Download - Privacy & cyber-physical security in eu cities 2016

Transcript

2016

Privacy & Cyber-Physical Security in European Cities

1

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Privacy & Cyber-Physical Security in European Cities

2

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Privacy & Cyber-Physical Security in European Cities

3

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

........................................................................................................ 1

........................................................................................................ 4

........................................................... 5

....................................................................................... 10

......................................................................................... 13

................................................................................................... 14

.............................................................................................................. 16

.............................................................................................................. 17

............................................................................................................... 18

............................................................................................................... 20

.......................................................................................... 21

.................................................................................................. 21

........................................................................................ 23

............................................................ 26

............................................................................................ 28

................................................................ 30

....................................................... 30

........................................................ 31

.............................................................................................. 33

........................................................................................................... 35

References ............................................................................................................. 37

Privacy & Cyber-Physical Security in European Cities

4

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Privacy & Cyber-Physical Security in European Cities

5

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

1 European Commission (2010) Comparative Study on Different Approaches to new privacy challenges, in particular in the light of Technological Developments.

Privacy & Cyber-Physical Security in European Cities

6

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

2 European Commission (2012) Regulation of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the movement of such data (General Data Protection Regulation). 3 http://www.allenovery.com/publications/en-gb/data-protection/Pages/Timetable.aspx

4 Commission of the European Communities (2009) COMMUNICATION… on Critical Information Infrastructure Protection (CIIP) –Protecting Europe from large scale cyber-attacks and disruptions: enhancing preparedness, security and resilience.

Privacy & Cyber-Physical Security in European Cities

7

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Privacy & Cyber-Physical Security in European Cities

8

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

5 European Commission (2011) COMMUNICATION…on Critical Information Infrastructure Protection – Achievements and next steps: towards global cyber-security. 6 European Commission (2012) COMMUNICATION…on Tackling Crime in our Digital age: Establishing a European Cybercrime Centre 7 European Commission (2013) Proposal for a Directive of European Parliament and of the Council concerning measures to ensure a high common level of network and information security across the Union. 8 European Commission (2013) Commission Staff Working Document – Impact Assessment

Privacy & Cyber-Physical Security in European Cities

9

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Privacy & Cyber-Physical Security in European Cities

10

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Privacy & Cyber-Physical Security in European Cities

11

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Privacy & Cyber-Physical Security in European Cities

12

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Privacy & Cyber-Physical Security in European Cities

13

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Privacy & Cyber-Physical Security in European Cities

14

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

9 http://www.washingtonpost.com/sf/business/2015/07/22/hacks-on-the-highway/

Privacy & Cyber-Physical Security in European Cities

15

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

10 Securing Smart Cities is a non-profit global initiative that aims to solve the existing and future cybersecurity problems of smart cities through collaboration between companies, governments and other actors. See securingsmartcities.org for more information. 11 https://www.enisa.europa.eu/activities/Resilience-and-CIIP/smart-infrastructures/intelligent-public-transport/smart-cities-architecture-model

Privacy & Cyber-Physical Security in European Cities

16

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

12 http://money.cnn.com/2015/07/17/technology/ucla-health-hack/ 13 http://www.wsj.com/articles/anthem-hacked-database-included-78-8-million-people-1424807364 14 http://www.ft.com/cms/s/2/f3cbda3e-a027-11e5-8613-08e211ea5317.html#axzz3vA6qRxP8

Privacy & Cyber-Physical Security in European Cities

17

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Privacy & Cyber-Physical Security in European Cities

18

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

15 http://www.bbc.com/news/technology-35297464 16 http://www.wired.com/2016/01/everything-we-know-about-ukraines-power-plant-hack/

Privacy & Cyber-Physical Security in European Cities

19

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

17 https://www.washingtonpost.com/blogs/checkpoint-washington/post/foreign-hackers-broke-into-illinois-water-plant-control-system-industry-expert-says/2011/11/18/gIQAgmTZYN_blog.html

Privacy & Cyber-Physical Security in European Cities

20

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

18 http://www.theregister.co.uk/2001/10/31/hacker_jailed_for_revenge_sewage/

Privacy & Cyber-Physical Security in European Cities

21

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Privacy & Cyber-Physical Security in European Cities

22

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Yes50%

Unsure17%

In the process of creating a strategy

25%

No8%

DOES YOUR CITY HAVE A STRATEGY FOR THE PRIVACY OF CITIZENS?

Yes67%

No33%

IS THE PRIVACY STRATEGY BEING IMPLEMENTED?

Privacy & Cyber-Physical Security in European Cities

23

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Yes41%

Unsure42%

No17%

IS THE STRATEGY ON HOW TO HANDLE PERSONAL AND SENSITIVE DATA

AVALIABLE PUBLICLY?

Yes45%

Unsure44%

No11%

IS YOUR CITY’S PRIVACY STRATEGY COMPLIANT WITH THE GDPR?

Privacy & Cyber-Physical Security in European Cities

24

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Yes67%

In the process of creating a strategy

25%

No8%

DOES YOUR CITY HAVE A STRATEGY FOR CYBER-PHYSICAL SECURITY?

Yes87%

No13%

IS THE CYBER-PHYSICAL SECURITY STRATEGY BEING IMPLEMENTED?

Privacy & Cyber-Physical Security in European Cities

25

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Yes75%

Unsure17%

No8%

DOES YOUR ORGANIZATION CONDUCT REGULAR REVIEWS OF KNOWN AND POTENTIAL CYBER-

PHYSICAL VULNERABILITIES IN YOUR DATA SYSTEMS?

Yes17%

No83%

DOES YOUR ORGANIZATION OUTSOURCE CYBER-SECURITY?

Privacy & Cyber-Physical Security in European Cities

26

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Yes67%

Unsure16%

No17%

DOES YOUR ORGANIZATION CONDUCT REGULAR SECURITY TRAINING FOR IT

USERS?

Yes75%

Unsure8%

No17%

DOES YOUR ORGANIZATION HAVE A RISK MITIGATION STRATEGY FOR CYBER-

SECURITY?

Yes50%

Unsure50%

IS YOUR CITY’S CYBER-PHYSICAL SECURITY STRATEGY COMPLIANT WITH THE GDPR?

Privacy & Cyber-Physical Security in European Cities

27

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Yes33%

Unsure50%

No17%

IS YOUR MUNICIPALITY COMPLIANT WITH THE GDPR?

Privacy & Cyber-Physical Security in European Cities

28

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Privacy & Cyber-Physical Security in European Cities

29

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Privacy & Cyber-Physical Security in European Cities

30

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Privacy & Cyber-Physical Security in European Cities

31

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Privacy & Cyber-Physical Security in European Cities

32

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

A C C

C

B B

B

Privacy & Cyber-Physical Security in European Cities

33

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

19 http://securingsmartcities.org/wp-content/uploads/2015/11/Guidlines_for_Safe_Smart_Cities.pdf

Privacy & Cyber-Physical Security in European Cities

34

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Privacy & Cyber-Physical Security in European Cities

35

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

20 http://eur-lex.europa.eu/ 21 http://ec.europa.eu/index_en.htm 22 http://surveyacademy.com/wp-content/uploads/2010/07/Increasing-Survey-Response-Rates.pdf

Privacy & Cyber-Physical Security in European Cities

36

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

Please contact Smart City Catalyst on

www.scc-eu.dk

Valdemarsgade 73, ST.TV

DK-1665 Copenhagen V

Vat.no 34488258

[email protected]

Privacy & Cyber-Physical Security in European Cities

37

Copyright©2016 Smart City Catalyst

all rights reserved

[email protected]

References

Allen & Overy (2015) The EU General Data Protection Regulation – Timetable. (Available at

http://www.allenovery.com/publications/en-gb/data-protection/Pages/Timetable.aspx)

BBC News (2016) Hackers caused power cut in western Ukraine – US. (Retrieved from http://www.bbc.com/news/technology-

35297464)

CNN Money (2015) UCLA Health hacked, 4.5 million victims. (Retrieved from http://money.cnn.com/2015/07/17/technology/ucla-

health-hack/)

European Commission (2009) COMMUNICATION… on Critical Information Infrastructure Protection (CIIP) –Protecting Europe from

large scale cyber-attacks and disruptions: enhancing preparedness, security and resilience.

European Commission (2010) Comparative Study on Different Approaches to new privacy challenges, in particular in the light of

Technological Developments.

European Commission (2011) COMMUNICATION…on Critical Information Infrastructure Protection – Achievements and next steps:

towards global cyber-security.

European Commission (2012) COMMUNICATION…on Tackling Crime in our Digital age: Establishing a European Cybercrime Centre

European Commission (2012) Regulation of the European Parliament and of the Council on the protection of individuals with regard

to the processing of personal data and on the movement of such data (General Data Protection Regulation).

European Commission (2013) Proposal for a Directive of European Parliament and of the Council concerning measures to ensure a

high common level of network and information security across the Union.

European Commission (2013) Commission Staff Working Document – Impact Assessment

European Union Agency for Network and Information Security (2015) Cyber security for Smart Cities - An architecture model for

public transport.

Financial Times – The Big Read (2015) Cyber security: Attack of the health hackers. (Retrieved from

http://www.ft.com/cms/s/2/f3cbda3e-a027-11e5-8613-08e211ea5317.html#axzz3vA6qRxP8).

FireEye (2015) Cyber Threats to The Nordic Region. (Retrieved from https://www.fireeye.com/content/dam/fireeye-

www/global/en/current-threats/pdfs/rpt-nordic-threat-landscape.pdf)

International Telecommunication Union (2014) ITU-T Focus Group on Smart Sustainable Cities - Smart water management in cities.

Focus Group Technical Report. FG-SSC.

Securing Smart Cities (2015) An Emerging US (and World) Threat: Cities Wide Open to Cyber Attacks. (Avaliable at

http://securingsmartcities.org/)

Securing Smart Cities (2015) Cyber Security Guidelines for Smart City Technology Adoption. (Avaliable at

http://securingsmartcities.org/)

The Register (2001) Hacker jailed for revenge sewage attacks. (Retrieved from

http://www.theregister.co.uk/2001/10/31/hacker_jailed_for_revenge_sewage/)

The Washington Post (2011) Foreign hackers targeted U.S. Water plant in apparent malicious cyber attack, expert says. (Retrieved

from https://www.washingtonpost.com/blogs/checkpoint-washington/post/foreign-hackers-broke-into-illinois-

water-plant-control-system-industry-expert-says/2011/11/18/gIQAgmTZYN_blog.html)

The Washington Post (2015) Hacks on the highway - Automakers rush to add wireless features, leaving our cars open to hackers.

(Retrieved from http://www.washingtonpost.com/sf/business/2015/07/22/hacks-on-the-highway/)

The Wall Street Journal (2015) Anthem: Hacked Database Included 78.8 Million People. (Retrieved from

http://www.wsj.com/articles/anthem-hacked-database-included-78-8-million-people-1424807364)

Wired (2016) Everything We Know About Ukraine’s Power Plant Hack. (Retrieved from

http://www.wired.com/2016/01/everything-we-know-about-ukraines-power-plant-hack/)