2023/49 Weekly Update from the “City ISAC I4C+” Highlights: [TLP:RED] Guidance – Dress down in budget negotiations & Women are better crisis managers / We say “A”, do “B”, and think “C” / Regional efforts for joint-defence maturing / What is a “minimum viable municipality?
[TLP:WHITE]
** For Back Issues see https://isac4cities.eu/blog **
| Weekly [TLP:RED] |
Please contact us directly for more information – these are summaries only and the “key” is in the actual stories shared privately. The stories are based on personal sensitive knowledge shared by peers in personal conversations under Chatham House Rules. This “stuff” may look obvious (?) – the magic lies between the lines and only becomes visible in a personal conversation.
- Weekly [TLP:RED] for Publicly Elected Officials: Woman are better crisis managers (see https://hbr.org/2020/12/research-women-are-better-leaders-during-a-crisis).
- Weekly [TLP:RED] for Essential Services Managers: Have up-to-date paper versions of all forms available for copying when you must return to “pen and paper”.
- Weekly [TLP:RED] for IT Leaders: Don´t wear your best business clothes in budget negotiations – if you are dressed better than others, why should you get more money?
| Summary |
Hi everyone and hope you are well – one city joined on Friday morning (public holidays in some countries and IT problems preventing a few others from joining) and the colleague preparing for an ISO27k audit review later that day – what a nice way to end the week… We reflected that it might make sense to avoid dressing in a nice suit and instead go barefoot wrapped in an old threadbare to highlight the significant lack of funding and resources. That sort of made us realise that we all try to be heroes and demonstrate that we can protect / run IT despite funding and resource challenges – a common theme at just projects we really do not need additional support – a theme we seem to return to regularly.
The above then reminded us that we are often in situations where colleagues think / agree on “A”, do “B”, while thinking “C”…. no, not the three-monkey image, and just a reflection that truly shared agendas are rare.
The other point we discussed was the excruciating exactness needed by all parties in public purchasing processes, and how many struggle to apply this from requirements capture, through tendering and shortlisting, to purchasing, deployment and operations. Every word counts as we know and while IT / cyber professionals might apply this in their IT / cyber contexts, we struggle to do this in the (legal) process world of public purchasing. That then leads to a true lack of enthusiasm when it comes to purchasing (remember we already paid heavily in painkillers and anti-depressants to get the budget) – what if we were allowed to expense those? Look – if you tender for a chiller with a weight of 2 tons and receive a proposal for one with 3 tons, why don´t you just decline it rather than beginning (probably hopeless) negotiations with all parties to make it possible? As discussed in previous meetings, invest the time upfront to design tenders to solicit exactly what you need – changing this later will destroy your mental health…
Wishing you a good weekend
Cheers
Oliver
| In the News |
- Please note the attack on the civil administration of the Vorpommern-Rügen district in Mecklenburg-Western Pomerania. “The district administrator Stefan Kerth spoke to the German publication Nordkurier and informed them that the disruption is likely to persist until at least 04 December. Whilst details regarding the incident are scarce, this is one of many recent articles in which German municipalities and administrations have segmented their networks as precautionary measures in the aftermath of a perceived cyber-attack. There is a realistic possibility that this incident mirrors the previous assessments on cyber-attacks on other German municipalities, insofar as that the administration has been infiltrated by a financially motivated threat actor with the intent to either exfiltrate or encrypt data as part of an extortion based revenue model.” See https://aussiedlerbote.de/en/security-measures-paper-and-pen-instead-of-computer/.
| City ISAC Services (Member Funded) |
No specific updates – do make a point of following us on the LinkedIn page at https://www.linkedin.com/company/98519767/admin/feed/posts/ and joining our LinkedIn discussion group at https://www.linkedin.com/groups/12773643/.
| Project “DAVID” (Member Funded) |
Research efforts and discussions currently looking at the “minimum viable administration” that needs to be implemented in the scenario of a major service outage – a sort of “business continuity plan”, whereby the previously developed service priorisation process needs to be applied. This obviously connects tightly with the regional VAUBAN efforts emerging. The challenge is hereby not the process, it is creating the shared agreement among stakeholders (therefore elected officials, municipal officials, IT, etc.) about the priorities to tackle. In the background is the assumption that it would take at least 6-12 months to return to normal operations, and that this approach could reduce that to 12 weeks perhaps. And yes, robust segmentation and disaster recovery management play a major role.
| Project “MEET” (EU Funded / Beneficiary) |
Discussions regarding the eligibility of the lead proposer continue and we are now unclear on how / when the project will proceed. We will therefore “park” communications on the project until we have clarity on the way forward.
| Project “VAUBAN” |
Discussions continue regarding a German regional “child” of the collective defence approach, whereby we have confirmation from a handful of regions in other countries that they are willing to join the effort (and spawn many new children). The interesting challenge will be language, since many colleagues on local and regional levels in fact feel quite uncomfortable working together in English – something we originally did not expect and results in the challenge of coordinating an “act local, think EU wide” across language boundaries as well. Everyone is in “violent agreement” that we (peers) need to collaborate better in cyber and that cross-border collaboration would be great – going into the details reveals the challenge, yet everyone feels this will work. The final deliverables could be (a) a joint-agreement as per our aspirations – see https://isac4cities.eu/our-aspiration-draft, (b) an incident collaboration “plan” – i.e., a checklist of collaboration measures added to the municipal crisis plan, and (c) preparedness to share resources as needed.
| Project “Regions4Cyber” |
Responses to the pilot survey are encouraging so that final revisions are underway as well as conversations with friends at various EU wide municipal associations to distribute this survey on our behalf. Key to the internal discussions is realising that we are already building the core community (about ½ dozen participants currently) and that “good” does not mean 1000s of “lurkers”, but small groups of 8-12 regions actively collaborating. Identical to our effort, yet focused on regions and less operational subjects.
Please remember you can reach the whole group via city-isac-i4c-tlpwhite@majorcities.eu. A dedicated group for those cities signing the NDAs is available separately.
Also note our LinkedIn organisational page at https://www.linkedin.com/company/eu-city-information-sharing-and-analysis-center-isac/ and our discussion group at https://www.linkedin.com/groups/12773643/. Do follow us / join.
Join our weekly Friday morning coffee chats from 9am-10am CET – feel free to come in your pyjamas. Let me know if you are missing an invite and I will send.
Thank you for the support, your City ISAC I4C+ Team.
Cheers and ever onwards
Oliver
Innovating our Future… Together
Chair City ISAC I4C+ / Dr. Oliver Schwabe.
Email: oliver.schwabe@isac4cities.eu Mobile: +49 (0) 1709053671. Web: https://i4c.isacs.eu/ & https://www.majorcities.eu/isac-for-cities-plus/