not have historically been considered the the primary target for financially-motivated cyberattacks, the threat landscape has changed dramatically over the past few years, and cybercriminals are no longer just focusing on asset-rich organisations like banks and insurance companies. They are increasingly targeting the energy industry to leverage the critical nature of these companies and extort ransoms. This makes dark web intelligence vital. By monitoring the dark web, energy organisations can identify threats against their company earlier, use the intelligence they gather to inform their defensive strategies, and be much more proactive in stopping cyberattacks. 

Editorial

editor@cybernewsglobal.com

Advertising

marketing@cybernewsglobal.com

Design

office@ogvenergy.co.uk

Events & Partnerships

ceo@cybernewsglobal.com

CONTRIBUTORS

OUR PARTNERS

Disclaimer: The views and opinions published within editorials and advertisements in Cyber News Global are not those of our editor or company. Whilst we have made every effort to ensure the legitimacy of the content, Cyber News Global cannot accept any responsibility for errors and mistakes.

ADVERTISE WITH US VIEW our media pack at

www.cybernewsglobal.com or scan de QR code

Police Scotland Youth Volunteers

Header

Become Cyber Aware Warriors

Police Scotland Youth Volunteers (PSYV) join forces with Robert Gordon University and OSP Cyber Academy Around 1000 PSYV’s are being trained in aspects of cyber awareness via an online training portal delivered by OSP Cyber Academy, one of the UK’s leading online cyber training providers. The aim is to help the volunteers understand the threats and risks that they face on a daily basis online and share this knowledge when engaging with family and friends to help protect them. So who are these Cyber Warriors? PSYV? There are currently 43 PSYV groups across Scotland and they are represented in each of the 13 Local Policing Divisions, with over 900 young Volunteers and over 200 adult volunteers nationally. The purpose of the PSYV is to promote a practical understanding of policing amongst young volunteers, encourage the spirit of adventure and good citizenship, support local policing priorities through volunteering in local events and initiatives to raise awareness, give young people

a chance to be heard and to inspire young people to participate positively in their communities. The PSYV provides young people aged 13 – 18, of all backgrounds, a positive means of engagement with the police through regular training, participation in community safety initiatives and through volunteering in their communities leading to this project being an ideal opportunity to engage about cyber awareness for protection online. All age groups of PSYVs including adult volunteers will gain the cyber knowledge necessary to support this great initiative, through peer mentoring. More importantly they will be learning skills to help them educate the most vulnerable in society, with these newfound skills they will then go into the wider community armed with this capability to deliver education and awareness via a thought provoking “Escape Rooms’ styled exercise developed exclusively for this Project by the science and technology faculty at Robert Gordons University.

Representatives and partners from Police Scotland Youth Volunteers, Scottish Government, Scottish Police Authority, Robert Gordon University, OSP Cyber Academy and ScotlandIS attending the official launch.

Christopher McDermott Lecturer Human-centred Security Robert Gordon University

Irene Coyle Chief Operating Officer OSP Cyber Academy

This is very much the start of the journey with a hope that the success of this programme might gain more valuable support from the Scottish Government who have been instrumental in making this project happen, to date this is the first programme of its kind in the entire UK, so Scotland intend to deliver on its challenge.

Header

CYBERSECURITY IS MUCH MORE THAN JUST A TECHNICAL CAREER Amanda Finch explains why it’s never been a more important time to showcase the range of opportunities in cyber to increase diversity and professionalism in the industry

The cybersecurity industry is, unfortunately, suffering with an image problem. Often perceived as a dry, technical career and stereotyped as a “boys only club”, in reality cybersecurity should suit almost anyone. The industry is looking to encourage a diverse intake of fresh blood, ranging from graduates to those looking for a mid-career change. Not all of these will have a background in cyber, or even technology. Cybersecurity is much broader than a purely technical career – it demands social, managerial, investigative and even financial capabilities. In CIISec’s latest survey of cyber security workers, 57% said analytic, thinking and problem-solving skills were the most important in security – compared to 18% saying technical skills. Moreover, many individuals will have already developed the skills needed in security in other careers, from attention to detail and identifying unusual patterns of behaviour, to the "soft" skills needed to drive security awareness in others. For example, communication and education are key in a cyber career. If security teams are going to align with the wider organisation, then they must be able to understand and properly communicate business risk; including levels of risk, what risks are and aren’t acceptable, and how best to mitigate them. They will then have to coach employees to reduce, recognise and

cybernewsglobal.com

react to threats, including staging mock attacks to make the risks clear. These are skills that could just as easily be developed in any number of careers. Even on the technical side, there are a huge variety of roles for prospective employees to choose from. Some might focus on forensics work, unpicking what happened during a serious incident to help defenders prevent it from occurring again. Others may spend more time on incident detection and response. Meanwhile, others may focus on preventative measures such as patching vulnerable machines.

Opportunities for everyone The bottom line is whatever your skills, there is almost certainly a career for you in the cybersecurity sector. And it’s important that the industry finds a way to showcase the opportunities that are out there for everyone. The industry certainly needs fresh talent as it is suffering with an ongoing skills shortage. The global shortfall in professionals is decreasing, but is still estimated at around 2.7 million, including 33,000 in the UK. Without enough security practitioners in place, organisations are likely to face increased cyber and business risk. That could translate directly into serious

breaches, service outages, or disruption to much-needed digital transformation projects. In a recent government report, 13% of organisations say cyber skills gaps among job applicants have prevented them from achieving business goals to a “great extent”. Given cyber security’s role as a business-critical function that is comparatively well-paying and recession-proof – on top of the industry skills shortage meaning there are plenty of openings – it is an increasingly attractive career. There’s not only more variety of roles, but there are also more opportunities to advance. There’s even a strong cyber element emerging in sectors like law enforcement, where digital is one of the fastest-growing vectors for criminal activity. Organisations like the Institute of Cyber Digital Investigation Professionals (ICDIP) are a great place to start looking for more information about this burgeoning field.

Finding the right avenue So how do you kick start a career in cyber? Contrary to popular belief, it doesn’t have to begin with a sector-specific qualification. However, many do choose to begin their journey with education. That could be a Computer Science A-Level. It could be a university degree. Or it could be something like CIISec’s new Cyber

Cybersecurity Career Extended Project Qualification (CyberEPQ), which plugs the gap between GCSE Computer Studies and a full-blown degree. The CyberEPQ gives anyone from 14 years old the best possible opportunity to kick-start their cyber security career, integrating with CIISec’s broader development programmes to provide a clear pathway to progress. There are also a range of apprenticeships on offer, as well as bootcamps and other vocational courses run by organisations passionate about persuading professionals to give cyber a go. Many focus on currently underrepresented groups, like Code First Girls, and/or have links to local employers to accelerate the transition into a new career.

Showcasing the opportunities Despite the different routes into the industry, the cyber security industry needs to advertise itself better to overcome its 'boys club' image problem. This should involve showing the opportunities, excitement and career routes available to anyone from any background at any level – from school to university, and then at different stages of their career. Without this image overhaul, cyber security risks losing out on the best and brightest talent for other, more attractive or widely understood sectors, such as data analytics. It's important for the industry to do more to attract candidates from nontechnical and non-cyber backgrounds, and make sure these people are actively encouraged to apply for roles. We need diversity in the industry – not just in terms of race, gender and neurodiversity but also in background, work experience and training. Ultimately, we need diversity in outlook: if the whole industry thinks in a monolithic way, it will be harder to spot and react to new threats, especially from increasingly creative adversaries.

We will need this diversity to ensure the sector is able to adapt to the challenges of tomorrow, as cybersecurity evolves as an industry – embedding itself deeper into the fabric of business and society. To attract a broader pool of talent, the industry needs to be able to show exactly what skills are needed for what roles, so people can see the opportunities available. Key to all this will be both organisations and individuals having a framework that can show exactly what skills are necessary to fulfil what roles. That’s what we’re trying to deliver at the CIISec. First, accredited qualifications so that candidates and employers are clear what technical and non-technical skills individuals possess. And second, frameworks with which to work out which skills are required for a specific role and level. Doing this will help in hiring the right people for the job. However, it will also mean that the routes to progress through an individual's career are clearly marked, ensuring that individuals who join the industry don't, over time, become jaded or burnt out due to a lack of opportunity.

There’s a largely untapped pool of talent who may have had roles in adjacent sectors like mathematics, engineering, compliance or risk management. But there are undoubtedly also many more who have what it takes to succeed in cyber, despite never having considered themselves a “techie”.

Amanda Finch CIISEC

This is the path to professionalising the industry. And with the cybersecurity sector booming, it’s never been a better time to join. ❚

WORK FROM ANYWHERE. SECURELY.

SECURE YOUR BUSINESS FOR TODAY’S REMOTE AND HYBRID WORKFORCE WITH THE LEADING SASE SPECIALISTS

Zero Trust Network Access

Network Access Control

Cloud Backup

Data Loss Prevention

Secure Web Gateway (SWG)

Attack Surface Management

Cloud Access Security Broker (CASB)

Endpoint Protection

discover@everycloud.co.uk | www.everycloud.co.uk | 0800 470 1820

Work from anywhere. Securely. In today's hybrid and remote working environment, where the digital landscape evolves at a rapid pace, our commitment at EveryCloud is to ensure that businesses are equipped to navigate the challenges and opportunities that the cyber world presents. Our mission is to empower organisations to thrive in this environment while safeguarding vital assets and contributing to the stability of the critical infrastructure.

cybernewsglobal.com

Work from anywhere

At EveryCloud, we have always been at the forefront of cybersecurity innovation, providing businesses with comprehensive solutions to tackle the constantly evolving cyber threats. We understand the vital importance of technology in modern businesses, and that's why we are committed to creating tailored cybersecurity strategies. Our primary focus is on developing solutions that effectively mitigate the expanding attack surface that businesses face as they integrate new digital technologies into their day-to-day operations.

Navigating Market Dynamics: As we examine the current market, it's evident that safeguarding the critical infrastructure is paramount. With industries becoming increasingly hybrid/remote and reliant on digital systems, the potential impact of cyberattacks on essential services and businesses is substantial. We view these challenges not only as obstacles but also as opportunities to bolster the resilience of organisations through robust cybersecurity measures.

Key Challenges: •

•

Lack of Resources: Many organisations face the challenge of lacking adequate resources to tackle the intricacies of cybersecurity effectively. This can encompass vital sectors like energy, transportation, communication, and healthcare, the shortage of necessary resources poses a significant risk. These sectors are integral to a nation's functioning, and any breaches in their cybersecurity can have far-reaching consequences. However, due to constraints such as budget limitations, shortage of skilled cybersecurity personnel, and the constant evolving nature of cyber threats, these critical sectors often find themselves struggling to implement robust security protocols. Budget Constraints: Budgetary considerations pose a significant hurdle for businesses seeking to enhance their cybersecurity posture. Striking a balance between investing in advanced cybersecurity measures and allocating resources to other critical areas is an ongoing struggle.

•

Navigating Cybersecurity Tools: The huge number of cybersecurity tools available in the market can be overwhelming for businesses. Selecting the right tools that align with an organisation's specific needs is a perplexing task, often resulting in confusion and inefficiencies.

•

Compliance and Regulatory Issues: The landscape of cybersecurity regulations and compliance standards is complex and ever-changing. Navigating these regulations while ensuring the confidentiality, integrity, and availability of data adds an additional layer of complexity for businesses.

Our team of experts specialise in guiding businesses through the maze of cybersecurity tools and technologies. We work closely with organisations to assess their unique requirements and tailor solutions that provide maximum protection without overburdening resources. Our experience and insight allow us to recommend and implement the right tools for the right purpose, streamlining cybersecurity operations and boosting efficiency.

Meeting the Challenges: Focusing on pre-emptive approach, our dedication to proactive strategies is represented through our Attack Surface Management solution. The reality is that attack surfaces have grown beyond the scope of what traditional security tools and practices can effectively manage. Many security professionals are simply unable to discover, manage, and protect their rapidly growing attack surfaces. Attack Surface Management provides continuous, automated scanning and attribution of all an organisation’s Internet-based assets. Attack Surface Management uniquely identifies external assets your team may not even be aware of, empowering you to better manage all your risks before attackers take action. Our industry leading Attack Surface Management provides a system of vigilant offense that looks at everything from HTTP hosts to message brokers to remote desktop exposure to network printers. We seek potential breaches, shore up leaks in your protocols, and map any potential weak points. So, in a world that's changing faster than we can blink, EveryCloud can guide businesses through the challenges and opportunities. The Senior Leaders Cyber Summit is a chance for all of us to share what we've learned and help each other out. Together, we'll make sure businesses can thrive in the digital world while ensuring people are able to work from anywhere. Securely. 

By Paul Richards Director of Technology, EveryCloud

What Will A.I. Bring...

What AI will bring to Industry over the coming years, the challenges and the values and any other interesting considerations, such as cybersecurity. Dr Jassim Haji ‘President, International Group of Artificial Intelligence’.

In the coming years, AI is assured to exert significant influence on industries, with the potential to enhance efficiency, productivity, safety, and customer-centricity and bears tremendous promise to revolutionize automation, data analysis, personalization, cyber security, and other advancements. Across different sectors, AI can deliver substantial value by enhancing both organizational and human capabilities. Utilizing techniques like generative designs, predictive simulations, and autonomous experimentation platforms, AI accelerates research, development, and design processes. Additionally, AI’s application enables optimized logistics, predictive maintenance, and precision agriculture, leading to reduced waste, emissions, and resource consumption, thereby fostering sustainability. Moreover, AI models demonstrate consistent performance without fatigue and often surpass human accuracy, leading to improved manufacturing quality, services, and various other workflows. An essential aspect of AI’s impact is its ability, especially through machine learning techniques, to extract invaluable insights from vast datasets that would remain hidden to human analysts using traditional analytics methods. As a result, AI becomes a powerful tool in uncovering hidden patterns and trends that can inform better decision-making and drive innovation in diverse industries. A primary avenue through which AI would influence industries would be through Human-Robot collaborations, marking a paradigm shift in how humans and machines cooperate to accomplish tasks across diverse sectors and environments. This collaborative approach offers numerous opportunities and advantages by leveraging the distinctive strengths of both humans and robots, ultimately leading to heightened levels of safety, efficiency, and productivity. The rising popularity of collaborative robots, also known as “cobots,” emphasizes this transformative trend. Cobots are designed to work alongside human operators in a shared workspace, eliminating the need for stringent safety measures. Unlike legacy robots, which are typically isolated due to safety concerns, Cobots are specifically engineered to work and interact safely with people. They are compact, lightweight, and equipped with built-in sensors that enable them to detect and avoid hazardous human interactions. This safety-oriented design makes them more productive, costeffective, and user-friendly compared to other robots. As technology continues to advance, we can expect wider adoption of cobots in various industries in recent years.

cybernewsglobal.com

Another industry experiencing rapid transformation through artificial intelligence is the health care industry, presenting immense potential to significantly enhance patient outcomes, cost reduction, and revolutionizing medicine. Beyond its well-known applications like virtual medical assistants, personalized medication, and predictive analytics, AI is continuously evolving and offering innovative solutions across the healthcare sector. One area where AI is making a profound impact in health sector, is the analysis of medical images, enabling earlier and more accurate detection of cancers. Nvidia’s Clara AI toolkit can generate synthetic MRI scans for training, leading to faster scan times and improved turnaround for MRI procedures. Additionally, platforms such as Exscientia and Insilico are facilitating drug discovery by rapidly generating and testing novel molecule candidates to achieve desired drug effects. Furthermore, in the wake of the Covid-19 outbreak, AI systems like HealthMap, ProMEDMail etc., can analyze news reports, search trends, and social media posts to identify and report on signs of emerging disease outbreaks earlier than traditional methods, aiding in early detection and response. Overall, AI’s advancements in the healthcare industry are paving the way for transformative changes, bringing about more efficient, accurate, and proactive healthcare practices. While the opportunities are great, companies must approach AI adoption in a measured way, considering ethics, risk management and a responsible transformation strategy. The challenge of adopting AI is not merely an IT initiative – it requires company-wide coordination around talent, culture, data asset management and adoption practices. Even though AI can be transformative to many industries, there are also challenges and potential pitfalls to consider. The process of gathering data to train AI systems gives rise to legitimate concerns

What Will A.I. Bring...

surrounding data privacy and ethical data handling and as a response to these concerns, regulations are continuously evolving to ensure responsible and lawful data usage. The growing adoption of AI presents new security challenges, as malicious entities may exploit the technology for nefarious purposes, such as sophisticated social engineering, phishing attacks, impersonation, and other cybercrimes. This highlights the critical need for robust cybersecurity measures to safeguard against potential threats and protect sensitive information from falling into the wrong hands.

network, including laptops, desktops, and other devices. By employing diverse AI techniques like machine learning, natural language processing, and behavioral analytics, it thoroughly examines data from system logs, network traffic, and application activity to pinpoint potential threats. Based on its AI models deployed in sensitive business applications with regulatory and ethical implications analysis, the EDR system can promptly require stringent controls, thorough auditing, and transparency. Ensuring explainability is crucial execute pre-defined actions, leading to to understanding their decision-making process as adversaries may attempt to exploit AI supply chains, manipulate training data, or exploit model weaknesses to compromise faster response times, decreased the integrity and reliability of AI models and their decision-making capabilities. As The false positives, and enhanced a result, maintaining a vigilant and proactive approach to secure AI systems is of floating wind endpoint visibility. utmost importance to safeguard against potential threats and maintain trust in landscape again has their functionality. A notable advancement in brought new challenges the field of cybersecurity is and it is these challenges The ongoing fight against cybercriminals is driving rapid progress in AI within the adoption of generative the field of cybersecurity. AI-powered cyber defense is becoming increasingly that Global Maritime are adversarial networks essential for industries as they face evolving threats. Although AI-driven defenses addressing to bring (GANs). GANs represent are still in the preliminary stages of development, their potential to transform solutions and denetwork and system protection from attacks is undeniable. By automating tasks a type of machine learning risk projects. and analyzing vast datasets, AI can effectively identify patterns and anomalies that model capable of generating indicate potential cyber threats, making it an indispensable tool in ensuring the security realistic data. Despite being of our digital infrastructure.Consider the example of AI-Powered Endpoint Detection and in its initial stages, this technology Response (EDR). This security shows great promise in tailoring data to solution leverages AI to identify specific applications, thereby enhancing and address threats on the effectiveness of training machine endpoint devices learning models and testing malware connected detection systems. to the Google AI has developed a GAN-based system known as the DeepFake Detection Challenge, which effectively detects deepfake content. Additionally, IBM’s GAN-based system, Watson for Cybersecurity, facilitates the generation of synthetic data to train machine learning models. Nonetheless, GANs do have their limitations, including challenges related to training complexity, stability issues, and high computational costs. As a result, further research is essential to address these obstacles and devise more efficient and effective GAN-based techniques in the field of cybersecurity. The continuous advancement of AI holds tremendous potential, promising significant advancements, challenges, and values for industries in the years ahead. Despite the obstacles, the value that AI can provide to various sectors is immense. Embracing this evolving technology requires close collaboration between experts, policymakers, and stakeholders to shape a future where AI empowers industries to flourish and overcome the challenges that lie ahead. By working together, we can navigate this transformative landscape and create a future where AI plays a pivotal role in driving innovation and success across industries. 

COMING SOON

A CYBER SUMMIT OF THE HIGHEST CALIBRE Senior Leaders Cyber Summit 2023 MODERATOR

Isabelle Meyer Cross Border Collaboration Fighting Cybercrime Internationally

Co-founder & Chief International Officier ZENDATA.

MEET US

ZENDATA has experience working with governmental entities and in critical infrastructure projects about Threat Intelligence.

Date: August 31, 2023 Time: 08h30 am to 05h45 pm Place: Robert Gordon University Garthdee House, Garthdee Rd, Garthdee Aberdeen, Aberdeen AB10 7AQ United Kingdom www.ospcyberacademy.com/senior-leaders-cyber-summit

www.zendata.ch www.zendata.ae www.zendata.bh

info@zendata.ch info@zendata.ae info@zendata.bh

+41 22 588 65 90 +971 50 726 9357 +973 33 497 324

Header

An old African proverb says, “if you want to go fast, go alone; if you want to go far, go together.”

THE DEFENCE CASE FOR AI REGULATION The European Parliament’s adoption of the EU AI Act position starting from a foundation of shared values and consensus on core elements of responsible AI, marks the beginning for what will represent a welcome and seismic shift in the global AI policy landscape. By strength in numbers, the vote sets up the so-called trialogue negotiations, the final phase of the EU’s process, and paves the way for the likely adoption of Europe’s — and the world’s — first comprehensive AI regulatory framework.

The EU AI Act is expected to become law in early 2024 (with a hard deadline created by the Parliamentary elections in early June 2024). The Commission proposed 24 months for the subsequent period for compliance; the Council wants to extend this to 36 months; but the new sense of urgency around regulation may mean that it is shortened. If the past is prologue, then there may be a sense of déjà vu when it comes to Europe playing a leading role in the development of AI policy. In 2016, Europe adopted privacy legislation – the General Data Protection Regulation, better known simply as GDPR – that has gone on to play a significant role in global privacy regulation achieving “Brussels effect” ripples. In 2019 Commission President von der Leyen said: “With the General Data Protection Regulation we set the pattern for the world. We have to do the same with artificial intelligence.”

Sandip Patel KC Quantum Resilience and OSP Cyber Academy

Do we need AI regulation? AI is embedded in our lives, and it is here to stay; a recent study by PricewaterhouseCoopers found that AI could contribute US$15.7 trillion to the global economy in 2030, making it the most significant commercial opportunity in today’s economy. AI is all pervasive. Many organisations are now using it (or trying to). Increasingly advanced and meaningful decisions are now being delegated to AI systems, some of which are subject to regulation but many of which are not.

cybernewsglobal.com

There are various codes of AI ethics but few binding laws as yet. The application of certain laws currently in force to AI remains untested and therefore unclear. AI systems give rise to novel issues because current legal and moral systems are premised on human decision-making. The new problems include questions of:

•

Who should be responsible if AI causes harm?

•

Who should be the owner if AI creates valuable output, which might otherwise be protected by intellectual property laws or provisions on the freedom of speech?

•

What parameters should AI consider when taking decisions that involve a trade-off between competing values?

•

Are there any areas from which AI should be banned, or in which human intervention should be made mandatory?

The question of whether a regulation is the appropriate framework to regulate AI in Europe (or indeed elsewhere) is hotly debated. To offer a typical lawyer’s view, “it depends.” On one hand, and as in the case of the GDPR, by opting for a regulation which is directly applicable to all EU Member States, the Commission seeks to prevent the potential fragmentation of applicable legal frameworks across Europe with varying national legislative requirements. From a business perspective, there is a balance to be found between speed, innovation, and humancentric AI. There is a body of consensus that the alternative of letting market forces freely determine how AI will be used without any rules would be an unacceptable and dangerous risk. Therefore, the real question is not whether we need regulation, but rather whether the right approach is followed.

Header

Meantime, organisations, including governments, which seek to use AI operate under a degree of uncertainty as to how the technology should be managed. Such uncertainty is negative for businesses, who may hold off on investing until the regulatory picture is clearer. Sam Altman, the trailblazer behind ChatGPT and Worldcoin, appeared to fire a warning shot at Brussels, suggesting his company could pull its services from the EU if regulation was too tough. “We will try to comply but if we can’t comply, we will cease operating,” said Altman before later rowing back on his comments. It is sometimes thought that regulation and innovation are opposed to each other. This is not correct. Instead, when regulation is designed well it can create a stable framework for innovation, promoting societal trust in new technologies and encouraging entrepreneurs to build their companies in a jurisdiction. The current situation is also damaging for the wider population, which may lose out on the advantages of AI, or alternatively may suffer harm through the unethical use of AI but lack any legal recourse or protection. It is therefore important for regional, national, and supranational governments to play a coordinating role in establishing clear and effective AI regulatory policies. As regards AI-specific regulation, the EU’s AI Act is arguably the most detailed, developed, and wide-ranging proposal. The EU AI Act takes a tiered, risk-based approach. AI applications

that pose an unacceptable risk of harm to human safety or to fundamental rights will be banned. High-risk (but not prohibited) AI will be subject to detailed regulation, registration, certification, and a formal enforcement regime. Lower-risk AI will mainly be subject to a transparency requirement. Other AI applications will be unregulated.

particularly acute for UK businesses that want access to neighbouring EU markets which will depend on compliance with the EU AI Act and corresponding compliance costs. Separately to mandatory compliance, many businesses are nonetheless choosing to undertake an “algorithmic impact assessment” to understand the potentially wide-ranging risks posed by AI and scope for mitigation.

The UK government’s approach, as set out in its March 2023 white paper, is markedly Various assessment frameworks different to the EU and wants are available. The UK’s Centre to consolidate its role as the for Data Ethics and Innovation leading European AI hub with has recently published case But while there is a US-aligned, regulationstudies of real-world AI global consensus light environment to boost assurance techniques across productivity and attract on the need for AI various sectors to build skills innovative businesses to regulation, there is and understanding in this the UK, leaving existing area (including an EU AI Act no agreed pathway. regulators to regulate readiness assessment tool AI using their existing from the British Standards jurisdiction and powers. Institute). The Commission has But while there is global set up the European Centre for consensus on the need for AI Algorithmic Transparency, while the regulation, there is no agreed pathway. In European Law Institute has published model fact, there is obvious tension between the rules for algorithmic assessment in the public approach of the EU, and that of the UK, US, sector. The Netherlands already requires and others. public authorities to audit algorithms’ impact on human rights. AI audits will increasingly This ambiguity consigns organisations to become important as organisations seek to a Catch-22 dilemma. A business deciding understand and manage AI risk and impending how to approach AI compliance and whether compliance obligations. to begin aligning with emerging regulation, may therefore base its decision on its target The one certainty is that the AI road ahead will markets for future expansion. The problem is be bumpy and exhilarating! 

22 22

OFFSHORE WIND Header

INTEGRATING AI INTO YOUR BUSINESS OPERATIONS:

A COMPREHENSIVE GUIDE

As the digital landscape continues to evolve, businesses are increasingly looking to leverage artificial intelligence (AI) for enhancing various operational aspects. From mobile app development to marketing strategies, AI offers a myriad of opportunities to streamline processes and drive efficiency. But how exactly can you integrate AI into your existing operations and workflows? This article from OSP Cyber Academy explores six key points to guide you on this transformative journey.

Leverage AI for Enhancing Mobile App Development AI's role in mobile app development is becoming increasingly indispensable, providing a wealth of capabilities that can significantly improve the user experience and streamline business processes. When you incorporate AI into your mobile app development workflow, you pave the way for the creation of versatile applications. These AI-powered apps can learn from user behavior, anticipate user needs, and deliver personalized experiences, setting them apart from their traditional counterparts. Moreover, AI has the potential to revolutionize various stages of app development, particularly testing and debugging. By automating these often time-consuming tasks, AI speeds up the development process and ensures the delivery of high-quality, error-free applications. Furthermore, AI's ability to analyze user behavior in real-time offers a unique advantage. It can provide invaluable insights into how users interact with the app, which can then be used to refine and enhance the app's features and functionalities, ultimately leading to a more engaging and satisfying user experience.

Equip Your Employees for AI Success Training is a crucial aspect of integrating AI into your business operations. Employees need to understand how AI works, its benefits, and how to use it effectively. Providing comprehensive training programs can help demystify AI and encourage employees to embrace this new technology. Moreover, training should not be a one-time event but an ongoing process. As AI technology evolves, so should your training programs. Regular training sessions can ensure that your employees are up-to-date with the latest AI trends and technologies, enabling them to utilize AI tools to their fullest potential. AI isn’t not the only technology that demands ongoing training in your organization; cybersecurity requires it as well. Keep your team up to speed with elearning from OSP Cyber Academy.

The Key to Efficient and Ethical AI Decisions AI systems rely heavily on data and algorithms. However, biases in data or algorithms can lead to unfair or inaccurate results. Therefore, it's essential to monitor these elements closely to prevent any potential issues. Implementing strict data governance policies can help ensure that your AI systems are using accurate and unbiased data. Similarly, regular audits of your AI algorithms can identify any inherent biases and rectify them promptly. By doing so, you can ensure that your AI systems are fair, reliable, and effective.

cybernewsglobal.com

AI Can Bolster Your Marketing Efforts AI has tremendous potential to transform your marketing strategies, particularly in the realm of Search Engine Optimization (SEO). By integrating AI into your marketing operations, you can optimize your content, improve your search engine rankings, and attract more organic traffic. For example, AI tools can analyze vast amounts of data to identify SEO trends and insights that humans might miss. They can also automate repetitive tasks such as keyword research, allowing your marketing team to focus on more strategic activities. Additionally, AI can personalize your marketing messages based on individual user behavior, leading to higher engagement and conversion rates.

Make Customer Trust Your Priority with AI Development Transparency is critical when integrating AI into your business operations. Customers are more likely to trust and engage with companies that are open about their use of AI. Therefore, it's essential to be transparent about how you're using AI, what data you're collecting, and how you're protecting that data. This transparency extends to the development process as well. Clearly explaining how AI systems make decisions can foster trust among users and stakeholders. Moreover, being open about any limitations or potential risks associated with your AI systems can further build this trust.

Seize Every Opportunity with AI Recognizing AI as an opportunity rather than a threat is crucial for businesses in the modern digital era. Embracing AI opens up a world of possibilities, offering numerous benefits such as enhanced efficiency, boosted productivity, improved customer service, and a competitive edge in the marketplace. However, reaping these benefits requires a shift in mindset — one that sees AI not as a disruption, but as a catalyst for growth and innovation. The key to successful AI integration lies in the willingness to adapt and evolve. This involves being open to new ways of working, learning, and thinking. It means acknowledging that traditional methods may no longer be the most effective and being ready to explore uncharted territories. By viewing AI as a beneficial opportunity, businesses can ensure a promising start to their AI journey, setting themselves up for long-term success in an increasingly AI-driven world. Start by identifying areas in your business where AI could add value. Then, develop a strategic plan for integrating AI into these areas. Remember, integrating AI into your business operations is not a one-time project, but an ongoing journey. With the right approach and mindset, you can harness the power of AI to transform your business operations and achieve your strategic goals. 

Many thanks to all our generous sponsors LEAD SPONSOR

WHISKY SPONSOR

MEDIA PARTNER

AN EVENT BY

SUPPORTING PARTNER

The Cybersecurity Woman of the World Edition 2023: Empowering Change, Building Stronger Defense and Shaping the Future The field of cybersecurity has become increasingly critical as our world becomes more interconnected and reliant on digital technologies. In this dynamic landscape, women have emerged as influential leaders, innovators, and change-makers, contributing invaluable expertise and perspectives. To recognize and honor their remarkable achievements, the Cybersecurity Woman of the World Edition 2023 has been established as the highest honor and prestigious award for women in cybersecurity. The brainchild of Carmen Marsh, the founder of the annual Cybersecurity Woman of the Year Awards at Black Hat, the Cybersecurity Woman of the World Edition aims to expand the reach and impact of recognizing women's contributions in the field. Carmen Marsh, a global cybersecurity leader and advocate, envisioned a platform that would shed light on women who have gone above and beyond to defend our digital landscape. By establishing this new and truly impactful award, Carmen and her team aim to celebrate the achievements of women in cybersecurity on a global scale. The expansion of the Cybersecurity Woman of the Year Awards to the Cybersecurity Woman of the World Edition signifies the growing importance of gender diversity and inclusivity in the cybersecurity industry. Carmen Marsh recognized that acknowledging and honoring women's accomplishments is not only a matter of equality but also a strategic imperative. By bringing attention to the exceptional work of women in cybersecurity, this initiative aims to inspire and encourage more women to pursue careers in the field, addressing the gender gap and fostering innovation and creativity. The Cybersecurity Woman of the World Edition is also a collaborative effort under the umbrella of the United Cybersecurity Alliance, OSP Cyber Academy and Cyber News Global. This alliance strives to bring together global experts, organizations, and individuals to build the strongest defense against cybercriminals. The nominees come from the 160 different women in cyber associations from across the globe including the past winners of the Cybersecurity Woman of the Year Awards. By recognizing and honoring the achievements of women in cybersecurity, the Cybersecurity Woman of the World Edition aligns with the alliance's mission of fostering collaboration, sharing knowledge, and advancing cybersecurity practices worldwide. This prestigious award serves as a beacon of inspiration for aspiring professionals and challenges existing stereotypes. It recognizes excellence in cybersecurity and highlights the significant impact women have in defending our digital landscape. By highlighting the extraordinary work of women who have made a significant impact in defending our digital landscape, the initiative aims to break down barriers, challenge stereotypes, and encourage more women to pursue careers in cybersecurity.

The Cybersecurity Woman of the World Edition is an event of global importance. It brings together cybersecurity experts, thought leaders, and industry professionals from around the world, providing a platform for networking, knowledge-sharing, and collaboration. Ultimately, the Cybersecurity Woman of the World Edition is a testament to the power and influence of women in the cybersecurity field. By recognizing their achievements, the initiative challenges societal norms, encourages diversity, and underscores the essential role women play in shaping the future of cybersecurity. Through this prestigious award, Carmen Marsh and the United Cybersecurity Alliance aim to inspire, empower, and unite cybersecurity professionals worldwide to build a robust defense against cyber threats. In conclusion, the Cybersecurity Woman of the World Edition 2023 represents the highest honor and prestigious recognition for women in cybersecurity. By shining a spotlight on women who have made extraordinary contributions, the Cybersecurity Woman of the World Edition paves the way for a more inclusive and secure digital world. 

Header

Meet the

The field of cybersecurity has become increasingly critical as our world becomes more interconnected and reliant on digital technologies. In this dynamic landscape, women have emerged as influential leaders, innovators, and change-makers, contributing invaluable expertise and perspectives. To recognize and honor their remarkable achievements, the Cybersecurity Woman of the World Edition 2023 has been established as the highest honor and prestigious award for women in cybersecurity.

Alex Keedy Alex Keedy currently serves as the Director of Strategic Operations at ZeroFox. Alex’s operational background in cybercrime investigation additionally supported her enterprise operational buildouts. She previously managed commercial accounts of Fortune 100 and Fortune 500 organizations during her time working for a managed service provider at Deloitte.

Alissa Knight Alissa Knight is a business magnate, American author, screenwriter, film director and producer. In 2020, Alissa formed Knight Group with her wife, Melissa Knight, which today controls 5 companies in publishing, marketing, events, and film production as well as a television and streaming service owned and operated by the Media and Entertainment Distribution division of Knight Studios.

Amy DeSalvatore

Maggie Titmuss MBE

Amy currently serves as Partner, Business Development and Platform at NightDragon, a growth stage investment and advisory platform focused on scaling innovative companies, where she brings more than twenty years of business development experience to the NightDragon team. Amy’s passion for diversifying and scaling businesses through partnerships is evident in a decades-long career dedicated to the go-to-market function.

Maggie Titmuss MBE is an extremely experienced, respected leader and Board Advisor. She carries the unique blend of senior private sector career leader blended with the highest level of international law enforcement leadership and management. She served as the UK's lead for serious and organised crime based in Washington DC for 4 years and was latterly Lloyds Banking Group's Director Intelligence & Incident response prior to adopting a portfolio of companies with whom she advises and consults.

cybernewsglobal.com

Header

Angelique “Q” Napoleon Angelique is the Solutions Director & Cyber Capability Lead for GDIT’s Intelligence and Homeland Security Division in Washington, D.C. As the Solutions Director & Cyber Capability Lead she is the colead for three Digital Accelerator programs focusing on Zero Trust, Defensive Cyber Operations and PostQuantum Cryptography which are tailorable digital solutions designed to integrate seamlessly within existing IT environment.

Assel Nurusheva Assel Nurusheva has been working in the field of cybersecurity for 13 years and has experience in such organizations as the National Companies of Kazakhstan (State Technical Service, National Information Technologies, Kazakhstan Railways, National Center of Science and Technology Evaluation), Telecommunications Operator (SOC of TransTeleCom), National universities (ENU, AITU), an international fintech product company (Aventus IT)

Christine Vanderpool Christine Vanderpool is the CTO for Florida Crystals, the world’s largest sugar cane refiner and the home of household names such as Domino Sugar, C&H, Tate & Lyle Sugars, and of course Florida Crystals. She has been in cyber security for 23 years and a leader for over 10. Christine has spent her career in a variety of security roles including leadership for Molson Coors Brewing Company and Kaiser Permanente.

Connie Matthews Reynolds Connie Matthews Reynolds is a leader who has significantly contributed to the information security community and cybersecurity over the past 16 years. She has been instrumental in leading and shaping the Central Ohio Security Community. Connie is the current President of the Central Ohio ISSA chapter, Co-Chair of ISSA International Leadership, and the EmpoWE-R Women of InfoSec, where she is a Co-Founder and Board Member.

Betsy Soehren-Jones Betsy Soehren-Jones brings nearly two decades of utility industry, cyber strategy and policy expertise to Fortress. Soehren-Jones most recently was responsible for designing and implementing information and vendor security programs for a Fortune 200 company and the nations largest energy transmission and distribution utility company.

Camille Stewart Gloster Camille Stewart Gloster, Esq. is the Deputy National Cyber Director for Technology & Ecosystem for The White House. In her role, Camille leads technology, supply chain, data security, and cyber workforce and education efforts for the Office of the National Cyber Director

Confidence Staveley Confidence Staveley is Africa’s most celebrated female Cybersecurity Leader, Talent Developer, Global Speaker, and inclusion advocate. She has achieved numerous professional certifications and industry recognitions. Confidence is an official member of the Forbes Technology Council, an invitation-only community for world-class CIOs, CTOs, and technology executives.

Deidre Diamond Deidre Diamond is a dynamic entrepreneur, founder, and CEO of CyberSN, the leading cybersecurity talent acquisition technology and services firm in the United States. She has transformed the cybersecurity job search and hiring process by launching a deepjobs matching platform and standardizing all cybersecurity job functions into a common taxonomy of 45 roles. Through the CyberSN platforms.

Header

Dr.Denae Brooks Global Cybersecurity Woman of the Year 2023 “Barrier Breaker” finalist, Dr. Denae Brooks is a 2023 Cybersecurity Leadership PhD graduate and cyber doctoral committee chair at Capitol Technology University. Since 2020, she has worked for USAA where she currently holds the role of Information Security Risk Analyst Senior in the area of enterprise cyber risk management and is also a Diversity, Equity.

Gabrielle Botbol Gabrielle Botbol is a Pentester at Desjardins, the largest financial cooperative in North America. With a deep focus on the banking industry, Gabrielle specializes in exploring mobile applications and API. Gabrielle is an avid blog writer who advocates for access to education for all. In addition, she has a large following on social media, where she shares many educational resources about technical training and many other cyber topics.

Jane Frankland Jane Frankland is an awardwinning cybersecurity leader, author, and women’s change agent. Her authority is referenced by Wiki, LinkedIn (Top Voices) and UNESCO. She built her own global penetration testing firm in the late 90s, has worked as a Managing Director at Accenture, and contributed to numerous industry initiatives, including CREST, Cyber Essentials, and Women4Cyber.

Julie Cullivan Julie Cullivan has driven transformational go-tomarket, technology, security, and operational strategy for both public and pre-IPO companies. Most recently she was the Chief Technology and People Officer at Forescout Technologies where she was responsible for leading the company’s business model transformation, information technology strategy, production operations, and human resources.

Dr Diane Janosek Diane M. Janosek, PhD, JD, CISSP, LPEC, is a dedicated cybersecurity leader, board member, author, and soughtafter speaker. She focuses on the intersection of law, policy, and technology. Areas of expertise include space security, leadership, privacy, data policy, and cybersecurity. She serves as member of the United States Defense Intelligence Senior Executive Service.

Heide Young Manager, Cyber Strategy & Engagement, TONOMUS, NEOM. Founding Partner, Women in Cyber Security Middle East (WiCSME). Ranked in the Top 10 Technology Leaders across the Middle East 2022. Finalist for Cybersecurity Woman of the Year 2023 and Cybersecurity Woman of the World 2023. A Founding Partner and Board Member of Women in Cyber Security Middle East (WiCSME), a globally recognized group focused on empowering, supporting and increasing the percentage of women in cybersecurity.

Jennifer Cox Jennifer Cox has over 18 years of experience in tech and in the Cyber Security industry. She supports her team who work with techies across the Globe in enabling best practices and cyber exposure prevention. Jennifer is an Ambassador for Wentors global mentorship programme, WiCyS UK Affiliate – Leader for Ireland.

Ludmila Morozova-Buss Ludmila Morozova-Buss is a prominent figure in the field of cybersecurity and technology. As the Founder and EditorIn-Chief of Top Cyber News MAGAZINE, she is playing a pivotal role in bridging the gap between cyber experts and the wider community. Ludmila's passion for technology and her dedication to disseminating information and knowledge led her to establish this award-winning digital media platform.

Lynn Dohm’s Lynn Dohm’s area of focus is within an important aspect of cybersecurity: People. With more than 25 years of organizational and leadership experience, Lynn specializes in partnership building, advocacy, and strategy. She has worked in various capacities in the cybersecurity education sector, with active involvement in grant-funded programs and nonprofits that assist in providing educational solutions to the cybersecurity workforce.

Olivia Rose Olivia Rose, CISO and Owner, Rose CISO Group is an awardwinning Cybersecurity leader and three-time global Chief Information Security Officer (CISO). The founder of the Rose CISO Group a boutique Security company delivering exceptional CISO, Board Communications, and Strategic services to Fortune 1000 companies.

Saltanat Mashirova Saltanat Mashirova is an Advanced Cybersecurity Architect at the Honeywell Center of Excellence. She has extensive onsite experience primarily on the oil and gas sector and has been actively involved in SAT (Site Acceptance Testing), FAT (Factory Acceptance Testing), integration of brownfield and greenfield assets, cybersecurity assessment, ISA/IEC 62443 compliance, project engineering, network installation and configuration, commissioning and startup supervising, and cybersecurity vulnerability assessments.

Theresa Payton Theresa Payton served as Chief Information Officer at the White House from 2006 to 2008, becoming the first ever woman to hold that role. Before the White House, Theresa was a technology leader in the finance and banking sector. Today, she is founder and CEO of Fortalice Solutions, a world-class cybersecurity consulting firm named to the list of “Global Hot 150 Cybersecurity Companies” by Cybersecurity Ventures.

Noureen Njoroge Noureen Njoroge is a Cybersecurity Executive Professional with vast experience in multi-faceted, complex, fast-paced environments in both public and private sector. She is a strategic thinker with proven leadership experience on issues concerning Cybersecurity, AI, ML, Data Privacy, Blockchain, IoT, and Cloud Security. Noureen demonstrates consistent client & business success by delivering strategic solutions, applies creativity and judgement.

Priyanka Chatterjee Priyanka is the co-founder and Director – Operations and Services at Sinevis, a global professional services organisation. She is also one of the co-founders for Women in Cyber Security Middle East. With almost 2 decades of experience in cybersecurity, she is a big advocate of making cybersecurity and overall risk management part of business strategy and process and not as a siloed activity or an afterthought.

Sanne Maasakkers Sanne Maasakkers, 31, is a cybersecurity researcher at the National Cyber Security Centre (NCSC-NL), part of the Dutch Government, in the Netherlands. Her journey into the cyber world began at age 14, when her personal website was hacked and replaced with other content. Initially, she was hesitant to pursue IT or cybersecurity as she thought it was only a hobby and didn’t want to be surrounded solely by men.

Vanessa Henri Vanessa Henri, co-founder of the multidisciplinary law firm Henri & Wolf, is a forerunner in cybersecurity and data governance. A member of the Quebec Bar Association, she holds a Master of Laws from the University of McGill, Canada, with a focus on cyberespionage. Vanessa has not only pioneered the Master of Law in Cybersecurity at St. Thomas University but also mentored there for several years. Today, she continues to share knowledge through Ryerson University’s Rogers Cybersecure Catalyst.

Header Incident Response

INCIDENT RESPONSE SECRETS FROM THE FRONTLINE The cybersecurity maturity of an organization will be evaluated by its resilience and capacity to respond efficiently to an incident and avoid it becoming a crisis. ZENDATA aims to manage incidents effectively to minimize damage to systems and data, reduce recovery time and cost, control damage, and maintain brand reputation.

Our Incident Response as a Service (IRaaS) offer includes prepaid hours for use during a cybersecurity incident. ZENDATA IRaaS includes qualified engineers onsite and logistic, legal, and communication support.

relations, and executive leadership; and most importantly the pressure of being better than the criminal for the mission to be a success. Failing to plan for incidents is almost equal to planning to fail.

Regardless of all the security tools, awareness training, and process organizations deployed, we see a continued increase in cyber incidents and data breaches. The sad truth is that, in contrast with compliance, cybersecurity can not be guaranteed. This is often a sensitive topic to address with top management as they have often invested hundreds of thousands or even millions of dollars in protective measures and are rightfully concerned with never seeing the end of the tunnel. However, once there is a shared understanding that cybersecurity protection is a moving target, the discussion can switch to risk mitigation and no longer be about risk removal.

An often-forgotten part but one of the most important, is the definition of the objective of the incident response. It has to be clearly defined by the top management as the organization's core values should drive it and will not only dictate the priorities of the incident response team but also how time/money will be spent and if the mission, in the end, was a success. Some organizations tell us the most crucial objective is to be quickly back online, and others limit the cost; some focus on assuring that the customers are protected, while others want to keep the incident under the radar. An improper response strategy to an incident can sometimes amplify the incident's impacts. ZENDATA is hired on missions to negotiate ransom in the event of a cyber-attack; to proceed, the organization must predicate these objectives. This will drive the negotiation and the result. In incident response, there is no one-size-fits-all approach: the response should mirror the company values and priorities. And better you define it upfront with relevant stakeholders.

A vital factor of a successful incident response is to detect it in the first place quickly. The industry is making a lot of progress on this matter. In 2015, it took 205 days for an attack to be discovered, with the value dropping to 16 days in 2022. This progress is mainly due to better security tools and Security Operating Centre (SOC) operations, enabling the incident response team to be engaged sooner. It is, however, far from being satisfactory. It is assumed that it takes around two h for a hacker to start moving laterally within a company once in. There is already plenty of literature on incident response protocols and how they should operate; therefore, ZENDATA would like to share some insights and lessons learned from our past engagements instead of stating the obvious.

cybernewsglobal.com

Isabelle Mayer Isabelle Mayer, Co-Founder Zendata Responding to an incident is a complex mission combined with some adrenaline rushes. In the absence of upfront planning, everything needs to be done on the spot: within the first few hours, the incident response team must exchange with the top management of the organization, understand how it operates, learn what are the backend technologies and spend time documenting the incident stepby-step. It sounds obvious that this should be planned for. But, in 90% of the cases we have been confronted with, it was not. Following this, there are several days and nights when the team has to put aside all the other projects to resolve the incident, and the pressure is immense: The outcome of incident response efforts can have far-reaching consequences for an organization; Incident responders are tasked with coordinating with various teams within an organization, such as IT, legal, public

One of our team's most common discussions with management is ransom payment. Of course, paying a ransom is never a desirable outcome. This can cost thousands or even millions of dollars and, above all, fuels the cybercrime industry. Paying a ransom will not only fund the group of hackers, allowing them to recruit additional members and increase their ability to hack. It also confirms that the target type (region and industry) is profitable and incentivizes them to repeat similar attacks.

Incident Response

However, the reality is often much more financial transfers. Usually, the damage has already been done once the Incident response team is nuanced; having supported hundreds of mobilized. In such cases, considering the money has often been already stolen, often our mission is victims, we notice that paying the ransom is to understand how the threat actor got into the infrastructure, what else they stole, and if someone often the only survival option for the company inside the organization supported them. or the "best" thing to do to limit the damage What is usually very impressive with this type of investigation is the deep understanding of the threat to their operations, reputations, and third actor of not only the technological backend and the ways to avoid detection but also the financial parties they are engaged with, including system and workflows. In one specific investigation where 12 million dollars got stolen, in less than their customers and partners. ZENDATA 45 days after compromising the email account, the criminal successfully maintained stealth elaborated the incident response persistence, discovered the email of interest, created a fake company with the same playbooks with law enforcement. name in the UK, opened a bank account, sent forged invoices, and moved the money In short, we often hear people out to the Far East. Even though the money was lost, ZENDATA's incident response saying that no money should team's investigation enabled us to establish which company was compromised be paid, but again, this is not A vital factor of a and who was responsible for the money loss. a white-and-black situation successful incident and often the best of the Incident response requires many skills, from business understanding to worst options. technical knowledge and human skills. The most important part to note is response is to detect that if the team has the opportunity to be involved early on in the Disaster and it in the first place Recovery Plan ("DRP") creation and the plans have been tested and approved From our experience, more by management, chances are that the victim of a cyber incident will be able to quickly. than 30% of ransomware contain it and avoid having an incident become a crisis. targets eventually choose to In conclusion, many companies are looking for KPIs to value their performance In In pay the ransom. Cybercriminals are very meticulous and know how to maximize their victim's damage: for example, they read their emails to find the most sensitive data and accordingly devise a plan to cause the most panic, pain, and operational disruption, thereby forcing the victim to pay. The only good news is that experience shows that the price of ransoms can be heavily negotiated and, depending on the threat actor group, can be lowered by up to 75%. In addition, the hackers know that the longer it takes for the victim to pay, the lower the chance of receiving the funds. However, even by paying the ransom, the victim is not necessarily out of the heat zone; the decryptor provided by the criminals may not work correctly on all files (bugs exist in all programs), and some documents may remain encrypted despite best efforts. Similarly, hackers will often seek to monetize their attack further: they browse the exfiltrated information to use it in other attacks or resell it. They may find in email exchanges potential new victims for CEO fraud, opportunities to send fake invoices, or use personal information for identity theft. There is also a technical part to respond to a ransomware incident. It consists in securing the compromised infrastructure. Whether the ransom is paid or not, the environment must be secured and hardened to become a safer place for the restored or recreated data. Since, in most cases, the threat actor gains administrator access to the environment, we should assume full compromise and organize for a brand-new environment. Nevertheless, often it is not financially and operationally doable, and some parts of the environment might be sufficiently segregated (cloud platform, different OS, distant offices, etc.) to block the threat actor's lateral movements, i.e., from one part of the organization to the other. In this case, it is essential to identify what part of the infrastructure is safe to operate and what needs to be cleaned up/secured for future and continuous operation. The second most common type of incident ZENDATA is called upon is business email compromise. It usually happens when a threat actor gains access to someone's email account and uses it to request fraudulent

In conclusion, many companies are looking for KPIs to value their performance in terms of cyber security maturity. One critical KPI for us at ZENDATA is how quickly (on the far left) incidents are detected and handled on the kill chain. There is a direct correlation with the level of potential damages. Moore's law on technology evolution is well known. The joy's law less so. It states that whatever you do, the most intelligent people might not belong to your organization. This applies to incident response. So best you surround yourself with people who do this for a living. We advise companies and organizations to have a retainer-based contract for this service. Our IRaaS service includes but is not limited to:

• Onsite and remote forensic analysis • Incident response coordination and management • Onsite Incident Response • Attack Investigation • Emergency BCP/BRP implementation & execution • Deployment of temporary security tools • On-demand file analysis. • Breach containment • Initial access discovery • Persistence & backdoor removal • Ransomware and blackmail negotiation service • Analysis of assets (endpoints, servers, network equipment, mobile equipment, etc.) that may have been infected • Post-incident reporting and debriefing, including future remediations 

Inspiring innovation and empowering cybersecurity professionals.

22nd November 2023 ETIHAD STADIUM, MANCHESTER I WWW.CIISEC.LIVE Each year, CIISec's flagship event, CIISec Live centres around a powerful theme, reflecting the current challenges and opportunities in the ever-evolving field of cybersecurity. In 2023, the event will revolve around the theme of 'Inspiring Innovation and Developing the Next Generation of Cybersecurity Professionals.' This carefully chosen theme underscores the necessity to propel the industry forward through creative solutions and nurturing the talent that will secure our digital future!

Event Program Highlights. I Keynote addresses from visionary leaders I Interactive sessions and workshops I Live demonstrations of cutting-edge technologies I Displaying student and young professionals- projects I Embracing the spirit of Manchester by showcasing cyber innovation in the city

LIMITED TICKETS AVAILABLE! Register your place today

www.ciisec.live/ Official Media Partner

Header

AI IN FOCUS: EUROPEAN UNION ARTIFICIAL INTELLIGENCE ACT This article is intended to provide those interested in global AI regulation and unfamiliar with the European Union Artificial Intelligence Act (the “EU AI Act”) with a description of its significance, scope and main points. It is particularly useful for United Kingdom (“UK”) and global businesses, as the EU AI Act is likely to become, or at least aspires to be, a global standard – as the General Data Protection Regulation (“GDPR”) has become for personal data protection – and will of course be one model for any future UK post-EU bespoke legislation.

Key Points:

To that end, the EU AI act distinguishes between AI systems posing:

• The EU is considering far-reaching legislation on AI. • The proposed EU AI Act would classify AI systems by risk and

1. Unacceptable risk 2. High risk

• European companies have said the EU AI Act could impact

4. Low or minimal risk (see Figure 1).

Overview of the EU AI Act

Figure 1: Risk-based approach of the EU AI Act

mandate various development and use requirements.

Europe's 'competitiveness and technological sovereignty'.

3. Limited risk AI applications would be regulated only as strictly necessary to address specific levels of risk.

The EU AI Act aims to “strengthen Europe's position as a global hub of excellence in AI from the lab to the market, ensure that AI in Europe respects our values and rules, and harness the potential of AI for industrial use”. The core of the EU AI Act is a classification system that determines the level of risk an AI technology could pose to the health and safety or fundamental rights of a person. The framework includes four risk tiers: unacceptable, high, limited and minimal. AI systems with limited and minimal risk—such as spam filters or video games—are allowed to be used with little requirements other than transparency obligations. Systems deemed to pose an unacceptable risk are prohibited with little exception. High-risk AI systems are permitted, but develope and users must adhere to regulations that require rigorous testing, proper documentation of data quality and an accountability framework that details human oversight. AI deemed high risk include autonomous vehicles. The proposed legislation also outlines regulations around so-called general purpose AI, which are AI systems that can be used for different purposes with varying degrees of risk. Such technologies include large language model generative AI systems like ChatGPT.

Key Provisions of the EU AI Act The use of AI, with its specific characteristics (e.g. opacity, complexity, dependency on data, autonomous behaviour), can adversely affect a number of fundamental rights and users' safety. To address those concerns, the EU AI act follows a risk-based approach whereby legal intervention is tailored to concrete level of risk.

cybernewsglobal.com

Requirements High Risk

• Requirement for an ex-ante conformity assessment: required

to register their systems in an EU-wide database managed by the Commission before placing them on the market or putting them into service.

• Other requirements: comply with a range of requirements

particularly on risk management, testing, technical robustness, data training and data governance, transparency, human oversight, and cybersecurity.

Limited Risk

• Transparency obligations: Subject to a limited set of disclosure requirements.

AI in Focus

Minimal Risk

• Codes of conduct: Providers of non-highrisk AI systems encouraged to voluntarily apply the mandatory requirements for high-risk AI systems.

Compliance and Consequences With the EU AI Act, an assessment of compliance costs is provided as a cost estimation of administrative burdens and detailed compliance costs. Therefore, an estimate of the annual labour compliance cost for one AI model is projected to be EUR 29,277. To be frank, when extrapolated to the global AI industry it is projected to range from EUR 1.6BN - 3.3BN in total compliance cost, with the assumption that 10% of the AI units are defined as high risk, subject to the EU AI Act. It is estimated to cost European businesses EUR 10.9BN per annum by 2025. Moreover, infringements of Article 5, per AI system, can result in either:

• EUR 40M; or • 7% of global annual turnover (whichever is higher).

Implications for Companies It is estimated that the EU AI Act will cost the European economy EUR 31 billion over the next five years and reduce AI investments by almost 20%. A European SME that deploys a high-risk AI system will incur compliance costs of up to EUR 400K which would cause profits to decline by 40%1. Moreover, research estimates that the EU AI Act would cost European businesses EUR 10.9BN per year by 2025, having cost the economy EUR 31BN by then. This excludes the opportunity cost of foregone investment into AI1. Specifically, the EU AI Act will cause a 40% profit reduction for a European business with a EUR 10M turnover that deploys a high-risk AI system. The provisions of the EU AI Act will extract a heavy price from an increasingly uncompetitive European economy1.

Responding to the EU AI Act Responding to the EU AI Act requires a proactive approach from companies utilizing AI technology. To ensure compliance with the act, businesses should conduct thorough assessments of their AI systems and identify any high-risk applications that fall under its purview. They must then invest in robust data quality, transparency, and documentation measures to meet the stringent requirements outlined in the legislation. Building a strong ethical framework for AI systems is paramount. Companies should prioritize responsible AI development, incorporating principles of fairness, accountability, and privacy into their algorithms and decision-making processes. By doing so, they can gain the trust of their users and stakeholders while mitigating potential risks.

Conclusion In conclusion, the EU AI Act plays a pivotal role in shaping the future of AI technology, emphasizing ethical deployment and transparency. Companies must proactively embrace the regulatory landscape to ensure compliance, foster trust, and seize opportunities for sustainable growth and innovation in the evolving AI-driven world. 

"Your trusted advisor for EU AI Act Compliance. Unlock the full potential of artificial intelligence while ensuring compliance with the EU AI Act by partnering with AI & Partners, a leading professional services firm. We specialize in providing comprehensive and tailored solutions for companies subject to the EU AI Act, guiding them through the intricacies of regulatory requirements and enabling responsible and accountable AI practices. At AI & Partners, we understand the challenges and opportunities that the EU AI Act presents for organizations leveraging AI technologies. Our team of seasoned experts combines in-depth knowledge of AI systems, regulatory frameworks, and industry specific requirements to deliver strategic guidance and practical solutions that align with your business objectives. “To find out how we can help you, email contact@ai-and-partners.com or visit https://www.ai-and-partners.com."

www.iacsconsulting.com

ASSESSMENT | COMPLIANCE | SUSTAINMENT

CYBER SECURITY CONSULTANCY FOR INDUSTRIAL AUTOMATION AND CONTROL SYSTEMS UNDERSTANDING AND MITIGATING YOUR OPERATIONAL TECHNOLOGY SECURITY RISKS

01224 460212 info@iacsconsulting.com IACS Consulting LTD, Balmoral Business Park Building 1, Aberdeen AB12 3JG

Header

FORTIFYING DIGITAL RESILIENCE: LESSONS FROM THE 2ND CYBER SUMMIT IN ABERDEEN Amidst the unfolding momentum of the 2nd Cyber Summit in Aberdeen, a transformative event aimed at bolstering our digital defenses, the stage is set for thought-provoking discussions and collaborative endeavors. Against this dynamic backdrop, our exploration takes us beyond theoretical realms of cyber resilience, delving into the depths of digital operational resilience. To navigate this intricate landscape, we stand to gain invaluable insights if we introduce a little discipline into how we carve up the cyber threat landscape. At the heart of it all lies the unwelcome but undeniable truth that the very concept of "resilience" inherently acknowledges the potential for unpleasant outcomes. The very definition of resilience is to withstand and endure. That which we cannot withstand, we must endure.

especially when grappling with the ever-evolving cyber threat landscape. The consequences of such failures can set off a cascade of far-reaching effects. This intricate web mirrors the "normal accident" concept, as expounded by Charles Perrow—a theory that articulates how a system's inherent traits can create a stage for complex and unforeseen chains of failures culminating in significant breakdowns.

Acknowledging Inevitability

Navigating the Complexity: A Silver Lining Amidst Challenges

At the core of our approach to this critical issue is a deliberate division of cyber threats into two distinct categories.

Unveiling the Inevitable Challenges: In the first category, the concept of a "normal accident" takes center stage—a notion championed by Charles Perrow in his seminal work bearing the same name. This theory delves into the idea that a system's intrinsic characteristics can engender intricate and unforeseen chains of failures, culminating in significant breakdowns. It is crucial to grasp that not all mishaps, errors, and accidents can be avoided. Certain failures are bound to occur despite our most best efforts. The repercussions of these failures range from debilitating financial losses to the grim possibility of a business's closure. So far, so awful. At the heart of our discourse lies the recognition that not every mishap is avoidable. Specific failures, despite our earnest intentions, are bound to occur. This is particularly evident within the corporate landscape,

cybernewsglobal.com

Amidst the seemingly disheartening scenario, a silver lining emerges from its core. When an incident proves genuinely unavoidable, it inherently lies beyond the realm of reasonable foreseeability. This is the good news. This subtle yet pivotal distinction assumes heightened significance within the framework of the Insurance Act 2015. A legal obligation, known as the duty of fair representation, dictates that prior to initiating an insurance contract, the insured party must present a comprehensive risk profile to the insurer. This encompassing disclosure requires that all material circumstances, whether known or reasonably discoverable, must be presented in a clear manner accessible to a prudent insurer. In light of this, when an incident defies foreseeability and proves truly unavoidable, businesses find themselves well-prepared to seek recourse in their insurance coverage, assuming all other matters are in order.

Fortifying Digital Resilience

At least within this category, the option of leveraging cyber insurance as a lifeline remains a viable choice, offering a potential buffer against the repercussions of distressing circumstances. In other words, the business is in good shape to endure the attack.

Such proactive measures hold critical import not only due to the magnitude of the risks posed by these threats but also in establishing a robust legal foundation.

Conclusion:

Addressing Recognized Threats and Legal Imperatives:

As the 2nd Cyber Summit dawns in Aberdeen, a cradle of progress and innovation, we find ourselves at a pivotal juncture in enhancing A contrasting perspective emerges when we shift our digital defenses. The summit serves as our focus to the second category of events. These a crucible for sharing wisdom and nurturing events are characterized by either an extended collaborative synergy, accentuating the nuanced incubation period, allowing opportunities for strategies required to navigate the complex prevention and mitigation, or the presence of welltapestry of cyber threats. Guided by the insights known, significant cyber threats that have gone garnered from the landmark decision nearly unattended. 100 years ago in Donoghue v Stevenson—a testament to Scotland's influence in shaping Any threat that has been underscored by credible, global jurisprudence—we embark on a trajectory independent sources such as the National Cyber towards a more resilient digital future. Inspired Security Centre, National Institute of Standards and Head of Cyber Governance, by this legacy and rooted in legal principles Technology, or CISA will be deemed to be a known like foreseeability, we emerge from the summit Red Sift significant threat. These threats, by their very nature, fortified to confront challenges with unwavering are reasonably foreseeable and avoidable. If a threat determination, preparedness, and an unyielding garners consistent attention from multiple reputable commitment to safeguard our digital realm. agencies, it transcends reasonable foreseeability, becoming readily foreseeable. In such instances, businesses must take This gathering stands not only as a tribute to Aberdeen's strides but steps to confront, manage, and mitigate these threats. also as a testament to the transformative potential of collaboration, affirming our capacity to shape the global landscape. As we Failure to meet these overarching responsibilities opens the door for convene in Aberdeen, we are poised to make an indelible insurance companies to seek remedies for breaches, encompassing impact, echoing Scotland's historic legacy of shaping measures such as contract avoidance and claim denial, while retaining the world's legal framework. In this unified the premium paid. This results in the business incurring the dual setback endeavor, we hear the call to fortify our of paying a substantial premium for cyber insurance that subsequently digital resilience, and bolstered by the proves unreliable. In essence, for any enterprise seeking cyber insurance collective strength of focused coverage, the imperative of addressing acknowledged significant threats individuals, we can shape a becomes non-negotiable. future where our digital sphere remains Compounding the stakes for businesses is the potential scenario steadfast.  where an insurance provider can evade payment for an attack due to the business's failure to confront recognized significant threats. This unfavorable outcome sets the stage for investors and consumers to seek restitution for their losses, amplifying the consequences for the business entity.

Dr Rois Ni Thuama

SCOTSOFT2023 28.09.2023 Edinburgh

create. innovate. collaborate. For more than 30 years, leadership and technology have combined at ScotSoft. Over 1000 guests join us from around the world, not just to learn during the day, but celebrate the incredible young talent emerging from Scotland’s universities. The day is jam packed with more than 40 speakers across our Developer Conference and Leadership Forum, and topped off with our Young Software Engineer of the Year Awards dinner in the evening.

join us We’re packed full of visionaries, technologists, business leaders and managers working in digital companies and end user businesses. Join us and get inspired by our great line up of speakers at the longest running tech focussed conference in Scotland.

scotsoft.scot

Header

Ethical Hacking: A necessity in the modern digital age

The interconnected web of our digital realm has paved the way for advancements that have transformed industries, lifestyles, and economies. However, the same digital world can become a dangerous place if not guarded correctly. Hacking, once a concept considered illegal and dangerous itself, has emerged as the frontline defense against potential breaches in this cyber era. Its increasing significance cannot be understated, particularly when the risks and stakes have never been higher. Ethical hacking, also recognized as penetration testing or white-hat hacking, uses the tools, techniques, and methods that hackers employ. The crucial distinction lies in the intent. Unlike hackers who seek to exploit vulnerabilities for malicious or personal gains, ethical hackers strive to unearth these vulnerabilities and rectify them. This proactive approach oﬀers an unparalleled view of systems from a potential attacker's perspective, laying bare the system's strengths and weaknesses.

In today's digital age, data is the new gold. Organizations are continually collecting, storing, and processing vast troves of information. This information, which includes sensitive data such as personal user details, financial records, health records, and proprietary intellectual properties, is a prime target for cybercriminals. Ethical hackers stand as the protectors of that information. By testing and probing defenses, they ensure the data's integrity and security, preventing unauthorized access and potential misuse. Data breaches, beyond the immediate damage, can tarnish an organization's reputation irreparably. In our current environment, where a single breach can dominate headlines and public discourse, maintaining consumer trust is paramount. Ethical hacking plays a pivotal role in this. By actively seeking and addressing vulnerabilities, organizations send a clear signal to their customers and stakeholders about their commitment to data security. But it's not just about public perception. The rapid evolution of the digital landscape has been mirrored by the development of regulatory frameworks governing it. Governments and regulatory bodies globally have crafted stringent rules and standards for cybersecurity in response to the growing threats. These regulations ensure that organizations not only protect user data but also maintain a certain standard of cybersecurity practices. Non-compliance can lead to severe penalties, both financial and legal. Ethical hacking oﬀers a means for organizations to align with these standards, ensuring both compliance and protection.

Vulnerabilities are inherent in any complex system, and the digital infrastructures of today are no exceptions. These vulnerabilities can range from seemingly innocuous software glitches to significant oversights that jeopardize entire systems. By leveraging ethical hacking, organizations can illuminate these weaknesses. In doing so, they can take proactive steps to address these issues, reinforcing their defenses against wouldbe attackers and preventing potentially disastrous breaches.

cybernewsglobal.com

Furthermore, the assurance of safety and regulatory adherence goes a long way in fostering trust. The knowledge that a company is actively employing ethical hackers to protect its systems can influence consumer decisions, making them more likely to engage with such organizations. As we look to the horizon, the importance of ethical hacking becomes even more pronounced. The future promises even greater digital integration. From artificial intelligence to the Internet of Things (IoT) and beyond, the potential points of vulnerability are set to increase manifold. Ethical hackers will be at the vanguard, understanding, predicting, and mitigating emerging threats.

Ethical Hacking This expanding realm of digital possibilities also signifies a rapidly growing job market for ethical hackers. Their skills are in high demand, and this trend shows no signs of slowing. Recognizing this, educational institutions worldwide now oﬀer specialized courses, training programs, and certifications in ethical hacking, underlining its importance and the opportunities it presents.To sum up, the digital age, with all its conveniences and advancements, is not without its challenges. The inherent vulnerabilities of complex systems present a major threat. Ethical hacking, by turning the tables on potential threats, oﬀers a proactive defense strategy. By simulating potential attacks, it uncovers weak points, ensuring that systems are not just reactive but also prepared. In an age where data breaches can have widespread and long-lasting consequences, ethical hacking stands as a beacon, a symbol of proactive defense in our increasingly interconnected world. As technology continues its unstoppable progression, the methods and tools used for ethical hacking also evolve. These advancements are massive, particularly when one considers As technology the ever- growing sophistication of malicious threats. Cyberattacks today are not just limited to lone-wolf continues its hackers but often involve organized crime syndicates unstoppable progression, and, in some instances, even state- sponsored entities. These actors possess vast resources, and the methods and tools their attacks are coordinated, well- funded, and used for ethical hacking highly sophisticated.

also evolve. Ethical hackers act as a crucial counterforce to these entities. By staying abreast of the latest techniques in both attack and defense, they play a pivotal role in ensuring that organizations are not only prepared for the threats of today but also for the evolving challenges of tomorrow. Their continuous training and engagement with the hacker community, both ethical and otherwise, ensure they have a pulse on the latest trends, tools, and potential vulnerabilities. Additionally, ethical hacking has grown beyond an organizational level. Today, global communities and forums of ethical hackers collaborate, sharing knowledge, tools, and strategies. This collective intelligence approach ensures a broader and more comprehensive defense against cyber threats. Such collaborative eﬀorts often lead to the quicker identification of new vulnerabilities, faster development of patches, and a more cohesive response to global threats. In essence, ethical hacking is not just an individual or organizational endeavor. It's a global movement, a collective response to the challenges of our digital age. As we move forward, this collaborative spirit, combined with the expertise and dedication of ethical hackers, will be our primary defense against the evolving landscape of cyber threats. 

Header

How do we HOWour DO WE IMPROVE improve OUR OT SAFETY Operational Technology Safety? By Scott Keenon, Director Operational Technology Security, IACS

When approached to write an Editorial piece on the subject of “Operational Technology – have we improved?”, it allowed me the opportunity to reminisce on my decade plus of working in and around Operational Technology (OT), assisting clients understand and increase their OT cyber security postures. Remembering what this environment was like then, and where we are today, certainly brought back some amazing (both good and bad!) experiences. Now, it wouldn’t make much of an editorial if I were to simply state ‘Yes’, given I believe as a whole there has been significant improvements with OT cyber security. However, that wouldn’t be telling the full story. When I was first introduced to OT by my colleague Andrew Wadsworth, I was immediately hooked by this fascinating environment, something that has remained so ever since. Here was an environment (some argue the most important) within an organisation whose inner workings, functions and systems were largely unknown to those outside it. But yet it plays a vital role in an organisations safe operations while underpinning commercial revenue. Add in the essential role OT has in critical national infrastructure and it really should have Senior Leadership focus and a cyber security posture that is front and centre for the organisation. Right? Well, sadly not. We all know the focus and importance organisations place on safety. Unfortunately, the same could not be said for the cyber security of its OT environment. To some, OT cyber security may be a relatively new

cybernewsglobal.com

phenomenon, however, the reality is that the cyber security vulnerabilities within this environment have been known about and discussed for decades. Don’t get me wrong, we have come a long way from when a handful of dedicated OT engineers expressed concerns about the growing OT cyber risk and leading the initial efforts to understand and manage the risks involved, often with next to no support from either Information Technology or the Senior Leadership team. As a result, these pioneering OT engineers, often working in isolation and relying on their own initiative, and not to mention budgets, started to investigate and introduce their own controls and secure ways of working. Quite often this included liaising with OT system vendors in an attempt to persuade them to introduce security measurers only to find that very few could see there was a problem in the first place. With the growth of commercial off the shelf technology and the lust for data from corporate functions proliferated within OT systems, so did the risks. Senior Leadership teams only started to (slowly) sit up and take notice of the headlines being made around the world as cyber incident after cyber incident was reported. However, it was the potential reputational impact of such an incident, and not the existing vulnerabilities,

How do we improve our OT Safety? Header

Scott Keenon

that facilitated the incident that caught their attention. IT Teams increasingly became more vocal about where their responsibilities ended and what was ‘in’ and ‘out’ of their scope. Or even worse, attempted to introduce IT controls or standards into the OT environment, Despite being in existence from as far back as 2007 and initally slow to catch on, the increased awareness and risk brought about the proliferation of OT security monitoring and configuration management tools to the market. While these new tools often proclaiming to be the “silver bullet” to solve all of the Senior Leadership concerns, the reality proved to be far more complicated than first thought. Senior Leadership teams quickly realised that once purchased, more still had to be done including ongoing budgets being established, resources requiring training and new working practises and procedures needing to be introduced. All these factors led to OT cyber security being seen as a distress purchase, like insurance, and simply an overhead that could be done without. Then came the game changer that would help significantly shift the dial with regards to attitudes and awareness to OT cyber security with the emergence of Global Industry regulations (i.e., IEC-62443) and Country specific guidance and standards (e.g., OG86 & NIS). While these now provided an organisation referenceable material to work from, it also introduced problems as companies become unsure as to which one(s) they need to adhere or align to. Add in the very real prospect of 3rd party regulatory audits to assess how a company was progressing with its cyber security journey and no longer could OT cyber security be ignored to the extent that it previously had been. To further complicate matters, other problems existed ranging from a globally limited knowledge pool of experienced, and available, OT cyber security experts, a squeeze on internal budgets, issues with maintaining aging OT environments, cessation of production and the realisation that OT cyber security requires ongoing sustainment activities and is not a one-off investment. Despite these problems and challenges, positive change has occurred within the OT industry with awareness of this environment, the cyber security challenges and risks associated with it as high as it ever has been. We now have

OT system vendors building in security controls into their products, better OT management tools openly collaborating with one another, training and awareness courses aimed at staff to further their cyber security knowledge and practices, and growing collaboration between IT and OT teams to understand the connections, boundaries and technology that spans both environments. Is it perfect and across the board, no, but it’s at least a positive start but budgets and resourcing still appear to be common battle grounds. But back to the original question of “Operational Technology – have we improved?”, based on my own thoughts above, the answer is most definitely yes. But hold on a minute, are we asking the right question? Perhaps, as my aforementioned colleague Andrew often asks, the question really ought to be “OT: are we improving enough?”. That I believe would take another editorial piece to answer. 

48 48

Header

Whitepaper launch – Should the Marketing of Cyber be Regulated? Co authored by Joanna Goddard FCMI Partner for BRIM Business Resilience International Management Laura Irvine LLB LLM MA Partner at Davidson Chalmers Stewart Dr. Rois Ni Thuama Head of Cyber Governance at Redsift

Three trailblazing women in Cyber raise the call for national attention

“The vision of the UK’s National Cyber Strategy (NCS) 2022 is that the UK will continue to be a leading, responsible, and democratic cyber power, able to protect and promote its interests in and through cyberspace in support of national goals. The NCS 2022 set out how the UK will continue to adapt, innovate, and invest in order to pioneer a cyber future with the whole of the UK.” - NCS 2022 This whitepaper is a response to that vision for leadership, protection, responsibility, and innovation, and it presents a set of pioneering conclusions that extend well beyond the borders of the UK. If the UK embraces these conclusions and our national agencies and forums engage with these recommendations, the UK will lead an innovative and pioneering evolution of regulation in the marketing of the cyber sector.

cybernewsglobal.com

Whitepaper launch

Background At the National Cyber Security Conference for the Energy sector in September 2022, Joanna Goddard, Partner at BRIM, addressed the issue to a legal panel featuring Rois Ni Thuama, EU Cyber Woman of the Year, who discussed the development of C-suite responsibilities for cyber accountability. This white paper, “Should marketing within the Cyber Sector be regulated?” is the result of a dynamic collaboration between three recognised cyber trailblazers who co-authored it following that conference discussion. In April 2023 the Cyber Leaders’ Summit, sponsored by Cyber News Global, OPS Cyber, Police Scotland, FBI and CIISec, invited the Coauthors to officially launch their white paper at the summit. Joanna Goddard, award winning specialist data-informed growth Consultant to the UK cybercrime programme for SME and supply chain cyber resilience for Business Resilience International Management (BRIM); Laura Irvine, Partner and Head of Regulatory Law at Scottish law firm, Davidson Chalmers Stewart (DCS), and former Board Members of Scottish Business Resilience Centre; and Rois Ni Thuama , EU Cyber Woman of the Year, and Head of Cyber Governance, boasting an in-house Doctor of law specialising in Cyber governance at UK based cyber provider, Red Sift collaborated to co-author this whitepaper. The conversation following the 2022 National Cyber Security Conference for the Energy sector was the catalyst. Whilst the 2022 conference panel addressed the imperative of C-suite leaders becoming more educated on their cyber resilience risk and accountabilities, Joanna of BRIM raised the topic of dual responsibility by legislators, to make the selection process more protected once Csuite leaders become educated, and ready to engage and invest in Cyber resilience measures. Notably imperative for small businesses where they are unlikely to have inhouse security or security expertise within their IT supplier. With no standards to prevent The relationship ‘false promises’ in that any between accountability in single product or service can make an organisation the supply chain underlines ‘cyber secure’, procurement the requirements for can result in a false sense of security, resulting in assurance in the marketing increased risk of, rather of promises made. than improved resilience, though increased ignorance. Contravening the NCS 22. Red Sift and DCS responded in support of this proposition. The relationship between accountability in the supply chain underlines the requirements for assurance in the marketing of promises made.

Research showed no one was addressing it. This in depth and dynamic Whitepaper includes: •

The call for the imperatives to be addresses within the marketing of cyber

•

The impact and opportunity for skills and sector growth

•

Indicators of Success in realising change

Sponsored by: OSP Cyber To obtain a copy of this whitepaper, please contact Joanna Goddard, Partner at BRIM joanna.goddard@brimcentre.com

Have you failed to prepare ?

Have you prepared to fail ?

When it comes to cyber-attacks, organisations that are well prepared will ‘fail better’, will be back on their feet quicker and with less impact than those that are not.

Speak to the CCoE team today to measure your preparedness. www.ccoe.org.uk

enquiries@ccoe.org.uk

Header

THE RISE OF THE CYBER RESILIENT LEADER By Richard Seiersen, Chief Risk Officer at Resilience

Navigating digital opportunity and loss while under duress The Risk of Isolation   In the not too distant past, when capital flowed and postponing profitability was a badge of honor, finance teams transferred risk, and security teams mitigated it – often in complete isolation. They didn’t align their objectives – nor were they motivated to do so. After all, times were good, and nobody seemed to care – until now.   “Corporate and infrastructure cybersecurity budgets are increasingly under pressure amid reduced revenue outlooks owing to economic uncertainty… Cybersecurity investment is not immune to overall budget cuts that could increase downside risk of attacks” - Fitch Ratings Due to severe financial headwinds, security budgets are now scrutinized, and the value of insurance is brought into question. This is also done in isolation – which courts catastrophe. As budgets for security controls get cut, the likelihood of compromise grows. Similarly, as insurance investment shrinks, the likelihood of loss grows. One cost-cutting effort compounds the other.

cybernewsglobal.com

The Need for Shared Objectives When isolation of responsibility and financial duress meet, it naturally leads to cost-cutting. The knife will be raised without an integrated view of the cost of risks to the organization being calculated. Leadership calls it risk acceptance. But can risks truly be accepted that haven’t been calculated? No. That’s nothing more than unstructured worry, as one praying to Fortuna (lady luck), hoping to avoid a bad day. The good news is that you can structure and manage your worries. It requires finance and security to share, align, and prioritize strategic objectives. Those objectives consider how business opportunity and risk mitigation work together – particularly when under duress - and support making informed trade-offs when necessary. We call this alignment of objectives Cyber Resilience.

The Call to Cyber Resilience   To be successful in this digital economy, a company must now be Cyber Resilient and integrate its risk mitigation, risk acceptance, and risk transfer so it can take a hit without impacting its ability to deliver value. This requires operating from a core set of principles and practices that tear down the walls of isolated objectives, leading to an integrated and economically efficient approach to managing cyber risk.

The Five Principles of Cyber Resilience    Cyber Resilience tolerates losses – within limits. This is different to most security strategies, which portray complete loss elimination as an end goal. Operating with shared, aligned, and prioritized objectives reveals what the business can tolerate to lose – without incurring operational disruption. For example, “With this configuration of controls, we can live with a 5% chance of losing $10 million and a 1% chance of losing $25 million…”    Cyber Resilience connects security with insurance – avoiding silos. Security investments reduce the likelihood of loss. Insurance investments reduce impact. They work together (as opposed to in isolation) to keep risk within tolerance. That means they consider both the probabilities and dollarbased impacts expressed above as important trade-offs.  Cyber Resilience seeks capital efficiency - while preventing hazards. Over or under-investing in protection leads to distraction— or worse. The former takes needed capital away from important business opportunities. The latter (negligence) threatens the business with outsized losses. Resilience optimizes return on controls and insurance so you can keep risk within your tolerance. The goal is to have a set of rank-ordered strategies that satisfy your needs while avoiding the pitfall of moral hazard.

Leading Cyber Resilience

Creating a New Role Around Director, Cyber Resilience    We believe that the principles and practices of cyber resilience necessitate a new leadership role. We are notionally calling it the Director, Cyber Resilience. It sits between finance, security, and risk management. The role’s leveling is based on the dual strategic and operational nature of the job.    Strategically, the Director is responsible for developing a cyber resilient strategy. That is an executive function that collaborates across CFOS, Risk Managers, and CISOs. Operationally, the job includes ample amounts of analytics to support decision-making and alerting. Visibility coming in from security operations like threat intelligence, vulnerability management, and incident response is analyzed in relation to value exposure. Results from analytics are used to determine (and alert) if risk is out of tolerance.

Richard Seiersen, Chief Risk Officer at Resilience

Cyber Resilience makes cybersecurity visible – so it can be managed. Keeping risk within tolerance requires seeing what’s coming, counting the costs, and responding in kind. This starts with the integrated trio of threat intelligence, vulnerability management, and incident response. Security data is analyzed in relation to the financial losses your business may face. Losses include things like: a data breach, business disruption, extortion, wire fraud and more. The analysis leads to optimized decisions – decisions that cut across investment strategies and day-to-day security operations. Cyber Resilience incentivizes cyber hygiene – by maximizing ROI. What is good cyber hygiene? It’s security controls that target the value at risk. It’s also controls that meet industry standards – thus avoiding the perception of moral hazard. Control acquisition and rollout is rank ordered based on return on investment (ROI). High ROI controls reduce the most loss at the lowest cost. Maximizing ROI allows for more controls spread across more risks – which leads to better cyber hygiene. As an added bonus, demonstrable cyber hygiene leads to better insurance terms.

The Practices of Cyber Resilience   If you want to be a cyber resilient leader, you need to not only embrace the principles of cyber resilience – you must develop the following practices:    Risk Superforecasting: Cyber resilient leaders are trained (like bookies) in risk forecasting. They use their forecasting skills to make accurate measurements and judgments about important (and often uncertain) events that can affect key objectives.    Calculating Value at Risk: Cyber resilient leaders know how to accurately gauge the potential losses they face from threats. Using superforecasting skills they assess the probabilities that threats materialize and then evaluate the range of losses that may occur to the value their businesses expose.    Resilient Strategy Design: Cyber resilient leaders create strategies that minimize both the likelihood and impact of compromise. Strategies are economically efficient combinations of controls and insurance that keep risk within tolerance without introducing moral hazard. Resilient Operations Measurement: Cyber resilient leaders know how to measure their operational strategies when put into action. Visibility coming from threat intelligence, the state of cyber hygiene, and value-at-risk is continuously analyzed. If risk tolerance is threatened, actions are taken to bring risk back within tolerance by adjusting security controls and insurance.    Resilient Communications: Cyber resilient leaders are trained to effectively quantify, qualify and communicate about cyber risks. They tell the money people and board what is needed and why (in economic terms) – and they have the operational data and analytics to defend their budgets when scrutinized.

Ultimately, the Director’s objective is to keep cyber risk within tolerance. They are accountable to governing that process. That means they work with the responsible organizations by doing the following: • Advocating for cybersecurity capabilities that are economically efficient, target value at risk, and avoid moral hazard - all informed by continuous operations analysis and backed by a resilient strategy. • Recommending changes to insurance limits and related coverage – helping to keep risk within tolerance in conjunction with recommended cybersecurity capabilities. • Transferring and or mitigating risk that has been accumulated under the guise of “risk tolerance” that can lead to loss and the ensuing perception of moral hazard.

Conclusion “Necessity, the mother of all inventions.” – Plato.

Risk leaders must make trade-offs. They must respond responsibly to economic headwinds. And they must react to the myriad threats created by digital transformation. A cyber resilient leader makes those tradeoffs without exacerbating loss nor incurring moral hazard. They operate from a set of principles that emphasize building economically efficient strategies. Efficiency maximizes return on security controls and insurance together – protecting the value the business puts at risk. In day-to-day practice, the resilient leader uses modern analytics fueled by increased cyber visibility – responding to risk that threatens to exceed business tolerance. This is how the resilient principles and practices define “The Cyber Resilient Leader.” It’s a modern role for the modern organizations – purposed to navigate trade-offs while staying resilient in the face of financial and digital duress. 

Learn more about the Resilience Solution and how it can help you assess, measure and manage your cyber risk by contacting us at ReachUs@CyberResilience.com or visiting us at CyberResilience.com.

Header

Bahrain to Host the Second Arab International Cybersecurity Conference & Exhibition (AICS)

Manama, Bahrain Under the patronage of His Royal Highness Prince Salman bin Hamad Al Khalifa, the Crown Prince, Deputy Supreme Commander of the Armed Forces and Prime Minister, the Kingdom of Bahrain is set to host the second Arab International Cybersecurity Conference & Exhibition (AICS). The event is scheduled to take place at the Exhibition World Bahrain from 5th to 6th December 2023. The AICS is a premier annual event that brings together industry leaders, experts, and professionals from around the world to share their knowledge, experience and solutions to the challenges facing the cybersecurity sector. The event also provides a platform for networking and collaboration among the stakeholders in the cybersecurity sector. On the occasion, National Security Advisor, Royal Guard Commander,

cybernewsglobal.com

His Highness Shaikh Nasser bin Hamad Al Khalifa, emphasized that cybersecurity is a fundamental pillar of the kingdom's national security and economic development. He further added that Bahrain's security and prosperity depend on the existence of a secure information and communication technology infrastructure. HH Shaikh Nasser also indicated that the AICS is in line with the National Cybersecurity Strategy and aims to meet the specific needs of exploring new technology, learning, and dealing with the evolving global cyberspace. The three-focus area of the event will demonstrate the ‘5 pillars’ of NCSC’, will provide a conducive environment for networking and engaging vendors, OEM and solution providers. The AICS is not just an opportunity for experts in the field of cybersecurity to exchange knowledge, share experiences, and learn about the latest cybersecurity trends and

solutions, but also offers a range of activities such as technical sessions, keynotes, panel discussions, workshops, hackathons, and demonstrations for students and cybersecurity enthusiasts. The event will showcase the latest cybersecurity technologies and products from leading companies and organizations. Attendees will have the opportunity to network with industry experts and obtain valuable insights and best practices. The Arab International Cybersecurity Conference & Exhibition aims to raise awareness of cybersecurity issues, key innovations and to build a strong foundation for the security of the digital world, providing an opportunity for attendees to learn, network and share their experience and knowledge in the cybersecurity domain. The event is a must-attend for anyone interested in the cybersecurity sector, and we look forward to welcoming participants from around the world to Bahrain in December 2023.

Empowering Global Cooperation

Empowering Global Cooperation in Cybersecurity

Potential highlights of AICS 2023

Connecting Influencers and Thought Leaders An event for cyber security speacialists and suppliers

his highness shaikh nasser bin hamad al khalifa