On June 7th the European People’s Party organized a public hearing on Cybercrime and Cybersecurity at the European Parliament in Brussels, Belgium (1) . It was a great honor to be invited as a speaker on Cybersecurity and Critical Energy Infrastructure for the second panel discussion covering the theme of “Cybersecurity: improving European industry”. I […]
Author: Vytautas Butrimas
NOTE: The views expressed within this blog entry are the authors’ and do not represent the official view of any institution or organization affiliated thereof.
Vytautas Butrimas has been working in information technology and security policy for over 26 years. Mr. Butrimas has participated in several cybersecurity exercises, contributed to various international reports and trade journals, and has published numerous articles on cybersecurity and policy issues.
Thoughts on the wake-up-call (another one) called “WannaCry”
“But as soon as we find out that it’s state-sponsored, or there may be state actors involved, we back away from that.” – Interpol digital crime centre director Sanjay Virmani Seems that the WannaCry incident should appear on anyone’s short list of notable cyber incidents of 2017 (so far). Some reports in the press have […]
Good news for ICS protection: ISA providing new ISA/IEC 62443 based industrial cybersecurity training
The great Chinese military strategist Sun Tzu in his book the “Art of War” stated that (to paraphrase) “if you know yourself and the enemy, you will prevail in every battle”. This saying is applicable to the protection of industrial control systems that comprise the technical foundation for today’s critical infrastructure. One of the long-term […]
Not for navigation, information provided may not represent the true position
Many years ago I was fortunate to have two friends who each owned a wooden sailboat. One was a 31-foot Norwegian Knarr made from African mahogany and the other was a 28-foot sloop. To earn a place on the crew I pitched in with all the work in maintaining those boats during the winter. Since […]
In seeking international cyber norms for states, one should be careful about blowing smoke, sometimes it could start a fire.
Cyberspace by its very nature has an international dimension. Without it, there would be no possibility for the Internet to grow and function. In turn, threats that come from cyberspace also require an international response. Especially the threats to the devices used to monitor and control processes in critical infrastructure from state resourced APT’s. Threats […]
Lessons from the film “Rogue 1” on the importance of security in the design process
Commander #1: We’ve analyzed their attack, sir, and there is a danger. Should I have your ship standing by? Gov. Tarkin: Evacuate? In our moment of triumph? I think you overestimate their chances. – Quote from the film Star Wars IV (1) The Star Wars film epic in addition to providing good entertainment raises some […]
The lack of comprehensive investigation and sharing of lessons from industrial control system incidents will continue to leave others as sitting ducks.
This past week news has surfaced about cyber-attacks directed against German industry. In particular about a suspected case of cyber espionage at ThyssenKrupp (1) (2). The announcement that a German steel maker was cyber attacked reminded me about the 2014 German Federal Government IT Department’s (BSI) report of a cyber-attack at an unidentified steel mill […]
Raising cybersecurity awareness during a seminar on the future of energy policy and economy is not an easy thing to do.
“Although you cross the Atlantic for years and have ice reported and never see it, at other times it’s not reported and you do see it.” – Charles Lightoller, Titanic Second Officer (speaking at the public inquiry into the sinking) In one of my recent lectures on “The cybersecurity dimension of critical energy infrastructure” I […]
Thoughts on possible misconceptions over the cybersecurity of the energy sector
“The pump don’t work, cause the vandals took the handles” – Bob Dylan The use of high technology (information technology and telecommunications) has entered almost every aspect of our lives. You name a sector and it is there: finance, trade, energy, communications, transportation, even education and healthcare. High tech is what modern society is built […]
Proposing innovative solutions to a problem which will require even more solutions is not a good way to go
– After the ship has sunk, everyone knows how she might have been saved. – Italian proverb In an earlier blog I wrote about the importance of answering the key questions in developing a strategy to secure a critical asset (1). I could see the consequences of not taking the time to fully comprehend these […]