| Weekly Update from the “City ISAC I4C+” Highlights: Face-to-Face ISAC Friday Coffee Round in Prato? / Sell your data centre to create change urgency / Defence-on-Depth security frameworks need diverse overlapping products / DDOS Tabletop Exercise emerging [TLP:WHITE] Hi everyone and hope you are well – four cities and two regions stopped by on Friday morning, first wondering who all is coming to the MCE conference end of October (https://www.majorcities.eu/conferences/2023-prato/) and learning that most registrations actually only come close to the event. Do make a point of joining us if you can – on the afternoon of the second day we have our tabletop exercise and there will be room for many other discussions – maybe we can organise an ad-hoc face-to-face coffee meet on the Friday morning as well? One city struggling with a major re-organisation that is leading to many IT professionals leaving. Replacing them is of course challenging and one member thought that this is also one of the benefits of moving more and more services to major cloud service providers – consequently shifting legacy solutions there as well to reduce dependency on the more experienced IT staff. Of course, it does not solve all problems, but it is a contribution to building more resilient organisations. Along with this it can also help to change our own behaviour to accept that outsourcing at least gives us contractual security (although we know that the service providers by far do not deliver what they promise on paper). IT leaders are more and more becoming managers / leaders of external supply chains which is a very different game than running on-prem services. We did agree that all of this needs a sense of urgency that we need to create as well – one member shared that their organisation had sold the buildings housing their mainframe and that the new owner was planning to demolish it in 12 months…. There is a way of creating urgency! We then discussed security frameworks and reminded ourselves of the below structure we have recommended as an ISAC to our members. The important thing here is not only having “a” solution for each segment, but also ensuring that these products are focused on that segment, and through additional services diffuse their protective capability to create an overlapping armour. If we focus on products focused on segments, we then also create a portfolio of providers that is more robust than depending only on one.  Overall, of course we not only need the tools, but also the resources to monitor some percentage of notifications. Most notifications are of course always false, but there is always at least 5%-10% someone needs to look at, and the same amount of those that need actual remediation action. Note that we also now have a company page on LinkedIn (see https://www.linkedin.com/company/eu-city-information-sharing-and-analysis-center-isac/) – do follow us! |
| UPDATES In the News: The UK Government has released it 2023 National Risk Register – Cyber is way up there. Also see some good free online staff training on phishing training at http://cyberaware.phishmetraining.co.uk/September-phishing-game/0cc8df/ea08d4f3-f02c-4bee-8078-7db8212be56f/?test=1 City ISAC Services (Member Funded): With our partners at https://i-trust.dk/ we are updating the survey framework to align to CIS Critical Security Controls Version 8 (see https://learn.cisecurity.org/cis-ram-2-download). We should be ready to pilot in 2-3 weeks. Project “DAVID” (Member Funded): No updates. Project “MEET” (EU Funded / Beneficiary): No updates. Project “VAUBAN”: Encouraged by our virtual bank robbery tabletop one member has created a version based on a DDOS attach on a city and run it with great success. Now working to see if we can repeat that internal exercise as our 2024 virtual tabletop (sometime February/March). |
Please remember you can reach the whole group via city-isac-i4c-tlpwhite@majorcities.eu. A dedicated group for those cities signing the NDAs is available separately.
Also note our LinkedIn organisational page at https://www.linkedin.com/company/eu-city-information-sharing-and-analysis-center-isac/ and our discussion group at https://www.linkedin.com/groups/12773643/.
Join our weekly Friday morning coffee chats from 9am-10am CET – feel free to come in your pyjamas. Let me know if you are missing an invite and I will send.
Thank you for the support, your City ISAC I4C+ Team.
Cheers and ever onwards
Oliver
Innovating our Future… Together
Chair City ISAC I4C+ / Dr. Oliver Schwabe.
Email: oliver.schwabe@isac4cities.eu Mobile: +49 (0) 1709053671. Web: https://i4c.isacs.eu/ & https://www.majorcities.eu/isac-for-cities-plus/