All Posts By

tcab

The sixth edition of the ENISA NCSS seminar will take place on September 18th

By | NCSS | No Comments

On September 18th, 2018, the sixth edition of the seminar “ENISA NCSS” on national cybersecurity strategies in Helsinki (Finland) will take place.

The event, which has been jointly organized by the Finnish Telecommunications Regulatory Authority (FICORA) and ENISA, will have as its central theme the development, implementation and evaluation of national cybersecurity strategies (NCSS, in its acronym in English). The creation of National, European and Sectorial Information Sharing and Analysis Centres (ISACs) will also be addressed. In addition, there will be various discussion forums  in which representatives of the public and private sectors will be able to present their ideas on national cybersecurity strategies and will share best practices for the creation of ISACs.

Audience at ENISA NCSS

The audience that will attend this seminar are, mainly, those actors involved in the development and implementation of national cybersecurity strategies and the people involved in the creation of ISACs such as sector regulators and national supervisory authorities; legislators and national authorities; private sector and universities.

Activities at ENISA NCSS

Early in the morning, the opening ceremony will be held by the General Secretary of the Finnish Security Committee, Vesa Valtonen. Next, Pentti Olin, member of the Committee of Security, will expose  the national strategy of security implemented by Finland to the assistants.

Later on, the first working session will take place, with a focus on the dissemination of the updates in the national strategies included in the NIS technical standard. Several countries, including Luxembourg, will join this session, which will be closed with a panel discussion.

In the second session, celebrated in the afternoon, the different National, European and Sectorial Information Sharing and Analysis Centres (ISACs) will be analyzed. As in the previous session, a discussion panel will take place at the end of the presentations.

If you wish to take a look at the agenda, please click here.

Practical information on ENISA NCSS

Date: September 18th, 2018

Venue: Dynamicum, Erik Palménin aukio1, Helsinki (Finland).

If you want more information about the event, click here.

 

ENISA NCSS Workshop

ETSI publishes remote server signing standards draft versions

By | ETSI, European Telecommunications Standards Institute | No Comments

ETSILast July 2nd, 2018, the European Telecommunications Standards Institute (ETSI) published a new draft version of the following digital signature creation standards, which mainly focuses on develop the new technical environment of remote server signing compliant with eIDAS: ETSI TS 119 431-1, TS 119 431-2 and ETSI 119 432.

ETSI TS 119 431-1:Electronic Signatures and Infrastructures (ESI);Policy and security requirements for trust service providers; Part 1:TSP service components operating a remote QSCD /SCDev

This standard focuses on digital signature creation devices and aims to create a digital signature value on behalf of a remote signer.

Moreover, it specifies the policy and security requirements generally applicable to trust service providers (TSPs) which implement a service component that operates a signature or seal creation device (as defined in Regulation (EU) No 910 / 2014), called remote QSCD / SCDev.

This component contains a server signature application, which is the server signature application service (SSASC) component. In addition to being the signature application of the server, it contains the service elements and the signature creation device (SCDev).

The requirements of this standard are aligned with the requirements specified in CEN EN 419 241-1.

ETSI TS 119 431-2:Electronic Signatures and Infrastructures (ESI);Policy and security requirements for trust service providers;Part 2: TSP service components supporting AdES digital signature creation

ETSI TS 119 431-2 provides the policy and security requirements for the trust service provider (TSPs) that implements a service component that supports the creation of AdES digital signatures. This component contains a signature creation application and, in summary, is called the signature creation application service component (SCASC). However, it is more than just the SCA, since it contains the elements of service thanks to which a part of the main part of the application can be implemented as defined in EN 319 102-1 [1] and TS 119 101.

This standard is based on the general policy requirements specified in ETSI EN 319 401 [9] and take into account the related requirements of ETSI TS 119 101.

ETSI TS 119 432:Electronic Signatures and Infrastructures (ESI);Protocols for remote digital signature creation

This standard specifies the applicable protocols and interfaces when carried out, by a distributed solution composed of two or more systems / services / components, the process of creation of AdES digital signatures (as defined by ETSI EN 319 102-1 and / or digital signature values), as a result of the Data Representation Signatures to be signed. This standard is limited to the remote server signature.

If you wish, you can consult the original version of the documents and send your opinions through the contact form by clicking here.

For more information about ETSI, click here.

24-28/09: Date with NIS Summer School in Greece

By | Ciberseguridad, Cybersecurity | No Comments

The fifth edition of NIS Summer School on Network and Information Security (NIS’18) will take place from 24th to 28th September in Heraklion (Greece).

NIS Summer School is organized by the European Union Agency for Network and Information Security (ENISA) and the Foundation for Research and Technology (Hellas). The meeting will reunite for four days different players in the sector such as the Public Administration , private sector companies and non-profit organizations.

This edition’s focus is “The Changing Risk Landscape”. The IT sector lives in constant evolution, which poses significant challenges. Due to this, the actors involved must accelerate their reaction time and encourage the exchange of collaboration and information to achieve adequate and effective responses to the challenges that may arise.

With this Summer School, ENISA seeks to promote a culture of cybersecurity in the EU. The aim is to  improve the capacity of Member States when responding to cyber-attacks. ENISA follows a risk mitigation strategy by raising awareness and publishing studies and reports on current NIS issues.

Disseminating works on Cybersecurity Threat Intelligence

Non-profit organizations working in Cyber Threat Intelligence will have the opportunity to present their work during the event, which may be related to Horizon 2020 projects, national academic research, development projects and open source communities.

Presentations at NIS Summer School

During NIS Summer School there will be a large number of speakers who come from both the public and private sectors and the university environment. Specifically, the following stand out:

  • Nektarios Tavernarakis (FORTH President)
  • Udo Helmbrecht (ENISA Executive Director)
  • Damien Cauquil (Head of Research & Development Digital Security – Econocom)
  • Piotr Kijewski (Strategic Programmes Manager The Shadowserver Foundation)
  • Prof. Dr. Ir. Bart Preneel (Full Professor Katholieke Universiteit Leuven)

 Data of the event

Date: 24th-28th September, 2018
Place: Galaxy Hotel Iraklio – Leof. Dimokratias 75, Iraklio 713 06, Grecia
URL: https://nis-summer-school.enisa.europa.eu/

To see  NIS Summer School 2018 program, click here.

NIS Summer School 2018

The EU invests in the future of Digital Transformation 2017-2021

By | Digital Transformation, Transformación Digital | No Comments

The European Commission published last May the multi-year budget of the European Union, called Multi-Annual Financial Framework which, among other items, supports the digital transformation in the European Union during the period 2017-2021.

Within this budget there is a program called “Digital Europe”, which is part of the Digital Single Market strategy, and  is endowed with 9.2 billion euros. The purpose of the program is to promote the digital transformation of the EU by increasing investments, maximizing momentum in areas of public interest and reinforcing several cooperation projects with Member States.

Action lines of the EU Digital program

The program is based on five lines of action that will drive digital transformation:

  • Supercomputers: A total of 2,7 billion euros will be allocated to boost the processing capabilities of high-level computing in the EU. In addition, the use of supercomputers in areas of public interest such as health,  environment, and safety will be encouraged. Finally, these capabilities will be made available to small and medium-sized enterprises (SMEs) in the EU.

 

  • Artificial Intelligence: The objectives in this area consist in promoting and reinforcing the use of artificial intelligence in both business and Public Administrations; facilitate secure access and storage of large data sets and algorithms; and strengthening and supporting testing and experimentation facilities in the Member States. In total, they will allocate 2,500 million euros to this item.

 

  • Cybersecurity and trust: Although digital technologies have opened a world of possibilities to  EU citizens, they also carry a risk. Among others, cyber attacks, fraud and data theft stand out. So far, the EU has responded by adopting the first legislation at European level on cybersecurity, the NIS regulation.

A total of 2,0 billion euros will be allocated to:

Promote the provision of advanced cybersecurity equipment.

– Disseminate, at European level, knowledge, skills and abilities related to cybersecurity.

– Ensure the deployment of the latest cybersecurity solutions in the economy.

– Strengthen capacities to ensure a common level of network and information system security in the EU.
  • Advanced digital skills: The EU wants to invest in training digital skills for the EU citizens. The “Digital Europe” program will offer students and IT experts numerous training opportunities in advanced digital technologies. In total, 700 million euros will be allocated to the training of qualified personnel.
  • Broad use of digital technologies in the economy and society: The EU seeks to boost the digitization of Public Administrations and their services, as well as to ensure the interoperability at European level and facilitate access to technology and know-how to all the companies. This section will have a total of 1,3 billion euros.

For further information, please click here.

 

Digital Transformation

ETSI Security Week 2018

By | Ciberseguridad | No Comments

ETSI Security Week 2018ETSI Security Week 2018 took place last June 11th to 15th at the ETSI headquarters, located in Sophia Antipolis (southern France).

This free event addressed the main challenges in the cybersecurity sector in an increasingly digital world. The meeting focused on the  current issues in the sector such as: cybersecurity policies, legislative actions, cyber attacks and the latest technologies in this field. In addition, the fundamental challenges in the world of cybersecurity and the technical and standardization actions undertaken to overcome them were discussed.

 

Presentations at ETSI Security Week 2018

There were presentations on the following topics:

  • Latest Cybersecurity drivers, considering the latest policies and legal actions, as well as the latest cyber attacks.
  • Security / privacy / security of IoT.
  • 5G security / privacy.
  • Distributed record technologies.
  • Remote signature creation services eIDAS.
  • Middlebox and Hackathon Security.

The calendar of presentations during the month of June was the following:

  • 11th:  Latest drivers for Cybersecurity.
  • 12th and 13th: Future-Proof IoT Security and Privacy.
  • 12th: Hot topics in Middlebox security.
  • 12th and 13th: Middlebox Hackaton.
  • 13th: Remote Signature Creation Services by TSP: Protocols and Audit Requirements.
  • 13th and 14th: What does 5G Security offer?
  • 14th and 15th: Security and Trust in ICT: the Value of Distributed Ledger Technology.

If you wish to see some of the presentations that were made during Security Week 2018, please click here.

About this edition

For their part, the speakers came from different fields: national security agencies, IT leaders, cybersecurity experts, global standards organizations, developers, researchers, universities and policy makers. In total, more than 300 visitors from all over Europe participated.

The talk that attracted the most attention from the public was ” 5G Security/privacy”, in which the future of the integrated UICC was described. On the other hand, the hackathon offered a concrete example of the specifications of the ETSI TC CYBER middlebox security protocol and its implementations.

If you wish to know more about the event, please click here .

More information available on  Twitter.

Guiding event on eInvoice on May 29th in Brussels

By | eInvoice | No Comments

Next Tuesday, May 29th, there will be an event on electronic invoicing (eInvoice) from Companies to Governments (B2G) and on electronic billing services available for both public and private entities that will allow them to comply with Directive 2014/55 / EU.

This orientation day, organized by the European Commission, is held due to the legal limit for public entities of the Member States to implement the European Regulation on Electronic Billing, which will entry into force will  on April 18th, 2019, and which is extendable in one year for certain actors.

The purpose of the event is to demonstrate how electronic invoicing can contribute to the formation of the Digital Single Market, help generate cross-border services and provide other benefits for citizens, businesses and Public Administrations throughout the European Union.

In addition, it will help attendees to improve their understanding of the actions they must take before the end of the deadline and share the following steps for the implementation of eInvoicing in the EU.

Participation is open to all interested in eInvoicing, especially political actors, public entities and technical staff that develop eInvoicing solutions in the EU.

Topics to be discussed at CEF eInvoicing Event

Participants will learn about the latest developments around the implementation of Directive 2014/55 / ​​EU and will carry out case studies on the implementation of electronic invoicing. This event will also address the broader policy context that links eInvoicing with the Connecting Europe Facility (CEF).

Among others, the following speakers will participate:

  • Christian Rasmussen: Senior Business Development Manager at e-Boks A/S.
  • Alis Irena Riviere-Osipov: Director of eInvoicing and IT recruitment policies at the European Commission.
  • Peter Potzgieser: Senior Consultant in Business Innovation and Standardization.
  • Andrea Caccia: Senior consultant on process digitization and member of the European Multi-Stakeholder Forum.
  • Caroline Corneau: Project Manager at European Commission Directorate General for Informatics (DIGIT).
  • Agniezska Bajno: Project Manager at European Commission’s Innovation and Networks Executive Agency (INEA).
To see the CEF eInvoicing Event agenda, please click here.

Practical information on eInvoicing Event

Name of the event: CEF eInvoicing Event.

Hours: 09:00 – 17:30 horas (CET).

Location: Room VML2, Rue Van Maerlant 2, Bruselas (Bélgica).

If you wish to participate in the event, click on this registration form.

Event on cybersecurity held by ENISA last April 24th

By | Ciberseguridad, Cyber-security, Cybersecurity | No Comments

On April 24th, a new edition of the event on cybersecurity organized by the European Network and Information Security Agency, ENISA, took place in Brussels (Belgium).

The conference was aimed at small and medium enterprises (SMEs), professional associations and public bodies related to the Internet of Things (IoT) and certification activities.

The objective of the event was, on the one hand, to increase awareness and deepen knowledge of the IoT and Industry 4.0 and its effect on the European cybersecurity market. On the other hand, it sought to increase collaboration among the members of ENISA by identifying common interests.

In addition, the ENISA Industry Event provided participants with an overview of the EU Certification Framework and its relationship with the European cybersecurity industry.

About “ENISA Industry Event”

The event, organized since 2015, serves to share knowledge about the cybersecurity sector. The fundamental objective of this activity is none other than to build a community in the cybersecurity sector in both the public and private sectors of the EU.

If you want more information about the event, please click here.

To consult the agenda of the day, please click here.

Impressions on Mundo Hacker Day 2018

By | Ciberseguridad, Cyber-security | No Comments

Mundo Hacker Day 2018Mundo Hacker Day 2018, the reference event on cyber-security in Spain, brought together professionals and experts in the field of cyber-security on April 25 in Madrid.

In this fifth edition, attended by more than 2,000 people, different experts from both Spain and Latin America exposed various relevant issues that affect the world of cyber-security at this time.

Among others, the following talks stood out:

  • The Upside Down World (Stranger Things). Antonio Ramos, Professor, presenter, writer and expert in Hacking and Computer Security.

Antonio Ramos exposed the advantages and disadvantages of the digitalization of society. In his opinion, automation is a positive step for modern societies but, if people are eliminated, digitization would be incomplete.

  • Round Table:

Kasperski: Dani Creus, Senior Security Researcher, Global Research & Analyst Team (GReAT), Kaspersky Lab / ESET: Josep Albors, ESET Spain Responsible for Research and Awareness / Panda Security: Conrado Crespo, Global Presales Consultant Panda Security / Viewnext: Antonio Navas Casado, Director of IS / HP Services: Melchor Sanz, CTO and HP / Sophos Presales Manager: Alberto Ruiz Rodas, Presales Engineer for Spain and Portugal at Sophos / Modera: Daniel de Blas.

  • Ay, ay, ay …. giving the bad guys where it hurts the most! David Conde, SOC / CERT Manager at S21sec

The speaker explained the field experience of the incident response service of S21sec in the fight against some of the most sophisticated organized groups operating in the international arena.

  • Round Table Hack Woman

Silvia Barrera – [IN] IT Security, Researcher, Cybercrime Specialist and Writer / Tamara Hueso – Senior Cybersecurity Analyst (IT-ERS) at Deloitte / Rosa Díaz – General Director Iberia Panda Security / María José Talavera – General Director IBERIA VMware / Albora Trimiño Díez – Cybersecurity Operator, IT Risk Fraud and Security / Miriam Martínez Muñoz – Member of HoneySec, Professor and Researcher at the University of Alcalá / Pilar Vila – Computer forensic expert / María José Montes – Head of cybersecurity of ESET Spain / Moderator: Desireé Rodriguez.

  • Digital Molotov. Gabriel Lazo Canazas.

This expert in cyber-security talked about the dangers of cyber-crime and the Deep Web.

  • Trape: The phising evolution. Jose Pino. Leader of the “TRAPE” development team.

Colombian researcher José Pino presented a TRAPE tool, developed by him, that allows people to track and execute intelligent social engineering attacks in real time.

  • When the threat is inside: detection and early response to attacks with Aruba Introspect. Artur Gradoli, Aruba Solutions Architect, Hewlett Packard Enterprise.

The conference was directed towards large companies. Artur Gradoli explained the importance of monitoring the internal network in the detection of exceptional events.

  • Advanced Digital Threats: Perspective from the trenches. Dani Creus, Senior Security Researcher, Global Research & Analyst Team (GReAT), Kaspersky Lab.

The researcher spoke about the origin of threats in large organizations: 90% are routine threats, 9.9% are directed attacks and only 0.1% are carried out with digital weapons (such as Stuxnet, among others).

  • Recon Tactics . Simón Roses Femerling, CEO of VULNEX.

This expert exposed the methods to train the “blue teams” in companies to deal with external attacks.

  • Ensure Cyber Risk: Ciber Policies , from large multinationals to SMEs, what do they protect? Manuel Huerta, CEO of Lazarus, Expert in Forensic Computing and Professor of Electronic Probatory and Digital Research.

The cyber-risk policies represent a great business opportunity at present, due to the increasing threats to the protection of the data. Faced with an exfiltration of data, companies must face fines of 2% of turnover or 10 million euros if they are SMEs, or 4% of turnover or 40 million euros if they are medium or large companies.

  •  Security operations guided by Intelligence: what is the pyramid of pain? Jorge Hurtado, VP Managed Services & Advanced Cybersecurity Services at S21sec.

Jorge Hurtado spoke about the possibilities that exist to anticipate, detect and react to threats effectively. For this expert, security operations must go hand in hand with the intelligence strategies of the companies’ cyber-defense.

  •      Secret communications and “Stay-Behind” networks: the “Harpoon” project. David Marugán.

This cyber-security consultant gave a brief historical introduction about the Stay-Behind clandestine networks. In addition, he explained the operation at the technical level and of COMSEC (Security of Communications) of the secret espionage networks. He used as an example the FS-5000 transponder equipment “HARPOON”, used since the end of the Cold War for encrypted communications.

If you wish to visualize the agenda of the event, click here.

The European Commission presents a plan to enhance Artificial Intelligence

By | Artificial Intelligence | No Comments

Artificial Intelligence

Yesterday, April 25th 2018, the European Commission presented a series of measures to enhance the use of Artificial Intelligence in the European Union with the aim of improving European competitiveness in this field.

The plan aims at increasing public and private investment in Artificial Intelligence (AI), preparing for the socioeconomic changes that this technology will cause and providing an adequate ethical and legal framework.

Promoting financial support and encouraging the adoption of AI by the public and private sectors

The EU should increase investment in research and innovation in Artificial Intelligence by at least 20 billion euros by the end of 2020.

In order to achieve this, the European Commission plans to increase the budget destined to AI by 15,000 million euros during the period 2018-2020 under the Horizon 2020  program.

These funds will be destined to the development of key sectors such as transportation or health and will serve to promote Artificial Intelligence research centers in Europe.

In addition, extra funding will be provided for Artificial Intelligence through the European Fund for Strategic Investments, which plans to invest more than 500 million euros by 2020.

European Plan on Artificial Intelligence

On April 10th 2018, 24 Member States and the European Union signed a Declaration of Cooperation for the implementation of a Strategic Plan in the field of Artificial Intelligence. This plan should be ready by the end of 2018.

Its objective is to maximize the impact of investment at national and EU level, to foster cooperation in the EU, to exchange best practices and to define the way forward together, in order to ensure the EU’s global competitiveness in this sector.

What is Artificial Intelligence?

Artificial intelligence is a branch of computing that aims to create intelligent machines that work and react like humans.The research associated with artificial intelligence is highly technical and specialized. The core problems of artificial intelligence include computer programming for certain features such as:

– Knowledge
– Reasoning
– Problem resolution
– Perception
– Learning
– Planning
– Ability to manipulate and move objects

If you want more information about the news, click here.

 

High Performance Computing, the future of the EU

By | High Performance Computing | No Comments

On April 19th, the conference “Shaping Europe’s Digital Future: HPC for Extreme Scale Scientific and Industrial Applications” took place in Sofia (Bulgaria).

“Shaping Europe’s Digital Future”, formally opened by Mariya Gabriel – European Commissioner of Digital Economy and Society -, discussed the role of High Performance Computing (HPC) in the transformation of the EU’s digital future.

The event, organized by the Bulgarian Presidency of the Council of the European Union and the European Commission, was attended by about 130 professionals from both the academia and the private sector who had the opportunity to share information and present their ideas on the potential HPC in the context of the European Union.

In addition, numerous solutions were presented for a wide range of social, scientific and industrial challenges. In parallel, the European HPC strategy was presented and the impact of the EC’s proposal on the EuroHPC joint venture on European scientific, economic and social advances, including digital skills, was discussed. The event was jointly organized by the Bulgarian Presidency and the European Commission.

 To see the agenda of the event, click here.
If you want to know the conclusions of the event, click
here.

What is High Performance Computing (HPC)

High performance computing (HPC) is the use of supercomputers and parallel processing techniques to solve complex computational problems. In the digital age, it is a strategic resource for the future of Europe.

High performance computing, which allows the processing of large amounts of data, is the core of the main advances and innovations in the digital era.

 High Performance Computing (HPC) European Strategy

 In March 2017, during the celebrations of the 60th anniversary of the Treaty of Rome, a group of Member States signed the EuroHPC declaration. They agreed to work together and with the EC in the context of a multi-government agreement to acquire and deploy, by 2022/2023, a pan-European integrated exascale supercomputing infrastructure: EuroHPC.

The EU investment until the end of 2020 is close to 1,000 million euros, while another 4,000 million euros are foreseen for the next MFP. Funding at the EU level will support R&D collaboration and guarantee cross-border access to high performance computing (HPC) and data infrastructure.

 High Performance Computing