Kategori information security

Security & Crisis Management – Internetdagarna

This year’s Internetdagarna will have a larger focus on crisis management and security, guided in part by Anne-Marie Eklund Löwinder (a member of the IRI board).

Read more about the schedule for 26 Nov, and read an interview (in Swedish) with Anne-Marie here.

ECCWS (aka ECIW) 2014 Call for Papers

Call for: Papers, Case Studies, Work in Progress/Posters, PhD Research, Round Table Proposals, non-academic Contributions and Product Demonstrations

“The 13th European Conference on Cyber Warfare and Security (ECCWS*) is an opportunity for academics, practitioners and consultants from Europe and elsewhere who are involved in the study, management, development and implementation of systems and concepts to combat cyber warfare or to improve information systems security to come together and exchange ideas.”

Abstract deadline: 12 December 2013.

Read more here.

 

*formerly the European Conference on Information Warfare and Security (ECIW)

Method for accessing materials from a disabled iPhone 5

The results that yours truly presented during the IRI meeting on April 15 of this year (see the IRI-minutes, item 3) were published yesterday by Computer Sweden. Hacking the operating system of a cellphone is perhaps not a task primarily associated with legal research. The result should rather be considered a (positive) side effect of a thorough research approach, focused on electronic evidence. There are, however, in my view, interesting connections to my own research topic. Some fundamentally important questions are brought to the fore, including what attitude to take in relation to expert knowledge, competence and competence distribution in this – possibly somewhat obscure – borderland between law and IT.

The article can be found here; a follow-up will appear shortly.

Addressing Cyber Instability

The Cyber Conflict Studies Association (CCSA) released its full “Addressing Cyber Instability” monograph earlier this month. It is available for download at the CCSA website and will be coming out in paperback, hardback, and ePub in the future.

In addition to legal issues, the monograph covers various concerns in cyberspace such as strategy, military doctrine and organization, non-state actors, and critical infrastructure protection.

A collabortive effort from two years of research and dialogue, the monograph was authored by Matt Devost, Maeve Dion, Jason Healey, Bob Gourley, Sam Liles, James Mulvenon, Hannah Pitts, and Greg Rattray, and was edited by James Mulvenon and Greg Rattray.

12th European Conference on Information Warfare and Security (ECIW-2013)

Recently announced was a First Call for papers for the 12th European Conference on Information Warfare and Security (ECIW-2013) which is being hosted by the University of Jyväskylä , Jyväskylä, Finland on 11-12 July 2013

This call will close on 20th December 2012.

The 12th European Conference on Information Warfare and Security (ECIW) is an opportunity for academics, practitioners and consultants from Europe and elsewhere who are involved in the study, management, development and implementation of systems and concepts to combat information warfare or to improve information systems security to come together and exchange ideas. There are several strong strands of research and interest that are developing in the area including the understanding of threats and risks to information systems, the development of a strong security culture, as well as incident detection and post incident investigation. This conference is continuing to establish itself as a key event for individuals working in the field from around the world.

For more information please go to http://academic-conferences.org/eciw/eciw2013/eciw13-call-papers.htm

Academic research, case studies and work-in-progress/posters are welcomed approaches. PhD Research, proposals for roundtable discussions, non-academic contributions and product demonstrations based on the main themes are also invited. Please feel free to circulate this message to any colleagues or contacts you think may be interested.

Selected papers presented at the Conference will be considered for publication in a special issue of both the Journal of Information Warfare: http://www.jinfowar.com and the International Journal of Cyber Warfare and Terrorism (IJCWT) published by Information Resources Management Association, USA.( DOI: 10.4018/IJCWT, ISSN: 1947-3435, EISSN: 1947-3443). Additionally, selected papers from the conference will be considered for publication in the International Journal of Electronic Security and Digital Forensics published by Inderscience UK (ISSN:1751-1911X)

Tanzania establishes Computer Emergency Response Team

Tanzania has joined global initiative to fight cyber crimes and strengthen cyber security by establishing the Computer Emergency Response Team (CERT).
The Tanzania CERT is established under section 124 of Electronic and Postal Communications Act (EPOCA), Act No.3 of 2010. Details of the Tanzania CERT composition and functions are provided for under the EPOCA CERT Regulations 2011, Government Notice No.419 of 2011.

For more information see:  http://www.tcra.go.tz/regulation/cert.pdf or http://www.tcra.go.tz/policy/epoca.pdf

Cyber Security in 2012

Last month saw a variety of discussions regarding what cyber security issues may continue, or be introduced, in the new year. Experts highlighted increasing threats conducted via mobile computing and social media, as well as continued cyber espionage. There was a warning that expliotation may shift to damage or disruption. Discussions also continued past years’ debates regarding a possible increase of national legislation requiring incident reporting. Some forecasts of 2012 included recommendations to invest in cyber security companies, which likely will see a long future of growth opportunity!

Here’s a short list of various predictions. Add yours, or link to others, in the comments.

 

Internet Governance 2012-2015 – Draft Council of Europe Strategy

A few weeks ago the Council of Europe held another in a series of conferences* related to its draft strategy on internet governance. While the strategy is obviously rooted in the COE’s human rights authorities, it may interest some blawblaw readers to note the impacts this strategy may have on state responsibilities for security – basically creating a duty of care for states to ensure the security and availability of the internet as a requirement for guaranteeing and enabling human rights (e.g., freedom of expression, assembly, rights to access information, etc.). According to a follow-up email from the conference organizers, the COE member states will discuss this draft strategy early in the new year, “with a view to its adoption soon thereafter.”

* A number of Swedish representatives from government, private sector, and academia participated in the recent conference (view the program and watch the webcast).

Government cyber security experts

A recent article has reported that the U.S. Secret Service is investigating several hacks into Nasdaq in 2010. Some folks may wonder why the Secret Service has the lead, and not the FBI. Well, the Secret Service does not just protect the President, visiting heads of state, and other important people. It has a second mission, that of protecting the U.S. financial infrastructure and payment systems. In fact, the original purpose for creating the Secret Service was to fight financial fraud (specifically, counterfeiting). Hence the Secret Service’s establishment within the Treasury Department of the U.S. government (rather than, say, the Department of Justice or Homeland Security). Note that the Cyber Storm III exercise last year was controlled from the Secret Service headquarters.

Living in D.C. from 2003-2010, I lent many a sympathetic ear to colleagues at DHS who were frustrated that DHS had not recruited and maintained a computer security staff nearly the size of the stable of cyber experts at the Secret Service. Perhaps some of these concerns helped prompt the new-DHS secretary to announce in 2009 a new 3-year initiative to hire 1,000 new cyber security experts. Does anyone have news on how that initiative is going? According to this article, the DHS Cybersecurity & Communications office trebled its staff in 2009 and was hoping to double it further in 2010. But it appears that a 2009-2010 DHS virtual cybersecurity job fair resulted in only 190 tentative offers (no info on the number of acceptances).

Other countries obviously may face similar problems in recruiting and sustaining a government cyber security force (especially when the private sector positions have higher salaries and generally have to deal with less day-to-day red tape). At the recent visit of Estonian delegates to Sweden, during a cyber security seminar at the Swedish National Defence College, there was brief mention of Estonia’s use of a sort of “cyber national guard” in addition to the standing government agencies (here’s a story with more detail). Not sure how that would work in a country the size of the U.S. … but for any Law & IT masters students out there, the “cyber national guard” concept, and related issues of “volunteer cyber forces,” may make for interesting thesis material!

Seminar at FHS on 11 February

Law and Cooperation for Disaster Management and International Cyber Security

11 February, from 09:00 - 11:00

Description of research under discussion (PDF) available here.

If you are interested in attending, please email Mariana Osihn in advance with your name and organization. mariana.osihn@fhs.se

You will need to take your ID.
FHS is located at Drottning Kristinas väg 37.

Looking forward to a good discussion!

Copyright © blawblaw
Nyheter om, från och kring institutet för rättsinformatik

Byggt på Notes Blog Core
Powered by WordPress