Privacy & Cyber-Physical Security in European Cities · Title: Privacy & Cyber-Physical Security in...

38
2016

Transcript of Privacy & Cyber-Physical Security in European Cities · Title: Privacy & Cyber-Physical Security in...

Page 1: Privacy & Cyber-Physical Security in European Cities · Title: Privacy & Cyber-Physical Security in European Cities Author

2016

Page 2: Privacy & Cyber-Physical Security in European Cities · Title: Privacy & Cyber-Physical Security in European Cities Author

Privacy & Cyber-Physical Security in European Cities

1

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Page 3: Privacy & Cyber-Physical Security in European Cities · Title: Privacy & Cyber-Physical Security in European Cities Author

Privacy & Cyber-Physical Security in European Cities

2

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Page 4: Privacy & Cyber-Physical Security in European Cities · Title: Privacy & Cyber-Physical Security in European Cities Author

Privacy & Cyber-Physical Security in European Cities

3

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

........................................................................................................ 1

........................................................................................................ 4

........................................................... 5

....................................................................................... 10

......................................................................................... 13

................................................................................................... 14

.............................................................................................................. 16

.............................................................................................................. 17

............................................................................................................... 18

............................................................................................................... 20

.......................................................................................... 21

.................................................................................................. 21

........................................................................................ 23

............................................................ 26

............................................................................................ 28

................................................................ 30

....................................................... 30

........................................................ 31

.............................................................................................. 33

........................................................................................................... 35

References ............................................................................................................. 37

Page 5: Privacy & Cyber-Physical Security in European Cities · Title: Privacy & Cyber-Physical Security in European Cities Author

Privacy & Cyber-Physical Security in European Cities

4

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Page 6: Privacy & Cyber-Physical Security in European Cities · Title: Privacy & Cyber-Physical Security in European Cities Author

Privacy & Cyber-Physical Security in European Cities

5

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

1 European Commission (2010) Comparative Study on Different Approaches to new privacy challenges, in particular in the light of Technological Developments.

Page 7: Privacy & Cyber-Physical Security in European Cities · Title: Privacy & Cyber-Physical Security in European Cities Author

Privacy & Cyber-Physical Security in European Cities

6

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

2 European Commission (2012) Regulation of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the movement of such data (General Data Protection Regulation). 3 http://www.allenovery.com/publications/en-gb/data-protection/Pages/Timetable.aspx

4 Commission of the European Communities (2009) COMMUNICATION… on Critical Information Infrastructure Protection (CIIP) –Protecting Europe from large scale cyber-attacks and disruptions: enhancing preparedness, security and resilience.

Page 8: Privacy & Cyber-Physical Security in European Cities · Title: Privacy & Cyber-Physical Security in European Cities Author

Privacy & Cyber-Physical Security in European Cities

7

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Page 9: Privacy & Cyber-Physical Security in European Cities · Title: Privacy & Cyber-Physical Security in European Cities Author

Privacy & Cyber-Physical Security in European Cities

8

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

5 European Commission (2011) COMMUNICATION…on Critical Information Infrastructure Protection – Achievements and next steps: towards global cyber-security. 6 European Commission (2012) COMMUNICATION…on Tackling Crime in our Digital age: Establishing a European Cybercrime Centre 7 European Commission (2013) Proposal for a Directive of European Parliament and of the Council concerning measures to ensure a high common level of network and information security across the Union. 8 European Commission (2013) Commission Staff Working Document – Impact Assessment

Page 10: Privacy & Cyber-Physical Security in European Cities · Title: Privacy & Cyber-Physical Security in European Cities Author

Privacy & Cyber-Physical Security in European Cities

9

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Page 11: Privacy & Cyber-Physical Security in European Cities · Title: Privacy & Cyber-Physical Security in European Cities Author

Privacy & Cyber-Physical Security in European Cities

10

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Page 12: Privacy & Cyber-Physical Security in European Cities · Title: Privacy & Cyber-Physical Security in European Cities Author

Privacy & Cyber-Physical Security in European Cities

11

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Page 13: Privacy & Cyber-Physical Security in European Cities · Title: Privacy & Cyber-Physical Security in European Cities Author

Privacy & Cyber-Physical Security in European Cities

12

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Page 14: Privacy & Cyber-Physical Security in European Cities · Title: Privacy & Cyber-Physical Security in European Cities Author

Privacy & Cyber-Physical Security in European Cities

13

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Page 15: Privacy & Cyber-Physical Security in European Cities · Title: Privacy & Cyber-Physical Security in European Cities Author

Privacy & Cyber-Physical Security in European Cities

14

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

9 http://www.washingtonpost.com/sf/business/2015/07/22/hacks-on-the-highway/

Page 16: Privacy & Cyber-Physical Security in European Cities · Title: Privacy & Cyber-Physical Security in European Cities Author

Privacy & Cyber-Physical Security in European Cities

15

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

10 Securing Smart Cities is a non-profit global initiative that aims to solve the existing and future cybersecurity problems of smart cities through collaboration between companies, governments and other actors. See securingsmartcities.org for more information. 11 https://www.enisa.europa.eu/activities/Resilience-and-CIIP/smart-infrastructures/intelligent-public-transport/smart-cities-architecture-model

Page 17: Privacy & Cyber-Physical Security in European Cities · Title: Privacy & Cyber-Physical Security in European Cities Author

Privacy & Cyber-Physical Security in European Cities

16

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

12 http://money.cnn.com/2015/07/17/technology/ucla-health-hack/ 13 http://www.wsj.com/articles/anthem-hacked-database-included-78-8-million-people-1424807364 14 http://www.ft.com/cms/s/2/f3cbda3e-a027-11e5-8613-08e211ea5317.html#axzz3vA6qRxP8

Page 18: Privacy & Cyber-Physical Security in European Cities · Title: Privacy & Cyber-Physical Security in European Cities Author

Privacy & Cyber-Physical Security in European Cities

17

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Page 19: Privacy & Cyber-Physical Security in European Cities · Title: Privacy & Cyber-Physical Security in European Cities Author

Privacy & Cyber-Physical Security in European Cities

18

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

15 http://www.bbc.com/news/technology-35297464 16 http://www.wired.com/2016/01/everything-we-know-about-ukraines-power-plant-hack/

Page 20: Privacy & Cyber-Physical Security in European Cities · Title: Privacy & Cyber-Physical Security in European Cities Author

Privacy & Cyber-Physical Security in European Cities

19

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

17 https://www.washingtonpost.com/blogs/checkpoint-washington/post/foreign-hackers-broke-into-illinois-water-plant-control-system-industry-expert-says/2011/11/18/gIQAgmTZYN_blog.html

Page 21: Privacy & Cyber-Physical Security in European Cities · Title: Privacy & Cyber-Physical Security in European Cities Author

Privacy & Cyber-Physical Security in European Cities

20

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

18 http://www.theregister.co.uk/2001/10/31/hacker_jailed_for_revenge_sewage/

Page 22: Privacy & Cyber-Physical Security in European Cities · Title: Privacy & Cyber-Physical Security in European Cities Author

Privacy & Cyber-Physical Security in European Cities

21

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Page 23: Privacy & Cyber-Physical Security in European Cities · Title: Privacy & Cyber-Physical Security in European Cities Author

Privacy & Cyber-Physical Security in European Cities

22

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Yes50%

Unsure17%

In the process of creating a strategy

25%

No8%

DOES YOUR CITY HAVE A STRATEGY FOR THE PRIVACY OF CITIZENS?

Yes67%

No33%

IS THE PRIVACY STRATEGY BEING IMPLEMENTED?

Page 24: Privacy & Cyber-Physical Security in European Cities · Title: Privacy & Cyber-Physical Security in European Cities Author

Privacy & Cyber-Physical Security in European Cities

23

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Yes41%

Unsure42%

No17%

IS THE STRATEGY ON HOW TO HANDLE PERSONAL AND SENSITIVE DATA

AVALIABLE PUBLICLY?

Yes45%

Unsure44%

No11%

IS YOUR CITY’S PRIVACY STRATEGY COMPLIANT WITH THE GDPR?

Page 25: Privacy & Cyber-Physical Security in European Cities · Title: Privacy & Cyber-Physical Security in European Cities Author

Privacy & Cyber-Physical Security in European Cities

24

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Yes67%

In the process of creating a strategy

25%

No8%

DOES YOUR CITY HAVE A STRATEGY FOR CYBER-PHYSICAL SECURITY?

Yes87%

No13%

IS THE CYBER-PHYSICAL SECURITY STRATEGY BEING IMPLEMENTED?

Page 26: Privacy & Cyber-Physical Security in European Cities · Title: Privacy & Cyber-Physical Security in European Cities Author

Privacy & Cyber-Physical Security in European Cities

25

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Yes75%

Unsure17%

No8%

DOES YOUR ORGANIZATION CONDUCT REGULAR REVIEWS OF KNOWN AND POTENTIAL CYBER-

PHYSICAL VULNERABILITIES IN YOUR DATA SYSTEMS?

Yes17%

No83%

DOES YOUR ORGANIZATION OUTSOURCE CYBER-SECURITY?

Page 27: Privacy & Cyber-Physical Security in European Cities · Title: Privacy & Cyber-Physical Security in European Cities Author

Privacy & Cyber-Physical Security in European Cities

26

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Yes67%

Unsure16%

No17%

DOES YOUR ORGANIZATION CONDUCT REGULAR SECURITY TRAINING FOR IT

USERS?

Yes75%

Unsure8%

No17%

DOES YOUR ORGANIZATION HAVE A RISK MITIGATION STRATEGY FOR CYBER-

SECURITY?

Yes50%

Unsure50%

IS YOUR CITY’S CYBER-PHYSICAL SECURITY STRATEGY COMPLIANT WITH THE GDPR?

Page 28: Privacy & Cyber-Physical Security in European Cities · Title: Privacy & Cyber-Physical Security in European Cities Author

Privacy & Cyber-Physical Security in European Cities

27

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Yes33%

Unsure50%

No17%

IS YOUR MUNICIPALITY COMPLIANT WITH THE GDPR?

Page 29: Privacy & Cyber-Physical Security in European Cities · Title: Privacy & Cyber-Physical Security in European Cities Author

Privacy & Cyber-Physical Security in European Cities

28

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Page 30: Privacy & Cyber-Physical Security in European Cities · Title: Privacy & Cyber-Physical Security in European Cities Author

Privacy & Cyber-Physical Security in European Cities

29

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Page 31: Privacy & Cyber-Physical Security in European Cities · Title: Privacy & Cyber-Physical Security in European Cities Author

Privacy & Cyber-Physical Security in European Cities

30

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Page 32: Privacy & Cyber-Physical Security in European Cities · Title: Privacy & Cyber-Physical Security in European Cities Author

Privacy & Cyber-Physical Security in European Cities

31

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Page 33: Privacy & Cyber-Physical Security in European Cities · Title: Privacy & Cyber-Physical Security in European Cities Author

Privacy & Cyber-Physical Security in European Cities

32

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

A C C

C

B B

B

Page 34: Privacy & Cyber-Physical Security in European Cities · Title: Privacy & Cyber-Physical Security in European Cities Author

Privacy & Cyber-Physical Security in European Cities

33

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

19 http://securingsmartcities.org/wp-content/uploads/2015/11/Guidlines_for_Safe_Smart_Cities.pdf

Page 35: Privacy & Cyber-Physical Security in European Cities · Title: Privacy & Cyber-Physical Security in European Cities Author

Privacy & Cyber-Physical Security in European Cities

34

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Page 36: Privacy & Cyber-Physical Security in European Cities · Title: Privacy & Cyber-Physical Security in European Cities Author

Privacy & Cyber-Physical Security in European Cities

35

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

20 http://eur-lex.europa.eu/ 21 http://ec.europa.eu/index_en.htm 22 http://surveyacademy.com/wp-content/uploads/2010/07/Increasing-Survey-Response-Rates.pdf

Page 37: Privacy & Cyber-Physical Security in European Cities · Title: Privacy & Cyber-Physical Security in European Cities Author

Privacy & Cyber-Physical Security in European Cities

36

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Please contact Smart City Catalyst on

www.scc-eu.dk

Valdemarsgade 73, ST.TV

DK-1665 Copenhagen V

Vat.no 34488258

[email protected]

Page 38: Privacy & Cyber-Physical Security in European Cities · Title: Privacy & Cyber-Physical Security in European Cities Author

Privacy & Cyber-Physical Security in European Cities

37

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

References

Allen & Overy (2015) The EU General Data Protection Regulation – Timetable. (Available at

http://www.allenovery.com/publications/en-gb/data-protection/Pages/Timetable.aspx)

BBC News (2016) Hackers caused power cut in western Ukraine – US. (Retrieved from http://www.bbc.com/news/technology-

35297464)

CNN Money (2015) UCLA Health hacked, 4.5 million victims. (Retrieved from http://money.cnn.com/2015/07/17/technology/ucla-

health-hack/)

European Commission (2009) COMMUNICATION… on Critical Information Infrastructure Protection (CIIP) –Protecting Europe from

large scale cyber-attacks and disruptions: enhancing preparedness, security and resilience.

European Commission (2010) Comparative Study on Different Approaches to new privacy challenges, in particular in the light of

Technological Developments.

European Commission (2011) COMMUNICATION…on Critical Information Infrastructure Protection – Achievements and next steps:

towards global cyber-security.

European Commission (2012) COMMUNICATION…on Tackling Crime in our Digital age: Establishing a European Cybercrime Centre

European Commission (2012) Regulation of the European Parliament and of the Council on the protection of individuals with regard

to the processing of personal data and on the movement of such data (General Data Protection Regulation).

European Commission (2013) Proposal for a Directive of European Parliament and of the Council concerning measures to ensure a

high common level of network and information security across the Union.

European Commission (2013) Commission Staff Working Document – Impact Assessment

European Union Agency for Network and Information Security (2015) Cyber security for Smart Cities - An architecture model for

public transport.

Financial Times – The Big Read (2015) Cyber security: Attack of the health hackers. (Retrieved from

http://www.ft.com/cms/s/2/f3cbda3e-a027-11e5-8613-08e211ea5317.html#axzz3vA6qRxP8).

FireEye (2015) Cyber Threats to The Nordic Region. (Retrieved from https://www.fireeye.com/content/dam/fireeye-

www/global/en/current-threats/pdfs/rpt-nordic-threat-landscape.pdf)

International Telecommunication Union (2014) ITU-T Focus Group on Smart Sustainable Cities - Smart water management in cities.

Focus Group Technical Report. FG-SSC.

Securing Smart Cities (2015) An Emerging US (and World) Threat: Cities Wide Open to Cyber Attacks. (Avaliable at

http://securingsmartcities.org/)

Securing Smart Cities (2015) Cyber Security Guidelines for Smart City Technology Adoption. (Avaliable at

http://securingsmartcities.org/)

The Register (2001) Hacker jailed for revenge sewage attacks. (Retrieved from

http://www.theregister.co.uk/2001/10/31/hacker_jailed_for_revenge_sewage/)

The Washington Post (2011) Foreign hackers targeted U.S. Water plant in apparent malicious cyber attack, expert says. (Retrieved

from https://www.washingtonpost.com/blogs/checkpoint-washington/post/foreign-hackers-broke-into-illinois-

water-plant-control-system-industry-expert-says/2011/11/18/gIQAgmTZYN_blog.html)

The Washington Post (2015) Hacks on the highway - Automakers rush to add wireless features, leaving our cars open to hackers.

(Retrieved from http://www.washingtonpost.com/sf/business/2015/07/22/hacks-on-the-highway/)

The Wall Street Journal (2015) Anthem: Hacked Database Included 78.8 Million People. (Retrieved from

http://www.wsj.com/articles/anthem-hacked-database-included-78-8-million-people-1424807364)

Wired (2016) Everything We Know About Ukraine’s Power Plant Hack. (Retrieved from

http://www.wired.com/2016/01/everything-we-know-about-ukraines-power-plant-hack/)