SlideShare ist ein Scribd-Unternehmen logo

Coordination of Threat Analysis in ICT Ecosystems

ITU
ITU

This presentation discussed Coordination of Threat Analysis in ICT Ecosystems. The presentation was given at ITU Workshop on 5G Security in Geneva, Switzerland, on 19 March 2018. Find more information about this workshop here: https://www.itu.int/en/ITU-T/Workshops-and-Seminars/20180319/Pages/programme.aspx

Technologie
1 von 21
Downloaden Sie, um offline zu lesen
Coordination of Threat Analysis in ICT Ecosystems Antonio Kung, CTO Trialog 25 rue du Général Foy, 75008 Paris, France www.trialog.com ITU workshop on 5G security19 March 2018 1
Speaker: Antonio Kung  Engineering background  Chair of citizen approach to data initiative  EIP-SCC: European Innovation Platform on Smart Cities and Communities  Data protection / Privacy standards wiki for Ipen  Ipen.trialog.com  ITU-T  SG17 – Cybersecurity framework for intelligent transport system  FG-DPM – Security and privacy framework  ISO/IEC  Projects – 27550 Privacy engineering – 27030 Security and privacy guidelines for the IoT – 27570 Privacy guidelines for smart cities – 20547-4 Big data Security and privacy  Study periods – Big data security and privacy processes – Big data implementation security – Framework privacy preference management (Joint ITU-ISO) ITU workshop on 5G security19 March 2018 2
Ecosystems are complex ITU workshop on 5G security19 March 2018 Security Privacy SafetySmart grid Transport Health Smart Cities Big data IoT Ecosystems Domains Concerns 3
Ecosystem Security and Data Protection Concerns ITU workshop on 5G security19 March 2018 4 Stakeholder Legal Compliance Concern Management Concern System Lifecycle Concern Demand side Policy maker Compliance Check / Follow standards Transparency Operator Regulation for security Regulation for privacy Security and data protection risk analysis Agreement with other operators Security-by-design Privacy-by-Design Supply side Supplier Operators Requirements
Ecosystem Cybersecurity: What we Need ITU workshop on 5G security19 March 2018 5 Ecosystem Stakeholders Ecosystem Assets Ecosystem Cybersecurity capabilities Provide to protect Ecosystem Policy makers Verify/Certify (or Direct – Control – Evaluate)
Ecosystem Cybersecurity: What we Have ITU workshop on 5G security19 March 2018 6 Ecosystem Stakeholder 1 Ecosystem Stakeholder 2 Ecosystem Stakeholder 2 Ecosystem Stakeholder 2 Asset 1 Asset 2 Asset 3 Asset 4 Cybersecurity capability 1 Cybersecurity capability 2 Cybersecurity capability 3 Cybersecurity capability 4 Provides to protect Provides to protect Provides to protect Provides to protect Ecosystem Policy makers Verify/Certify
Example of Ecosystem: AutoMat http://www.automat-project.eu ITU workshop on 5G security19 March 2018 7
Example of Ecosystem: AutoMat ITU workshop on 5G security  Four types of stakeholders 19 March 2018 8 Storage provider Automotive manufacturer Marketplace Service provider
Ecosystem Design ITU workshop on 5G security  Personal data ecosystem  Interoperability  Common description – CVIM (Common vehicle information model) 19 March 2018 9 Storage manager Automotive manufacturer 1 Vehicle A data capturing CVIM Vehicle B data capturing Automotive manufacturer 2 Vehicle C data capturing CVIM Vehicle A owner data vault Vehicle B owner data vault Vehicle C owner data vault
Ecosystem Risk Analysis ITU workshop on 5G security  Risk analysis includes  security risk analysis (e.g. ISO/IEC 27005)  privacy impact analysis (e.g. ISO/IEC 29134) 19 March 2018 10 Storage Provider Risk analysis Automotive manufacturer Risk analysis Marketplace Risk analysis Service provider Risk analysis Ecosystem Risk analysis
Ecosystem Interoperability ITU workshop on 5G security  Interoperability includes  Functional interoperability  Cybersecurity interoperability 19 March 2018 11 Marketplace 2Marketplace 1 Service provider Service provider 2Service provider 1 Marketplace Storage provider 2Storage provider 1 Marketplace Marketplace 1Marketplace 1 Storage provider Automotive manufacturer 2 Automotive manufacturer 1 Storage provider Storage provider 2Storage provider 1 Automotive manufacturer
Different Types of Interoperability ITU workshop on 5G security19 March 2018 12 Different descriptionDifferent description Service Provider Market place2 Capability Market place1 Capability No interoperability Common descriptionCommon description Service Provider Market place2 Same capability Market place1 Same capability Interoperability of capabilities Common descriptionCommon description Service Provider Market place2 Different capability Market place1 Different capability Interoperability of descriptions
Need for Consistent Individual Cybersecurity Framework ITU workshop on 5G security19 March 2018 13 Service provider Cybersecurity framework • Capabilities • Agreement • Risks - Incidents - Consequences • Measures MarketplaceService provider Marketplace Cybersecurity framework • Capabilities • Agreement • Risks - Incidents - Consequences • Measures
Cybersecurity Capabilities ITU workshop on 5G securitySlide 14 Secure processing Protect data processing Transparency information Provide information how data processing is protected Data controller responsibility Verifies whether service provider has data controller responsibility 19 March 2018 Marketplace capability Service provider capability Secure processing Protect data pipeline and processing Owner consent Capability for vehicle owner to provide consent on personal data processing Consent revocation Capability for vehicle owner to withdraw from data pipeline Transparency information Capability to provide information on data processing chain Secure connection to service providers Capability to provide data to service provider securely Secure connection to storage providers Capability to retrieve data from storage manager securely Data processor responsibility Verifies whether marketplace has data processor responsibility
Agreement Cybersecurity Capabilities ITU workshop on 5G security1519 March 2018 Providing evidence of capability provide evidence of cybersecurity compliance to marketplace Getting evidence of capability obtain evidence of marketplace cybersecurity compliance Marketplace agreement Service provider agreement Providing evidence of capability provide evidence of cybersecurity compliance to service provider Getting evidence of capability obtain evidence of service provider cybersecurity compliance
Threats ITU workshop on 5G security16 STRIDE threat categories Spoofing Spoofing marketplace Tampering Integrity and completeness of data obtained from marketplace Information disclosure Eavesdropping data during communication Eavesdropping metadata (e.g. log of interactions with marketplace) Incorrect management of data processing chain leading to leaks (e.g. incorrect deletion) Denial Of Service Massive access to marketplace LINDDUN threat categories Linkability Anonymisation not carried out correctly Attempt from external parties to re-identify vehicle owner by using other datasets New linkability threat not taken into account 19 March 2018 Marketplace Threats Service provider Threats STRIDE threat categories Spoofing Spoofing storage provider Spoofing service provider Tampering Integrity and completeness of data provided to service provider Repudiation Service provider repudiation Information disclosure Eavesdropping data during communication Eavesdropping metadata (e.g. log of interactions with storage provider and with service provider) Incorrect management of data pipeline leading to leaks (e.g. incorrect deletion) Denial Of Service Massive access to marketplace by faked service providers Elevation of privilege Incorrect management of vehicle owner privacy rules (expressed in obtained metadata) LINDDUN threat categories Linkability Anonymisation not carried out correctly New linkability threat not taken into account [
Incidents ITU workshop on 5G security17 Incident Description Severity Massive personal data breach Public report of potential massive personal data leak because of improper operation at service provider level Maximum Massive denial of service Service provider can no longer operate. Significant 19 March 2018 Marketplace Incidents Service provider Incidents Incident Description Severity Case of personal data breach Public reporting that personal data vault has been accessed or that it has been processed against consent or privacy rules Significant Massive business data leak. Public report of potential massive business data leak because of improper operation at marketplace level Maximum Massive personal data breach Public report of potential massive personal data leak because of improper operation at marketplace level. Maximum Massive denial of service Marketplace can no longer operate. Significant
Measures ITU workshop on 5G securitySlide 18 ISO 27001 Categories of controls Control Information security policies Management direction. Data management policies Human resource security During employment Internal cybersecurity preparedness External cybersecurity preparedness Access control System and application access control Secure access to marketplace provider Cryptography Cryptographic controls Anonymisation of data sets Operation security Operational procedures and responsibilities Operation procedures for data processing Logging and monitoring Logging capabilities Control of operational software Operation procedures for transparency. Technical vulnerability management Plausibility check Communication security Information transfer Secure transmission of data System acquisition, development and maintenance Security in development and support processes Secure data processing capabilities Cybersecurity monitoring capabilities Information security incident management Management of information security incidents and improvements Alerting data processing chain Information security aspects of business continuity management Information security continuity Assurance of service provider cybersecurity capabilities Periodic review of service provider cybersecurity capabilities Compliance Compliance with legal and contractual requirements GDPR and cybersecurity compliance verification Information security reviews Periodic review of interoperability 19 March 2018 ISO 27001 Categories of controls Control Information security policies Management direction. Data management policies Human resource security During employment Internal cybersecurity preparedness External cybersecurity preparedness Access control Business requirements for access control Requirements for service provider access System and application access control Secure access from service provider Secure access to cloud storage provider Cryptography Cryptographic controls Confidentiality of personal data vaults Anonymisation of data sets Operation security Operational procedures and responsibilities Operation procedures for data search and processing Logging and monitoring Logging capabilities Control of operational software Operation procedures for transparency. Communication security Information transfer Secure transmission of data System acquisition, development and maintenance Security in development and support processes Secure data pipeline capabilities Cybersecurity monitoring capabilities Information security incident management Management of information security incidents and improvements Alerting data processing chain Information security aspects of business continuity management Information security continuity Assurance of cloud storage manager cybersecurity capabilities Periodic review of cloud storage manager cybersecurity capabilities Compliance Compliance with legal and contractual requirements GDPR and cybersecurity compliance verification Information security reviews Periodic review of interoperability Marketplace MeasuresService provider measures
Conclusions ITU workshop on 5G security  Need for ecosystem design viewpoint  Need for ecosystem risk analysis  Need for interoperability of cybersecurity capabilities  Need for Coordination of cybersecurity capabilities between different stakeholders of an ecosystem  Ecosystem vision must be better explained at standardisation level 19 March 2018 19
Example of 5G Ecosystem ITU workshop on 5G security19 March 2018 20 5G Mobile operator IoT Device operator Mobile platform operator Service provider
Questions? www.trialog.com ITU workshop on 5G security19 March 2018 21

Empfohlen

Global Virtual Mobile Network for Car manufacturers
Global Virtual Mobile Network for Car manufacturersGlobal Virtual Mobile Network for Car manufacturers
Global Virtual Mobile Network for Car manufacturersITU
 
5G for Connected and Automated Driving
5G for Connected and Automated Driving5G for Connected and Automated Driving
5G for Connected and Automated DrivingITU
 
Connected Cars & 5G
Connected Cars & 5GConnected Cars & 5G
Connected Cars & 5GITU
 
Learning from the past: Systematization for Attacks and Countermeasures on Mo...
Learning from the past: Systematization for Attacks and Countermeasures on Mo...Learning from the past: Systematization for Attacks and Countermeasures on Mo...
Learning from the past: Systematization for Attacks and Countermeasures on Mo...ITU
 
5 glimpses into our 5G future
5 glimpses into our 5G future5 glimpses into our 5G future
5 glimpses into our 5G futureEricsson
 
#EricssonTechDay Brasil 2018 - Boost 4G to 5G
#EricssonTechDay Brasil 2018 - Boost 4G to 5G#EricssonTechDay Brasil 2018 - Boost 4G to 5G
#EricssonTechDay Brasil 2018 - Boost 4G to 5GEricsson Latin America
 
Webinar – Looking under the hood of automotive IoT
Webinar – Looking under the hood of automotive IoTWebinar – Looking under the hood of automotive IoT
Webinar – Looking under the hood of automotive IoTEricsson
 
5G: the context, use cases, privacy, security and rules. Attilio Somma, TIM
5G: the context, use cases, privacy, security and rules. Attilio Somma, TIM5G: the context, use cases, privacy, security and rules. Attilio Somma, TIM
5G: the context, use cases, privacy, security and rules. Attilio Somma, TIMData Driven Innovation
 

Empfohlen

Global Virtual Mobile Network for Car manufacturers
Global Virtual Mobile Network for Car manufacturersGlobal Virtual Mobile Network for Car manufacturers
Global Virtual Mobile Network for Car manufacturersITU
 
5G for Connected and Automated Driving
5G for Connected and Automated Driving5G for Connected and Automated Driving
5G for Connected and Automated DrivingITU
 
Connected Cars & 5G
Connected Cars & 5GConnected Cars & 5G
Connected Cars & 5GITU
 
Learning from the past: Systematization for Attacks and Countermeasures on Mo...
Learning from the past: Systematization for Attacks and Countermeasures on Mo...Learning from the past: Systematization for Attacks and Countermeasures on Mo...
Learning from the past: Systematization for Attacks and Countermeasures on Mo...ITU
 
5 glimpses into our 5G future
5 glimpses into our 5G future5 glimpses into our 5G future
5 glimpses into our 5G futureEricsson
 
#EricssonTechDay Brasil 2018 - Boost 4G to 5G
#EricssonTechDay Brasil 2018 - Boost 4G to 5G#EricssonTechDay Brasil 2018 - Boost 4G to 5G
#EricssonTechDay Brasil 2018 - Boost 4G to 5GEricsson Latin America
 
Webinar – Looking under the hood of automotive IoT
Webinar – Looking under the hood of automotive IoTWebinar – Looking under the hood of automotive IoT
Webinar – Looking under the hood of automotive IoTEricsson
 
5G: the context, use cases, privacy, security and rules. Attilio Somma, TIM
5G: the context, use cases, privacy, security and rules. Attilio Somma, TIM5G: the context, use cases, privacy, security and rules. Attilio Somma, TIM
5G: the context, use cases, privacy, security and rules. Attilio Somma, TIMData Driven Innovation
 
#EricssonTechDay Brasil 2018 - Grow with IoT and 5G
#EricssonTechDay Brasil 2018 - Grow with IoT and 5G#EricssonTechDay Brasil 2018 - Grow with IoT and 5G
#EricssonTechDay Brasil 2018 - Grow with IoT and 5GEricsson Latin America
 
Ericsson Support Services
Ericsson Support Services Ericsson Support Services
Ericsson Support Services Ericsson
 
Faster to 5G
Faster to 5GFaster to 5G
Faster to 5GEricsson
 
Ericsson Technology Review: Securing the cloud with compliance auditing
Ericsson Technology Review: Securing the cloud with compliance auditingEricsson Technology Review: Securing the cloud with compliance auditing
Ericsson Technology Review: Securing the cloud with compliance auditingEricsson
 
Innovation Summit 2015 - 10 - linear dust
Innovation Summit 2015 - 10 - linear dustInnovation Summit 2015 - 10 - linear dust
Innovation Summit 2015 - 10 - linear dustThibault Cantegrel
 
Evolving cellular IoT for industry digitalization
Evolving cellular IoT for industry digitalizationEvolving cellular IoT for industry digitalization
Evolving cellular IoT for industry digitalizationEricsson
 
Ericsson Technology Review: Tackling IoT complexity with machine intelligence
Ericsson Technology Review: Tackling IoT complexity with machine intelligenceEricsson Technology Review: Tackling IoT complexity with machine intelligence
Ericsson Technology Review: Tackling IoT complexity with machine intelligenceEricsson
 
Orchestration in Action
Orchestration in ActionOrchestration in Action
Orchestration in ActionEricsson
 
Ericsson Technology Review - issue 2, 2017
Ericsson Technology Review - issue 2, 2017Ericsson Technology Review - issue 2, 2017
Ericsson Technology Review - issue 2, 2017Ericsson
 
Critical Broadband Networks presentation slideshare
Critical Broadband Networks presentation slideshareCritical Broadband Networks presentation slideshare
Critical Broadband Networks presentation slideshareEricsson
 
Agile 5G Deployment
Agile 5G DeploymentAgile 5G Deployment
Agile 5G DeploymentEricsson
 
Rizinski daychitkushevrina2020.pptx
Rizinski daychitkushevrina2020.pptxRizinski daychitkushevrina2020.pptx
Rizinski daychitkushevrina2020.pptxEduard Grasa
 
Ericsson Technology Review: issue 2, 2020
Ericsson Technology Review: issue 2, 2020 Ericsson Technology Review: issue 2, 2020
Ericsson Technology Review: issue 2, 2020Ericsson
 
Do we need a wakeup call to keep driver-less cars protected?
Do we need a wakeup call to keep driver-less cars protected? Do we need a wakeup call to keep driver-less cars protected?
Do we need a wakeup call to keep driver-less cars protected? ITU
 
2 s tic-rina-2020-presentatie
2 s tic-rina-2020-presentatie2 s tic-rina-2020-presentatie
2 s tic-rina-2020-presentatieEduard Grasa
 
Ericsson 5G Radio Dot Launch
Ericsson 5G Radio Dot LaunchEricsson 5G Radio Dot Launch
Ericsson 5G Radio Dot LaunchEricsson
 
Ericsson Massive IoT solution
Ericsson Massive IoT solutionEricsson Massive IoT solution
Ericsson Massive IoT solutionEricsson
 
Ericsson Technology Review - Technology Trends 2019
Ericsson Technology Review - Technology Trends 2019Ericsson Technology Review - Technology Trends 2019
Ericsson Technology Review - Technology Trends 2019Ericsson
 
Experimenting with Real Application-specific QoS Guarantees in a Large-scale ...
Experimenting with Real Application-specific QoS Guarantees in a Large-scale ...Experimenting with Real Application-specific QoS Guarantees in a Large-scale ...
Experimenting with Real Application-specific QoS Guarantees in a Large-scale ...ARCFIRE ICT
 
Io t5g use cases
Io t5g use casesIo t5g use cases
Io t5g use casesMujoko Mujoko
 
ITCamp 2018 - Cristiana Fernbach - GDPR compliance in the industry 4.0
ITCamp 2018 - Cristiana Fernbach - GDPR compliance in the industry 4.0ITCamp 2018 - Cristiana Fernbach - GDPR compliance in the industry 4.0
ITCamp 2018 - Cristiana Fernbach - GDPR compliance in the industry 4.0ITCamp
 
Emerging Technology Risk Series - Internet of Things (IoT)
Emerging Technology Risk Series - Internet of Things (IoT)Emerging Technology Risk Series - Internet of Things (IoT)
Emerging Technology Risk Series - Internet of Things (IoT)Eryk Budi Pratama
 

Weitere ähnliche Inhalte

Was ist angesagt?

#EricssonTechDay Brasil 2018 - Grow with IoT and 5G
#EricssonTechDay Brasil 2018 - Grow with IoT and 5G#EricssonTechDay Brasil 2018 - Grow with IoT and 5G
#EricssonTechDay Brasil 2018 - Grow with IoT and 5GEricsson Latin America
 
Ericsson Support Services
Ericsson Support Services Ericsson Support Services
Ericsson Support Services Ericsson
 
Faster to 5G
Faster to 5GFaster to 5G
Faster to 5GEricsson
 
Ericsson Technology Review: Securing the cloud with compliance auditing
Ericsson Technology Review: Securing the cloud with compliance auditingEricsson Technology Review: Securing the cloud with compliance auditing
Ericsson Technology Review: Securing the cloud with compliance auditingEricsson
 
Innovation Summit 2015 - 10 - linear dust
Innovation Summit 2015 - 10 - linear dustInnovation Summit 2015 - 10 - linear dust
Innovation Summit 2015 - 10 - linear dustThibault Cantegrel
 
Evolving cellular IoT for industry digitalization
Evolving cellular IoT for industry digitalizationEvolving cellular IoT for industry digitalization
Evolving cellular IoT for industry digitalizationEricsson
 
Ericsson Technology Review: Tackling IoT complexity with machine intelligence
Ericsson Technology Review: Tackling IoT complexity with machine intelligenceEricsson Technology Review: Tackling IoT complexity with machine intelligence
Ericsson Technology Review: Tackling IoT complexity with machine intelligenceEricsson
 
Orchestration in Action
Orchestration in ActionOrchestration in Action
Orchestration in ActionEricsson
 
Ericsson Technology Review - issue 2, 2017
Ericsson Technology Review - issue 2, 2017Ericsson Technology Review - issue 2, 2017
Ericsson Technology Review - issue 2, 2017Ericsson
 
Critical Broadband Networks presentation slideshare
Critical Broadband Networks presentation slideshareCritical Broadband Networks presentation slideshare
Critical Broadband Networks presentation slideshareEricsson
 
Agile 5G Deployment
Agile 5G DeploymentAgile 5G Deployment
Agile 5G DeploymentEricsson
 
Rizinski daychitkushevrina2020.pptx
Rizinski daychitkushevrina2020.pptxRizinski daychitkushevrina2020.pptx
Rizinski daychitkushevrina2020.pptxEduard Grasa
 
Ericsson Technology Review: issue 2, 2020
Ericsson Technology Review: issue 2, 2020 Ericsson Technology Review: issue 2, 2020
Ericsson Technology Review: issue 2, 2020Ericsson
 
Do we need a wakeup call to keep driver-less cars protected?
Do we need a wakeup call to keep driver-less cars protected? Do we need a wakeup call to keep driver-less cars protected?
Do we need a wakeup call to keep driver-less cars protected? ITU
 
2 s tic-rina-2020-presentatie
2 s tic-rina-2020-presentatie2 s tic-rina-2020-presentatie
2 s tic-rina-2020-presentatieEduard Grasa
 
Ericsson 5G Radio Dot Launch
Ericsson 5G Radio Dot LaunchEricsson 5G Radio Dot Launch
Ericsson 5G Radio Dot LaunchEricsson
 
Ericsson Massive IoT solution
Ericsson Massive IoT solutionEricsson Massive IoT solution
Ericsson Massive IoT solutionEricsson
 
Ericsson Technology Review - Technology Trends 2019
Ericsson Technology Review - Technology Trends 2019Ericsson Technology Review - Technology Trends 2019
Ericsson Technology Review - Technology Trends 2019Ericsson
 
Experimenting with Real Application-specific QoS Guarantees in a Large-scale ...
Experimenting with Real Application-specific QoS Guarantees in a Large-scale ...Experimenting with Real Application-specific QoS Guarantees in a Large-scale ...
Experimenting with Real Application-specific QoS Guarantees in a Large-scale ...ARCFIRE ICT
 

Was ist angesagt? (20)

#EricssonTechDay Brasil 2018 - Grow with IoT and 5G
#EricssonTechDay Brasil 2018 - Grow with IoT and 5G#EricssonTechDay Brasil 2018 - Grow with IoT and 5G
#EricssonTechDay Brasil 2018 - Grow with IoT and 5G
 
Ericsson Support Services
Ericsson Support Services Ericsson Support Services
Ericsson Support Services
 
Faster to 5G
Faster to 5GFaster to 5G
Faster to 5G
 
Ericsson Technology Review: Securing the cloud with compliance auditing
Ericsson Technology Review: Securing the cloud with compliance auditingEricsson Technology Review: Securing the cloud with compliance auditing
Ericsson Technology Review: Securing the cloud with compliance auditing
 
Innovation Summit 2015 - 10 - linear dust
Innovation Summit 2015 - 10 - linear dustInnovation Summit 2015 - 10 - linear dust
Innovation Summit 2015 - 10 - linear dust
 
Evolving cellular IoT for industry digitalization
Evolving cellular IoT for industry digitalizationEvolving cellular IoT for industry digitalization
Evolving cellular IoT for industry digitalization
 
Ericsson Technology Review: Tackling IoT complexity with machine intelligence
Ericsson Technology Review: Tackling IoT complexity with machine intelligenceEricsson Technology Review: Tackling IoT complexity with machine intelligence
Ericsson Technology Review: Tackling IoT complexity with machine intelligence
 
Orchestration in Action
Orchestration in ActionOrchestration in Action
Orchestration in Action
 
Ericsson Technology Review - issue 2, 2017
Ericsson Technology Review - issue 2, 2017Ericsson Technology Review - issue 2, 2017
Ericsson Technology Review - issue 2, 2017
 
Critical Broadband Networks presentation slideshare
Critical Broadband Networks presentation slideshareCritical Broadband Networks presentation slideshare
Critical Broadband Networks presentation slideshare
 
Agile 5G Deployment
Agile 5G DeploymentAgile 5G Deployment
Agile 5G Deployment
 
Rizinski daychitkushevrina2020.pptx
Rizinski daychitkushevrina2020.pptxRizinski daychitkushevrina2020.pptx
Rizinski daychitkushevrina2020.pptx
 
Ericsson Technology Review: issue 2, 2020
Ericsson Technology Review: issue 2, 2020 Ericsson Technology Review: issue 2, 2020
Ericsson Technology Review: issue 2, 2020
 
Do we need a wakeup call to keep driver-less cars protected?
Do we need a wakeup call to keep driver-less cars protected? Do we need a wakeup call to keep driver-less cars protected?
Do we need a wakeup call to keep driver-less cars protected?
 
2 s tic-rina-2020-presentatie
2 s tic-rina-2020-presentatie2 s tic-rina-2020-presentatie
2 s tic-rina-2020-presentatie
 
Ericsson 5G Radio Dot Launch
Ericsson 5G Radio Dot LaunchEricsson 5G Radio Dot Launch
Ericsson 5G Radio Dot Launch
 
Ericsson Massive IoT solution
Ericsson Massive IoT solutionEricsson Massive IoT solution
Ericsson Massive IoT solution
 
Ericsson Technology Review - Technology Trends 2019
Ericsson Technology Review - Technology Trends 2019Ericsson Technology Review - Technology Trends 2019
Ericsson Technology Review - Technology Trends 2019
 
Experimenting with Real Application-specific QoS Guarantees in a Large-scale ...
Experimenting with Real Application-specific QoS Guarantees in a Large-scale ...Experimenting with Real Application-specific QoS Guarantees in a Large-scale ...
Experimenting with Real Application-specific QoS Guarantees in a Large-scale ...
 
Io t5g use cases
Io t5g use casesIo t5g use cases
Io t5g use cases
 

Ähnlich wie Coordination of Threat Analysis in ICT Ecosystems

ITCamp 2018 - Cristiana Fernbach - GDPR compliance in the industry 4.0
ITCamp 2018 - Cristiana Fernbach - GDPR compliance in the industry 4.0ITCamp 2018 - Cristiana Fernbach - GDPR compliance in the industry 4.0
ITCamp 2018 - Cristiana Fernbach - GDPR compliance in the industry 4.0ITCamp
 
Emerging Technology Risk Series - Internet of Things (IoT)
Emerging Technology Risk Series - Internet of Things (IoT)Emerging Technology Risk Series - Internet of Things (IoT)
Emerging Technology Risk Series - Internet of Things (IoT)Eryk Budi Pratama
 
Regulatory Reality Check: Improve trust, compliance and visibility with IoT a...
Regulatory Reality Check: Improve trust, compliance and visibility with IoT a...Regulatory Reality Check: Improve trust, compliance and visibility with IoT a...
Regulatory Reality Check: Improve trust, compliance and visibility with IoT a...IBM Internet of Things
 
Logicalis IoT & Smart Cities (Use Case)
Logicalis IoT & Smart Cities (Use Case)Logicalis IoT & Smart Cities (Use Case)
Logicalis IoT & Smart Cities (Use Case)Cloudera, Inc.
 
Cybersecurity in Oil & Gas Company
Cybersecurity in Oil & Gas CompanyCybersecurity in Oil & Gas Company
Cybersecurity in Oil & Gas CompanyEryk Budi Pratama
 
Isaca atlanta ulf mattsson - do you have a roadmap for eu gdpr
Isaca atlanta ulf mattsson - do you have a roadmap for eu gdprIsaca atlanta ulf mattsson - do you have a roadmap for eu gdpr
Isaca atlanta ulf mattsson - do you have a roadmap for eu gdprUlf Mattsson
 
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of CybersecurityDORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of CybersecurityPECB
 
Chris Swan's presentation from the London Tech Entrepreneurs' Meetup
Chris Swan's presentation from the London Tech Entrepreneurs' MeetupChris Swan's presentation from the London Tech Entrepreneurs' Meetup
Chris Swan's presentation from the London Tech Entrepreneurs' MeetupCohesive Networks
 
Io t security market
Io t security marketIo t security market
Io t security marketdanishsmith01
 
SAM-IoT: Securing low power device communication in critical infrastructure m...
SAM-IoT: Securing low power device communication in critical infrastructure m...SAM-IoT: Securing low power device communication in critical infrastructure m...
SAM-IoT: Securing low power device communication in critical infrastructure m...Brain IoT Project
 
FITMAN General Presentation
FITMAN General PresentationFITMAN General Presentation
FITMAN General PresentationFITMAN FI
 
Making IoT a Reality_Axeda _ May 8 2013 _Mahbubul Alam
Making IoT a Reality_Axeda _ May 8 2013 _Mahbubul AlamMaking IoT a Reality_Axeda _ May 8 2013 _Mahbubul Alam
Making IoT a Reality_Axeda _ May 8 2013 _Mahbubul AlamMahbubul Alam
 
Making io t a reality axeda _ may 8 2013 _mahbubul alam
Making io t a reality axeda _ may 8 2013 _mahbubul alamMaking io t a reality axeda _ may 8 2013 _mahbubul alam
Making io t a reality axeda _ may 8 2013 _mahbubul alamMahbubul Alam
 
OT - How IoT will Impact Future B2B and Global Supply Chains - SS14
OT - How IoT will Impact Future B2B and Global Supply Chains - SS14OT - How IoT will Impact Future B2B and Global Supply Chains - SS14
OT - How IoT will Impact Future B2B and Global Supply Chains - SS14Mark Morley, MBA
 
AI, Blockchain, IoT Convergence Use Case System Implementation Insights from ...
AI, Blockchain, IoT Convergence Use Case System Implementation Insights from ...AI, Blockchain, IoT Convergence Use Case System Implementation Insights from ...
AI, Blockchain, IoT Convergence Use Case System Implementation Insights from ...Alex G. Lee, Ph.D. Esq. CLP
 
Horizon2020 appels 2018-2019 SG, Cybersecurity & Digital Security
Horizon2020 appels 2018-2019 SG, Cybersecurity & Digital SecurityHorizon2020 appels 2018-2019 SG, Cybersecurity & Digital Security
Horizon2020 appels 2018-2019 SG, Cybersecurity & Digital SecurityAgence du Numérique (AdN)
 
RoundTable: da Industria 4.0 a GDPR #ICTSecurity #ZeroTrust
RoundTable: da Industria 4.0 a GDPR #ICTSecurity #ZeroTrustRoundTable: da Industria 4.0 a GDPR #ICTSecurity #ZeroTrust
RoundTable: da Industria 4.0 a GDPR #ICTSecurity #ZeroTrustTalea Consulting Srl
 
20161201 witdom bdva summit
20161201 witdom bdva summit20161201 witdom bdva summit
20161201 witdom bdva summitElsa Prieto
 
Innovation Summit 2015 - 08 - gsma
Innovation Summit 2015 - 08 - gsmaInnovation Summit 2015 - 08 - gsma
Innovation Summit 2015 - 08 - gsmaThibault Cantegrel
 

Ähnlich wie Coordination of Threat Analysis in ICT Ecosystems (20)

ITCamp 2018 - Cristiana Fernbach - GDPR compliance in the industry 4.0
ITCamp 2018 - Cristiana Fernbach - GDPR compliance in the industry 4.0ITCamp 2018 - Cristiana Fernbach - GDPR compliance in the industry 4.0
ITCamp 2018 - Cristiana Fernbach - GDPR compliance in the industry 4.0
 
Emerging Technology Risk Series - Internet of Things (IoT)
Emerging Technology Risk Series - Internet of Things (IoT)Emerging Technology Risk Series - Internet of Things (IoT)
Emerging Technology Risk Series - Internet of Things (IoT)
 
Privacy Management for Smart Cities
Privacy Management for Smart CitiesPrivacy Management for Smart Cities
Privacy Management for Smart Cities
 
Regulatory Reality Check: Improve trust, compliance and visibility with IoT a...
Regulatory Reality Check: Improve trust, compliance and visibility with IoT a...Regulatory Reality Check: Improve trust, compliance and visibility with IoT a...
Regulatory Reality Check: Improve trust, compliance and visibility with IoT a...
 
Logicalis IoT & Smart Cities (Use Case)
Logicalis IoT & Smart Cities (Use Case)Logicalis IoT & Smart Cities (Use Case)
Logicalis IoT & Smart Cities (Use Case)
 
Cybersecurity in Oil & Gas Company
Cybersecurity in Oil & Gas CompanyCybersecurity in Oil & Gas Company
Cybersecurity in Oil & Gas Company
 
Isaca atlanta ulf mattsson - do you have a roadmap for eu gdpr
Isaca atlanta ulf mattsson - do you have a roadmap for eu gdprIsaca atlanta ulf mattsson - do you have a roadmap for eu gdpr
Isaca atlanta ulf mattsson - do you have a roadmap for eu gdpr
 
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of CybersecurityDORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity
 
Chris Swan's presentation from the London Tech Entrepreneurs' Meetup
Chris Swan's presentation from the London Tech Entrepreneurs' MeetupChris Swan's presentation from the London Tech Entrepreneurs' Meetup
Chris Swan's presentation from the London Tech Entrepreneurs' Meetup
 
Io t security market
Io t security marketIo t security market
Io t security market
 
SAM-IoT: Securing low power device communication in critical infrastructure m...
SAM-IoT: Securing low power device communication in critical infrastructure m...SAM-IoT: Securing low power device communication in critical infrastructure m...
SAM-IoT: Securing low power device communication in critical infrastructure m...
 
FITMAN General Presentation
FITMAN General PresentationFITMAN General Presentation
FITMAN General Presentation
 
Making IoT a Reality_Axeda _ May 8 2013 _Mahbubul Alam
Making IoT a Reality_Axeda _ May 8 2013 _Mahbubul AlamMaking IoT a Reality_Axeda _ May 8 2013 _Mahbubul Alam
Making IoT a Reality_Axeda _ May 8 2013 _Mahbubul Alam
 
Making io t a reality axeda _ may 8 2013 _mahbubul alam
Making io t a reality axeda _ may 8 2013 _mahbubul alamMaking io t a reality axeda _ may 8 2013 _mahbubul alam
Making io t a reality axeda _ may 8 2013 _mahbubul alam
 
OT - How IoT will Impact Future B2B and Global Supply Chains - SS14
OT - How IoT will Impact Future B2B and Global Supply Chains - SS14OT - How IoT will Impact Future B2B and Global Supply Chains - SS14
OT - How IoT will Impact Future B2B and Global Supply Chains - SS14
 
AI, Blockchain, IoT Convergence Use Case System Implementation Insights from ...
AI, Blockchain, IoT Convergence Use Case System Implementation Insights from ...AI, Blockchain, IoT Convergence Use Case System Implementation Insights from ...
AI, Blockchain, IoT Convergence Use Case System Implementation Insights from ...
 
Horizon2020 appels 2018-2019 SG, Cybersecurity & Digital Security
Horizon2020 appels 2018-2019 SG, Cybersecurity & Digital SecurityHorizon2020 appels 2018-2019 SG, Cybersecurity & Digital Security
Horizon2020 appels 2018-2019 SG, Cybersecurity & Digital Security
 
RoundTable: da Industria 4.0 a GDPR #ICTSecurity #ZeroTrust
RoundTable: da Industria 4.0 a GDPR #ICTSecurity #ZeroTrustRoundTable: da Industria 4.0 a GDPR #ICTSecurity #ZeroTrust
RoundTable: da Industria 4.0 a GDPR #ICTSecurity #ZeroTrust
 
20161201 witdom bdva summit
20161201 witdom bdva summit20161201 witdom bdva summit
20161201 witdom bdva summit
 
Innovation Summit 2015 - 08 - gsma
Innovation Summit 2015 - 08 - gsmaInnovation Summit 2015 - 08 - gsma
Innovation Summit 2015 - 08 - gsma
 

Mehr von ITU

Trustworthy networking and technical considerations for 5G
Trustworthy networking and technical considerations for 5GTrustworthy networking and technical considerations for 5G
Trustworthy networking and technical considerations for 5GITU
 
The role of Bicycles and E-Bikes in the future development of Intelligent Tra...
The role of Bicycles and E-Bikes in the future development of Intelligent Tra...The role of Bicycles and E-Bikes in the future development of Intelligent Tra...
The role of Bicycles and E-Bikes in the future development of Intelligent Tra...ITU
 
Securing the future of Automotive
Securing the future of AutomotiveSecuring the future of Automotive
Securing the future of AutomotiveITU
 
The Connected Vehicle - Challenges and Opportunities.
The Connected Vehicle - Challenges and Opportunities. The Connected Vehicle - Challenges and Opportunities.
The Connected Vehicle - Challenges and Opportunities. ITU
 
Machine learning for decentralized and flying radio devices
Machine learning for decentralized and flying radio devicesMachine learning for decentralized and flying radio devices
Machine learning for decentralized and flying radio devicesITU
 
AI and machine learning
AI and machine learningAI and machine learning
AI and machine learningITU
 
Machine learning for 5G and beyond
Machine learning for 5G and beyondMachine learning for 5G and beyond
Machine learning for 5G and beyondITU
 
Efficient Deep Learning in Communications
Efficient Deep Learning in CommunicationsEfficient Deep Learning in Communications
Efficient Deep Learning in CommunicationsITU
 
AI for Good Global Summit - 2017 Report
AI for Good Global Summit - 2017 ReportAI for Good Global Summit - 2017 Report
AI for Good Global Summit - 2017 ReportITU
 
Standardization of XDSL and MGfast in ITU-T SG15
Standardization of XDSL and MGfast in ITU-T SG15Standardization of XDSL and MGfast in ITU-T SG15
Standardization of XDSL and MGfast in ITU-T SG15ITU
 
One World One Global Sim
One World One Global Sim One World One Global Sim
One World One Global Sim ITU
 
ICTs, LDCs and the SDGs
ICTs, LDCs and the SDGsICTs, LDCs and the SDGs
ICTs, LDCs and the SDGsITU
 
Collection Methodology for Key Performance Indicators for Smart Sustainable C...
Collection Methodology for Key Performance Indicators for Smart Sustainable C...Collection Methodology for Key Performance Indicators for Smart Sustainable C...
Collection Methodology for Key Performance Indicators for Smart Sustainable C...ITU
 
Enhancing innovation and participation in smart sustainable cities
Enhancing innovation and participation in smart sustainable citiesEnhancing innovation and participation in smart sustainable cities
Enhancing innovation and participation in smart sustainable citiesITU
 
Implementing SDG11 by connecting sustainability policies and urban planning p...
Implementing SDG11 by connecting sustainability policies and urban planning p...Implementing SDG11 by connecting sustainability policies and urban planning p...
Implementing SDG11 by connecting sustainability policies and urban planning p...ITU
 
Connecting cities and communities with the SDGs
Connecting cities and communities with the SDGsConnecting cities and communities with the SDGs
Connecting cities and communities with the SDGsITU
 
Synchronization in ITU-T in the New SG15 Study Period (2017-2020)
Synchronization in ITU-T in the New SG15 Study Period (2017-2020)Synchronization in ITU-T in the New SG15 Study Period (2017-2020)
Synchronization in ITU-T in the New SG15 Study Period (2017-2020)ITU
 
Overview of ITU-T SG 15 Q4 xDSL and G.(mg)fast
Overview of ITU-T SG 15 Q4 xDSL and G.(mg)fastOverview of ITU-T SG 15 Q4 xDSL and G.(mg)fast
Overview of ITU-T SG 15 Q4 xDSL and G.(mg)fastITU
 
Livecare Realtime healthcare Monitoring service
Livecare Realtime healthcare Monitoring serviceLivecare Realtime healthcare Monitoring service
Livecare Realtime healthcare Monitoring serviceITU
 
Live Migration of 5G Services between Heterogenous Infrastructure Domains
Live Migration of 5G Services between Heterogenous Infrastructure DomainsLive Migration of 5G Services between Heterogenous Infrastructure Domains
Live Migration of 5G Services between Heterogenous Infrastructure DomainsITU
 

Mehr von ITU (20)

Trustworthy networking and technical considerations for 5G
Trustworthy networking and technical considerations for 5GTrustworthy networking and technical considerations for 5G
Trustworthy networking and technical considerations for 5G
 
The role of Bicycles and E-Bikes in the future development of Intelligent Tra...
The role of Bicycles and E-Bikes in the future development of Intelligent Tra...The role of Bicycles and E-Bikes in the future development of Intelligent Tra...
The role of Bicycles and E-Bikes in the future development of Intelligent Tra...
 
Securing the future of Automotive
Securing the future of AutomotiveSecuring the future of Automotive
Securing the future of Automotive
 
The Connected Vehicle - Challenges and Opportunities.
The Connected Vehicle - Challenges and Opportunities. The Connected Vehicle - Challenges and Opportunities.
The Connected Vehicle - Challenges and Opportunities.
 
Machine learning for decentralized and flying radio devices
Machine learning for decentralized and flying radio devicesMachine learning for decentralized and flying radio devices
Machine learning for decentralized and flying radio devices
 
AI and machine learning
AI and machine learningAI and machine learning
AI and machine learning
 
Machine learning for 5G and beyond
Machine learning for 5G and beyondMachine learning for 5G and beyond
Machine learning for 5G and beyond
 
Efficient Deep Learning in Communications
Efficient Deep Learning in CommunicationsEfficient Deep Learning in Communications
Efficient Deep Learning in Communications
 
AI for Good Global Summit - 2017 Report
AI for Good Global Summit - 2017 ReportAI for Good Global Summit - 2017 Report
AI for Good Global Summit - 2017 Report
 
Standardization of XDSL and MGfast in ITU-T SG15
Standardization of XDSL and MGfast in ITU-T SG15Standardization of XDSL and MGfast in ITU-T SG15
Standardization of XDSL and MGfast in ITU-T SG15
 
One World One Global Sim
One World One Global Sim One World One Global Sim
One World One Global Sim
 
ICTs, LDCs and the SDGs
ICTs, LDCs and the SDGsICTs, LDCs and the SDGs
ICTs, LDCs and the SDGs
 
Collection Methodology for Key Performance Indicators for Smart Sustainable C...
Collection Methodology for Key Performance Indicators for Smart Sustainable C...Collection Methodology for Key Performance Indicators for Smart Sustainable C...
Collection Methodology for Key Performance Indicators for Smart Sustainable C...
 
Enhancing innovation and participation in smart sustainable cities
Enhancing innovation and participation in smart sustainable citiesEnhancing innovation and participation in smart sustainable cities
Enhancing innovation and participation in smart sustainable cities
 
Implementing SDG11 by connecting sustainability policies and urban planning p...
Implementing SDG11 by connecting sustainability policies and urban planning p...Implementing SDG11 by connecting sustainability policies and urban planning p...
Implementing SDG11 by connecting sustainability policies and urban planning p...
 
Connecting cities and communities with the SDGs
Connecting cities and communities with the SDGsConnecting cities and communities with the SDGs
Connecting cities and communities with the SDGs
 
Synchronization in ITU-T in the New SG15 Study Period (2017-2020)
Synchronization in ITU-T in the New SG15 Study Period (2017-2020)Synchronization in ITU-T in the New SG15 Study Period (2017-2020)
Synchronization in ITU-T in the New SG15 Study Period (2017-2020)
 
Overview of ITU-T SG 15 Q4 xDSL and G.(mg)fast
Overview of ITU-T SG 15 Q4 xDSL and G.(mg)fastOverview of ITU-T SG 15 Q4 xDSL and G.(mg)fast
Overview of ITU-T SG 15 Q4 xDSL and G.(mg)fast
 
Livecare Realtime healthcare Monitoring service
Livecare Realtime healthcare Monitoring serviceLivecare Realtime healthcare Monitoring service
Livecare Realtime healthcare Monitoring service
 
Live Migration of 5G Services between Heterogenous Infrastructure Domains
Live Migration of 5G Services between Heterogenous Infrastructure DomainsLive Migration of 5G Services between Heterogenous Infrastructure Domains
Live Migration of 5G Services between Heterogenous Infrastructure Domains
 

Kürzlich hochgeladen

What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 

Kürzlich hochgeladen (20)

What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 

Coordination of Threat Analysis in ICT Ecosystems

  • 1. Coordination of Threat Analysis in ICT Ecosystems Antonio Kung, CTO Trialog 25 rue du Général Foy, 75008 Paris, France www.trialog.com ITU workshop on 5G security19 March 2018 1
  • 2. Speaker: Antonio Kung  Engineering background  Chair of citizen approach to data initiative  EIP-SCC: European Innovation Platform on Smart Cities and Communities  Data protection / Privacy standards wiki for Ipen  Ipen.trialog.com  ITU-T  SG17 – Cybersecurity framework for intelligent transport system  FG-DPM – Security and privacy framework  ISO/IEC  Projects – 27550 Privacy engineering – 27030 Security and privacy guidelines for the IoT – 27570 Privacy guidelines for smart cities – 20547-4 Big data Security and privacy  Study periods – Big data security and privacy processes – Big data implementation security – Framework privacy preference management (Joint ITU-ISO) ITU workshop on 5G security19 March 2018 2
  • 3. Ecosystems are complex ITU workshop on 5G security19 March 2018 Security Privacy SafetySmart grid Transport Health Smart Cities Big data IoT Ecosystems Domains Concerns 3
  • 4. Ecosystem Security and Data Protection Concerns ITU workshop on 5G security19 March 2018 4 Stakeholder Legal Compliance Concern Management Concern System Lifecycle Concern Demand side Policy maker Compliance Check / Follow standards Transparency Operator Regulation for security Regulation for privacy Security and data protection risk analysis Agreement with other operators Security-by-design Privacy-by-Design Supply side Supplier Operators Requirements
  • 5. Ecosystem Cybersecurity: What we Need ITU workshop on 5G security19 March 2018 5 Ecosystem Stakeholders Ecosystem Assets Ecosystem Cybersecurity capabilities Provide to protect Ecosystem Policy makers Verify/Certify (or Direct – Control – Evaluate)
  • 6. Ecosystem Cybersecurity: What we Have ITU workshop on 5G security19 March 2018 6 Ecosystem Stakeholder 1 Ecosystem Stakeholder 2 Ecosystem Stakeholder 2 Ecosystem Stakeholder 2 Asset 1 Asset 2 Asset 3 Asset 4 Cybersecurity capability 1 Cybersecurity capability 2 Cybersecurity capability 3 Cybersecurity capability 4 Provides to protect Provides to protect Provides to protect Provides to protect Ecosystem Policy makers Verify/Certify
  • 7. Example of Ecosystem: AutoMat http://www.automat-project.eu ITU workshop on 5G security19 March 2018 7
  • 8. Example of Ecosystem: AutoMat ITU workshop on 5G security  Four types of stakeholders 19 March 2018 8 Storage provider Automotive manufacturer Marketplace Service provider
  • 9. Ecosystem Design ITU workshop on 5G security  Personal data ecosystem  Interoperability  Common description – CVIM (Common vehicle information model) 19 March 2018 9 Storage manager Automotive manufacturer 1 Vehicle A data capturing CVIM Vehicle B data capturing Automotive manufacturer 2 Vehicle C data capturing CVIM Vehicle A owner data vault Vehicle B owner data vault Vehicle C owner data vault
  • 10. Ecosystem Risk Analysis ITU workshop on 5G security  Risk analysis includes  security risk analysis (e.g. ISO/IEC 27005)  privacy impact analysis (e.g. ISO/IEC 29134) 19 March 2018 10 Storage Provider Risk analysis Automotive manufacturer Risk analysis Marketplace Risk analysis Service provider Risk analysis Ecosystem Risk analysis
  • 11. Ecosystem Interoperability ITU workshop on 5G security  Interoperability includes  Functional interoperability  Cybersecurity interoperability 19 March 2018 11 Marketplace 2Marketplace 1 Service provider Service provider 2Service provider 1 Marketplace Storage provider 2Storage provider 1 Marketplace Marketplace 1Marketplace 1 Storage provider Automotive manufacturer 2 Automotive manufacturer 1 Storage provider Storage provider 2Storage provider 1 Automotive manufacturer
  • 12. Different Types of Interoperability ITU workshop on 5G security19 March 2018 12 Different descriptionDifferent description Service Provider Market place2 Capability Market place1 Capability No interoperability Common descriptionCommon description Service Provider Market place2 Same capability Market place1 Same capability Interoperability of capabilities Common descriptionCommon description Service Provider Market place2 Different capability Market place1 Different capability Interoperability of descriptions
  • 13. Need for Consistent Individual Cybersecurity Framework ITU workshop on 5G security19 March 2018 13 Service provider Cybersecurity framework • Capabilities • Agreement • Risks - Incidents - Consequences • Measures MarketplaceService provider Marketplace Cybersecurity framework • Capabilities • Agreement • Risks - Incidents - Consequences • Measures
  • 14. Cybersecurity Capabilities ITU workshop on 5G securitySlide 14 Secure processing Protect data processing Transparency information Provide information how data processing is protected Data controller responsibility Verifies whether service provider has data controller responsibility 19 March 2018 Marketplace capability Service provider capability Secure processing Protect data pipeline and processing Owner consent Capability for vehicle owner to provide consent on personal data processing Consent revocation Capability for vehicle owner to withdraw from data pipeline Transparency information Capability to provide information on data processing chain Secure connection to service providers Capability to provide data to service provider securely Secure connection to storage providers Capability to retrieve data from storage manager securely Data processor responsibility Verifies whether marketplace has data processor responsibility
  • 15. Agreement Cybersecurity Capabilities ITU workshop on 5G security1519 March 2018 Providing evidence of capability provide evidence of cybersecurity compliance to marketplace Getting evidence of capability obtain evidence of marketplace cybersecurity compliance Marketplace agreement Service provider agreement Providing evidence of capability provide evidence of cybersecurity compliance to service provider Getting evidence of capability obtain evidence of service provider cybersecurity compliance
  • 16. Threats ITU workshop on 5G security16 STRIDE threat categories Spoofing Spoofing marketplace Tampering Integrity and completeness of data obtained from marketplace Information disclosure Eavesdropping data during communication Eavesdropping metadata (e.g. log of interactions with marketplace) Incorrect management of data processing chain leading to leaks (e.g. incorrect deletion) Denial Of Service Massive access to marketplace LINDDUN threat categories Linkability Anonymisation not carried out correctly Attempt from external parties to re-identify vehicle owner by using other datasets New linkability threat not taken into account 19 March 2018 Marketplace Threats Service provider Threats STRIDE threat categories Spoofing Spoofing storage provider Spoofing service provider Tampering Integrity and completeness of data provided to service provider Repudiation Service provider repudiation Information disclosure Eavesdropping data during communication Eavesdropping metadata (e.g. log of interactions with storage provider and with service provider) Incorrect management of data pipeline leading to leaks (e.g. incorrect deletion) Denial Of Service Massive access to marketplace by faked service providers Elevation of privilege Incorrect management of vehicle owner privacy rules (expressed in obtained metadata) LINDDUN threat categories Linkability Anonymisation not carried out correctly New linkability threat not taken into account [
  • 17. Incidents ITU workshop on 5G security17 Incident Description Severity Massive personal data breach Public report of potential massive personal data leak because of improper operation at service provider level Maximum Massive denial of service Service provider can no longer operate. Significant 19 March 2018 Marketplace Incidents Service provider Incidents Incident Description Severity Case of personal data breach Public reporting that personal data vault has been accessed or that it has been processed against consent or privacy rules Significant Massive business data leak. Public report of potential massive business data leak because of improper operation at marketplace level Maximum Massive personal data breach Public report of potential massive personal data leak because of improper operation at marketplace level. Maximum Massive denial of service Marketplace can no longer operate. Significant
  • 18. Measures ITU workshop on 5G securitySlide 18 ISO 27001 Categories of controls Control Information security policies Management direction. Data management policies Human resource security During employment Internal cybersecurity preparedness External cybersecurity preparedness Access control System and application access control Secure access to marketplace provider Cryptography Cryptographic controls Anonymisation of data sets Operation security Operational procedures and responsibilities Operation procedures for data processing Logging and monitoring Logging capabilities Control of operational software Operation procedures for transparency. Technical vulnerability management Plausibility check Communication security Information transfer Secure transmission of data System acquisition, development and maintenance Security in development and support processes Secure data processing capabilities Cybersecurity monitoring capabilities Information security incident management Management of information security incidents and improvements Alerting data processing chain Information security aspects of business continuity management Information security continuity Assurance of service provider cybersecurity capabilities Periodic review of service provider cybersecurity capabilities Compliance Compliance with legal and contractual requirements GDPR and cybersecurity compliance verification Information security reviews Periodic review of interoperability 19 March 2018 ISO 27001 Categories of controls Control Information security policies Management direction. Data management policies Human resource security During employment Internal cybersecurity preparedness External cybersecurity preparedness Access control Business requirements for access control Requirements for service provider access System and application access control Secure access from service provider Secure access to cloud storage provider Cryptography Cryptographic controls Confidentiality of personal data vaults Anonymisation of data sets Operation security Operational procedures and responsibilities Operation procedures for data search and processing Logging and monitoring Logging capabilities Control of operational software Operation procedures for transparency. Communication security Information transfer Secure transmission of data System acquisition, development and maintenance Security in development and support processes Secure data pipeline capabilities Cybersecurity monitoring capabilities Information security incident management Management of information security incidents and improvements Alerting data processing chain Information security aspects of business continuity management Information security continuity Assurance of cloud storage manager cybersecurity capabilities Periodic review of cloud storage manager cybersecurity capabilities Compliance Compliance with legal and contractual requirements GDPR and cybersecurity compliance verification Information security reviews Periodic review of interoperability Marketplace MeasuresService provider measures
  • 19. Conclusions ITU workshop on 5G security  Need for ecosystem design viewpoint  Need for ecosystem risk analysis  Need for interoperability of cybersecurity capabilities  Need for Coordination of cybersecurity capabilities between different stakeholders of an ecosystem  Ecosystem vision must be better explained at standardisation level 19 March 2018 19
  • 20. Example of 5G Ecosystem ITU workshop on 5G security19 March 2018 20 5G Mobile operator IoT Device operator Mobile platform operator Service provider
  • 21. Questions? www.trialog.com ITU workshop on 5G security19 March 2018 21