Microsoft and the Brazilian Center for International Relations (CEBRI): Workshop ‘Examining the finance and energy sectors’ cyber hygiene maturity’
This workshop is part of the Brazilian Center for International Relations (CEBRI) and Microsoft multistakeholder compendium initiative titled “Protecting strategic sectors from cyberattacks”.
The first workshop focused on prevalent cyber threats, and how cyber hygiene practices could be the solution to address risks. The next two workshops focused on sectors that are at different stages of their cyber hygiene maturity, the second one centred on the healthcare sector and this third one is on the more mature sectors of finance and energy. Finally, the last workshop will reflect on the main recommendations from the previous discussions.
The whole workshop series will be held in English, with simultaneous translation to Portuguese, and aims to identify lessons learned and recommendations to avoid and/ or mitigate the effects of cyberattacks on strategic sectors, culminating in the development of a multistakeholder compendium on best cyber hygiene practices.
Date and time: July 26th 2023 | 11:00am – 12:00 BRT | 10:00am – 11:00am EST
Location: Virtual (Microsoft Teams)
Webinar: Effective Implementation of the CIS Benchmarks and CIS Controls
To ensure effective implementation of the CIS Benchmarks and CIS Controls, as part of the CIS SecureSuite Membership package, this webinar will teach you how to prioritize your security program to meet the requirements of regulatory and compliance frameworks with the CIS Critical Security Controls and CIS Benchmarks, as well as how to assess and implement secure configurations at scale. A CIS SecureSuite Membership can help you to secure your organization, systems, and data to protect against cyber-attacks.
What you’ll learn about:
- How CIS globally recognized security best practices are developed
- How you can automate system configuration assessment and track it over time with CIS-CAT Pro Assessor and Dashboard
- When you may need to customize configuration policies, and how you can do that on CIS WorkBench
- How to save time by remediating system configurations at scale with CIS Build Kits
- How to collaboratively track your organization's CIS Controls implementation and identify opportunities for improvement
- Bring your questions and get ready for a deep-dive into the CIS SecureSuite Membership resources.
Webinar: Cybersecurity Governance In Southeast Asia
This webinar follows a two-day discussion among regional and international experts on the linkages between cybersecurity, technological vulnerabilities, and security sector governance in Southeast Asia. It will discuss the role of security sector actors in managing the security risks posed by international technological advances. The public event is organised in cooperation with DCAF's partners in Southeast Asia and brings together experts from both state and non-state institutions.
It aims to draw attention to the region's unique cybersecurity needs and explore how security sector governance and reform (SSG/R) can be used to protect cybersecurity interests.
The panel will feature speakers who will discuss the specific cybersecurity challenges in Southeast Asia, the role of security sector actors in protecting regional and national cybersecurity, the potential benefits of effective cybersecurity governance, and the essential reforms needed to enable security institutions to fulfil their protective responsibilities. Participants will have the opportunity to interact with the panelists, ask questions and actively engage in thought-provoking discussions on the topic.
Georgia Cybersecurity Forum 2023
At the Georgian Cybersecurity Forum, ministers, partners, and international expert panelists will come together to discuss regional considerations on:
1) Cyber Capacity Building
2) Challenges for Cyber Resilience Development
3) Global Cyber Threat Landscape
4) Cyber Diplomacy and International Cooperation
5) Black Sea Vision on Cybersecurity
6) Emerging Technologies and Cybersecurity
OAS Cybersecurity Symposium – National Cyber Resilience: Reflections and Way Forward
- October 3, 2022: Inauguración | Opening
- October 4: Gestión de políticas de ciberseguridad | Cybersecurity policies and best practices
- October 5: Respuesta a incidentes | Incident response
- October 6: Concientización | Awareness Raising
- October 7: Cierre | Closing
1st AfricaCERT CYBER DRILL: “Testing The Waters”
The Africa Computer Emergency Response Team (AfricaCERT) has completed its first annual Drill to test the capability of Computer Security Incident Response Teams in African economies from 30 June – 01 July 2021.
A Coordination team comprised of AfricaCERT, bjCSIRT (Benin), CERT-MU (Mauritius), EGCERT (Egypt), KE-CIRT (Kenya), KEYSTONE (Tunisia), tunCERT (Tunisia) organized the Drill. CERT-MU chaired this 2021 edition; the scenarios were provided by CERT-MU and EGCERT and supported by SILENSEC CYBER RANGE platform.
Caribbean Energy Sector Cybersecurity Forum
May 10th 10AM to 5PM EST and May 11th 10AM to 5:30PM EST
Cyberattacks are posing an increasing threat to the Caribbean’s energy sector. In light of this, from May 10th to May 11th, 2022, USAID’s Caribbean Energy Sector Cybersecurity Forum will convene energy sector stakeholders, cybersecurity experts, international aid organizations, and those looking to expand their cyber knowledge and capabilities to learn, grow, and network across the two days of the Forum. With events for all levels of cyber awareness, this forum is intended enhance the Caribbean energy sector’s security and capacity to manage the growing risk of cyberattacks.
The United States Agency for International Development’s (USAID) Strengthening Utilities and Promoting Energy Reform (SUPER) program is focused on enhancing energy sector cybersecurity in the Caribbean region.
The registration and landing page can be found here: https://caribbeancybersecurityforum.vfairs.com/
Cybersecurity: Cyber threats to NGOs and nonprofits
During this one-hour event on cybersecurity and cyber threats to NGOs the CyberPeace Institute will share stories and examples of recent cyber-attacks against NGOs in Geneva and beyond. You will also get the opportunity to learn more about the recent attack shared by CAGI and the CyberPeace Institute targeting emails servers. Other examples will include insights into a ransomware attack that was able to affect and paralyze the finance system of an International NGO as well as how the Instagram account of another organization was taken over by cyber criminals.
The CyberPeace Institute will also present the CyberPeace Builders, a project launched in 2021 dedicated to providing free assistance to NGOs in critical civilian sectors anywhere in the world. Join to find out how your organization could benefit from this unique cybersecurity program!
Themes & Topics
The Collective Approach to Sectorial Cybersecurity Challenges
The first cybersecurity conference in Africa and Arab region focused on collaborative cybersecurity and incident response.
Cybersecurity via collaborative and sectorial leadership is a winning strategy. Collaborative approach provides organisations with improved coordination and better sectorial incident handling due to specific sectorial context available. It also enables early warning signalling across the sector and attaining threat intelligence international communities.
This virtual conference will focus on collaborative cybersecurity approach - why it is important for financial sector organisations and what are the tactics for fostering it. One of the key presentation will be a case study - a real example on enhancing sectorial cybersecurity resilience. Also, you will hear what the benefits are of being a part of an international cybersecurity community and the true value of establishing a CSIRT or a SOC.
Agenda and registration link of the conference will follow soon. The conference is free of charge.
2022 TF-CSIRT Meeting & FIRST Regional Symposium Europe
The 2022 TF-CSIRT Meeting & FIRST Regional Symposium Europe will be held online March 2nd- 3rd, 2022. Co-organized with GEANT.
You can find the detailed Agenda here: https://www.first.org/events/symposium/regional_europe2022/program
And the registration link here: https://portal.first.org/registration/regional_europe2022
Report Launch “Cyber Incident Management in Low-Income Countries”
As part of the GFCE Research Webinar Series, this session will present the findings of the report "Cyber Incident Management in Low-Income Countries", GFCE Working Group B Task Force Leads and CCB researchers will provide their input on understanding the value of proactive communication assisting CERT/CSIRTs, governments, organizations and decision makers to better understand the importance of, and plan for, proactive incident management communications.
Themes & Topics
2021 African Commonwealth Virtual Conference and Workshops
This conference will bring together representatives from across the African Commonwealth, the wider African continent, and the UK to share knowledge and experience, and to build new relationships that will help you improve your national and regional cyber security.
The goals of the conference are to encourage and support nations working together to increase resilience against cyber threats, and to build a more cyber-secure future through partnership and collaboration.
- Week 1 of the conference will start with scene-setting introductions, an immersive cyber exercise, and discussion around sharing experience, knowledge and lessons learned to support cyber security maturity growth across the African Commonwealth.
- Week 2 of the conference will focus on cyber threats - both current and emerging - and how we can work together to combat them. Special consideration is given to the importance of national cyber security strategies and cyber legislation.
FIRST & AfricaCERT Virtual Symposium for the African and Arab Regions
This virtual symposium will be co-hosted by AfricaCERT and TunCERT.
Participants are expected to be comprised of global FIRST Member Teams and CSIRTs from the African and Arab regions. FIRST also expects to attract network operators, anti-abuse teams, and other security professionals from the African and Arab regions.
Program Agenda At-A-Glance
• December 7 | 11:00-18:15 UTC - Plenary Topics - Plenary Panel Discussions: Regional and International Initiatives, Frameworks and Related Standards, Open-source Tools and CSIRT Success Stories, Open Data (OSINT) and Threat Intelligence Sharing Platforms and Tools, Observed Malicious Cyber Criminality During COVID in the African and Arab Regions.
• December 8 – 11:00-15:00 UTC - Technical and Management Training Tracks - Training Opportunities: Open-source Tools for CSIRTs, MITRE ATT&CK Fundamentals, CSIRT Maturity Modeling, Protective DNS – Why It Matters and How to Deploy It On-prem. Designing and Running Cyber-exercises for CSIRTs.
• December 9 – 11:00-15:00 UTC - Technical and Management Training Tracks - Training Opportunities: Incident Response and Classification Workshop, MISP Fundamentals, National Cyber Crisis Management.
The event will be presented in English with French translation available during the plenary sessions on December 7.
NICE Symposium: A Coordinated Approach to Supply Chain Risks
1:30 - 5:00 PM EST
The NICE Symposium: A Coordinated Approach to Supply Chain Risks is a half-day virtual symposium that serves as a precursor to the annual NICE Conference in June 2022.
In light of dramatic events and emerging threats, experts will come together on Tuesday, November 16 to discuss the role of the cybersecurity workforce and the need for a coordinated response to strengthen the supply chain.
Panel 1: Risk and Policy Considerations for Securing Cyberspace and Critical Infrastructure
Panel 2: Enhancing Software and Technology Supply Chain Security
Protecting the healthcare sector from cyber harm
15:00 – 17:00 CEST
If the past year has taught us anything, it has to be that we need to protect the healthcare sector from cyberattacks. Between January and August 2021 alone, the CyberPeace Institute recorded 77 disruptive attacks on healthcare organizations, of which the majority resulted in operational disruptions to the sector. These have a direct human impact as people are unable to access healthcare services, a basic human right.
The Czech Republic, the CyberPeace Institute, and Microsoft are taking action. Together, they kick-started the ‘Protecting the Healthcare Sector from Cyber Harm’ project which, over a series of thematic workshops, brings together healthcare, cybersecurity, and regulatory experts to identify good practices needed to protect this vital infrastructure. This is a multistakeholder issue that requires the attention of government, industry and civil society actors in order to come up with truly global solutions.
This event will explore challenges pertaining to, inter alia, accountability, state responsibility, due diligence, international human rights law, International Humanitarian Law, sovereignty and non-intervention as well as the use of force. It will explore existing initiatives and outcomes, including innovative recent ones such as the Oxford Process, with the aim of distilling good practices and recommendations, which we will endeavour to compile in a compendium to be published at the end of the workshop series.