Webinar on “Accelerating NIS2 Compliance with Benchmarking and AI Support” 15:00-16:30 CET – Monday, 3rd June 2024

Webinar on “Accelerating NIS2 Compliance with Benchmarking and AI Support”

15:00-16:30 CET – Monday, 3rd June 2024

Register HERE

Language of the webinar: English

This webinar is organised by the EU City ISAC I4C+ and Major Cities Europe in association with the Danish cyber benchmarking company i-Trust, the US based Public Technology Institute and the ECSO Cyber Resilient Regions Community.

The webinar focuses on helping local and regional public administrations to accelerate their journey to NIS2 compliance with the help of generally available AI solutions such as Microsoft Co-Pilot in combination with expert assessment questions that also allow for benchmarking across local and regional public administrations across the European Union.

The webinar will be an open debate building on a presentation of the Enablor benchmarking platform from i-Trust and how it is used in practice by a public administration on its path to NIS2 compliance, a demonstration of how Microsoft Co-Pilot can be used to effectively explore the assessment questions and an open panel discussion with the presenters and the audience.

The webinar will help public administrations master the growing challenge of achieving NIS2 compliance through benchmarking, simple AI, and peer-to-peer knowledge sharing.

The webinar is intended to inform publicly elected officials, essential service, and IT managers.

For questions, please contact the seminar organiser:

Chair City ISAC I4C+ / Dr. Oliver Schwabe.

Email: oliver.schwabe@isac4cities.eu Mobile: +49 (0) 1709053671. Web: https://isac4cities.eu/  & https://www.majorcities.eu/isac-for-cities-plus/

Programme

15:00 – 15:05 Welcoming remarks by the EU City ISAC I4C+

15:05 – 15:15 Enablor Platform Presentation (Klaus Kristensen / Kristian Asmussen – i-trust)

15:15 – 15:20 Q&A

15:20 – 15:30 The Enablor experience of the Municipality of Aabenraa, Region of Southern Denmark, Denmark (Thomas Majholt – Aabenraa)

15:30 – 15:35 Q&A

15:35 – 15:45 Using AI to accelerate NIS2 Compliance (Dr. Alan Shark – Public Technology Institute. Author of “AI – A Primer for State and Local Governments”)

15:45 – 15:50 Q&A

15:50 – 16:20 Panel discussion moderated by Dr. Oliver Schwabe (EU City ISAC I4C+)

16:20 – 16:30 Conclusions and next steps

 In preparation for the webinar participants are encouraged to think about the following questions:

1. The number of hacker attacks is steadily increasing in municipalities – have you also noticed a rise in cyberattacks on your administration? (Yes/No)
2. Have there been any “successful” attacks in the past 18 months? (Yes/No)
3. Can you quantify the financial damage incurred because of the attack? (Yes/No)
4. Do you have a list of essential services your public administration subscribes to, operates, and manages, including what IT systems support their delivery? (Yes/Partially/No)
5. Do you know which of your essential services manage GDPR relevant data and how robust their security controls are? (Yes/Partially/No)
6. Does your administration have a formal emergency plan in place for such situations? (Yes/Partially/No)
7. Is information about cyber security incidents and risks shared with all members of your organization? (Yes/Partially/No)
8. Do you have an information security policy? (Yes/Partially/No) When was it last updated? (Date)
9. Do you have a general information security awareness program? (Yes/Partially/No)
10. Does the organization have a process for assigning user rights to IT software supporting services? (Yes/Partially/No)
11. How would you assess the priority and awareness of cybersecurity within your administration? (High/Medium/Low)
12. Is there a risk register for your organization (Yes/No), and where does your administration’s cyber risk rank in it? (i.e., first place).
13. Have you set a risk appetite for your cyber risk? (Yes/Partially/No)
14. Cyberattacks pose not only data protection issues but also financial ones. After an attack, it may be necessary to replace all affected hardware, for example. Has your administration taken precautions to secure the financial consequences of a successful cyberattack, such as through insurance? (Yes/Partially/No)
15. In the event of a hacker attack on your administration’s systems, is there a crisis management team / major incident response plan (Yes/Partially/No), and who is part of this team?
16. Does your administration have an emergency plan that outlines immediate measures, responsibilities, and communication channels? (Yes/Partially/No)
17. Do you benchmark your cyber security nationally and / or internationally? (Yes/Partially/No)
18. In a national and international comparison, can you assess the risk of cyberattacks to your organization, and what conclusions do you draw from this?
19. From your perspective, what should municipalities do to enhance their digital protection?
20. Where do you see the role of politics in this context?

The ISAC for Cities (I4C+) is an Information and Analysis Centre whose members are IT and cyber security decision makers exchanging knowledge to improve their cities and collective cyber resilience. I4C+ is a special interest group hosted by Major Cities Europe (MCE). Dr. Oliver Schwabe is a member of MCE and in his function Chair of the ISAC for Cities Plus (I4C+). He is the person in charge of this effort on behalf of MCE and the responsible contact person. I4C+ is recognized by the European Agency for Cybersecurity ENISA. See https://isac4cities.eu/.

Major Cities of Europe IT Users Group e.V. (MCE) is a non-profit association of European Cities and Regions. MCE is committed to the innovation of the local public administration by leveraging modern ICT technologies. The MCE objective is sharing international experiences, projects, strategies, and solutions while developing skills and improving the efficiency and the effectiveness of Local Governments. The purpose of the Association is the promotion of good practices in the utilization of information and communication technology (ICT) (otherwise known as digital technologies) in all areas of responsibility of public administrations in the European environment, especially in local and regional administrations. The Association thus aims to increase the specific value for citizens, the economy and public sector employees. MCE is registered at the court of the State of Bremen. See https://www.majorcities.eu/.

I-Trust is an official CIS Controls Supporter and provides a wide range of best practice recommendations for Cyber Security. Enablor is a community solution based on experiences from more than 1,500 local administrations where the platform is used to strengthen (cyber) security along with the increasing digitalisation of organisations. Community in this context means that content is targeted to the sector, that benchmarking and sharing experiences helps organisations to work with security requirements in a targeted way. Perhaps most importantly, the system solves a lot of the resource-intensive tasks so that organisations can work purposefully – convenience is a key word. See https://i-trust.dk/en/.

Fusion Learning Partners is a company actively supporting local government technology leaders and their teams through research & content, professional development, consulting services, learning and networking events, membership, workforce connections and recognition programs. See https://fusionlp.org/public-technology-institute/.  

The ECSO Cyber Resilient Regions Community (CRR) initiative aims to build a European community of Local and Regional Authority’s (LRAs) that have a desire to increase their digital resilience. It will engage LRA’s Chief Information Security Officers (CISOs) and related roles, and IT or security specialists that have cybersecurity responsibilities into a community that aims to increase LRAs cybersecurity resilience. Surveys, events, chats with experts and peers are among the activities promoted within the CRR initiative. See https://ecs-org.eu/.