About the Conference

Objectives—OASIS, in collaboration with The World Bank, will bring together public and private sector security professionals from around the world to evaluate, debate, and collaborate on cyber security best practices and tools. Driving intra-government coordination is an overarching theme.  Fostering interest and collaboration among countries in support of safe guarding critical assets from financial services to large public events will be featured on the agenda.  

√ Driving Intra-Government Coordination Protecting Critical Infrastructure
While advanced nations can draw on sophisticated infrastructure to combat cyber security threats, many of these threats often originate from adjacent regions.  Reviewing a more regional focus between governments to ensure a unified response can be vital.  Those regional areas will also benefit from effective tools that not only allow international participation, but also offer local safeguards.

√ Initiating Collaborative Responses to Cyber Security Challenges
Unifying responses to future cyber incidents and strengthen public/private partnerships to find technology solutions are keys to success.  In order to respond to cyber security threats in a constantly changing environment, strong international cooperation needs to be visible within individual cyber-security strategies. The cross-border nature of threats makes it essential to focus on strong international cooperation. This is our opportunity to bring the community together to discuss current cyber security strategies, different influences, successful approaches, and what may hamper international cooperation. 

√ Promoting Solutions & Best Practices
This conference is the first in a series of events designed to build awareness that countries should prepare to engage with companies and organizations that are actively looking at technologies for cyber and public safety collaboration internationally.  For example, standards initiatives, such as OASIS CTI, are working to connect the ‘cyber threat intelligence’ dots by developing open interoperability standards (STIX, TAXII, CybOX) to enable cyber threat intelligence to be shared among trusted partners and communities (M2M knowledge). The use of these standards allow security practitioners to build systems that will rapidly identify and access current threats, and determine how they act, who is responsible and what course of action is needed.  By streamlining this process, countries no longer have to spend valuable time and resources analyzing data in disparate formats. 


ParticipationExecutives responsible for developing, influencing and managing critical infrastructure security decisions are invited to attend this conference.  This includes: Chief information security officers, Security policy implementers, Chief executive officers, ICT directors, Chief information officers, Leading security standards developers (seeking to improve the state of cyber security on domestic and/or international levels), End users and solution providers from operational and IT backgrounds, and Cyber security staffers with operational, managerial and policy responsibilities at all levels.

Onsite participation is limited to 150 guests. Registration is required to reserve a seat.  Please use our online reservation form.

Questions regarding participation may be directed to events@oasis-open.org.  The conference will be offered via video conferencing by The World Bank.  Additional details regarding that component will be announced soon.


Outcome — The conference will introduce and explore current initiatives aimed at sharing cyber threat intelligences and response information in real time through systems and software. Best practices, standards, specifications and tool will be catalogued.  A summary document will be circulated outlining identified issues and work to chart a path forward.  This may include the creation of new technical committees and/or working group chartered to develop relevant standards, specifications, profiles, and/or best practices.  Future conferences will be organized to continue achieving objectives. 


Summary—Rapid advances in technology are transforming our ability to better collect, analyze, and use information as never before. Integrated networks, fueled by the internet, have removed the historical barriers to sharing information, unleashing the capacity of technology to revolutionize our lives.  The ability to simplify the sharing of information is simultaneously its greatest benefit and its greatest threat. As vulnerability continuously increases, localized disruptions can rapidly trigger a cascading sequence of events that can cause widespread technology disasters across the world.

While many security threats are caused by humans, others threats must also be considered (i.e. natural disasters). Such events often cripple the critical physical infrastructure (e.g. data centres and telecommunication networks) in minutes. Disasters caused by nature can be just as unpredictable and devastating as those malicious attacks. In some cases, both threats play a role. Cyber criminals often will use any circumstance available to achieve their ends — including the temporary disruptions triggered by natural events. Countries need to understand how these varied sources of threat can coalesce into potentially overwhelming threat combinations.

As every country commits to securing their infrastructure, outward-looking countries seek to build with interoperability and collaboration in mind. It is well known that each country and each region has its own interest, sovereignty, and mission.  However, recent threats coordinated are beyond national and regional boundaries.  This conference is a proactive gathering enabling countries to share valuable insights specific to their threat landscape, including response successes and failures. By discussing these issues openly, we’ll be able to begin defining best practices and tools that will both prevent and mitigate future potential threats.

This conference is the first in a series of events designed to build awareness that countries should prepare to engage with companies and organizations that are actively looking at technologies for cyber and public safety collaboration internationally.  For example, standards initiatives, such as OASIS CTI, are working to connect the ‘cyber threat intelligence’ dots by developing open interoperability standards (STIX, TAXII, CybOX) to enable cyber threat intelligence to be shared among trusted partners and communities (M2M knowledge). The use of these standards allow security practitioners to build systems that will rapidly identify and access current threats, and determine how they act, who is responsible and what course of action is needed.  By streamlining this process, countries no longer have to spend valuable time and resources analyzing data in disparate formats. 

Instead, countries should embrace collaboration and consider sharing their visions on how to coordinate standards, best practices, use cases, in order to address global concerns such as critical infrastructure by any potential threats including cyber-attack, terrorists, and natural disaster started from anywhere in the world. 

 

 

Conference sponsors