Cybersecurity in the energy sector, the nuclear sector and the automotive sector contributes to cybersecurity for smart cities. Without energy and without transport a smart city cannot exist. In consequence, the interaction between all these sectors makes a smart city alive. And interaction does not only mean the availibility of digital infrastructure. It also means the integrity and confidentiality of data. To ensure that all these elements work together in real time result in a huge challenge on data networks, data accquisition and data usage. Beside operations of IT, OT and IoT, security and privacy are essential elements for a prosperious digital smart city ecosystem. ISS focuses on digital security as part of the digital transformation and interconnectivity in all relevant industry sectors to enable the 4th Industrial Revolution.
ISS’ knowledge allow capacity building and advise in this field.
The threat from cyber attacks is increasingly perceived as a problem of national and international security as cyber attacks grow in number and sophistication, and as actors behind them are no longer suspected to be only private hackers and organized criminals, but also states. Nation states need to seriously address the way to protect their societies in an increasingly digitalized word – with special regard to national security and critical infrastructures – from any attacker.
But recent developments have shown that there is more to this debate than the solution of technical questions, in particular as many technical problems do not seem solvable at all:
A holistic approach that includes international norms of behavior and regulation to ensure the peaceful use of cyberspace is needed. This can only be achieved by creating a sophisticated international framework.
The ISS contributes to this solution through its diverse Cybersecurity capacity building concepts while being highly engaged with the newest developments on Cybersecurity on the international, regional and national levels.
The Institute for Security and Safety also actively engages in international discussions on the future of Internet Governance, i.e., at the UN OEWG process and the Paris Call for Trust and Security in Cyberspace. For an overview of the ISS' participation in internet governance with regard to cybersecurity, go to News & Events.
Nuclear security is defined by the IAEA as “the prevention and detection of, and response to, theft, sabotage, unauthorized access and illegal transfer or other malicious acts involving nuclear material and other radioactive substances and their associated facilities.” In other words, nuclear security deals with the protection of people and the environment from malicious acts that could result in the exposure of the public to ionizing radiation.
Originally founded through close cooperation with the IAEA, the ISS' focus in Nuclear Security lies in contributing to make nuclear facilities safe worldwide.
The ISS does this through its broad engagement in international capacity building formats such as Higher Education Degrees, Professional Development Courses, Advanced Training Courses, Regional Training Courses and eLearning offers. The ISS was also closely involved in the creation of the IAEA “Nuclear Security Series 12” (NSS12), namely by devising the Nuclear Security Textbook 22 (NS22) on Cyber Security for Nuclear Security Professionals.
The following Nuclear Security topics are covered by the work of the ISS:
To find out more about nuclear security-related activities of the ISS visit News & Events.
To see publications of the ISS in the field of nuclear security visit Publications.
Mobility stands on the edge of a digital revolution: Autonomous Vehicles are going to change the way we move significantly in the coming years. The interconnection of data flows is going to facilitate previously impossible levels of convenience and safety, while possibly reducing the ecological impact of vehicles at the same time. But this interconnection also bears the potential for being vulnerable to cyber attacks that can put the lives of people at risk. The security of automated mobility therefore has to be specifically addressed to ensure the safety of passengers in the future.
Having participated in the developments of international regulatory frameworks on Automotive Security at the United Nations Economic Commission for Europe (UNECE), the ISS is currently engaged in a process to help automotive manufacturers and suppliers to successfully adapt to the new regulations.
Go to News & Events to find an overview of the ISS' activities in the field of Automotive Security.
To find out more about what the ISS does with respect to new UN regulations for cybersecurity in vehicles look here.
Today’s energy supply systems, from fossil and nuclear sources to renewable energy sources, depend increasingly on digital systems for smooth and efficient operation. Yet over the last decades, the energy sector has emerged as one of the most targeted industries by cyber attacks, and one that harbors immense potential for grave consequences in the case of compromise of its security systems.
Cybersecurity in the energy sector has for a long time only inhabited a lower priority while the focus with digital technologies remained on efficiency gains. But as the concept of Critical Infrastructure Protection (CIP) has garnered increasing attention from scholarship and politics alike, energy suppliers, distributors and transmission operators see themselves increasingly responsible for the security of their digital systems.
Through its vast experience with the nuclear energy sector, the most monitored energy sector with the tightest security and safety requirements, the Institute for Security and Safety (ISS) is able to translate implications of nuclear security to other energy sectors such as gas, oil and renewables. It thereby offers sophisticated capacity building formats to improve practical knowledge of professionals responsible for security matters in their respective organizations, ranging from general ICS and SCADA application to sector-specific security issues.
To see how the Institute for Security and Safety (ISS) has been involved in Energy Security, go to News & Events.
To see the publications of the Institute for Security and Safety (ISS) regarding Energy Security, go to Publications.
Modern military engagements are heavily dependent on space-based assets. Satellites distribute data streams containing vital military information such as geolocation, targeting and communications data. The connection of these spaced-based systems to ground-based networks however means that they are also especially vulnerable to cyber attacks which can disrupt services temporarily, manipulate information or take out these systems permamently.
Securing these systems against cyber intrusions constitutes an important task for modern militaries.
The Institute for Security and Safety (ISS) has previously been engaged in international academic efforts with Chatham House to better assess these cyber threats.
For more information on the cyber risks posed to space-based strategic systems and their potential consequences have a look at Chatham House's publication.
Data streams increasingly influence the way people live together in the modern world. The concept of the “Smart City” has emerged over the past years to manage the cohabitation of humans in densely populated areas by integrating Information and Communication Technology (ICT) with urban infrastructures. According to the “Smart City”-concept, data streams and interconnectivity of electronic devices can be operationalized to more efficiently manage urban infrastructure, from guided traffic, over energy supply to waste management and at the same time increase the sustainability of cities.
While the “Smart City”-concept offer to improve the life we live in urban areas, the enormous amount of data that constantly needs to be aggregated and exchanged in real-time means that cities will depend on the security of the data streams more than ever to prevent urban infrastructure from getting compromised through cyber incidents.
The ISS recognizes this dependency and engages in capacity building concepts for professionals in the area of security for the IoT, Industrial Control Systems (ICS), Supervisory Control and Data Acquisition (SCADA) and related technologies.