DAY 1, SESSION 3: CYBERSECURITY ISSUES – ORGANISATION’S INCIDENT MANAGEMENT

No Comments

The session was moderated by Sébastien Héon, Director public affairs at Cassidian CyberSecurity, France, and the following participated in the session:

  • Frederick Douzet (Professor & Associate Director French Institute of Geopolitics, University of Paris; Castex Chair of Cyberstrategy, France)
  • Gisèle Ducrot (Casuality and Servicing Clinet Manager, AXA Matrix Risk Consultant, France);
  • Emmanuel Harrar (Partner Dreyfus & Associés, France);
  • Nagaaki Ohyama (Professor Tokyo Insitute of Technology, imaging Science and Engineering Laboratory, Japan);
  • Frédérick Polycarpe (Head of international Sales & Programmes Cassidian CyberSecurity, France);
  • Michel Toporkoff (Attorney at Law, Toporkoff Law Firm, France);
  • Paul Wormeli (Execute Director Emeritus Integrated Justice Information Systems Institute – IJIS; Innovation Strategist, Wormeli Consulting, LLC, USA).

Frederick Douzet talked about the relevance of geography and geopolitics as useful tools to help identifying areas and zone of influences of countries in the cyberspace. She pointed out that that cyberspace represented a “territory with no regulation” and that cyber conflicts were actually originating from the real world, and so from a real location. She claimed that while nations want to regulate and control the internet, they can’t really obtain the goal since in the internet there is no boundary.

Paul Wormeli talked about the threats that came from the ether. He showed a timeline displaying the actors of cyberattacks in 2003, the current cyber attackers now and the most probable future ones in ten years from now. According to this timeline, while in the past hackers were mainly hacking out of hobby, today we face real criminals and associations of hackers, and tomorrow we will probably see armies, governments and corporations fighting on the internet. The possible consequences of successful attacks range from denial of services to cyberwars to destruction of systems, and the frequency of the attacks is growing up from millions per day to continuous, real time, interactive. Finally he claimed that the only possibility to fight this scenario was to always have a strategy of defense, so that when an attack occurs you are ready to instantly handle it.

Michel Toporkoff showed the only three real cases of cyberattacks that have been trialed and had a verdict in France in the last year. Therefore, the first important point that he highlighted was that a lot of attacks remained unknown. From the analysis of the cases he brought, another key problem of judging is that usually you cannot identify the so called “puppet master” behind the attacks. The last problem is that in some cases the victim actually fails in protecting its own data. So who is to blame?

Nagaaki Ohyama presented the security solution for the future Japanese public system that will manage digital taxation and security area for Japanese residents. The system will use a combination of an ID-Number assigned to every resident, memorized into a smartcard. He explained the risks that may come from that system in terms of personal privacy invasion and the way to handle them by using legal and security countermeasures (i.e. people will be able to watch every single transaction of their personal data). Finally, he claimed that a key problem for the “digitalization” of personal data is the social acceptance, since people are suspicious on it.

Emmanuel Harrar talked about the upcoming new gTLDs: generic top level domains (i.e. .com, .net, .us) and the problems that may come from their implementation. The importance of extending the number of the existing ones comes from the fact that current ones usually do not have a specific meaning (i.e. “.com”) and are low in number, while the new ones will be significant for brands (.mcdonalds, .bmw), for geography (.paris, .berlin), generic stuff (.sport, .hobby) and will have a direct impact on the e-commerce. The risks that may come (and probably will) from their implementation are the related to the internet stability and resilience, since the number of new web sites and application will exponentially grow. The legal risks are cyber-squatting, counterfeiting, phishing, and the business problem is the low ranking of sites using meaningless domains like “.com”, causing the loss of brand awareness for big companies.

Sébastien Héon presented an analysis of the UK government statistics about security. Based on a survey about the UK government it was established that 78% of large organizations were victims of cyberattacks in the last year and only 20% of those companies detected the problem, while others did not even notice it. Another important problem is that it usually takes 371 days on average or a company to realize that it has been attacked. He pointed that the main security issues come from a lack of standard procedures that companies project and adopt. Finally, he said that the principal way to handle security issues is to prevent attacks rather than react – in fact to react it usually takes 3 months to analyze and understand the attack, several days to neutralize it and plus than one year to recover from the damage.

Gisèle Ducrot said that cyber risks were strategic risks for the companies and not only technical issues. She partitioned the risk in elementary factors. The first one is the “cause” that identifies why a cyberattack could happen: company data and tools. The second factor is the “consequence” of the attack and it regards: finance, liability of the company, commercial, brand image and business interruption. Finally she brought some possible solutions for the risk management process: the first step is to identify the risks via risk analysis and via evaluating its origins and impacts; the second one is to adopt mitigation measures and the third and final one is to transfer it by using an insurance since in fact it provides a financial exposure reduction.

Frédérick Polycarpe talked about possible solutions and ways to manage cyber security for companies. He claimed that a big company must assume that it will be constantly attacked and it will need a consistent cyber security master plan on all divisions, all countries, all regulations. He reminded the audience that the attackers are motivated by ideology or by money, and that they could be hired by governments and organizations. Moreover, attackers are highly professional, they know how to beat standard countermeasures and a big company must assume that the attacker will always have more time and needs less money to attack than would the company in order to defend itself. He claimed that cybersecurity is a balance between technology, people and processes: companies needs tools to evaluate risks, detects attacks and to take decisions on how to prevent attacks and, eventually, react quickly. For Polycarpe, a big company needs a continuous security improvement cycle.

IMG_7324 IMG_7339 IMG_7341

DAY 1, SESSION 4: PUBLIC POLICY FRAMEWORKS FOR CONVERGING DIGITAL FUTURE

No Comments

Fiona Taylor (Director, European Affairs & Global Internet Strategy Verizon, Belgium) focused on the infrastructure layer. She analyzed the last 20 years during which the user population of the Internet has grown from 350 million to 7.7 billion. She showed a difficulty on defining a policy framework to regulate the Internet. She asked herself if there was a real need to regulate the Internet and if so, how it should be regulated. According to her, a key criterion for a regulating policy is that the same services on the web should have same regulation. Four key points that the policy framework should take care of are: Investment, Innovation, Consumer, Flexibility.

Nataša Pirc Musar (Information Commissioner, Republic of Slovenia) talked about the current regulations that are not present on the Internet and how European Union is working on them. In her opinion, one of the biggest challenges nowadays is that the Internet law is pretty like the open sea law. She thinks that there will be no regulation of the Internet in a near future, but it will have to happen otherwise it will be the World Wide West. She also talked about the European competences of data protection: the privacy of data regulation is a weak point in EU. Other important points are:

  • How can we supervise the Data that are going to go outside the European Union?
  • We rely on cloud to put our Data, but are we really sure about the cloud?
  • Who can control where the cloud is?

Finally she said that she is worried about the data of European citizen flowing to the USA, since “I have nightmares about the revealing of Snowden”. She also claims that America cannot deny the truth and must give an explanation of NSA actions.

John Giusti (Head of Spectrum GSMA Association, United Kingdom) talked about the necessity for governments to provide services to satisfy the increasingly data demand. He mainly focused on the spectrum assignment problem, arguing that spectrum is a government regulation holding and too heavy regulations on the industry could be suffocating it. He thinks that to reach a possible win-win scenario for governments and mobile companies a right regulation that extends the access to companies in general is necessary in order to satisfy the huge demand coming from people.

Claudia Selli (EU Affairs Director, AT&T, Belgium) said that the human interaction with devices is accelerating and the next possible step in digital life is that everything will be connected. In fact people do not care about the technology behind the connection services: they just want them to be fast and reliable. Finally she asked herself what regulation makes sense today and tomorrow. For instance, in 2007, Twitter did not exist and the “app revolution” was not happening. Therefore, we need a flexible regulatory framework that can be valid for future technologies that are unpredictable.

Thomas Spiller (Vice-President Public Policy, EMEA, The Walt Disney Company, Belgium) talked about the “3 C”: contents, culture and customers. He said contents were key factors driving the attention of the customers on the internet, so it is important to provide high quality contents in line with the customers culture. Culture is also very important: for instance, parents want their children to watch the content in their native language. Finally, he said that the customers themselves had been changing, since nowadays children are able to listen to and work on three or more different devices at the same time (Skype call with a friend, texting on the smartphone with another, playing videogames). With regards to regulations, Spiller thinks that it is really important to protect the kids from malevolent contents but it also must not be too strict and let the market evolve.

 Innocenzo Genna (Founder and Partner Director Genna Cabinet, Belgium) said that the European Commision was working on a reform about the regulation of the Internet. One of the pillars of the reform is to introduce special connectivity services: “It seems like there is a big emphasis on providing those services, but it is not clear who demands them”. For instance, Skype and other companies that provide high quality calls and video conferences already found a solution themselves. Who will be the beneficiary of those special connectivity services? According to libertarians, only “big fish” will benefits from them, while startups, that are the core of innovation, could find themselves obliged to consequently rely on low quality services. Therefore, this reform ruins the state of the Internet as we know it.

Olivier Duroyon (Director Public Affair – Alcatel Lucent, France) said that the demand for Internet services had grown in an explosive way and the European Union had not improved enough the infrastructures on which Internet relies on. So, he thinks that big investments in improving infrastructures are fundamental for the future. Then Duroyon explained that there was a dividing gap in regulation among different technologies: Internet is one of the less regulated ones. In his opinion, today is the right time for Europe to adopt some basic rules to apply to the Internet, respecting the concept of technology neutrality.

Paolo Plebani (Founder & CEO Powerplex, Italy) focused on the theme of Smart Cities. He explained that there was no model of a city that could be considered “smart”, because there was a lack of regulation on the theme. What his company did was to define a possible standard to fill the gap discussed above. He brought up the case of the city of Bolzano, where the requirements of the defined standards are verified. For example, some key points are:

  • All the municipality processes should be realized in a way to be repeatable;
  • The work of the public managers is measured in terms of efficiency, efficacy and time
  • analog services must be converted in digital;
  • The actions and the results of the public management must be documented and transparent to citizens

One of the main problems of public administration is that managers do not really know what they need in terms of digital services and as a consequence they cannot really understand how to regulate them.

IMG_9454IMG_9467  IMG_9472 IMG_9487

DAY 1, SESSION 1: INFORMATION STRATEGY – THE KEY FOR DEVELOPMENT AND GROWTH

No Comments

Steven Adler moderated the first session “INFORMATION STRATEGY: THE KEY FOR DEVELOPMENT AND GROWTH – DIGITAL ENABLERS AND NEW INFORMATION PRODUCTS”. Mr. Adler gave an overview of the American point of view of the Open Data. He said that developing apps based on Open Data, that are collected by governments and public administrations, is a useful and innovative tool for transforming the cities.

Gérald Santucci (Head of Unit Knowledge Sharing – DG Connect) focused on the role of Open Data into the European Union, pointing out the importance of looking for open data, open services and open processes. This is the first year in European Union that there is a concrete step towards the use of Open Data, following the line already taken by G8 in June 2013 (signature of Open Data Charter). This also means a strong connection between the global and European network. Mr. Santucci also stressed public data cannot be considered Open Data. According to him, Open Data must be readily and easily accessible [by anyone who has a pc]. We should use Open Data to boost economic growth.

I an open discussion, the panelists concluded that from an IT point of view, Open Data is something “live”, different from a static page. They are always updated (like in a live repository) and should represent a symbol of trust between governments and citizens. One of the main problems about Open Data is that we often do not have sufficient information about the way they are retrieved, where they came from and how to use them, so, for example, it is not always possible to make a comparison between different sources.

Margot Dor (Director Partnership & EU Affairs, ETSI) focused on the legacy terms beyond the use of Open Data. In Europe it is difficult to establish a policy for managing Open Data because of the different laws in all the countries. We’ve to regulate the use of Open Data, according, for example, to formats, shape, presentation.

Giuseppe Surace (Senior Manager & M2M Cloud Solution Director Telit Wireless Solution) stated that the technology to collect and store the data is available (we can use a clever sensor, then store data into servers or into the cloud), but the key point is that we have to trust the collected data. For Open Data the security concept must be strength.

Santucci said that Open Data must be persistent, reliable, and maintainable. They should not be only open, people should have guarantee of them.

Claudia Selli, E.U. Affairs Director, AT&T, pointed out the importance of investments in network improvement. According to her, we should have a policy framework linked with actual technology adopting high level principles. We have to go into the direction of harmonization, not towards a fragmented market.

In the follow-up discussion Mr. Adler said that public companies should publish Open Data. We, both as stakeholders and public citizens, have to know what companies are doing. This is a form of trust.

Pascal Poitevin, IT Director, France Génétique Élevage, focused on Open Data role in accord to agriculture – we need to increase production to feed people growing, we should increase public investment in agriculture. For example, we should give farmers reliable information using Open Data.

IMG_9288 IMG_9294 IMG_9297 IMG_9301

Remaining Powerpoint Presentations from day 1

No Comments

Urban Fagerstedt, Huawei Technologies Sweden

Didier Thunus, DG Informatics

André Hoddevik, OpenPEPPOL AISBL, Norway

Johannes Wimmer, Austrian Federal Procurement Agency

Myeong-ki Baek, e-Procurement Bureu, Korea

Eleanor Stewart, Government Digital Service Cabinet Office, United-Kingdom

Dan Shoemaker, US Department of Defense, USA

Paul Wormeli, Integrated Justice Information Systems, USA

Thomas Myrup Kristensen, Facebook Inc, Denmark

Stéphane Grumbach, INRIA, France

Florence Dupré, Cassidian CyberSecurity, France

Wojciech Cellary, Department of Information Technology, Poznan University of Economics

Samia Melhem, World Bank Group

Annika Bränström, eGovernment Delegation, Sweden

Steven B. Adler, IBM, USA

Dr. Alan R. Shark, Rutgers University, USA

Uwe Holzmann-Kaiser, Technical Manager

Eikazu Niwano, NTT Corporation, Japan

Pascal Poitevin, Institut de l’Elevage, France

Helena Lindskog, Linköping University, Sweden

Video: The Need for Interoperability in Europe

No Comments

This video was shared at Session 6: Eprocurement Interconnecting People and Organizations and nicely illustrates the challenges of interoperability.

More Speaker Powerpoint Presentations Online #globalforum2012

No Comments

A few of yesterday’s presentations are now available online. More to come: http://www.globalforumblog.com/category/conference-presentations

Session 3:

Session Two Powerpoint Presentations Now Available #globalforum2012

No Comments

Powerpoint Presentations from Session Two: Platforms to Grow Innovation

Morning Powerpoint Presentations Now Available Online @GlobalForum2012

No Comments

All of the powerpoint presentations from the morning sessions of Global Forum 2012 are now available online:

Charlotte Brogen of VINNOVA’s Presentation Now Available Online #globalforum2012

No Comments

Charlotte Brogen, Director General of VINNOVA’s presentation at the Welcoming Address of Global Forum 2012 is now available online. View it here.

Steffan Ingarvarsson’s Presentation from the Welcoming Addresses is Available #globalforum2012

No Comments

Steffan Ingarvarsson’s Presentation from the Welcoming Addresses is now available online. View it here. More to come.


Newer Entries