2025/29 Weekly Update from the EU ISAC for Cities & Regions: Do your “free” cyber solutions share your data with paid subscribers? / NCSC has published its Annual Review 2025 / Comments submitted on ENISA Threat Landscape for Public Administration
** For Back Issues see https://isac4cities.eu/blog **
The City ISAC (I4C+) is an Information and Analysis Centre whose members are IT and cyber security decision makers exchanging knowledge to improve their cities and collective cyber resilience. I4C+ is a Special Interest Group (SIG) hosted by Major Cities Europe (MCE). Dr. Oliver Schwabe is a member of MCE and in his function Chair of the ISAC for Cities Plus (I4C+). He is the person in charge of this effort on behalf of MCE and the responsible contact person. I4C+ is recognized by the European Agency for Cybersecurity ENISA. See https://isac4cities.eu/.
Discussion Summary
Hi everyone, friends from Belgium, Estonia, and Italy joining this week for a lively conversation across a spectrum of topics.
We started off discussing the security issues that we encountered when trying to return a PDF file to our ENISA colleagues. That then lead to a discussion around “Paid subscribes to virustotal can download files uploaded by others. If you consider this still safe for your users depends on what you consider safe.” (https://security.stackexchange.com/questions/167744/is-it-safe-to-upload-scan-personal-files-on-virustotal#:~:text=Paid%20subscribes%20to%20virustotal%20can,hash%20is%20known%20to%20VT)- This should not be of surprise to anyone on this distribution list, however it may be for more casual users of any “free” services – you typically pay with your data. Play with your preferred GPT solution (I prefer Le Chat enterprise AI assistant | Mistral AI) and ask it about your vendors – for VirusTotal it replied
“Yes, VirusTotal does share data uploaded by free users with paid subscribers and partners. When you upload a file to VirusTotal, it is stored and made available to security companies, researchers, and paid subscribers. Specifically:
- Files uploaded by free users can be accessed and downloaded by paid subscribers, who are typically security professionals or organizations using VirusTotal’s premium services.
- VirusTotal’s terms and privacy policy state that uploaded files, URLs, and other content may be included in premium private services offered to the anti-malware and ICT security industry.
- This means that if you upload a file, it is not kept private—it is shared with VirusTotal’s partners and paying customers for threat detection and research purposesreddit.com+3.
If privacy is a concern, it is recommended to only upload files that do not contain sensitive or personal information, or to use alternative methods (such as submitting only file hashes) when possible. “
The Major Cities Europe conference went well and look out for an update email I will forward as soon as that is ready from MCE. Unfortunately, I could not attend due to an injury, but things appear to have gone well and I am definitely healing quickly! What was interesting in the cyber session was that while most of the audience were not familiar with NIS2, eIDAS was relatively well known.
We also discussed the apparently massive fragmentation in security activities – so many companies working on similar questions in isolation (i.e. use of AI to anonymise SOC/SIEM data shared with collaborative MISPs). There seems to be quite a lack of coordinating / information exchange platforms in this space and seems a pity since many are funded through public budgets – we could save so much money it seems if colleagues decided to re-use versus re-inventing the wheel all the time.
NCSC has published its Annual Review 2025 at https://www.ncsc.gov.uk/collection/ncsc-annual-review-2025. Some excellent materials (although perhaps a long read).
Note that ENISA has asked us to comment on the draft ENISA Threat Landscape for Public Administration. I have shared the request with those of you actively participating in our activities. Another great opportunity to make a difference!
Cheers,
Oliver
| In the News |
- EU ISACs Summit, 10–11 November 2025, Athens: ENISA is pleased to announce the 2025 edition of the EU ISACs Summit, which will take place on 10 November (afternoon) – 11 November (full day) at ENISA premises in Athens. As in previous years, we plan to dedicate the first day to hearing updates and future plans, and the second day to a more interactive session or exercise. With plenty of time ahead, we would love to hear your ideas and suggestions for the agenda. Please share your input with us by 19 September.
- The North European Cyber Days: ECSO is proud to announce a new major event designed for the European Cybersecurity Community: The North European Cyber Days, taking place on 4, 5 & 6 November 2025 at the Oslo Science Park, Norway. This high-level event will bring together key stakeholders from across cybersecurity, artificial intelligence (AI), and critical sectors to explore shared challenges, foster cross-border collaboration, and unlock new opportunities for investment, innovation, and resilience in Europe’s digital landscape.
- INVITATION to the 2025 European TLD ISAC Conference: Our friends at TLD ISAC are delighted to invite you to their 2025 edition of the European TLD ISAC Conference, which will take place on 20 November in Brussels. Under the overarching theme “Ensuring cyber resilience amidst shifting threats and geopolitical realities”, we will hear voices from across the political, policy, technical and operational spheres. Attendees will gain insights into how European stakeholders view and deal with the challenges arising from the unpredictable geopolitical situation and why collaboration is more important than ever. In our tech-focused sessions, speaker will dive into attack simulation and response strategies, intel sharing and monitoring practices, malware detection and vulnerability management approaches. As this is an invitation-only event, we encourage you to register early to receive the latest updates. If you are interested in joining, please contact me for registration details.
- EE-ISAC 26th Plenary: Celebrating 10 years of cybersecurity collaboration! 29 October 2025 | Brussels, Belgium. We are excited to announce that the EE-ISAC will host its 26th Plenary on October 29, 2025, in Brussels. This event will be especially significant as it marks EE-ISAC’s 10th anniversary – a full decade of empowering the European energy sector with collective cybersecurity knowledge, trusted partnerships, and strategic resilience. This is a face-to-face event and by invitation only. If you are interested in joining, please contact me for registration details.
| ISAC Services (Member Funded) |
We have published our services at Services Offered – EU ISAC for Cities (isac4cities.eu). Please do review and consider reaching out to include such in your activities and budgets.
Note that emerging new services are related to managing the MISP platform (and onboarding) plus Barista.
Please remember you can reach the whole group via city-isac-i4c-tlpwhite@majorcities.eu. A dedicated group for those cities signing the NDAs is available separately.
Also note our LinkedIn organisational page at https://www.linkedin.com/company/eu-city-information-sharing-and-analysis-center-isac/ and our discussion group at https://www.linkedin.com/groups/12773643/. Do follow us / join.
Join our weekly Friday morning coffee chats from 9am-10am CET – feel free to come in your pyjamas. Let me know if you are missing an invite and I will send.
Thank you for the support, your City ISAC I4C+ Team.
Cheers and ever onwards
Oliver
Innovating our Future… Together
Chair City ISAC I4C+ / Dr. Oliver Schwabe.
Email: oliver.schwabe@isac4cities.eu Mobile: +49 (0) 1709053671. Web: https://i4c.isacs.eu/ & https://www.majorcities.eu/isac-for-cities-plus/