Welcome to LSEC, an internationally renowned Information security cluster, a not for profit organization that has the objective to promote Information Security and the expertise in BeNeLux and Europe. Founded by the University of Leuven (K.U. Leuven), supported by European Commission FP7 and leading a unique PAN European Private partnership that interacts with Public Institutions, LSEC connects security industry experts, research institutes and universities, government agencies, end users, funding bodies and technical experts who are driving national and European research agendas. LSEC activities aim to raise cyber security awareness, support innovation and competitiveness of the European IT- Security market and promote the visibility of its members.
On April 27th, LSEC - cyber security hub - in collaboration with B-Hive - fintech hub - organized a first joint event focused on the ongoing innovative developments in the financial services domain impacting not only financial services, but also its supply chain and operational transactions such as cyber security and information security components.
An insightfull perspective by authentication expert Isabel group introduced us into some of the challenges, including authentication developments and helping understanding some of the complexities which resulted in the current RTS (regulatory technical standard) and SCA (Strong Customer Authentication) for TTP (trusted third parties). The PSD2 directive already exists since January 2016, and is currently being adopted by the European Member States, in particular their NCA (national competent authorities), usually the regulators. Next to the PSD2 directive that amongst other enables other companies to access account information for payment services, new developments such as API's are equally seeing their routes into market. The Glue and Oracle presented insightful views of the current developments towards Open API. The NBB (National Bank of Belgium), one of the co-authors of the RTS, keynoted the event with the core fundamental behind these developments and insights in some of the working that had led to its current state. He also indicated some future routes. Identity technology provider TrustBuilder and authentication providers Vasco and SDO presented their views on the role of existing and developing authentication technologies. During some of the panels, the operators such as Ingenico and Twiki reasoned on their current challenges and how they got there; Finally other security challenges were brought by BAE Systems, indicating that there is much more than authentication in securing these new developments.
For more information and documentation background, visit the event page.
Watch out for one of the latest outbreaks, it has made many high-profile victims in just a few hours. Over 57.000 were reported in just a few hours. The RansomWare Wanna Cry (WCry) is coming through spam, in which fake invoices, job offers and other lures are being sent out to random email addresses. Within the emails is a .zip file, and once clicked that initiates the WannaCry infection. But the most concerning aspect of WannaCry is its use of the worm-like EternalBlue exploit. "This is a weapon of mass destruction, a WMD of ransomware according to Crowdstrike's Vice President Adam Meyers. Once it gets into an unpatched PC it spreads like wildfire," he told Forbes. "It's going through financials, energy companies, healthcare. It's widespread."
Given the malware is scanning the entire internet for vulnerable machines, and as many as 150,000 were deemed open to the Windows vulnerability as of earlier this month, WannaCry ransomware explosion is only expected to get worse over the weekend.
Consider already visiting www.nomoreransom.org, an initiative by Europol EC3, McAfee, the Dutch High Tech Crime Unit and Kaspersky and increasingly supported by many across the globe, including LSEC. The website offers some free support against ransomware attacks. If you have been exposed and the platform has a cleansing solution (without having to pay the ransom), you can feely download the decrypt mechanisms. They are committed in updating their anti ransom libraries regularly.
LSEC is contributing to this year's WEBIT Festival Europe, joining respected speakers and attendees from around the globe from Google, DHL, McAfee, the European Commission and crossing the bridge between IT, education, healthcare, logistics, manufacturing, culture & arts. WIth TED-like talks, WEBIT is one of the most inspiring conferences around the globe, focusing on multiple attention points and raising things such as Artificial Intelligence, Quantum Computing, Social Web of Services, Social Enterprises, e-Educational programs, Industrial challenges and developments and security.
Learn more about WEBIT and its activities at : http://www.webit.bg/security.php
At the age of 67, our friend and cyber security inspiration Howard Schmidt peacefully passed away, last March 2nd in his home in Wisconsin after a long battle of cancer.
A computer crime expert, who advised two presidents and drafted cybersecurity safeguards for the US and the rest of the world, was one of the first recognizing the need to work together in the continuous battle for a safe and secure cyber space. He founded the inpiration for many to start sharing information between law enforcement, government and business. A practice being served throughout the globe.
Rest in Peace Howard, you will continue to be an inspiration for all of us working to ensure a better world, also in cyber. You were a wonderful, amicable person, always available for a talk and support. Condolences to the family from the whole of the ICT Security community in Belgium and beyond.
Or LinkedIn Obituary https://www.linkedin.com/in/schmidthoward/recent-activity/
Industrial environments, manufacturing and other automation driven systems have been part of our core expertise for over a decade. LSEC is working closely with its Core Members and Individual Members helping them to not only improve the security, but also to better understand the opportunities and challenges the fourth industrial revolution (referred to as Industrie 4.0) might bring. For this reason LSEC has joined the Industrial Internet Consortium, and is leading the efforts on bringing together available expertise on industrie40.vlaanderen and in the 3IF.be and Connected Factories projects. 3IF is promoting digital technologies in manufacturing environments, providing insights in the ICT developments allowing for breakthrough innovations and adapting to new business models and advanced customer demand. LSEC is on the edge of the digital transformation and provides insights into its impact on security; or reversely, indicating how the ICT security domain can embrace exciting new developments for the Factories of the Future.
More information on the white paper opportunities for ICT security industry in the evolving industrial automation space, with links and documentation can be found in of the 3IF.be website.
Join in for regular events and activities, such as inspiration workshops, security workshops and more.
May 5th, the European Parliament finally publsihed the GDPR (General Data Protection Regulation), which will take effect on May 25th, 2018. With more than 70% of European companies not even aware of this regulation, let alone be ready to comply to the regulation, LSEC and its Members and Partners started with a series of events and activities that will support the strategic definition, implementation of activities and exchanging expert advice that lead to compliance. During these events all different aspects will be investigated in depth. The major differentiator is that we will not only debate the legal implications, but will deep dive into its implementation best practices, building on top of existing processes and procedures (such as ISO 27k, PCI/DSS, Basel II, ....), using existing technologies (implementing the right rules on NGFW, NGIDS, SIEM, Data Leakage in End Protection, Encryption technologies, ....).
These seminars will be supported with various white papers, expert advisory and sessions minutes.
More information on the Data Protection Regulaton with links and documentation can be found on the Data Protection Section of the LSEC website. Registration to the events can be found there as well.
Join us today in getting ready for first major European Security regulation for enterprises.