INTERNATIONAL CYBER WARFARE AND SECURITY
CONFERENCE
ANKARA, 27 NOVEMBER 2014
EOS Vision
THE EVOLUTION OF THE CYBER ECOSYSTEM
WILL PROFOUNDLY CHANGE THE WAY WE LIVE
DEFENCE AGAINST CYBER THREATS WILL BECOME INCREASINGLY COMPLEX
MARKET FORCES ALONE ARE NOT SUFFICIENT TO ENSURE THE PROTECTION OF
THE CYBER ECOSYSTEM
EUROPE MUST IMPLEMENT INFRASTRUCTURAL PROGRAMS WITH IMPORTANT
CYBER SECURITY COMPONENTS
SUCCESSFUL IMPLEMENTATION OF THE PROGRAMS WE NEED A WELL
FUNCTIONING PARTNERSHIP AMONG GOVERNMENT, ACADEMIA AND
INDUSTRY
European Organization for Security - EOS
 EOS is a non-profit organization representing the interests and expertise of 41
Members involved in Security .
European Organization for Security - EOS
 EOS members provide technology solutions and services from 13 different countries of
the European Economic Area, representing more than 65% of the European Security
Market and 2 million employees in Europe.
 EOS’ main objective is the development of a harmonised European Security Market in
close cooperation with users from the public and private sector.
 Policy priorities:
- Cybersecurity (including cybercrime & cyberdefence)
- Border Control (Surveillance and Smart Borders)
- Civil Protection and Crisis Management
- Urban Security
- Transport Security (Civil Aviation, Supply Chain, Land Transport)
- Security Industrial Policy (standardisation, certification, EU R&D, EU funds, …)
- EU strategic (technology) autonomy
- EU Internal Security Strategy
European Organization for Security - EOS
EOS’ projects in cybersecurity:
 CYSPA (2012 – 2015):
Aims at delivering a cyber risk assessment and impact methodology tested across five
sectors: e-government, energy, finance, TLC, and transport. CYSPA is working toward
the establishment of a self-sustaining alliance to provide services in the critical
infrastructure protection domain.
 COURAGE (2014 – 2016):
Aims at delivering a research agenda for Cyber Crime and Cyber Terrorism. The
purpose of COURAGE is to significantly improve the security of citizens and critical
infrastructures and support crime investigators.
 CAPITAL (2013 – 2015):
Complements CYSPA. The main objective is to deliver an integrated research and
innovation agenda for cybersecurity and privacy, identifying future trends and
challenges. Close link with the NIS Platform (DG CONNECT).
Future digital ecosystem
 We are moving toward a data-driven hyper-connected world where interdependence
will become pervasive.
 Three game changers: Internet of Things , Big Data, and Cloud.
 The Internet of Things: “With the development of the Internet of Things alongside
current networks we are talking about the possibility that in the future every person and
every thing could be connected to each other wirelessly, from virtually any position on
earth”. (Neelie Kroes, 1 June 2010)
 Big Data: “Big data is not just a new sector, but a new asset class. One that sits as a
pillar of our economy, like human resources or financial capital”. (Neelie Kroes, 7
November 2013)
 Cloud: “Cloud Computing will change our economy. It can bring significant productivity
benefits to all, right through to the smallest companies, and also to individuals”. (Neelie
Kroes, 26 January 2012)
The Internet of Things (Internet of Everything)
 “The advent of IoT is taking place in an ICT environment affected by several major
trends. ‘Scale’ is one of them: the number of connected devices is increasing, while their
size is reduced. ‘Mobility’ is another: objects are ever more wirelessly connected.
‘Heterogeneity and complexity’ is a third trend: IoT will be deployed in an environment
already crowded with applications that generate a growing number of challenges in
terms of interoperability” . (EC COM 2009 /278)
Big Data
 “A new generation of technologies and architectures designed to extract value
economically from very large volumes of a wide variety of data by enabling highvelocity capture, discovery, and/or analysis”. (IDC Market Analysis, March 2012)
Cloud Computing
 “Cloud computing, being born global, calls for a reinforced international dialogue on
safe and seamless cross-border use. For example, the international dialogues on trade,
law enforcement, security and cybercrime all need to fully reflect the new challenges
raised by cloud computing”. (EC COM 2012/529)
ECP
The threat landscape
Critical Infrastructure Protection:
 Data from the US Industrial Control Systems CERT provide a snapshot of patterns of
attacks to critical infrastructure.
 “Common initial infection vectors were unauthorized access of Internet facing devices,
scanning and probing of publicly accessible assets, malware transfer via removable
media, exploitation of software/hardware vulnerabilities, and spear phishing attacks”
(ICS-CERT Monitor, December 2013)
The threat landscape
Critical Infrastructure Protection:
 In 2013, ICS-CERT responded to 256 reported incidents. The majority (59%) occurred in
the Energy sector.
The threat landscape
Internet of Things: Threats are real and threats vector will be multiplicating
 “If we thought that doing cybersecurity in a world of wired desktops was hard, now we’re going to
do it in a world where your coffee maker, your car and your refrigerator are also a threat vector”.
(Michael Daniel – White House Cybersecurity Coordinator, 29 January 2014)
 “Interconnected devices and smart environments provide an ideal environment for all threat agent
groups to perform malicious activities ranging from data collection and data manipulation up to
fooling home appliances of their victims, thus creating harm even to their lives”. (ENISA Threat
landscape 2013)
 “Symantec has discovered a new Linux worm that appears to be engineered to target the Internet
of Things. The worm is capable of attacking a range of small, Internet-enabled devices in addition
to traditional computers. Variants exist for chip architectures usually found in devices such as home
routers, set-top boxes, and security cameras”. (Symantec , 27 November 2013)
 “PhD candidate Ang Cui and Professor Salvatore Stolfo have found serious vulnerabilities in Cisco
VoIP telephones. Cui and Stolfo are particularly concerned with embedded systems that are widely
used and networked on the Internet, including VoIP phones, routers, and printers”. (Columbia
University School of Engineering, 4 January 2013)
The threat landscape
Big Data: data protection, profiling
 “A number of challenges have been identified for big data security. Indicatively, these
challenges address data protection, data access control and data filtering issues for
huge data amount that are beyond the processing power of contemporary Security
Information and Event Management (SIEM) products”. (ENISA, Threat Landscape 2013)
 “User data collected by large organizations is constantly accessed by inside analysts as
well as outside contractors and business partners. A malicious insider or untrusted
partner can abuse these data sets and extract private information from customers”.
(CSA Big Data Security and Privacy Challenges, April 2013)
 “It is really very nearly within our grasp to be able to compute on all human generated
information”. (CIA CTO Ira “Gus” Hunt, March 2013)
Need for a holistic approach
 “The twenty-first century will be the century of complexity” (Stephen Hawking).
 Economic, technological, and social factors have led to a new infrastructural key
paradigm: INTERDEPENDENCY
Cyber civ-mil issues
Blurring dividing lines:
 Interdependence and complexity of the cyber ecosystem will grow exponentially in the
near future.
 Infrastructures interdependence makes it impossible to see civil and military systems in
isolation.
 Military networks depend for their functioning also on civilian infrastructure.
 Air-gaps between military and civil domain will become thinner.
EU Cybersecurity strategy
 The EU cybersecurity strategy includes among its priorities the development of
industrial and technological resources.
 The strategy recognizes the need for incentives to the private sector to ensure higher
levels of security.
 The strategy points to the necessity to stimulate the European demand for secure
products .
 The strategy underlines the importance of R&D to fill the technology gaps in ICT
security.
 The Commission invites Member States to develop good practices to use public
administrations procurement to stimulate the development and deployment of security
features in ICT products and services.
Partnership
A Cybersecurity Investment Program:
 EOS calls for the implementation of a specific Cybersecurity Industrial Policy complemented by an
EU Cybersecurity Investment Program.
 The policy should encourage the development of a strong European cyber industrial base, should
facilitate the implementation of a coordinated R&I roadmap, and it should provide the framework
for a Cybersecurity Investment Program.
 A Cybersecurity Investment Program will allow to strengthen the European cyber industry and
R&D base, granting at the same time the necessary level of strategic autonomy to Europe.
 Program’s topics could be security of critical infrastructure, security of space systems, IoT, …
 A cybersecurity investment program needs a partnership among Government, Academia and
Industry.