2024/43 Weekly Update from the MCE SIG NEW: Best Wishes for the Holiday Season! / NO CALLS 27 Dec & 3 Jan / Still need a Christmas present for your ISAC? / ISAC Baseline (IBAS) Project launching – Last Call to join at Reduced Rates / ENISA “Implementation guidance on NIS 2 security measures – Draft for Consultation” still available / 20 Essential Open Source Cyber Security Tools for 2025 / What is the best Christmas present for a cyber threat actor?
** For Back Issues see https://isac4cities.eu/blog **
No calls on 27 December and 3 January – Christmas Break!
The City ISAC (I4C+) is an Information and Analysis Centre whose members are IT and cyber security decision makers exchanging knowledge to improve their cities and collective cyber resilience. I4C+ is a Special Interest Group (SIG) hosted by Major Cities Europe (MCE). Dr. Oliver Schwabe is a member of MCE and in his function Chair of the ISAC for Cities Plus (I4C+). He is the person in charge of this effort on behalf of MCE and the responsible contact person. I4C+ is recognized by the European Agency for Cybersecurity ENISA. See https://isac4cities.eu/.
| Weekly [TLP:RED] |
Please contact us directly for more information – these are summaries only and the “key” is in the actual stories shared privately. The stories are based on personal sensitive knowledge shared by peers in personal conversations under Chatham House Rules. This “stuff” may look obvious (?) – the magic lies between the lines and only becomes visible in a personal conversation.
This week´s thoughts are based on the scope of essential services your public administration subscribes to, operates, and manages, including what IT systems support their delivery.
- Weekly [TLP:RED] for Publicly Elected Officials (Repeat # 12): Woman are better crisis managers (see https://hbr.org/2020/12/research-women-are-better-leaders-during-a-crisis).
- Weekly [TLP:RED] for Essential Services Managers (Repeat # 12): Have up-to-date paper versions of all forms available for copying when you must return to “pen and paper”.
- Weekly [TLP:RED] for IT Leaders (Repeat # 12): Don´t wear your best business clothes in budget negotiations – if you are dressed better than others, why should you get more money?
| Summary |
Hi everyone, I hope you are doing well. Belgium, Bulgaria, and Ireland joining this last Friday call for 2024 and we enthusiastically shared the Holiday Season backgrounds available in GoogleMeet – best wishes to all for the Holiday Season and here´s hoping it will be a quiet and restive period! I suspect this will not necessarily be under our control, however as long as there is not (threat of) major incident we should be thankful – not like one colleague experienced two years ago shortly before New Year when they were forced to go offline due to a credible breach threat on the dark web. Enjoy, be merry and don´t count the calories for a while 😊
If you are still looking for a Christmas present for your ISAC (and don´t want to stop at the gas station Christmas Eve…), please consider reserving some 2025 budget for contracting our services (see https://isac4cities.eu/services-offered, i.e., a tabletop, dark web monitoring or outsourcing your risk management), joining the ISAC Baseline project (see https://isac4cities.eu/public-administration-isac-baseline), joining our hosting organisation Major Cities Europe (see https://majorcities.eu/) or auditing the cyber security of your supply chain? Open to other ideas as well of course. If you have some 2024 budget left, we can send proposals / invoices by end of year of course.
As a quick update from the ISAC Baseline Project (“IBAS”) three of our ISAC members have taken the “leap of faith” to launch this effort early 2025. See https://isac4cities.eu/public-administration-isac-baseline for an overview of this effort. The members represent three countries, and it will be fascinating to watch as we accelerate the path to cyber resilience and NIS2 compliance through bench learning.
Note that the ENISA “Implementation guidance on NIS 2 security measures – Draft for Consultation” is still available – see https://www.enisa.europa.eu/news/asking-for-your-feedback-enisa-technical-guidance-for-the-cybersecurity-measures-of-the-nis2-implementing-act. This is an opportunity for our ISAC to provide input – please let me know any thoughts and I will consolidate and input.
Worth reviewing is the “20 Essential Open Source Cyber Security Tools for 2025” (see https://www.stationx.net/open-source-cyber-security-tools/). Remember that not only can such tools provide an additional layer of protection at low cost, BUT THEY ARE ALSO USED BY THREAT ACTORS – ignoring highly advanced targeted attacks for the moment, the threat actors often use them in initial scanning phases where they are exploring for weaknesses. We can support testing if you are interested. Good places to also explore are https://www.softwaresuggest.com and of course https://www.gartner.com/reviews/markets – cannot go wrong if we buy the top vendors right?… #hmmmm
One colleague then sharing stories of massive IT budget reductions in administrations they are working closely in – interesting especially because those administrations are in fact virtually debt free – another push on “sweating assets” happening perhaps? The actual background seems to be the new mayor is planning some new projects and needs to free up budget #sigh…. We all know what is going to happen with those plans, especially since many IT / security vendors are significantly increasing pricing next year.
Another interesting story came up around “blacklisting” suppliers in respect to refusing to connect them to our networks – I have not come across this specific way of work before to be honest – its been more of driving suppliers to meet minimum cyber security standards before connecting them – maybe a more “friendly” approach?
We then looked at how one colleague was using flare.io in their daily business – fortunately they have the resources to chase down the various alerts / notifications. Additionally, we reflected that such companies sometimes do go out and buy leaked data from the threat actors – seems like a nice business model? Wonder if there are any kick-back agreements out there…
When we held our webinar on HIRING4CYBER someone mentioned that we are truly “digital knights” protecting our citizens – that sort of triggered an idea that our famous “Dark Knight” might be spending Christmas Eve as Santa Claus… Enjoy!
Cheers,
Oliver
Insights from AI
Considering the approaching festivities, I asked CoPilot “What is the best Christmas present for a cyber threat actor?” The AI responded:
“Interesting question! If we were to think whimsically about the best Christmas present for a cyber threat actor, we might consider gifts that play to their curiosity and technical skills—but in a positive way. Here are some fun and ethical ideas:
Puzzle Box: A complex puzzle box that requires problem-solving skills to open, keeping their analytical mind sharp.
Cybersecurity Challenge Kit: A legal and ethical hacking challenge kit to test their skills on simulated environments, fostering positive use of their abilities.
Subscription to Cybersecurity Journals: A subscription to a well-regarded cybersecurity journal or magazine to keep them updated on the latest trends and techniques.
Coding Gadgets: High-tech gadgets like a Raspberry Pi or Arduino kit for creating interesting projects and improving their coding skills.
Books on Cybersecurity: Engaging books on the history of cybersecurity, famous hacks, or ethical hacking to provide inspiration and knowledge.
Of course, these gifts are intended to channel their skills in a constructive direction, encouraging positive contributions to the field of cybersecurity.”
| In the News |
- “Is your air fryer spying on you? It’s time to stop buying unnecessary ‘smart’ devices | Arwa Mahdawi | The Guardian” https://www.theguardian.com/commentisfree/2024/dec/18/is-your-air-fryer-spying-on-you-its-time-to-stop-buying-unnecessary-smart-devices
- CIS Cybersecurity Monthly | December 2024 https://learn.cisecurity.org/webmail/799323/2350668134/7152d020ea0163a3276e2a8a3496f2e2e98e8a9bd42aebad4accafb4cfdf7e05
- CISA Releases Best Practice Guidance for Mobile Communications https://www.cisa.gov/news-events/alerts/2024/12/18/cisa-releases-best-practice-guidance-mobile-communications
| City ISAC Services (Member Funded) |
We have published our services at Services Offered – EU ISAC for Cities (isac4cities.eu). Please do review and consider reaching out to include such in your activities and budgets.
| ISAC Baseline (IBAS) Project |
The special offer from I-Trust will be expiring at the end of the year. See https://isac4cities.eu/public-administration-isac-baseline for high level details of the project – let me know if you would like to receive details again? A simple email request to join is enough to secure the reduced rates.
We now have three cities from three different EU member states participating as the “launch team”, whereby the Danish project (which has been ongoing for several years) will of course be mentoring this new community as it develops.
If you are a region, you can also “sponsor” membership for your cities to create regional benchlearning groups. If you are a nation, then you can sponsor membership for your regions and cities as well of course.
Key value proposition? In the many discussions leading up to the launch, we see that the key value of participating is (a) access to a massive amount of detailed “real stories” on successful implementations across the NIS2 spectrum, and (b) significantly reduced efforts for reporting.
If needed, we can also provide administrative support for transferring existing data into the Enablor platform.
Please remember you can reach the whole group via city-isac-i4c-tlpwhite@majorcities.eu. A dedicated group for those cities signing the NDAs is available separately.
Also note our LinkedIn organisational page at https://www.linkedin.com/company/eu-city-information-sharing-and-analysis-center-isac/ and our discussion group at https://www.linkedin.com/groups/12773643/. Do follow us / join.
Join our weekly Friday morning coffee chats from 9am-10am CET – feel free to come in your pyjamas. Let me know if you are missing an invite and I will send.
Thank you for the support, your City ISAC I4C+ Team.
Cheers and ever onwards
Oliver
Innovating our Future… Together
Chair City ISAC I4C+ / Dr. Oliver Schwabe.
Email: oliver.schwabe@isac4cities.eu Mobile: +49 (0) 1709053671. Web: https://i4c.isacs.eu/ & https://www.majorcities.eu/isac-for-cities-plus/