2023/42 Weekly Update from the “City ISAC I4C+” Highlights: [TLP:RED] Guidance – Trust your Left-Overs / Book your own Tabletop / We are a place to have meaningful conversations / IT is now absolutely in control / Men in Ladies Clothes are the best Bank Robbers…
[TLP:WHITE]
** For Back Issues see https://isac4cities.eu/blog **
Weekly [TLP:RED] – Please contact us directly for more information – these are summaries only and the “key” is in the actual stories shared privately. The stories are based on personal sensitive knowledge shared by peers in personal conversations under Chatham House Rules. This “stuff” may look obvious (?) – the magic lies between the lines and only becomes visible in a personal conversation.
- Weekly [TLP:RED] for Publicly Elected Officials: Expect it to take about 7 signatures to get something approved – 5 of those are “followers” – the other 2 are not always obvious. Ask a middle-manager with at least 30-year experience in the organisation (“Left-Overs”) to help you find them BEFORE starting.
- Weekly [TLP:RED] for Essential Services Managers: Elected officials are not professional managers and some of their decisions cannot be implemented. It is sometimes ok to let them fade away gracefully into forgetfulness.
- Weekly [TLP:RED] for IT Leaders: Tenders should never contain requirements that the preferred solution provider does not explicitly call-out in their specifications.
Summary
Hi everyone and hope you are well – as you know the annual conference of Major Cities Europe was held this week and activities therefore have more personal face-to-face conversations than usual and a lot less progress on the other projects we are running. Events like these are like continuous “caffe corretto” for three days, although (unfortunately?) the grappa turned out to be rather elusive… Speaking with some partners at the event we reflected that while three days is rather long, the time is needed to build the rapport needed among participation to have powerful conversations. If I remember correctly there was a suggestion to perhaps condense the event to a 24-hour marathon (sort of like Le Mans) – worth investigating ? 
Summarizing three days like this is a major challenge for me – it seems like standing in front of a Starbucks counter and not being firm enough ordering a simple small cappuccino without anything else… the person on the other side of the counter immediately senses my indecisiveness and launches a barrage of unsettling questions about options, I break out in sweat and start stammering, losing control of the conversation I probably walk out with a Venti Pumpkin Spice Frappuccino with oat milk, extra whipped cream, and extra Pumpkin Spice Topping. I am not a fan of pumpkin taste by the way… Anyway, I am sure there will be many more insights over the next weeks, and for this update I will focus on what was most memorable from a City ISAC perspective.
- “Awareness” was a key theme of discussions and presentations during the conference. In an increasingly VUCA world, SHARED awareness of a wide and diverse set of stakeholders is indeed a critical step on the way to developing and sustainably implanting any type of solution. Share awareness is created in places that are spaces for meaningful conversations – just like our ISAC.
- Another major discussion topic was the emerging role of AI in public administrations – something more events / discussions will focus on, and opinions varied from it being just another hype to colleagues suggesting we need to “partner” with AI. I guess the truth lies somewhere in-between. A lot of sensemaking ahead and the exam question seems to be around the role AI might play in policy making – my worry is that AI is data-based and will therefore by default only draw conclusions based on that? Not handled carefully, we might indeed end up accelerating the fragmentation of our social structures since the data contribution of different social groups varies significantly. Caveat emptor as usual.
- Digitisation of public administration services continues to accelerate everywhere, and we discussed whether this was a fairy tale or a horror story from an IT / cyber perspective? IT seems to now be in “full control” of local administration services…. Ouch…. In many local administrations this may also be leading to an abdication of such responsibility by the department heads and mayors – NOT what we need.
- The Tabletop exercise was a face-to-face repeat of our virtual bank robbery earlier this year. The Red Team was able to get some money out of the bank in a rather innovative way – one male team member ended up shoving money through the small slot in the teller window while dressed in the uniform of a female bank guard… the security team was three minutes away from the bank and we decided to step back and debrief at that stage. Red and Blue Teams each had about 10 members, and we had a lot of laughs while drawing some powerful analogies to cyber as the basis for better explaining its importance to elected officials and department heads who are (by default) not IT/cyber geeks. Videos of the event will be edited / consolidated and shared as soon as possible. We are now looking for a new format for next year – all ideas welcome.
More as I digest my Venti Pumpkin Spice Frappuccino – please do check out the updates below.
Cheers
Oliver
UPDATES
In the News: The Province of Perugia – an Italian city, capital of the Umbria region – stated they suffered an encryption event on their servers. The public administration indicated that they are already working with experts to evaluate the incident. They also specified that their provincial offices are all working as usual. See the OSINT report shared earlier this week and “of course” Perugia was able to avoid any services being stopped from working!
City ISAC Services (Member Funded): One of our members shared an evaluation of vulnerability management solution “Nessus” which consists of nessusd, the daemon, which carries out the scanning, and nessus, the client, which provides the user with the results of the scan, through the scan and the enabling of plugins specifically configurable depending on the type of host and vulnerabilities that will be analysed, detects existing vulnerabilities suggesting possible solutions through easy-to-analyse reports in various formats (Html, PDF, etc. etc). See https://www.tenable.com/. If you would like to learn more about the evaluation results and how to use the solution please let me know.
Project “DAVID” (Member Funded): While general research continues, one of our members was faced by the need to shortlist potential solution providers for a “Defence in Depth” tender within a day or so. Unfortunately, and probably they are the only ones who suffer from this, they had nothing prepared, so that we were able to provide the ongoing results of our member research of this plus an ISAC recommendation immediately and that solved their challenge ( and saved some money/resources etc). If you have not participated in the “Defence in Depth” survey yet, please let me know.
Project “MEET” (EU Funded / Beneficiary): No updates.
Project “VAUBAN”: Note that we have been invited to hold a face-to-face VAUBAN in Larissa format at the annual meeting of a German regional government association. Additionally, it looks like we are being booked to run a tabletop (format to be determined) with a German national association of IT infrastructure providers for public administrations. If you are also interested in including an insightful and entertaining tabletop at one of your events, please let me know.
Project “Regions4Cyber”: No updates
Please remember you can reach the whole group via city-isac-i4c-tlpwhite@majorcities.eu. A dedicated group for those cities signing the NDAs is available separately.
Also note our LinkedIn organisational page at https://www.linkedin.com/company/eu-city-information-sharing-and-analysis-center-isac/ and our discussion group at https://www.linkedin.com/groups/12773643/. Do follow us / join.
Join our weekly Friday morning coffee chats from 9am-10am CET – feel free to come in your pyjamas. Let me know if you are missing an invite and I will send.
Thank you for the support, your City ISAC I4C+ Team.
Cheers and ever onwards
Oliver
Innovating our Future… Together
Chair City ISAC I4C+ / Dr. Oliver Schwabe.
Email: oliver.schwabe@isac4cities.eu Mobile: +49 (0) 1709053671. Web: https://i4c.isacs.eu/ & https://www.majorcities.eu/isac-for-cities-plus/