On September 19 at Progress Report from the Supply Chain Security Technical Working Group (September 19 2012), a status report was presented from the Supply Chain Security Technical Work Group which was formed in March 2012 with the approval of the Common Criteria Development Board, in order to produce a Common Criteria Supporting Document that technical communities can use and adapt for their protection profiles.
The information and communications technology (ICT) supply chain has become increasingly complex, with logically long and geographically diverse routes, including multiple tiers of outsourcing. This leads to a significant increase in the number of organizations and individuals who “touch” a product, and thus, increase the likelihood that a product’s integrity will be compromised. Ensuring that ICT products from commercial software and hardware providers are free from vulnerabilities introduced via the product developer’s supply chain is an increasing concern which has manifested in proposed legislation and draft government regulations, as well as publicized attacks.
Exacerbating those concerns is the fact that awareness of supply chain risks and potential mitigations is not widely shared within the ICT industry, academia, government regulators, and product acquirers.
The product life cycle and its corresponding supply chain aspects extend from design to sourcing, manufacturing, distribution, delivery, installation, support, and end-of-life. Each stage presents potential threats of attack: the introduction of counterfeit products or components; elements of product taint, for example via malware or an integrity breach; disruptions to logistics and delivery; as well as tampered communications between the product developer and the customer or the customer and supplier.
The initial Supply Chain Security Supporting Document will describe several of these threats in more detail, specify additional threats, suggest assurance requirements, and recommend best practices for product manufacturers, evaluators, certifiers and end users.
As communities incorporate targeted material from the Supply Chain Supporting Document in protection profiles and vendors complete Common Criteria security evaluations against those protection profiles, customers will gain additional assurance of the product developer’s actions to secure their supply chain, and confidence in the manufactured product they are receiving; all under the globally accepted Common Criteria framework.
Tags: CC, Common Criteria, ICCC, secure supply chain
As government agencies, schools, hospitals and organizations everywhere transition to mobile workforces the need to rethink cyber defense strategies becomes critical. Rates of cybercrimes, like hackings, virus infiltrations and digital breaches, continue to rise and networks need protection in order to keep data—and people—safe. In fact, President Obama outlined the importance of cyber security in his Wall Street Journal op-ed this summer.
In addition, The National Cyber Security Alliance (NCSA) declared October National Cyber Security Awareness Month, so on October 25th , we invite you to join us as government experts, industry specialists and leading analysts gather for a cybersecurity town hall event, “Defending Cyber Borders—Beyond the Virtual Maginot Line.” Take part in the discussion as guests like Forrester analyst Rich Holland and Sans Institute Fellow Rob Lee, discuss innovative cyber security strategies and technologies and teach you to build effective, cost-conscious approaches to protecting your networks.
Register today for the virtual event. If you can’t make the date but are serious about cyber security, stay tuned for an on-demand version of the discussion.
I am in San Francisco this week to attend a City Protocol workshop along with the Meeting of the Minds 2012 conference (Twitter: @meetoftheminds), which brings together thought leaders from the world’s most innovative organizations to spotlight fresh ideas in urban connectivity and sustainability.
All week, I’ve been surrounded by urbanists and city experts talking about ways to make cities better. At many city events worldwide, I see a lot of discussion that seems to center on “what” can be done to improve our cities. This week, however, I’ve heard people asking the presenters “how” the smart innovation actually happened. That is, they wanted to know who did what, and how it was developed, operated, and financed.
This clearly demonstrates that there is need for more replicable and usable information describing “how” Smart Cities are actually made to be smarter. To fill this need, one must understand how cities operate and how Smart City “indicators” are actually delivered. Read More »
Tags: Cisco, City Protocol Society, IBSG, ICT, meeting of the minds, san francisco, Smart Cities, Smart City, Smart City Framework, Smart+Connected Communities, urban innovation
Interest in Smart Cities has triggered plenty of theoretical and technology-led discussions, but not enough progress has been made in implementing related initiatives. In addition, there are a number of factors hindering adoption of Smart City solutions: scaling of newer technologies is unproven; technology challenges the existing status quo in how cities are run; and technology is not well-understood across city sectors.
However, the main barrier to adopting such solutions is the complexity of how cities are operated, financed, regulated, and planned. For instance, city operations are multidimensional and comprised of multiple stakeholders whose dependencies and interdependencies affect and ultimately determine the built environment. Smart Cities, however, present an opportunity to integrate physical city infrastructures—from utilities, transportation, and real estate to city services. Read More »
Tags: barcelona, Cisco, City Protocol Society, IBSG, ICT, meeting of the minds, san francisco, Smart Cities, Smart City, Smart City Framework, urban innovation, Urban Knowledge and Research Symposium
For centuries, cities have generated most of humankind’s art, religion, culture, commerce, and technology. And while this trend is expected to continue, several challenges are emerging, including stress on aging public infrastructures, limited success of public-private partnerships, reduced budgets, and the loss of “brain power” to fast-growing suburban areas.
To revitalize the world’s largest cities, City24/7—a company committed to making public communications more accessible to everyone, everywhere—in collaboration with Cisco IBSG and the City of New York, has launched an interactive platform that integrates information from open government programs, local businesses, and citizens to provide meaningful and powerful knowledge anytime, anywhere, on any device. In short, City24/7 delivers the information people need to know, where and when it helps them most.
Located at bus stops, train stations, major entryways, shopping malls, and sports facilities, City24/7 Smart Screens incorporate touch, voice, and audio technology to deliver a wide array of hyper-local (about two square city blocks) information, services, and offerings in real time. The Smart Screens can also be accessed via Wi-Fi on nearby smartphones, tablets, and laptop computers.
The overarching goals of the City24/7 Smart Screens are to inform, protect, and revitalize. Read More »
Tags: Cisco, city transformation, City24/7, City24x7, connected cities, IBSG, New York, public sector, public-private, Smart Cities, smart connected city, smart screen