2025/28 Weekly Update from the EU ISAC for Cities & Regions: !NO CALL NEXT WEEK DUE TO MCE ANNUAL CONFERENCE! / ENISA THREAT LANDSCAPE 2025 published / Micro-training with MITRE? / How can we protect ourselves from our mayors? / Looking for Opportunity to conduct End-To-End Smart City Service Security Assessment

von oschwabean Veröffentlicht am

2025/28 Weekly Update from the EU ISAC for Cities & Regions: !NO CALL NEXT WEEK DUE TO MCE ANNUAL CONFERENCE! / ENISA THREAT LANDSCAPE 2025 published / Micro-training with MITRE? / How can we protect ourselves from our mayors? / Looking for Opportunity to conduct End-To-End Smart City Service Security Assessment

** For Back Issues see https://isac4cities.eu/blog **

!NO CALL NEXT WEEK DUE TO MCE ANNUAL CONFERENCE!

The City ISAC (I4C+) is an Information and Analysis Centre whose members are IT and cyber security decision makers exchanging knowledge to improve their cities and collective cyber resilience. I4C+ is a Special Interest Group (SIG) hosted by Major Cities Europe (MCE). Dr. Oliver Schwabe is a member of MCE and in his function Chair of the ISAC for Cities Plus (I4C+). He is the person in charge of this effort on behalf of MCE and the responsible contact person. I4C+ is recognized by the European Agency for Cybersecurity ENISA. See https://isac4cities.eu/.

Discussion Summary

Hi everyone, friends from Belgium, Bulgaria, Croatia, Estonia, and Italy plus our friends from ENISA joining this week for a lively conversation across a spectrum of topics.

Note that The ENISA THREAT LANDSCAPE 2025 report has been issued (see https://www.enisa.europa.eu/sites/default/files/2025-10/ENISA%20Threat%20Landscape%202025.pdf). Excellent effort and well worth a careful read. Over 40 public administrations contributed (huge thank you for our support from ENISA by the way) and a version focused on public administrations is planned for later this year.

Another topic was the plethora of Digital Europe projects we could connect to (bandwidth permitting) and especially one project that is focused on linking CTI to training blurbs like the MITRE framework. See https://attack.mitre.org/techniques/enterprise/ for a very detailed structure of knowledge that is foundational to running a more cyber secure environment. Heavily recommending everyone has a training program for their analysts where completion of the training is tracked and annual repetitions are ensured. Simple approach is to ensure that when a notification is manually assessed, the colleague first refreshes their appropriate skills through micro-training by completing the appropriate materials.

One particularly interesting topic raised by a colleague was “how to defend the city from its mayor?” Specifically, we see a lot of councils “praying to cloud” and seeing salvation there without understanding the details and that a lot of applications supporting critical services cannot be migrated to the cloud in the first place. This then leads to them being “left behind” and a growing technical debt that is by default a cyber threat. Since replacing these solutions is the only feasible approach, another colleague suggested that a robust treatment is to replace them with SaaS providers which then results in a large spectrum of third-party SaaS partners each secured differently -> a solid protection strategy in its own right and definitely ensures that tech debt gets resolved at pace.

The above approach also avoids the resource needs of on-prem solutions and a concentration of services in single data centres. You can see what can go wrong them in the following incident: https://www.theguardian.com/world/2025/sep/30/south-korea-raises-cyber-threat-level-after-huge-data-centre-fire-sparks-hacking-fears

ENISA also provides some solid orientation in this respect see https://www.enisa.europa.eu/sites/default/files/2025-06/ENISA_Technical_implementation_guidance_on_cybersecurity_risk_management_measures_version_1.0.pdf

Nothing new from Barista this week – a small hiatus as we reflect on setting up the Le Chat teams instance and the needed commercial model.

Cheers, 

Oliver

In the News
  • Major Cities of Europe, in collaboration with the City of Issy-les-Moulineaux, is pleased to announce the joint 2025 conference under the theme of “Piloting Disruptive Innovation in Cities and Regions”, which will be hosted at the UGC Congress Centre from October 9 to 10. Integrated into the Greater Paris Metropolis, Issy-les-Moulineaux is one of the most innovative cities in France and has long been recognized as a leader in digital innovation, circular economy, and environmental footprint reduction. The event is co-organized with Issy Media, the public company responsible for communication and innovation in Issy-les-Moulineaux. The conference will be conducted in English and French, with simultaneous translation available. See www.majorcities.eu for more details.
  • EU ISACs Summit, 10–11 November 2025, Athens: ENISA is pleased to announce the 2025 edition of the EU ISACs Summit, which will take place on 10 November (afternoon) – 11 November (full day) at ENISA premises in Athens. As in previous years, we plan to dedicate the first day to hearing updates and future plans, and the second day to a more interactive session or exercise. With plenty of time ahead, we would love to hear your ideas and suggestions for the agenda. Please share your input with us by 19 September.
  • The North European Cyber Days: ECSO is proud to announce a new major event designed for the European Cybersecurity Community: The North European Cyber Days, taking place on 4, 5 & 6 November 2025 at the Oslo Science Park, Norway. This high-level event will bring together key stakeholders from across cybersecurity, artificial intelligence (AI), and critical sectors to explore shared challenges, foster cross-border collaboration, and unlock new opportunities for investment, innovation, and resilience in Europe’s digital landscape.
  • INVITATION to the 2025 European TLD ISAC Conference: Our friends at TLD ISAC are delighted to invite you to their 2025 edition of the European TLD ISAC Conference, which will take place on 20 November in Brussels. Under the overarching theme “Ensuring cyber resilience amidst shifting threats and geopolitical realities”, we will hear voices from across the political, policy, technical and operational spheres. Attendees will gain insights into how European stakeholders view and deal with the challenges arising from the unpredictable geopolitical situation and why collaboration is more important than ever. In our tech-focused sessions, speaker will dive into attack simulation and response strategies, intel sharing and monitoring practices, malware detection and vulnerability management approaches. As this is an invitation-only event, we encourage you to register early to receive the latest updates. If you are interested in joining, please contact me for registration details.
  • EE-ISAC 26th Plenary: Celebrating 10 years of cybersecurity collaboration! 29 October 2025 | Brussels, Belgium. We are excited to announce that the EE-ISAC will host its 26th Plenary on October 29, 2025, in Brussels. This event will be especially significant as it marks EE-ISAC’s 10th anniversary – a full decade of empowering the European energy sector with collective cybersecurity knowledge, trusted partnerships, and strategic resilience. This is a face-to-face event and by invitation only. If you are interested in joining, please contact me for registration details.
  • Health-ISAC is hosting their annual European Summit in Rome, Italy, from October 13th to 17th. All ISACs in the EU-CI to invited to join. Each ISAC representative can attend the conference and all social activities at the rate of our member fee (200USD for September). All other costs pertaining to travel, accommodation, VISA etc. are to be borne by the participants themselves. The full agenda and details can be found here: https://web.cvent.com/event/c0d19f09-cf39-4fbd-9019-055b19bc45a3/summary.
  • Aviation-ISAC is hosting their Summit in Zurich, Switzerland, from October 14th to 17th, 2025. I would like to warmly invite all ISACs in the European Council of ISACs community to attend. Each ISAC representative is welcome to participate in the conference and all social activities. A registration rate is available and can be consulted directly on the event page. Please note that all other costs related to travel, accommodation, visa, etc., will be the responsibility of the participants. You can find the full agenda, logistics, and registration details here: https://www.a-isac.com/summit

Looking for Opportunity to conduct End-To-End Smart City Service Security Assessment

As part of some exploratory work, we are looking for an opportunity to conduct an end-to-end security assessment of an active Smart City Service. At this stage we would apply for national NCC FSTP grants via a trusted SME and in partnership with the administration. Some details below and please reach out to me if you are interested in learning more – need someone on your side that can help evaluate the service please.

The outcome would be something similar to the below template where:

1. All IT assets supporting the service are identified,

2. The security of the assets is assessed (using https://www.cisecurity.org/controls/v8-1),

3. Actions to improve the end-to-end security are identified (item and Defence in Depth level) and prioritised, and

4. the (anonymised) results / recommendations are validated with other members of our community.

The IT assets are then held in our ISAC MISP and threat intelligence for these assets monitored / managed there. Data security provided via permissions management and an MoU would of course also be needed.

In a further stage we could look at how to leverage AI to help in identifying actionable items / manage these to closure.

We would then also look to map the results into control frameworks that you use locally/regionally/nationally, and of course NIS2/CIS18 etc.

We aspire to use the experience to build a robust pilot and, if benefits are visible, to identify local/regional/national/EU funding sources to grow.

The benefit for participants is (a) the additional resources we provide (b) improving the security of Smart City projects, and (c) the opportunity to learn how others are tackling specific IT asset (and end-to-end) security.

ISAC Services (Member Funded)

We have published our services at Services Offered – EU ISAC for Cities (isac4cities.eu). Please do review and consider reaching out to include such in your activities and budgets.

Note that emerging new services are related to managing the MISP platform (and onboarding) plus Barista.

 

Please remember you can reach the whole group via city-isac-i4c-tlpwhite@majorcities.eu. A dedicated group for those cities signing the NDAs is available separately.

Also note our LinkedIn organisational page at https://www.linkedin.com/company/eu-city-information-sharing-and-analysis-center-isac/ and our discussion group at https://www.linkedin.com/groups/12773643/.  Do follow us / join.

Join our weekly Friday morning coffee chats from 9am-10am CET – feel free to come in your pyjamas. Let me know if you are missing an invite and I will send.

Thank you for the support, your City ISAC I4C+ Team.

Cheers and ever onwards

Oliver

Innovating our Future… Together

Chair City ISAC I4C+ / Dr. Oliver Schwabe.

Email: oliver.schwabe@isac4cities.eu Mobile: +49 (0) 1709053671. Web: https://i4c.isacs.eu/ & https://www.majorcities.eu/isac-for-cities-plus/  

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert