| Weekly Update from the “City ISAC I4C+” Highlights: Budget Season is here – Beware of Success / Legacy kit is pretty secure / C64 vs. Atari? / OpenVAS assessment available / Our Website now Public with draft surveys / Recruiting for EU Project “MEET” Steering Committee [TLP:WHITE] Dear all, Hi everyone and hope you are well – two cities and one region stopped by as they returned from their summer vacations. After our well-deserved breaks we realised that budget 2024 season is now upon us and that while we can probably expect to get the minimum funding to keep cyber alive, getting more funding would probably also be a problem since we do not necessarily have the resources to consume them – beware of being successful therefore! In one case, a member limits their budgets based on experienced resources available for example. Interesting snapshot below from a sculpture I stumbled across during my week off in the city of Schwerin – David carrying the head of Goliath – had me smile and remind me of our logo which tries to tell the same story in a less gruesome manner.  A long conversation then about all the old IT kit we have in operation, the challenges of maintaining / replacing it, and the innate security of old systems. That then got us into stories on our own beginnings in programming and the realisation that, yes, we have C64 AND Atari fans in our community…. the battle of philosophies continues. Although, today we have our Microsoft vs. Apple world as well of course (and Linux 😊). Accelerating retirement of colleagues familiar with the old kit is of course also driving our need to modernise infrastructure while the direction of travel remains steadfast to the large providers – if we are honest then we will admit that (politically) deciding for the large providers is safer than working with the small players #sigh…. Innovation stifled by the need to protect ourselves. Yes…. One of our colleagues has completed an assessment of OpenVAS (https://openvas.org/) which is a vulnerability scanner whose capabilities include unauthenticated and authenticated testing, various high- and low-level Internet and industrial protocols, performance optimization for large-scale scans, and a powerful internal programming language to implement any type of vulnerability testing. If you are interested in the details, please let me know and I will be happy to share and connect. |
| UPDATES In the News: The Public Center for Social Action (CPAS) in Charleroi, Belgium, was forced to close as a result of a cyber attack, see https://therecord.media/charleroi-belgium-cpas-cyberattack. Again a nice example of why having and testing a plan for “offline” service provisioning is so important. City ISAC Services (Member Funded): Please note that the survey offering is now available in draft at https://isac4cities.eu/survey, but not yet being actively diffused since we will be replacing the platform with a solution from our partners at https://i-trust.dk/. Feel free to complete it though since the questions are a powerful shopping list of critical cyber items to be aware of. Project “DAVID” (Member Funded): The draft of our website is now live at https://isac4cities.eu/. Comments appreciated and do feel free to socialise. Project “MEET” (EU Funded / Beneficiary): We are proceeding to finalise the grant agreement and are setting our sights on launching in October. One important step will be the creation of our own steering committee and expressions of interest from city / regional members are appreciated – let me know if you are interested in leveraging this opportunity for your organisation. Project “VAUBAN”: If you remember the 2023 NATO Locked Shields Exercise brought together over 3000 participants in April (see https://ccdcoe.org/news/2023/6016/). Our tabletop exercise at the MCE annual conference in October (see https://www.majorcities.eu/conferences/2023-prato/) will be a small step in a similar direction (we are attempting a face-to-face events around the bank robbery scenario) and we are reflecting on how to move to a more robust event in late 2024 – stay tuned and let us know if you might be interested in participating in the creation of that. |
Many of us now slowly returning from their well-deserved summer breaks and hope you will find a little time to keep supporting the conversations – joining Friday mornings for an informal conversation is a pleasant casual way of re-appearing 😊
Please remember you can reach the whole group via city-isac-i4c-tlpwhite@majorcities.eu. A dedicated group for those cities signing the NDAs is available separately.
Also note our LinkedIn group for Cities and Regions at https://www.linkedin.com/groups/12773643/.
Join our weekly Friday morning coffee chats from 9am-10am CET – feel free to come in your pyjamas. Let me know if you are missing an invite and I will send.
Thank you for the support, your City ISAC I4C+ Team.
Cheers and ever onwards
Oliver
Innovating our Future… Together
Chair City ISAC I4C+ / Dr. Oliver Schwabe.
Email: oliver.schwabe@isac4cities.eu Mobile: +49 (0) 1709053671. Web: https://i4c.isacs.eu/ & https://www.majorcities.eu/isac-for-cities-plus/