2025/5 Weekly Update from the EU ISAC for Cities & Regions: Local language is important / External Email markings are powerful / Targeted improvements of sectors is difficult – we don´t really know who the players are / Remember what a telephone is? / Cyber is actually pretty boring…
** For Back Issues see https://isac4cities.eu/blog **
The City ISAC (I4C+) is an Information and Analysis Centre whose members are IT and cyber security decision makers exchanging knowledge to improve their cities and collective cyber resilience. I4C+ is a Special Interest Group (SIG) hosted by Major Cities Europe (MCE). Dr. Oliver Schwabe is a member of MCE and in his function Chair of the ISAC for Cities Plus (I4C+). He is the person in charge of this effort on behalf of MCE and the responsible contact person. I4C+ is recognized by the European Agency for Cybersecurity ENISA. See https://isac4cities.eu/.
| Weekly [TLP:RED] |
Please contact us directly for more information – these are summaries only and the “key” is in the actual stories shared privately. The stories are based on personal sensitive knowledge shared by peers in personal conversations under Chatham House Rules. This “stuff” may look obvious (?) – the magic lies between the lines and only becomes visible in a personal conversation.
This week´s thoughts are based on the scope of essential services your public administration subscribes to, operates, and manages, including what IT systems support their delivery.
- Weekly [TLP:RED] for Publicly Elected Officials (Repeat # 17): Make sure the line items of all purchases are checked to avoid importing IT solutions not approved by IT (i.e., web-based services).
- Weekly [TLP:RED] for Essential Services Managers (Repeat # 17): Walk the floor to make sure everyone logs out of PCs/laptops when leaving their desk. There is no digital security without physical security.
- Weekly [TLP:RED] for IT Leaders (Repeat # 17): Before purchasing licenses from a vendor, check whether there are cheaper in-country major customers of theirs that you can leverage instead.
| Summary |
Hi everyone, colleagues from Belgium, Estonia and Ireland joining this Friday morning plus two colleagues from ENISA.
First discussion topic was around some conversations we are having with the national authorities in one EU member nation who have joined the ISAC and are exploring the possibility of creating a national ISAC based on local language (like one other national ISAC we are supporting). That reminded us of the importance of local language and that it is wrong to assume that English is the lingua franca of all!
One colleague then (during the meeting) received an email from the CEO of their organisation marked as “External Email” – we bantered about the effectiveness of such markings and agree that that email must be a phishing attempt that could be deleted without opening – if it really was the CEO then they would call…. but hmmm…. that colleague does not answer calls from callers that are not in their contact list… hey ho… External markings are very powerful though for increasing cyber security and protecting our users from clicking the wrong link – a phishing button that then forwards such suspicious emails to the SOC is also helpful. After the meeting their organizational SOC sent out a warning about this being part of a mass phishing campaign with the request to immediately delete – guess deleting was the right thing to do!
Our ENISA colleagues then shared an interesting piece of work around “Identification of public administrations under NIS2”. This is of course fundamental knowledge needed to design effective ENISA recommendations and inform the decision-making process of the ECCC appropriately. The presentation is attached to the email version of this weekly update. Key concluding insights were:
- The survey reveals significant diversity in the public administration sector across Member States, shaped by their constitutional frameworks.
- Despite this diversity, three key community groups of public administrations can be identified:
- (1) national authorities overseeing the sector
- (2) ministries at the central level, and
- (3) municipalities at the local level
- Currently, the EU ISAC (ISAC4Cities) is the only existing structure that unites municipalities, specifically their CISOs. Member States can leverage this platform to build on shared characteristics and enhance collaboration.
- ENISA’s maturity and criticality assessment highlights a gap between the sector’s criticality and its cyber maturity, underscoring the need for targeted improvements.
As always – please do feel free to reach out if you would like to explore the above points more with ENISA.
We then also discussed an invitation for us to join the steering committee of a DIGITAL-ECCC-2024-DEPLOY-CYBER-07-SOCPLAT “Enlarging existing or Launching New Cross-Border SOC Platforms” proposal – if you remember we had initially panned to submit our own proposal, but then lost our lead proposer and could not find a suitable alternative. We will keep everyone posted – exciting opportunity, especially because the lead proposer is not only one of the big accounting firms, but also one of the original key players in the ISAC initiatives going back to the early 2000s when all of this sort of started in the EU.
Finally, and we did not get to discuss this, I had several interesting situations during the past few weeks where incidents were getting reported via email and teams to the SOC. “Interesting” because I always think that incidents are urgent and that I usually pick up the telephone to report them. Sort of like a recent product review I ran with a vendor and a younger colleague immediately started asking questions about a chat functionality in that product. Maybe just me, but talking to people personally / via the telephone seems to be outdated? Writing the word “telephone” also has a bit of a strange feeling… Not sure about you, but find my (grown-up) kids have a similar behaviour – they will text me from the front-door asking to be let in? Image is in fond memory…
Finally, finally, by now I think that cyber is basically boring – the main entry door for threats is email and users clicking too fast – we have the tools to prevent this happening – it is not about cyber, it is about protecting our users from making mistakes.
Cheers,
Oliver
Insights from AI
Following up on the above thoughts about a phone I asked CoPilot “what are the advantages of using the telephone compared to using email?” The AI responded:
“The telephone and email both have their unique strengths, but there are some clear advantages of using the telephone compared to email:
Immediate Response
Real-time Interaction: Telephone calls allow for immediate back-and-forth communication, which can be faster than the asynchronous nature of emails.
Clarity: Any misunderstandings or confusions can be quickly resolved through instant clarification.
Personal Connection
Tone and Emotion: You can hear the speaker’s tone, inflection, and emotions, which can convey empathy, urgency, and other subtleties that might be lost in written text.
Relationship Building: Personal conversations can help to build and strengthen relationships.
Efficiency
Decision-Making: Phone calls can facilitate quicker decision-making and brainstorming sessions without the lag time of waiting for email responses.
Complex Discussions: For complex or nuanced topics, a phone conversation can be more efficient and effective than lengthy email exchanges.
Immediate Feedback
Instant Feedback: You can get immediate reactions and responses, which is especially valuable for urgent matters or when seeking quick approvals.
Dynamic Conversations: It’s easier to adapt the conversation based on the other person’s responses.
Accessibility
Accessibility: In some situations, a phone call might be more accessible for individuals who have difficulty with written communication or do not have easy access to email.
Both telephone and email have their place, and often, a combination of both can be the most effective way to communicate depending on the situation.”
| In the News |
- No specific updates
| City ISAC Services (Member Funded) |
We have published our services at Services Offered – EU ISAC for Cities (isac4cities.eu). Please do review and consider reaching out to include such in your activities and budgets.
| ISAC Baseline (IBAS) Project |
Note that the launch event for participating cities and regions will be on 20 February. This will include basic navigation and data entry to arrive at first individual and comparative results against the benchmark data. See https://isac4cities.eu/public-administration-isac-baseline for more details on this opportunity.
The ISAC benchmark platform offers a unique opportunity for public administrations to benchmark themselves against not only regulative requirements but also other local governments around Europe. Benchmarking data from European municipalities are now available in the ISAC Baseline Program providing participants with insight into how similar organizations perform and comply with legislation. Assessing the organization’s security level gives insight data on compliance with both legislation as well as automated mappings to security frameworks such as ISO 27001-2, CIS 18 and NIST CSF. The enablor platform can be used within your own organization and is a shortcut to collaborating with similar European organizations. If you are a region, you can also “sponsor” membership for your cities to create regional benchlearning groups. If you are a nation, then you can sponsor membership for your regions and cities as well of course.
Key value proposition? In the many discussions leading up to the launch, we see that the key value of participating is (a) access to a massive amount of detailed “real stories” on successful implementations across the NIS2 spectrum, and (b) significantly reduced efforts for reporting. If needed, we can also provide administrative support for transferring existing data into the enablor platform.
Please remember you can reach the whole group via city-isac-i4c-tlpwhite@majorcities.eu. A dedicated group for those cities signing the NDAs is available separately.
Also note our LinkedIn organisational page at https://www.linkedin.com/company/eu-city-information-sharing-and-analysis-center-isac/ and our discussion group at https://www.linkedin.com/groups/12773643/. Do follow us / join.
Join our weekly Friday morning coffee chats from 9am-10am CET – feel free to come in your pyjamas. Let me know if you are missing an invite and I will send.
Thank you for the support, your City ISAC I4C+ Team.
Cheers and ever onwards
Oliver
Innovating our Future… Together
Chair City ISAC I4C+ / Dr. Oliver Schwabe.
Email: oliver.schwabe@isac4cities.eu Mobile: +49 (0) 1709053671. Web: https://i4c.isacs.eu/ & https://www.majorcities.eu/isac-for-cities-plus/