Updates

Cybersecurity

2019

The NATO Communications and Information Agency (NCI) began creating a Cyber Security Collaboration Hub which is an encrypted workspace for information gathering, collaboration, and training for all 29 member states of the NATO. The NCI had previously provided information to allied national Computer Emergency Response Teams (CERTs), but there was no NATO CERT community. By this initiative the NCI wants to fill the gap and strengthen the security of NATO networks with the encrypted workspace. The first participants of the hub are  the US, the UK, France, the Netherlands, and Belgium CERTs.

 

In a letter sent to White House cybersecurity officials, over 20 US industry groups, including the US Chamber of Commerce, the Telecommunication Industry Association, and the Alliance of Automobile Manufacturers, asked for the National Institute of Standards and Technology (NIST) to continue leading the development of cybersecurity guidance for Internet of things (IoT) devices. The groups praised the work done by NIST so far concerning the Framework for Improving Critical Infrastructure Cybersecurity and suggested to follow the framework concerning cybersecurity guidance for IoT devices. They concluded the letter by asking the US Congress to increase the NIST funding, given the extent of its work.

On Safer Internet Day, that took place on 5 February 2019, Google Chrome, in collaboration with cryptographists from Stanford University, released a new extension named ‘Password Checkup’. THe extension checks username and password combinations entered in login pages to be placed in a Google database of four billion credentials compromised in data breaches. The extension is aimed to mitigate negative consequences of massive breaches like Collection #1. Password Checkup will not alert a user when they use unsafe and simple passwords, but when the username and password have been previously breached. Moreover, the extension is designed in a way that Google does not learn user passwords and keeps the breached credential database protected.

 

The US National Institute of Standards and Technology’s (NIST) discussion draft is about core cybersecurity capabilities baselines for IoT devices, asking for public input on the matter. The draft details a set of cybersecurity capabilities that could be achieved by most IoT devices, especially looking for feedback concerning: the definitions and specificity of adequate capabilities, the usefulness of establishing high-level principles for IoT devices, the adequacy of the criteria chosen for identifying baseline capabilities, and the necessity of creating a taxonomy to describe types of IoT devices for future analysis. The draft is based on two previous reports: the ‘NIST internal report 8228; Considerations for Managing Internet of Things (IoT) Cybersecurity and Privacy Risks’ and the ‘Report to the President on Enhancing the Resilience of the Internet and Communications Ecosystem Against Botnets and Other Automated, Distributed Threats’.

Google recently developed a new extension to its web browser Google Chrome that warns users about lookalike URLs. The extension is aimed at reducing the risk to visit ‘typosquatted domains’ or phishing sites that imitate legitimate ones. Those sites often look like the real ones but are designed to steal visitor credentials and other sensitive information. The extension works as a dropdown panel under the URL bar and asks the user whether they intended to visit this particular website, redirecting to the right domain if there was a typo in the URL. The extension is not planned as a default feature for Chrome for at the moment.

 

The UN Economic and Social Commission for Western Asian (ESCWA) released a study on Arab Horizon 2030: Digital Technologies for Development. The study examines digital technologies for development in the Arab region within the framework of the United Nations Agenda for Sustainable Development and the horizon it sets for the year 2030. Through this study, ESCWA aims to promote radical policy changes in utilising digital technologies for sustainable development in the Arab region. To this aim, it identifies proposals and recommendations for harnessing these technologies in social, economic, and human development opportunities. The research tackles seven thematic policy areas relevant to digital technologies and their impact on development goals: digital strategies, ICT sector, ICT infrastructure, cybersecurity, digital divide, e-applications, and e-government. For each of the identified thematic policy areas, the study provides an in-depth analysis organised under four sections: 1) contextualization of the thematic issue with respect to its impact on the SDGs, 2) analysis of local policies in the Arab countries and the gap with advanced countries, 3) pinpointing Horizon 2030 vision and policy change recommendations to fulfill SDGs, and 4) outlining business-as-usual trajectory in line with Horizon 2030 vision. At the end, the study provides a summary of the 2030 vision and the pertinent policy change recommendations for each of the seven areas.

Pages

 

The GIP Digital Watch observatory is provided by

in partnership with

and members of the GIP Steering Committee



 

GIP Digital Watch is operated by

Scroll to Top