ISSN 2055-6950 (Print) ISSN 2055-6969 (Online)
Cyber Security Review Summer 2016
SECURITY, SOVEREIGNTY AND THE INTERNET: WHAT TO DO AS THE INTERNET WEAKENS STATES EVERYWHERE NATO’s POLICY ON CYBER DEFENCE –TODAY AND TOMORROW DEVELOPMENT OF CYBER THREATS AGAINST FINANCIAL INSTITUTIONS CYBER THREATS TO NUCLEAR POWER PLANTS IN THE SECOND NUCLEAR AGE CYBER SECURITY: THE NEW BUSINESS PRIORITY FACING EXECUTIVES INTERNATIONAL COLLABORATION
JAPAN AND ISRAEL’s CYBER COOPERATION FOR THE 2020 OLYMPIC GAMES
SMART CITIES: THE IMPLICATIONS FOR THE PRIVATE SECTOR
w w w.c ybersecurityci.com
AUGUST 21-23, 2016 SAN DIEGO, CALIFORNIA
The Rise of Critical Infrastructure Attacks:
Evolving the Organization to Respond and Prepare for Cyber Security Threats
JOEL AUSTIN
MIKE HARRIS
CIO Oncor Electric Delivery
GEORGE KHALIL
DIRK MAHLING
PAUL REYES
CRO SEI Investments
BRANNDON KELLEY
ISO City of Riverside
SVP Technology Alliant Energy
SUSAN RAMONAT
CIO Clark Public Utilities
ERFAN IBRAHIM,
CIO American Municipal Power
GLENN STEIGER
CEO Alameda Municipal Power
VP of IT Infrastructure & Security Services Energy Future Holdings
PhD Center Director, Cyber-Physical Systems Security & Resilience R&D National Renewable Energy Lab
ERNEST WOHNIG
Senior Global Cyber Security Advisor (Deputy CISO) AES
JIM JONES
CIO Great River Energy
Why Should you Attend? Attendance is exclusive - Participation is strictly limited to senior executives from leading corporations to facilitate true peer-level networking for our delegation and speakers. Strategic conference sessions - The intellectual content of the conference agenda is specifically designed for the seniority and maturity of the participants and has been developed following 9 months of in-depth research. Maximize your time out of office by customizing your own itinerary - Select the conference sessions, BrainWeave® discussions, and business meetings that match your initiatives and current business needs ensuring you have full control of your time at the Exchange. Unsurpassed formal and informal networking opportunities - to share and exchange ideas and concepts. One-on-one business meetings – The business meetings provide an exceptional opportunity for event participants to assess the solutions and services that are available to help them achieve their business objectives.
A few sessions we’re really excited about! Streamlining Incident Response and Risk Mitigation to Strengthen IT/OT Awareness and Communications with the Board SCOTT KING Director - Information Security Sempra Energy Utilities
Insider Threats: Securing the Human Link JEANA PIERALDE Information Security & Compliance Manager California Water Service Company
REQUEST YOUR INVITATION TODAY! Mention code: 26639.001_CSR www.cybersecurityci.com I 813-658-2539 I inexchange@iqpc.com
EDITORIAL CONTRIBUTORS
Cyber Security Review
MEDIA PARTNERS
The opinions and views expressed in the editorial content in this
Published by Delta Business Media Limited 3rd floor, 207 Regent Street London W1B 3HH United Kingdom
publication are those of the authors alone and do not necessarily
Tel: +44 (0) 20 7193 2303 Fax: +44 (0) 20 3014 7659 info@deltabusinessmedia.com www.deltabusinessmedia.com www.cybersecurity-review.com
The views and opinions expressed in this publication do not necessarily
represent the views of any organisation with which they may be associated. Material in advertisements and promotional features may be considered to represent the views of the advertisers and promoters. express the views of the publisher. While every care has been taken in the preparation of this edition, the publisher is not responsible for such opinions and views or for any inaccuracies in the articles. Š 2016. The entire contents of this publication are protected by copyright. Full details are available from the publisher. All rights reserved. No part of this publication may be reproduced, stored in a
ISSN 2055-6950 (Print) ISSN 2055-6969 (Online)
retrieval system or transmitted in any form or by any means, electronic, mechanical photocopying, recording or otherwise, without the prior permission of the copyright owner. cybersecurity-review.com
3
CONTENTS
CONTENTS IFC CYBER SECURITY FOR CRITICAL INFRASTRUCTURE EXCHANGE 2016 5
CRANFIELD UNIVERSITY – MSc IN CYBER-SECURE MANUFACTURING
5
ISDEF 2017 – THE 8th INTERNATIONAL DEFENSE & HLS EXPO
7
ECCWS – 15th EUROPEAN CONFERENCE ON CYBER WARFARE AND SECURITY
8
CYBER INTELLIGENCE EUROPE 2016
9
SECURITY, SOVEREIGNTY AND THE INTERNET: WHAT TO DO AS THE INTERNET WEAKENS STATES EVERYWHERE
14
FUTURE OF CYBER CONFERENCE 2016
By Ian Fletcher, partner of cyber and physical security consultancy InPhySec, former Director of the GCSB
15 NATO’s POLICY ON CYBER DEFENCE – TODAY AND TOMORROW
By Dr. Jamie Shea, Deputy Assistant Secretary General, Emerging Security Challenges, NATO
21 DEVELOPMENT OF CYBER THREATS AGAINST FINANCIAL INSTITUTIONS
By Troels Oerting, Group Chief Information Security Officer and Elena Kvochko, Head of Global Information Security Strategy and Implementation, Barclays
27
CYBER THREATS TO NUCLEAR POWER PLANTS IN THE SECOND NUCLEAR AGE
33
11th ANNUAL HOMELAND SECURITY WEEK 2016
34
THE INSIDER SECURITY THREAT HOW SHAREPOINT AND OFFICE 365 MEASURE UP
4
By Jack Caravelli, visiting professor at the UK Defence Academy, previously member of senior staff at the National Security Council (NSC), White House
By Peter Bradley, CEO of Torsion Information Security
CYBER SECURITY REVIEW, Summer 2016
NEW COURSE
MSc in Cyber-Secure Manufacturing Available full-time/part-time Cranfield Manufacturing launch a new course for 2016/17 in Cyber-Secure Manufacturing, in response to the growing threats posed to Industry 4.0 and the development of Smart Factories. Developed for manufacturing engineers/managers to help protect manufacturing systems and machines against cyber threats.
In partnership with:
To find out more visit www.cranfield.ac.uk/CSM

THE RIGHT place THE RIGHT time THE RIGHT people JUNE 6-8
2017 TEL- AVIV
THE 8TH INTERNATIONAL DEFENCE & HLS EXPO
VISIT OUR WEBSITE
WWW.ISDEFEXPO.COM
Contact us now for more details Exhibition & Sponsorship Opportunities: Sales@isdefexpo.com General Information: expoaffairs@isdefexpo.com Tel. +972 3 691 4564 | Fax. +972 3 691 4567
cybersecurity-review.com
5
CONTENTS
40
IT-SA BRASIL 2016 – THE IT SECURITY CONFERENCE AND CORPORATE NETWORKING EVENT
41 CYBER SECURITY: THE NEW BUSINESS PRIORITY FACING EXECUTIVES
By Dr Arthur M. Langer, Columbia University
47 INTERNATIONAL COLLABORATION JAPAN AND ISRAEL’s CYBER COOPERATION FOR THE 2020 OLYMPIC GAMES
By Ori Bar-Chaim, Director General at Regional Branch of Custodio Pte. Ltd - a subsidiary of Israel Aerospace Industries (IAI) and Camila Edry, Department Manager of Cyber Centers at Cyber Directorate - Elta, IAI
51
MILIPOL QATAR 2016
52
SMART CITIES: THE IMPLICATIONS FOR THE PRIVATE SECTOR
By Nicolas Reys, Consultant, Control Risks Cyber Security Services
57 ASSURING THE SUPPLY CHAIN – HOW TEAM DEFENCE WORKED TOGETHER TO ADDRESS CHALLENGES
By Daniel Selman, Cyber Industry Deputy Head, MOD UK
61 THE CZECH REPUBLIC’s NATIONAL CYBER SECURITY EDUCATION CONCEPTS
By Katerina Habova, Cyber Security Education specialist at the National Security Authority/ National Cyber Security Centre
67 CRASH COURSE FOR IT NEWBIES: SOME HAVE AUTOMATED INFORMATION SYSTEMS THRUST UPON THEM
By Oliver Easterday, deputy branch chief of the Sustainment Branch at the Air Operations Center, U.S. Air Force C2 Requirements Division, Headquarters Air Combat Command, in Hampton, Virginia
71 CYBERSECURITY - THE ROAD AHEAD FOR DEFENSE ACQUISITION
By Steve Mills and Steve Monks, Defense Acquisition University
75
ISDEF 2017 – THE 8th INTERNATIONAL DEFENSE & HLS EXPO
OBC ISRAEL AEROSPACE INDUSTRIES - IAI 6
CYBER SECURITY REVIEW, Summer 2016
ECCWS
15th European Conference on
Cyber Warfare and Security 7-8th July 2016 Munich, Germany
It is 15 years since the European Conference on Cyber Warfare and Security (ECCWS) was established. It has been held in cities around Europe and attracts a truly international audience of academic scholars, military personnel and practitioners. ECCWS 2016 is being hosted by the Bundeswehr University, Munich, Germany where the Conference Chair is Prof. Dr. Gabi Dreo Rodosek. ECCWS oers a unique opportunity for sharing ideas and learning from others.
For more information: http://www.academic-conferences.org/conferences/eccws/ Or email: info@academic-conferences.org
Taking cyber solutions to the next level
IAI’s Cyber Defense, Intelligence and Early Warning Solutions • Cyber and off-the-air Accessibility solutions • Training, Testing, Simulation & Forensics • Cyber Analytics- Identity Resolution, Geo Location, Anomaly Detection • Modular Cyber Centers: Cyber Security Operation Centers (CSOC), Intelligence Centers and Early Warning Centers
www.iai.co.il corpmkg@iai.co.il
To receive a full version of the Cyber Security Review, please complete the Request Form Here. Please provide a valid corporate, government or academic email address. We reserve the right to refuse to accept any application at our discretion. If you have any queries please email to: editorial@deltabusinessmedia.com
REQUEST YOUR COPY OF THE CYBER SECURITY REVIEW
www.cybersecurity-review.com
Published by Delta Business Media 3rd floor, 207 Regent Street, London, W1B 3HH, United Kingdom Tel: +44 (0) 20 7193 2303 Fax: +44 (0) 20 3014 7659 info@deltabusinessmedia.com www.deltabusinessmedia.com