eicar cybersecurity

Considering the uncertainties surrounding the Cyberspace, this eicar* working group 7 (eicarwg7) also known as “Flamingo Club” aims at uniting cyberspace stakeholders in order to facilitate the exchange of ideas and best practices in matters relating to

  • Cybersecurity

  • Cyberprivacy

  • Cyberrisk

  • Cyberinsurances

  • Cyberfication

Eicar WG7 is coordinated by Robert Niedermeier (Eicar Executive Secretary). The members meet periodically every four months. The meetings are usually open-ended but subject to prior registration (purely for logistics-related purposes).

Group members range from privacy advocates, lawyers and engineers to distributors of cybersecurity products such as anti-virus programs. The Group would be pleased to welcome anyone with an interest in the above mentioned areas.

Next meeting

02-04-2020, 11 – 12 h, ????

ReedSmith Munich

*What is Eicar?

Eicar WG7 is coordinated by Robert Niedermeier (Eicar Executive Secretary). The members meet periodically every four months. The meetings are usually open-ended but subject to prior registration (purely for logistics-related purposes).

A file you may not know it, but certainly you have on your computer,  because it is part of all major anti-virus software. Anti-Virus Vendors use the eicar testfile to calibrate the anti-virus engines.

The EICAR Trustworthiness Strategy is to enhance transparency in the contemporary IT Security environment and its ever evolving threats and vulnerabilities scenario and to enable trust into IT Security products that help creating a safer environment.

The strategy encompasses first steps to enhance trust and transparency into IT security products by developing minimum standards for the trustworthiness of IT security products, starting by developing minimum standards for Anti Malware-products and the development of minimum requirements for testing organizations. Subsequent steps encompass testing, verification and certification schemes and community building.

Currently EICAR is in quest of finding industry partners as corporate EICAR Members who would actively participate and contribute to the process of adaption to the constant changing environment and the furthering of the research endeavour for the verifiability of trustworthiness.

Recently the AV Test Lab “Vezprog” and the AV vendor G-Data have become new EICAR partners in the Trustworthiness Strategy.
A two days WS in week 17 (the exact days still t.b.c.) with partners is planned to be held at G-Data premises in Bochum at which the German Federal Office for Information Security (BSI) has also indicated its interest of partnership and participation.

Dear EICAR members and friends,

The continuous evolution in technology creating an ever-changing environment with new challenges in social behaviour and legal sensitivities requires a constant review and adaption of the standard. Regardless of these challenges, the original fundamental requirement to enhance trust in IT Security
products remains unaffected. EICAR has slightly changed its approach in the overall strategy to putmore emphasis on finding further strategic partners to join in and help actively to keep the EICAR Minimum Standard matching new developments and challenges and we are proud to announce that
we could already welcome new corporate members from the AV industry and the IT Security market as corporate members and strategic partners in our “Trustworthiness Strategy”. We are also proud to report that with AV Comparatives in Austria and Vezprog in Hungary we have certified two AV testers as “Trusted EICAR Test-lab” and welcomed them as strategic partners.
We can further report that the research initiated by EICAR at the Technical University Mannheim in Germany in the “Accountability and Trustworthiness using the EICAR Minimum Standard” has progressed and first results are available.

BSI JOINED AS STRATEGIC PARTNER

It is particularly notably remarkable, that the German “Federal Office for Information Security” (BSI)
has recently joined us as strategic partner and will actively support our endeavour to enhance trust in
IT Security products. It is even more noteworthy that this new strategic alliance will reach into the Data-
Protection (Privacy) and Consumer Protection Sectors of the German Government and we are looking
forward to their contributions in the furthering of the current standard.
To bring members, strategic partners and interested parties up to date and to discuss the way ahead

 

EICAR-WG2 Arbeitsgruppentreffen vom 19.11.2018

This text is available in German only.
Das diesjährige Treffen der EICAR WG2 fand unter den Eindruck immer ausgefeilterer Angrifsszenarien bei gleichzeitig wachsender Zahl von Angriffsmöglichkeiten statt.

Programm:
Mit einen kurzen Einführungsvortrag über kuriose Sicherheitslücken der vergangenen 12 Monate begrüßte zunächst der WG2-Vorsitzenden Martin Retsch, perComp-Verlag GmbH, die Teilnehmer im Hörsaal des BMI in Bonn.

Im direkten Anschluss startete Miachael Veit, Sophos, mit dem Thema Künstliche Intelligenz in der IT-Security, welcher die aktuellen Möglichkeiten und Grenzen beim Einsatz von KI zur Malwarebekämpfung detailliert erläuterte.

Der Vortrag Bedrohungen – Heute und Morgen von Jan Kolloch, F-Secure, wies auf aktuelle mögliche Gefahren und Vorkomnisse hin.

Im Anschluss an die Mittagspause zeigte

Benjamin Greve, Trend Micro, die Möglichkeiten eines Wirksamen Schutzes für virtuelle, physische und cloud-basierte IT-Umgebungen auf.

Ralf Benzmüller von der G Data Software AG erklärte die Funktionsweise verschiedener Walletstealer von Cryptowährungen, und

der Vortrag von Marco Preuss, Kaspersky Lab., befasste sich mit der Historie Staatlicher Spionageangriffe sowie einem Ausblick auf zukünftige mögliche Szenarien.

Zum Abschluss der Veranstaltung wurden mit den Experten in einer Podiumsdiskussion über die Vor- und Nachteile unterschiedlicher Verwaltungskonzepte für AV-Software in Unternehmen diskutiert. Während einige Hersteller den Trend in Richtung cloudbasierten Verwaltung schwenken sehen, sind andere Hersteller der Auffassung, dass gerade auch in Deutschland die lokale Verwaltung weiterhin eine bedeutende Daseinsberechtigung behalten wird.
Im Namen von EICAR bedanke ich mich bei allen Teilnehmern und Referenten für die interaktive Veranstaltung, sowie beim BSI für die Raumorganisation vor Ort. Insgesamt hatten sich 24 IT-Sicherheitsexperten und Administratoren aus Behörden sowie der freien Wirtschaft zur EICAR WG2 Tagung angemeldet. Neben den interessanten Präsentationen wurden die zahlreichen kleineren Pausen für das Networking zum Knüpfen neuer Kontakte ausgiebig genutzt.
(Martin Retsch)