Cybersecurity in the Defense Acquisition System

"Cybersecurity in the Defense Acquisition System", DAU, USA, April 2017, 27 pages. Download. 

UK - Cyber security breaches survey 2017

"Cyber security breaches survey 2017", Main Report, April 2017, 66 pages, UK. 

"This report details the findings from a quantitative and qualitative survey with UK businesses on cyber security. The Department for Culture, Media and Sport (DCMS) commissioned the survey as part of the National Cyber Security Programme, following a previous comparable study by the Department published in 2016. 1 It was carried out by Ipsos MORI, in partnership with the Institute for Criminal Justice Studies at the University of Portsmouth, and comprised: ▪ a telephone survey of 1,523 UK businesses from 24 October 2016 to 11 January 20172 ▪ 30 in-depth interviews undertaken in January and February 2017 to follow up businesses that participated in the survey...."

Telstra Cyber Security Report 2017

"Telstra Cyber Security Report 2017", 2017, 52 pages. Download. "Telstra engaged a research firm, Frost & Sullivan, to interview professionals responsible for making IT security decisions within their organisation to obtain a number of key insights on a range of security topics. The report also draws on analysis of security information and data gathered from Telstra infrastructure, security products and our third-party security partners. The research firm’s online surveys obtained 360 responses. 58 per cent of these responses were from Asia and the remaining 42 per cent were from respondents based in Australia...."

Cyber Security in Canada

"Cyber Security in Canada: Practical Solutions to a Growing Problem", The Canadian Chamber of Commerce, April 2017, 44 pages. 

UNODA - Developments in the field of information and telecommunications in the context of international security

UNODA - "Developments in the field of information and telecommunications in the context of international security", Fact Sheet, April 2017, 2 pages. 

G7 Declaration on responsible states behavior in cyberspace

"G7 Declaration on responsible states behavior in cyberspace". Lucca, 11 April 2017. 5 pages. Download the document. 

Getting beyond Norms When Violating the Agreement Becomes Customary Practice

"Getting beyond Norms When Violating the Agreement Becomes Customary Practice", Melissa Hathaway, CIGI Papers No. 127 — April 2017, 16 pages. 

About Cyber-Routine Activities Theory

"Capable Guardianship and CRISIS of IdentityTheft in the United States: ExpandingCyber-Routine Activities Theory", Back Sinchul, Sung Yongeun, Cruz Erik, International journal of crisis & safety, 2017 2(1) 16-24. 

Fair Use and IP Infringement on Instagram, Pinterest and Other Social Media

"Fair Use and IP Infringement on Instagram, Pinterest and Other Social Media. Policing and Protecting Licenses, Copyright and Trademark Rights ", April 26, 2017, Strafford. Presenting a live 90-minute webinar with interactive Q&A. The online program provides a copy of "Copyright Fair Use", Excerpted from Chapter 4 (Copyright Protection in Cyberspace) of E-Commerce and Internet Law: A Legal Treatise With Forms, Second Edition, a 5-volume legal treatise by Ian C. Ballon (Thomson/West Publishing 2017). 

Cybercrime Coordination and Partnership Exercise

"Cybercrime Coordination and Partnership Exercise", 24-28 April 2017, Tbilisi, Georgia, Provided under iPROCEEDS and Cybercrime@EAP III projects. More information... 

Summer School on Cybercrime

"Summer School on Cybercrime", Milan, Italy, 3 – 6 July 2017. More information...

Theorizing cyber coercion: The 2014 North Korean operation against Sony

"Theorizing cyber coercion: The 2014 North Korean operation against Sony" by Trevis Sharp, Journal of Strategic Studies, Pages 1-29 | Published online: 11 April 2017.  Abstract...

Cyber Security: strategies, policies...

• "Cyber Security: Collaboration. Antigua and Barbuda". ITU, 23 March 2017, 30 pages. Download. 
• "The UK’s National Cyber Security Strategy 2016 – 2021", UK Government, April 2017. Download. 
• "CyberSecurity Strategy 2017-2019. State of Illinois", Department of Innovation and Technology, State of Illinois, 24 pages. Download. 
• "National Security and Emergency Preparedness Department 2017 Cybersecurity Policy Priorities (Select Examples) ". US Chamber of Commerce. March 2017. 4 pages. Download.  

Safety of data - The risks of cyber security in the maritime sector

"Safety of data - The risks of cyber security in the maritime sector", Netherlands Maritime Technology, April 2017, 22 pages. Download the document. 

Ce type de documents est le produit d'une tendance de plus en plus affirmée dans le monde: des lectures sectorielles de la cybersécurité. Une lecture comparative de ces multiples approches sectorielles permettra (peut-être) de mettre en lumière des particularités. 

Australia's Cyber Security Strategy - 2017

"Australia's Cyber Security Strategy - Enabling innovation, growth & prosperity".First ANnual Update, 2017. 29 pages, Download the document. 

Big Data Analytics

CSI Communications (India) published a special issue on "Big Data Analysis". Volume No. 41 | Issue No. 1 | April 2017, 52 pages. Among the topics covered in this issue: Role of Hadoop in Big Data Analytics, Data Lake: A Next Generation Data Storage System in Big Data Analytics, Sentiment and Emotion Analysis of Tweets Regarding Demonetisation, Enhanced Protection for Big Data using Intrusion Kill Chain and Data Science. Let's mention the more military-focused paper on "MiDeSH: Missile Decision Support System".  Download the issue. 

China Publishes Draft Measures Restricting Outbound Data Transfers

"China Publishes Draft Measures Restricting Outbound Data Transfers"', Latham & Watkins Data Privacy, Security & Cybercrime Practice, 14 April 2017 | Number 2119, "The Cyberspace Administration of China (CAC) has published a draft law that places wide-ranging restrictions on companies seeking to transfer personal information and critical data, as defined below, (collectively, Relevant Data) out of China..." Download the document. 

Chinese Political and Military Thinking Regarding Taiwan and East and South China Seas

"Chinese Political and Military Thinking Regarding Taiwan and East and South China Seas", Testimony presented before the U.S.-China Economic and Security Review Commission on April 13, 2017. Download the report. 

APCERT 2016 Report

APCERT (Asia Pacific Computer Emergency Response Team) 2016 Report, 225 pages. 

"The Asia Pacific Computer Emergency Response Team (APCERT) is a coalition of Computer Emergency Response Teams (CERTs) and Computer Security Incident Response Teams (CSIRTs) within the Asia Pacific region. The organisation was established in February 2003 with the objective of encouraging and supporting the activities of CERTs/CSIRTs in the region". 

2016 Payment Threats Trends Report

"2016 Payment Threats Trends Report", Report by the European Payments Council, 20 March 2017, 41 pages. "The present document aims to provide an insight in the latest developments during the last years on threats affecting payments, including cybercrime".

Note de recherche IRSEM sur les Global Commons

"Les Global Commons: retour sur l'itinéraire d'un concept stratégique américain (2009-2011)" par J.L. Samaan, IRSEM, Note de recherche n°35, mars 2017, 7 pages. 

US DOD - Request for additional FY 2017 Appropriations

US DOD - Request for additional FY 2017 Appropriations - Budget request - March 16, 2017, 36 pages. In this document, the Department of Defense (DoD) is submitting a request for additional Fiscal Year (FY) 2017 appropriations. Among several lines, complementary funding is requested for cyber investments: information warfare, cyber security, new C4I (at Naval Computer and Telecommunications Area Master Station Atlantic building in Norfolk, Virginia),  ISR and cyber infrastructure at the Air Force, Weapons system cyber resiliency, Cyber operations technology, etc. 

Chinese Efforts in Quantum Information Science: Drivers, Milestones, and Strategic Implications

"Chinese Efforts in Quantum Information Science: Drivers, Milestones, and Strategic Implications", Testimony for the U.S.-China Economic and Security Review Commission, March 16th, 2017, John Costello. 

Matinée nationale d'information Horizon 2020 sur les infrastructures critiques et la sécurité

Matinée nationale d'information Horizon 2020 sur les infrastructures critiques et la sécurité. Paris, 10 mai 2017. Cadre: défi 7 "sociétés sûres", programme Horizon 2020. Programme, inscription... 

Séminaire "communication en milieu désorganisé" - ISCC

Le prochain séminaire "communication en milieu désorganisé" aura lieu le mardi 25 avril 2017 (et non le 11 avril comme il avait été initialement annoncé). Il se tiendra de 16 h-18 h à l'ISCC-CNRS / Paris-Sorbonne / UPMC - 20 rue Berbier-du-Mets, 75013 Paris. Le thème de cette séance sera : Risques et catastrophes : enjeux culturels et interculturels. 

Le séminaire accueillera Benjamin Pelletier, formateur en management interculturel, maître de conférences honorifique à l'Ecole des Ponts et Chaussées. Auteur de plusieurs récits littéraires, dont le dernier, Toujours plus à l'est, est paru en 2016 aux éditions Picquier.

"Iran Sanctions" by Kenneth Katzman

"Iran Sanctions" by Kenneth Katzman, March 31, 2017, Congressional Research Service, RS20871, 89 pages, Washington. "This report analyzes U.S. and international sanctions against Iran and provides some examples, based on open sources, of companies and countries that conduct business with Iran". 

Concerning "cyber" issues, read: 

- "Expanding Internet and Communications Freedoms" (p.30-31)

- "Iranians Sanctioned Under September 29, 2010, Executive Order 13553 on Human Rights Abusers"  (p.81)

- "Iranian Entities Sanctioned Under Executive Order 13606 (GHRAVITY)" (p.82)

- "Entities Designated as Human Rights Abusers or Limiting Free Expression Under Executive Order 13628 (Executive Order pursuant to Iran Threat Reduction and Syria Human Rights Act)" (p.83).  

3 rd French-Japanese meeting on Cybersecurity

"3 rd French-Japanese meeting on Cybersecurity", 24th - 26th April 2017, Tōkyō. 

Cyber-Social-Physical Features for Mood Prediction over Online Social Networks

"Cyber-Social-Physical Features for Mood Prediction over Online Social Networks", article by Chaima Dhahri, Kazunori Matsumoto, Keiichiro Hoashi, DEIM Forum 2017, 6 pages. 

Abstract : Context-Aware Recommendation Systems (CARS) are more effective when adapting their recommendations to a specific user preference. Since modal context (mood) has a direct impact on user preferences, we aim at having an accurate mood prediction to improve recommendation performance. Online social networks (OSNs) have grown rapidly over the last decade. These social platforms provide the opportunity to gather the distributed online activities for each user. Tracking and aggregating these data could result in useful insights for user modeling and understanding. In this paper, we built a personalized system that can predict the upcoming user mood even in days without text-type tweets. We, first, studied the correlation of three types of features (cyber, social and physical) with a user mood. Then, used these features to train a predictive system. The results suggest a statistically significant correlation between user mood and his cyber, social and physical activities distributed among different OSNs which leads to a low RMSE in our predictive system.  

Attack Classification Schema for Smart City WSNs

"Attack Classification Schema for Smart City WSNs", article by Victor Garcia-Font, Carles Garrigues and Helena Rifà-Pous, Sensors 2017, 17, 771; doi:10.3390/s17040771, 

In this article, the authors propose a schema to classify the evidence left by attacks against smart city WSNs into seven different attack models. 

Donald Trump intends to extend by one year the Executive Order 13694

"President Donald Trump is going to extend by one year the Executive Order 13694", post du blog SecurityAffairs, March 30, 2017

Interpol - "Cybercriminalité"

Interpol - "Cybercriminalité" - 2017 - Brochure de 12 pages. 

Dans ce document Interpol distingue deux catégories de criminalité liées aux TIC: la cybercriminalité et la criminalité facilitée par Internet. 

On peut y lire également que "jusqu’à présent, la cybercriminalité était principalement le fait d’individus ou de petits groupes. Aujourd’hui, INTERPOL constate l’apparition de réseaux de cybercriminalité d’une grande complexité qui réunissent, en temps réel, des individus de tous pays pour perpétrer des infractions d’une ampleur sans précédent."  Vraiment? Le cybercrime n'est-il pas organisé en gros réseaux d'assez longue date? Ne parlait-on pas du cybercrime organisé russe et chinois il y a dix ans déjà? Les hackers n'ont-ils pas une tradition de coopération internationale depuis bien des années?  

Sajda Qureshi "The forgotten awaken: ICT’s evolving role in the roots of mass discontent"

Sajda Qureshi, "The forgotten awaken: ICT’s evolving role in the roots of mass discontent", Information Technology for Development, 2017, Vol.23, n°1, pp.1-17. Full text...

About "key terrain" in cyberspace

Applegate, Scott Douglas, Christopher L. Carpenter, and David C. West. “Searching for Digital Hilltops: A Doctrinal Approach to Identifying Key Terrain in Cyberspace.” Joint Force Quarterly, no. 84 (1st Quarter 2017): 18-23. 

The proposed definition of "key terrain'" is : "Any locality, or area, the seizure or retention of which affords a marked advantage to either combatant". According to the author of this article, the "key terrain" is different from the notion of "critical asset", defined as "a spacific entity that is of such extraordinary importance that its incapacitation or destruction would have a very serious, debilitating effect on the ability of a nation to continue to function effectively". 

Full text... 

Thomas Rid, Hearing on Disinformation: A Primer in Russian Active Measures and Influence Campaigns"

Thomas Rid, Hearing on "Disinformation: A Primer in Russian Active Measures and Influence Campaigns", US Senate, March 30th, 2017.

Prepared Statement of GEN (Ret) Keith B. Alexander on Disinformation: A Primer in Russian Active Measures and Influence Campaigns

Opening speach.

Disinformation: A Primer in Russian Active Measures and Influence Campaigns

Hearing: "Disinformation: A Primer in Russian Active Measures and Influence Campaigns", US Senate, March 30th, 2017. 

Witnesses:

Panel I

Eugene Rumer, Director of Russia and Eurasia Program, Carnegie Endowment for International Peace. He previously served as the National Intelligence Officer for Russia and Eurasia from 2010-2014.

Roy Godson, Professor of Government Emeritus at Georgetown University. From 1993-2015, he also served as President of the National Strategy Information Center.

Clint Watts, Senior Fellow, Foreign Policy Research Institute Program on National Security

*Other witnesses may be added

Panel II:

Kevin Mandia, Chief Executive Officer, FireEye

General (Ret.) Keith Alexander, Chief Executive Officer and President, IronNet Cybersecurity.  He previously served as Director of the National Security Agency and Chief of the Central Security Service.

Hearing on The Promises and Perils of Emerging Technologies for Cybersecurity

Hearing on The Promises and Perils of Emerging Technologies for Cybersecurity, EPIC Letter to US Senate, March 22, 2017

A Borderless Battle: Defending Against Cyber Threats - by GEN (Ret) Keith B. Alexander

"A Borderless Battle: Defending Against Cyber Threats" - by GEN (Ret) Keith B. Alexander, Statement before the United States House of Representatives Committee on Homeland Security,  March 22, 2017, 8 pages. 

Cyber Security : job opportunities

* PRI is seeking an individual with expertise in corporate cyber security policies and practices to undertake data analysis and a summary report of findings and recommendations for engagement on behalf of the Principles for Responsible Investment. Detailed Information. Deadline for application: April 7, 2017

* NATO Cooperative Cyber Defence Centre of Excellence, Internship opportunity in Public Relations in Spring 2017. Detailed Information. Deadline for application: April 3, 2017

Etats-Unis: projet de budget 2018 et place de la cybersécurité

Le 16 mars 2017 l'administration Trump a publié un budget prévisionnel 2018, qui donne déjà une idée des grandes lignes de dépenses (et d'économies) pour les mois à venir. 

Le projet procède par réductions, coupes dans le financement de quantité de programmes et organismes jugés trop peu efficaces ou comme ne devant pas relever des budgets de l'administration. Pratiquement tous les ministères sont touchés par ces mesures, sauf le Département de la Défense. La cybersécurité est l'un des axes qui bénéficiera de budgets conséquents, mais elle n'apparaît pas spécifiquement mise en avant, du moins à la lecture de ce seul document. 

Understanding Russian "Hybrid Warfare" - RAND Corporation

Understanding Russian "Hybrid Warfare", by Christopher S. Chivvis, RAND Corporation, Testimony presented before the House Armed Services Committee on March 22, 2017, 12 pages. According to the author, Russia's hybrid warfare is a mix of information operations, cyber, proxies, economic influence, clandestine measures, and political influence. 

"Wiretapping" - recent documents and debates

"Wiretapping" : here is a short selection of interesting publications concerning the current debates on wiretapping in the U.S: 

- "FBI director to testify on wiretapping, Russia hacking charges", 20 March 2017

- "Reining In Warrantless Wiretapping of Americans", March 16, 2017

- "Comey confirms inquiry on Russia and Trump Allies", March 21, 2017

- "On March 6, 2017, EPIC submitted a FOIA request (the “EPIC FOIA Request”)to the Department of Justice’s National Security Division (“NSD”) for disclosure of all §1804 FISA applications for wiretapping in Trump Tower in the NSD’s possession...  ", March 20, 2017

Video: "FULL James Comey, Mike Rogers Testify on Wiretapping Russian election interference. March 20 2017"

The Pillars of APT Defense - by M. E. Kabay

The Pillars of APT Defense - by M. E. Kabay, Norwich University, March 23, 2017 

Des cyber-opérations pour contrer le programme de missiles nord-coréen?

Le New York Times a publié le 6 mars dernier un article soulevant la question suivante: les Etats-Unis sont-ils en mesure de paralyser le programme de missiles nord-coréen, en ayant recours à des cyberopérations agressives?  Certains observateurs virent dans les quelques échecs rencontrés par le programme coréen au cours de ces derniers mois (missiles qui explosent en vol) l'efficacité de l'action américaine. Mais d'autres tests coréens ont été menés à bien, et ont remis en cause la croyance en l'efficacité de la stratégie cyberoffensive américaine. Existe-t-elle seulement? Les Etats-Unis sont-ils capables d'enrayer le programme de missiles à l'aide de cyberattaques ? Utilisent-ils les mêmes méthodes que celles déployés contre le programme nucléaire iranien il y a de cela quelques années? 

The Australia–US Cyber Security Dialogue

Tobias Feakin, Liam Nevill and Zoe Hawkins, "The Australia–US Cyber SecurityDialogue", ASPI Special Report, 20 pages, March 2017. 

Contents: cyber cooperation in the Asia-Pacific, fighting cybercrime in the Asia-Pacific, Australia-US cyber cooperation... 

Cybersécurité - Courrier du Département de l'Energie au Président Trump

Quand le Comité à l'Energie et aux Ressources Naturelles du Sénat s'inquiète des futurs projets d'executive order. Le Comité souhaite que lorsqu'il s'agit de la cybersécurité du Département de l'Energie, ce dernier assure lui-même sa cybersécurité, et que la tâche ne soit pas confiée au DHS ou à quelque autre agence. Voir la lettre adressée au Président, en date du 14 mars 2017.  

Common challenges in combating cybercrime - Eurojust / Europol

"Common challenges in combating cybercrime"  - Eurojust / Europol,  13 March 2017, 14 pages. Document. 

Joint Meeting of the Horizontal Working Party on Cyber Issues (capital level) and the JHA Counsellors (COPEN)

Council of the European Union. Joint Meeting of the Horizontal Working Party on Cyber Issues (capital level) and the JHA Counsellors (COPEN). 22 March 2017. Topics: Cyber Threat Landscape - emerging trends, EU Cyber Security Strategy review - state-of-play and future steps, Common challenges to LEA and judiciary in combatting cybercrime, Carrier Grade NAT - exchange of good practices, Digital Object Architecture - cyber risks, Joint EU Diplomatic Response to Cyber Operations (Cyber Toolbox), Prevention and cyber awareness. 

More information...

Call for Papers - Cyber Risks and Insurance

Call for Papers - "Cyber Risks and Insurance", The Geneva Association is pleased to announce a special April 2018 issue of The Geneva Papers on Risk and Insurance - Issues and Practice. Submission deadline: 12 May 2017. More details...

Undermining Democratic Institutions and Splintering NATO: Russian Disinformation

Prepared Testimony and Statement for the Record of Toomas Hendrik Ilves, Bernard and Susan Liautaud Visiting Fellow, Center for International Security and Cooperation, Freeman-Spogli Institute for International Studies, President of Estonia 2006-2016, At the Hearing on “Undermining DemocraticInstitutions and Splintering NATO: Russian Disinformation”. Before the House Foreign Affairs Committee, March 9, 2017, 9 pages. 

Federal Information Security Modernization Act of 2014, Annual Report to Congress, Fiscal Year 2016

Publication par les autorités américaines du rapport annuel présentant l’état d’avancement de la mise en application de la loi FISMA de 2014 (Federal Information Security Modernization Act of 2014). Cette loi a pour objectif de moderniser l’administration et les agences gouvernementales sur le plan de la cybersécurité. 

FederalInformation Security Modernization Act of 2014, Annual Report to Congress,Fiscal Year 2016, 121 pages, Washington