Last weekend (11th February), members of the Awen Collective team joined hundreds of other fantastic individuals at the first in person BSides Cymru cyber event since 2019. Hosted at the Angel Hotel, Cardiff, industry specialists from all over the world gathered together to share their latest findings across a whole day of talks.
AICS 2022 - Bahrain
5G the Enabler and the BYOND Mobile Event
There is no doubt that 5G is a good step forward in wireless communication. It's faster, provides greater redundancy and is (as a technology) relatively well thought through in terms of cyber security of 5G infrastructure. There are also added benefits with the application of private 5G networks.
The increase in speed that 5G provides means that sensors are able to relay data back to a base at much closer to real time, and control and automation can happen with greater reactivity to input.
Applications of 5G are vast, but some of the most exciting applications are in healthcare, smart cities, manufacturing and critical national infrastructure.
Awen launches Siemens partnership at #Transform2022
Tuesday 12th and Wednesday 13th July 2022, a few members of #TeamAwen attended Transform 2022 - a Siemens event focused on transforming industrial sectors in the UK & Ireland, and wider Europe. We were there to engage with the industrial community with an invitation from Siemens. Our goal was to officially launch and celebrate the new collaborative partnership between Awen Collective and Siemens, which begins with a consortium to help improve cyber security within industrial SMEs. We launched our press release on this on the 8th July 2022, and this news has been appearing in publications.
CyberUK 2022 - Awen Collective Recap
Awen Collective & Arcanum Cyber Security Relaunch Cyber Wales Operational Technology Cluster
Awen Collective and Arcanum Cyber Security have joined forces to relaunch the Cyber Wales Operational Technology Cluster - cluster managers Jules (CTO at Awen Collective) and Marie (Sales & Marketing Manager at Arcanum) will be welcoming anyone with an interest in OT Cyber Security to join them on the 30th November at 2-4pm.
The aim of this Cluster is to provide a platform to share intelligence and explore ideas on the specific cyber security challenges being faced by organisations working in Operational Technology (OT), Critical National Infrastructure (CNI) and Industrial Control Systems (ICS).
For our first meeting, our two speakers, Kat Abercrombie (Senior Pen-Tester at Arcanum Cyber) and Jules Farrow (CTO at Awen Collective) will introduce topics on the difference between IT and OT and why each needs its own security focus, and why asset and vulnerability discovery is vital to producing an effective OT cyber security programme. We'd also love to hear from you - a brief introduction on who you are, your interest in OT cyber, and what future topics we can focus on within our OT cluster meetings.
If you work in, or have an interest in, cyber security in the industrial sectors then we'd love for you to join us.
This event will be hosted by the wonderfully accommodating University of South Wales National Cyber Security Academy at their Newport City Campus and simultaneously virtually via Zoom. If you can't join us in person, we'd still love for you to join via Zoom where you'll be just as much part of the action (although you will need to provide your own Welsh Cakes!).
Arcanum is a NCSC Certified Cyber Security Consultancy, supporting clients across multiple sectors, ranging from CNI, Manufacturing and Defence to SMEs. Marie Caruso, Sales & Marketing Manager at Arcanum is a manager of the OT Cluster at Cyber Wales.
Awen Collective makes society safer by reducing the impact of cyber attacks on the services we all rely upon on a daily basis through innovative software solutions tailored for OT organisations across CNI, Manufacturing, Defence and Smart Cities. Jules Farrow, CTO at Awen Collective is a manager of the OT Cluster at Cyber Wales.
Resiliency: Cyber & Net Zero
This post has been written by Awen Collective CEO & Founder, Daniel Lewis.
I've been thinking a lot about the concept of resiliency, and in particular cyber resiliency and ecological resiliency (by achieving net zero). Can we draw parallels? Can we learn from each other?
What is “cyber resiliency”?
Cyber resiliency, I would say, is ensuring that systems are prepared for a potential cyber attack. This includes thinking about:
What do you do if something goes wrong?
Do you have mitigations and contingencies to ensure continuous operations?
Do you have processes and resources in place to not only react but also be able to best learn from what might have gone wrong?
What is "ecological resiliency"?
There is a lot of talk at the time of writing about humanity's and the Earth's resiliency in regard to the impact of climate change. The goal is to achieve Net Zero (the balance of carbon produced and removed from the atmosphere), which in turn should reduce existential risk caused by human-driven climate change. So the resiliency aspect includes the societal changes required to work towards Net Zero.
Are there similarities? Could we learn from each other?
In order for any resiliency to be most effective it requires efforts from multiple directions:
People - ultimately, we are all in this together. Every single one of us needs to know that we (as individuals and as a society/community) are susceptible to cyber attacks, and to the impact of climate change. We therefore need to be doing our bit where we can: e.g. having good password hygiene, using two-factor/multi-factor, keeping our systems up to date, using antivirus, looking out for nefarious activity in the physical or cyber world, etc. E.g. recycling, reducing waste, choosing a renewable energy supply, reducing air travel, considering electric vehicles and public transport.
Technological advancements - doing realistic and effective R&D - getting both the quick wins (e.g. updating and upgrading protection - antivirus or intrusion detection system. e.g. increasing energy efficiency through hybrid energy sources), and the longer term plans (e.g. carbon scrubbing, developing new alternative energy sources).
Government response - the "carrot and stick approach" - but I would say that the "carrot" is going to be much more effective from a widespread perspective than the "stick" (and many situations) because we need governmental support to do realistic research, improve the current state of affairs, and work towards the best possible outcome with good and clear guidance. Subsidies and grants work best if not only do they give instant relief, but are then coupled with short and long term hands-on support and guidance. This goes to both cyber security/resilience and Net Zero efforts.
Opportunities through standardisation - despite the complaints people have about complying to standards, and other complaints about compliance not being the end goal, it can be an opportunity having standardisation. For example, if a tendering & procurement process for an organisation includes the requirement for (or even just favours) suppliers to have a particular standard, then that prompts the supplier market to do better. Standards need to evolve over time, and be feasible to not only large enterprises but smaller ones too. Examples in cyber security include ISO 27001 and IEC 62443, and examples in the eco-friendly business world are many and varied - ISO have 14001, but there are sector and application specific standards such as LEED and Energy Star.
No doubt that there are other options too. These are just some thoughts about the parallels and what we might be able to do about the resilience of it all. If you have any thoughts on the subject, it would be great to hear from you.
On Friday 5th November 2021, in my capacity as the CEO and a founder of Awen Collective, I pitched Awen Collective (alongside other British and Brazilian businesses) at COP-26 as part of a Connected Places Catapult virtual event where I highlighted that cyber security is important to be included in smart city, industry 4.0 and Net Zero initiatives. Please do go download the Business Portfolio brochure of companies, including Awen Collective, from the CPC UK - Latin America Net Zero Solutions website. We are also now members of the Connected Places Catapult.
Dot Demo Event - 15th October 2020 - Post-event write-up
On Thursday the 15th October 2020, Awen Collective officially launched Dot in the UK.
Dot is an asset and vulnerability discovery software system which reduces cyber risk and increases cyber resiliency of Operational Technologies (those technologies which control our energy, water, transportation and manufacturing systems). For more information about Dot please visit our page on Dot, and/or contact us today.
The event also marked the end of a 12 month project (called Project DOMINO) with the UK Ministry of Defence, which saw the Dot product accelerated into use cases for the defence and security sectors. Dot is a commercial product developed by Awen Collective, a Welsh Cyber Security Software company. For more information about how our work applies to the defence sector please visit our page on the defence sector, and/or contact us today.
Project DOMINO was funded by the Defence and Security Accelerator (DASA) of MOD DSTL. Awen Collective was the lead partner on the project, with BAR Associates assisting. We released a press release about Project DOMINO at the end of 2019.
The demonstration event was hosted by Awen Collective, in collaboration with BAR Associates, Thales Cyber & Consulting and the National Digital Exploitation Centre (NDEC).
We had over 70 attendees from a range of organisations: the UK Ministry of Defence, other parts of UK Government, a few British industrial sector regulators, energy companies, water companies, defence sector companies, water sector companies, and other Friends of Awen.