2023/42 Weekly Update from the “City ISAC I4C+” Highlights: [TLP:RED] Guidance – Break your own kit / Which grappa tastes best in coffee? / Ready for surprise budgets? / National services probably best for managing voter lists?
[TLP:WHITE]
** For Back Issues see https://isac4cities.eu/blog **
** IMPORTANT – Call Next Week on Friday 27 October also Face-to-Face in Prato **
Weekly [TLP:RED] – Please contact us directly for more information – these are summaries only and the “key” is in the actual stories. They are based on honest comments by peers in private conversations and they would probably never acknowledge the statement officially:
- Weekly [TLP:RED] for Publicly Elected Officials: A major Cyber Incident will occur – I just have to make sure the Crisis Response Team convenes immediately.
- Weekly [TLP:RED] for Essential Services Managers: A major Cyber Incident will occur – I just have to make sure I can provide my services without IT (Business Continuity Management).
- Weekly [TLP:RED] for IT Leaders: We are heroes when it comes to getting old kit back running… not making the effort and letting it fail is the fastest route to new kit.
Summary
Hi everyone and hope you are well – three cities and one region stopped by on Friday morning and looking forward to our face-to-face session in Prato coming week – no worries, we´ll start the online session in parallel. We then discussed what sort of grappa might be best to add to our coffees – we remain curious on what the colleagues will bring along for our “coffee corretto”; suggestions range from honey-sweetened through herbal additions and just the cheapest 😊
One colleague just traveling back from a cyber security event at the European Committee of the Regions (https://cor.europa.eu/en) and sharing how many cities took part – impressive line-up it seems and they are of course a dissemination in the upcoming Project MEET activities.
Another member lining up for national elections in one of our eastern EU member nations and sharing stories of how there is growing concern of manipulation of election machines. A perennial topic of course, coupled with all the difficulties associated with voter registrations / tracking etc. Managing identities is a core theme across any IT services as well of course – no silver bullet here, however it seems that most of the core EU members rely fully on a single national voter registry as “master list” / “one source of the truth”.
“Simulated faults” were our other main theme of discussions – simply put, let (or make) IT systems fail so that they can finally be decommissioned. We are heroes at letting old kit stay alive and hence often also responsible ourselves for legacy kit not being removed. In practice it can often help to use power failures (restarting old kit is difficult…) or even just not making the extra effort to find replacement assets on EBay… Alternatively, we might want to stop buying extra kit as replacement any time we have a chance to do so – difficult decision I agree.
On a more positive note – one colleague surprisingly received over a €1m additional budget, but had to decide what to invest on within a few days -> makes sense to have a solid investment roadmap (5-year view?) and at least ROM cost estimates for key purchases available.
Yes – monitoring for cyber security gets better with new kit (but old kit may actually be safer in the end?).
Cheers and looking forward to an exciting conference week (see https://www.majorcities.eu/conferences/2023-prato/)
Oliver
UPDATES
In the News:
- Rhysida #ransomware group has added Camara Municipal de Gondomar (http://cm-gondomar.pt) to their victim list and claims to have kept the organization’s data for auction on their #darkweb portal. See https://twitter.com/FalconFeedsio/status/1710177598737719607
- The email-accounts of the mayor and their secretary of the German community of Grasellenbache were hacked. See https://www.wnoz.de/nachrichten/odenwald/hackerangriff-auf-die-verwaltung-252132.html
- Now Use the CIS Controls v8 to Evaluate Your Ransomware Risk: A new version of one of our tools helps you to evaluate your ransomware risk using the CIS Critical Security Controls (CIS Controls) v8. You can now choose CIS Controls v7.1 or v8 for an assessment when you use the CIS CSAT Ransomware Business Impact Analysis tool v1.1.0. (Previously, only CIS Controls v7.1 was supported.) These changes are designed to help you evaluate your likelihood of experiencing a ransomware attack in a way that aligns to your cybersecurity program, your unique business goals, and today’s ransomware threat landscape. See https://bia.cisecurity.org/?utm_source=pardot&utm_medium=email&utm_campaign=controls&utm_content=business_impact_analysis&sc_camp=0B22CFB5AE2A439FB5AD1002227536F7
City ISAC Services (Member Funded): Our secure collaboration space at https://cloud.isacs.eu/ and the MISP platform at https://misp.isacs.eu/ have been reactivated in preparation for Project “MEET”. If you would like to use these platforms please let me know and we can discuss access.
Project “DAVID” (Member Funded): Focus on preparing the physical VAUBAN exercise in Prato next Thursday.
Project “MEET” (EU Funded / Beneficiary): No updates from the coordinator on signing of the financial grant with the commission.
Project “VAUBAN”: Focus on preparing the physical VAUBAN exercise in Prato next Thursday.
Project “Regions4Cyber”: Helping to finalise the survey in collaboration with the European Cyber Security Organisation (see https://ecs-org.eu/) and a major region in Italy. If you are planning any survey check out https://ec.europa.eu/eusurvey/home/welcome/runner and a robust and secure offering by the EU.
Please remember you can reach the whole group via city-isac-i4c-tlpwhite@majorcities.eu. A dedicated group for those cities signing the NDAs is available separately.
Also note our LinkedIn organisational page at https://www.linkedin.com/company/eu-city-information-sharing-and-analysis-center-isac/ and our discussion group at https://www.linkedin.com/groups/12773643/. Do follow us / join.
Join our weekly Friday morning coffee chats from 9am-10am CET – feel free to come in your pyjamas. Let me know if you are missing an invite and I will send.
Thank you for the support, your City ISAC I4C+ Team.
Cheers and ever onwards
Oliver
Innovating our Future… Together
Chair City ISAC I4C+ / Dr. Oliver Schwabe.
Email: oliver.schwabe@isac4cities.eu Mobile: +49 (0) 1709053671. Web: https://i4c.isacs.eu/ & https://www.majorcities.eu/isac-for-cities-plus/