BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//BIGS Potsdam - ECPv6.15.12.2//NONSGML v1.0//EN
CALSCALE:GREGORIAN
METHOD:PUBLISH
X-WR-CALNAME:BIGS Potsdam
X-ORIGINAL-URL:https://www.bigs-potsdam.org/en/
X-WR-CALDESC:Events for BIGS Potsdam
REFRESH-INTERVAL;VALUE=DURATION:PT1H
X-Robots-Tag:noindex
X-PUBLISHED-TTL:PT1H
BEGIN:VTIMEZONE
TZID:Europe/Berlin
BEGIN:DAYLIGHT
TZOFFSETFROM:+0100
TZOFFSETTO:+0200
TZNAME:CEST
DTSTART:20200329T010000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:+0200
TZOFFSETTO:+0100
TZNAME:CET
DTSTART:20201025T010000
END:STANDARD
BEGIN:DAYLIGHT
TZOFFSETFROM:+0100
TZOFFSETTO:+0200
TZNAME:CEST
DTSTART:20210328T010000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:+0200
TZOFFSETTO:+0100
TZNAME:CET
DTSTART:20211031T010000
END:STANDARD
BEGIN:DAYLIGHT
TZOFFSETFROM:+0100
TZOFFSETTO:+0200
TZNAME:CEST
DTSTART:20220327T010000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:+0200
TZOFFSETTO:+0100
TZNAME:CET
DTSTART:20221030T010000
END:STANDARD
END:VTIMEZONE
BEGIN:VEVENT
DTSTART;TZID=Europe/Berlin:20210819T120000
DTEND;TZID=Europe/Berlin:20210819T140000
DTSTAMP:20260621T144457
CREATED:20210729T143642Z
LAST-MODIFIED:20210729T143642Z
UID:6642-1629374400-1629381600@www.bigs-potsdam.org
SUMMARY:The Underestimated Risk of Cyber Supply Chain Attacks
DESCRIPTION:The Underestimated Risk of Cyber Supply Chain Attacks\nDespite the fact that there are still some serious security gaps\, many companies perceive IT and cyber security now as part of their risk management. However\, the quality of the technical and organizational measures and the available budget vary considerably. This is partly due to a lack of awareness of certain security issues at the decision-making levels and an assessment of the cost-benefit calculation. IT and cyber security is often not recognized in everyday work\, and if it is\, then only as an additional workload. What companies do perceive\, however\, is the damage that occurs when their own company is affected. \nDealing with supply chain attacks is not a new issue\, but one that is still often underestimated. Supply chain attacks are often not taken into account in risk assessments and thus the opportunity to identify dependencies\, build up suitable redundancies and better protect both interfaces and vulnerabilities of suppliers is missed. \nIn cyber supply chain attacks\, attackers target vulnerabilities in supply chains for their malicious purposes. On December 13\, 2020\, FireEye reported the discovery of a widespread supply chain attack in which SolarWind’s Orion business software updates were trojanized to spread malware.  ORION is an IT monitoring and management software used by the vast majority of Fortune 500 companies\, as well as many government agencies. Affected entities include government agencies as well as organizations in the consulting\, technology\, telecommunications\, healthcare and oil and gas industries on four continents. According to SolarWinds\, the vulnerability is likely the result of a sophisticated\, targeted and manual supply chain attack by an unknown nation-state. \nSymantec reported a 78% increase in supply chain attacks in 2018 in its 2019 Internet Security Threat Report\, with the top 20 observed groups being particularly active.  Well-known groups such as Dragonfly have been using targeted suppliers to gain access to specific companies since 2011\, with the targets in this case primarily located in the energy sector. \nAgainst this background\, BIGS\, in cooperation with VTT Finland\, one of the leading research institutions in Europe\, has taken a closer look at the ecosystem of supply chains and considered the financial impact of attacks on them. We would like to present the main findings of this analysis in the familiar format of the PizzaSeminar\, on August 19 from 12:00 – 14:00 at the IABG in Berlin Mitte. \n  \nRegistration via mail to info@bigs-potsdam.org \n  \nSpeakers: \nEsther Kern (Research Fellow at BIGS) \nAlexander Szanto (Research Fellow at BIGS)
URL:https://www.bigs-potsdam.org/en/events/the-underestimated-risk-of-cyber-supply-chain-attacks/
LOCATION:Berlin-Mitte\, Berlin\, 10117\, Deutschland
CATEGORIES:PizzaSeminar
ATTACH;FMTTYPE=image/png:https://www.bigs-potsdam.org/app/uploads/2021/07/PizzaSeminar_Supply_Chain_Attacks-e1627560155770.png
END:VEVENT
END:VCALENDAR