Cyber wrap
24 Aug 2016|

Image courtesy of Flickr user Nicolas Nova

Last week news broke that an international alliance of business groups had penned a letter to Chinese Premier, Li Keqiang, imploring him to change China’s draft cybersecurity law, which many fear will significantly hamper free trade and commerce with the Asian giant.

This week China’s Ministry of Foreign Affairs sought to dispel those concerns, claiming that the law wouldn’t ‘carry out differential treatment and will not create obstacles and barriers for international trade and foreign businesses investing in China.’ The Chinese MFA addressed several of the specific concerns raised by the businesses leaders, including fears relating  to mandated government access to data during ‘criminal investigations’ which Beijing claims is ‘necessary for safeguarding national security and investigating crime.’ The MFA also said companies would be permitted to send data offshore for business purposes, but with the caveat that this would be subject to a ‘security evaluation’. They explained that ‘these evaluations are for supervising and guaranteeing that the security of this data accords with China’s security standards,’ before adding that ‘the concerns of foreign investors and businesses invested in China are unnecessary.’

Thailand’s Defence Council has approved a new 2017–21 draft Master Plan for National Defence Against Cyber Threats. The new plan hopes to establish a ‘ministry-level’ cyber centre next year. The new centre will be established by the Office of the Defence Permanent Secretary, with the assistance of the Defence Information and Space Technology Department. The Masterplan includes six key areas of focus, which appear to take in a much wider remit than traditional Defence issues. In addition to work plans to protect critical infrastructure and prepare for ‘cyber operations’, additional pillars look to develop cyber skills, leverage national ‘cyber potential’, and boost cooperation on cyber issues.

The National Institute of Standards and Technology (NIST) has put out a call for ideas, feedback, and big picture thinking on Current and Future States of Cybersecurity in the Digital Economy. Acting on behalf of the White House’s recently-announced Commission on Enhancing National Cybersecurity NIST placed a request for information in the US Federal Register seeking feedback on a wide range of potential cyber issues. Matters up for discussion range from CNI protection, Cybersecurity Insurance, R&D, IOT, international markets, public awareness and education, identity access and management and the cybersecurity workforce. The private sector has jumped at the chance to provide feedback, with best practices, the role of the government in regulation, privacy protection and the formation of international norms for appropriate state behaviour already on their agendas for discussion. Recommendations and comments will be accepted up until 9 September.

Malaysia has announced that it will create a special ‘cyber court’ in Kuala Lumpur to hear cybercrime cases. Prosecutors and judges will be required to have knowledge of information security issues to better enable them to understand the intricacies and nuances of the crimes they prosecute and hear. The court is intended to also take the strain off criminal and civil courts which are hearing an ever-increasing number of cybercrime cases. If the KL court is successful, the Prime Minister’s Department has plans to roll out new courts in Johor and Penang, followed by other states.

Wrapping up this week, techcrunch has a great list of ‘hacker movies’ for the cybersecurity practitioner that won’t have you cringing (or yelling) at the screen and Passcode has launched a ‘cybersecurity book club’ for the more literarily-inclined. First up is Thomas Rid’s Rise of the Machines. For the internationally minded, be sure to check out our friend Sico van der Meer’s latest piece on Foreign policy instruments to increase future cybersecurity.