4th NMIOTC Annual Cyber Security Conference in the Maritime Domain, Crete, Greece.

ISS Director Guido Gluschke, Acing Director Swantje Westpfahl and ISS Security Scientist Dmytro Cherkashyn participated in the 4th NMIOTC Annual Cyber Security Conference in the Maritime Domain from 30 September – 01 October 2020, hosted by NATO. The focus of this year’s conference was on new and emerging Cyber Security threats which threaten both civil and military operations in the maritime domain. The ISS members gave a presentation named ‘Developing an Exercise Platform for Educational Activities on Maritime IT/Cyber Security’ in which they highlighted the vulnerabilities of maritime vessels to code-borne attacks and how to mitigate the resulting threats by establishing an educational Cyber Security platform. For this, the ISS also presented its own upcoming ISS Capacity Building Center (ICBC) which aims to provide organizations and individuals with professional Cyber Security educational services, such as online courses, trainings and customized didactic concepts (CDCs). One of the specific instruments for Cyber Security exercises is an ISS Demonstrator also presented at the conference. The conference was attended by more than 100 experts and NATO personnel both on location and online.

UNIDIR Cyber Stability Conference 2020, Geneva Switzerland.

ISS member Tim Dalhöfer attended the 2020 Cyber Stability Conference by UNIDIR on 28 September 2020. The formation of universal Cyber Norms remains one of the great challenges faced by governments, international organizations and a vast variety of private actors in today’s digital landscape. Establishing rule-based behavior in cyberspace is seen as one the main prerequisites for reducing the number of state-sponsored cyberattacks and strengthening states abilities to curb the rising influx of criminal malware attacks. The foundation for such norms is usually best found in dialogue among stakeholders. UNIDIR’s 2020 Cyber Stability Conference focused on the lessons learned from past Dialogue experiences on cyber norms and attempted a look into the future of Dialogue in cyberspace. A wide range of professionals from governments, international organizations, civil society organizations and industry representatives discussed aspects like the importance of a multi-stakeholder approach to Dialogue, the adoption of lessons from similar dialogue topics such as climate change and how to build on existing dialogue formats in international relations.

The event was being attended both in person and by an online audience.

A good overview of the day is summarized in a video on UNIDIR’s official Youtube channel:

Automotive Security Summit, 3. November 2020. Stuttgart, Germany

in German–

Das “Institute for Security and Safety” teilt seine Expertise und lädt Sie ein beim Expertenkreis Automotive Security Management System teilzunehmen.

Die Transformation der Automobilbranche schreitet zügig voran. Die wesentlichen 4 Trends in Mobility sind: Electrified, Connected, Automated, Shared. Auf diese Herausforderungen muss die Branche Antworten finden.

Diese Antworten sind nur mit Hilfe der Digitalisierung zu erreichen. Digitalisierung setzt aber in jedem Fall ein ausreichendes Maß an Cybersecurity voraus, denn durch stärkere Vernetzung, zusätzliche Schnittstellen und Funktionali-täten wird die Attraktivität eines Angriffes auf Fahrzeuge und die angebundene Infrastruktur durch Hacker drastisch erhöht.

Im Automobilsektor werden aktuell neue Ansätze und Ideen diskutiert, wie Cybersecurity in die Unternehmens- und Produktsicherheit integriert werden kann und somit ein unternehmensübergreifendes Sicherheitsmanagement erreicht wird. Die Notwendigkeit ergibt sich aus dem notwendigen Zusammenwirken von unterschiedlichen Unternehmenseinheiten sowie der Verschmelzung der digitalen Systeme mit der Business-IT.

Somit wird ein Sicherheitsmanagementansatz gesucht, der die Bereiche Business, Production and Product miteinander verbindet. Gleichzeitig existieren zahlreiche Anforderungen an Unternehmen, die sich zum Beispiel aus Zertifizierungen entsprechend ISO 27001 und TISAX ergeben sowie UN ECE. Darüber droht dem Automobilsektor mit den KRITIS-Anforderungen des IT-Sicherheitsgesetzes in Kontakt zu kommen.

Mehr erfahren und anmelden: events.uniss.org

Roundtable on Intelligent Transport Systems and Cyber Security, Geneva, Switzerland

Several representatives of the ISS participated at this year’s ‘Roundtable for Intelligent Transport Systems and Cyber Security’ on 08 September, co-hosted by the UNECE’s Intelligent Transport Division and the Office of the Co-ordinator of OSCE Economic and Environmental Activities (OCEEA). The event attracted over 100 representatives from stakeholders in the fields of Transportation, Cyber Security, Politics, Information and Communication Technology to come together in Geneva to discuss new and emerging Cyber Security threats to intelligent transport systems such as autonomous vehicles.

The event showcased the importance of recognizing and addressing the security issues associated with autonomous and automated vehicles, a topic that has been prominently addressed by the two UNECE regulations on Cyber Security and Software Updates for connected vehicles adopted in June 2020. As participants in the draft process for these regulations, the ISS constitutes an expert on the topic determined to share its expertise with other important stakeholders to strengthen the Cyber Security of the future of transportation.

More information on and assessments of the event can be found at the UNECE website.

Adoption of two new regulations for Cybersecurity and Software Updates by UNECE’s World Forum for Harmonization of Vehicle Regulations, Geneva/Switzerland

Two new regulations on Cybersecurity for connected vehicles were adopted by the UNECE’s World Forum for Harmonization of Vehicle Regulations on 24 June 2020. Entering into force in January 2021, the new regulations address important security aspects of connected vehicles such as “Over-The-Air” (OTA) updates, managing of cyber risks for vehicles and mitigating cyber risks along the value chain.

The ISS has been involved in the process of forming these regulations through its participation in the UNECE GRVA Working Party on Automated/Autonomous and Connected Vehicles.

International Conference on Nuclear Security 2020, Vienna, Austria

From 10-14 February Dmytro Cherkashyn and Tim Dalhöfer attended the IAEA’s Nuclear Security Conference 2020 where experts and government representatives for nuclear security met under the slogan “Sustaining and Strengthening Efforts”. Central topics to both technical sessions and high-level plenaries were new and emerging technologies and their impact on the nuclear security field, as well as national experiences with the implementation of nuclear security regulations. This year, great importance was lend to computer security, which came up in the discussions of many technical sessions.

5th Session on the UNECE Working Party on Automated/Autonomous and Connected Vehicles, Geneva/Switzerland

ISS Co-Director Guido Gluschke took part in the 5th session of the UNECE GRVA Working Party on Automated/Autonomous and Connected Vehicles, which took part in Geneva from 10-14 February 2020. With the goal to establish wide-ranging collective regulations between the UNECE Member States, the participants carried on the the process of the previous sessions, where experts convened on different aspects of future mobility technologies and subsequent challenges, inlcuding aspects of Cybersecurity for autonomous vehicles.

Global Cybersecurity Forum, Riyadh/Saudi Arabia

The first Global Cybersecurity Forum hosted by the Kingdom of Saudi Arabia took place on 4-5 February 2020 in Riyadh. Under the slogan “Joining Efforts for a better Cyber World”, the Forum facilitated multi stakeholder dialogue on how to establish a safer and more resilient Cyberspace for the world of tomorrow. Plenary sessions were organized around five central topics (Cyber Industry, Cyber Threats and Resilience, Cyber Culture, International Cyber Collaboration and Cyber Disruption) with the goal to create an action-oriented roadmap for Cybersecurity in the 21st century. Within the scope of the Forum Saudi Arabia’s National Cybersecurity Authority (NCA) also announced initiatives on the protection of children in Cyberspace and on the boosting of representation of women in Cybersecurity-related workfields. ISS Co-Direcor Guido Gluschke was invited to the Forum by the NCA to participate in the event.