Видео

Report War Crimes and Espionage Axis of Evil /Communist MAGA: Cease and desist malicious use of A, energy weapons and satellites:I, death threats, poisoning, physical/emotional abuse.

Report War Crimes and espionage: Axis of Evil /Communist MAGA: Cease and desist malicious use of A, energy weapons and satellites:I, death threats, poisoning, physical/emotional abuse.

Report War Crimes and espionage: Axis of Evil /Communist MAGA: Cease and desist malicious use of A, energy weapons and satellites:I, death threats, poisoning, physical/emotional abuse.

Report War Crimes: Axis of Evil /Communist MAGA: Cease and desist malicious use of AI, energy weapons and satellites: death threats, poisoning

Excellent presentation - thanks Fiona!

I‘m looking forward to next year at my home town. 😎

20 years ago, running a business was a pleasure. Now, you have to fill out forms, send reports, and adapt to bureaucratic constructs all the time. That's how you kill an economy, not develop it. Entrepreneurs are already happy that they have to struggle instead of working. ### Economic Concerns: 1. Increased compliance costs for businesses. 2. Disproportionate financial burden on small and medium-sized enterprises (SMEs). 3. Risk of driving SMEs out of critical sectors due to high costs. 4. Decreased competitiveness for EU companies globally. 5. Reduced attractiveness for foreign investments in critical sectors. 6. Higher costs passed on to consumers. 7. Need for significant government funding for oversight and implementation. 8. Potential penalties for non-compliance adding financial strain. 9. Increased insurance costs for cybersecurity coverage. 10. Need for specialized staff, increasing payroll expenses. 11. Reduced resources for innovation due to compliance focus. 12. Higher costs for legacy system upgrades to meet requirements. 13. Ongoing audit and monitoring costs for organizations. 14. Loss of productivity during compliance implementations. 15. Duplicative spending on overlapping regulations. --- ### Administrative Burdens: 16. Excessive reporting requirements for cyber incidents. 17. Complexity in understanding and implementing new regulations. 18. Additional layers of bureaucracy for businesses. 19. Time-consuming audits and assessments. 20. Challenges in coordinating compliance across multinational organizations. 21. Overlapping national and EU-level cybersecurity regulations. 22. Need for continuous documentation of security measures. 23. Difficulty for non-technical businesses to adapt. 24. Lack of clear guidelines on compliance measures. 25. Inefficient resource allocation for compliance activities. --- ### Operational Challenges: 26. Difficulty integrating new policies into existing workflows. 27. Risk of operational disruptions during implementation. 28. Challenges in monitoring third-party vendors for compliance. 29. Increased risk of legal disputes over interpretations. 30. Lack of flexibility to adapt to sector-specific needs. 31. Potential delays in project timelines due to compliance. 32. Difficulty in scaling security measures for large networks. 33. Overburdened IT departments with new responsibilities. --- ### Legal Concerns: 34. Inconsistencies in enforcement across member states. 35. Conflicts with existing national laws. 36. Increased legal liability for organizations. 37. Uncertainty around legal interpretations of specific clauses. 38. Potential legal loopholes reducing effectiveness. --- ### Technical Challenges: 39. Difficulty in implementing uniform cybersecurity standards. 40. Limited availability of cybersecurity professionals. 41. Overemphasis on compliance over actual security improvements. 42. Challenges in securing outdated legacy systems. 43. Increased attack surface from mandatory interconnectedness. 44. Complex requirements for cross-border data exchange. 45. Insufficient guidance on technical solutions. 46. Lack of support for sector-specific cybersecurity innovations. --- ### Effectiveness Concerns: 47. Redundancy with existing frameworks like GDPR. 48. Minimal impact on improving actual cybersecurity resilience. 49. Overemphasis on theoretical risks rather than practical threats. 50. Inability to address rapidly evolving cyber threats. 51. Focus on compliance may distract from real-world preparedness. 52. Risk of superficial security measures to meet regulations. 53. Ineffectiveness against sophisticated state-sponsored threats. --- ### Political and Strategic Issues: 54. Divergent priorities among member states. 55. Resistance from industries with established regulations. 56. Perceived overreach of EU authority. 57. Risk of creating competitive disadvantages within the EU. 58. Lack of global coordination with non-EU countries. 59. Risk of member states implementing inconsistent approaches. --- ### Innovation and Competitiveness: 60. Stifling of innovation due to rigid regulations. 61. Reduced focus on research and development. 62. Discouragement of startups from entering critical sectors. 63. Risk of hindering advancements in emerging technologies. 64. Unintended consequences for niche industries. --- ### Workforce Concerns: 65. Difficulty in training employees on complex requirements. 66. Increased turnover due to compliance stress. 67. Limited availability of qualified cybersecurity professionals. 68. High costs of hiring external consultants. 69. Risk of burnout among IT and security teams. --- ### Privacy Concerns: 70. Potential overreach in monitoring requirements. 71. Risk of exposing sensitive business or consumer data. 72. Conflict with GDPR in certain scenarios. 73. Increased vulnerability from centralized reporting systems. --- ### Security Concerns: 74. Over-focus on compliance rather than proactive defense. 75. Creation of new vulnerabilities through mandatory policies. 76. Potential for increased cyberattacks during transition phases. 77. Lack of focus on education and awareness as a security measure. 78. Risk of dependency on external consultants for security. --- ### Duplication with Existing Frameworks: 79. Overlaps with sector-specific cybersecurity regulations. 80. Redundancy with national cybersecurity strategies. 81. Conflicts with international frameworks (e.g., ISO standards). 82. Duplication of efforts across EU member states. --- ### Implementation Challenges: 83. Difficulty in synchronizing timelines across sectors. 84. Limited technical support for SMEs during implementation. 85. Challenges in harmonizing cybersecurity policies across borders. 86. Risk of non-compliance due to vague requirements. --- ### Stakeholder Opposition: 87. Pushback from industry stakeholders against added costs. 88. Resistance from sectors with low perceived cyber risks. 89. Concerns over EU overregulation stifling economic growth. --- ### Potential Unintended Consequences: 90. Risk of shadow compliance practices to avoid penalties. 91. Displacement of resources from other critical business areas. 92. Increased fragmentation of cybersecurity efforts. 93. Focus on compliance metrics rather than security outcomes. --- ### Geopolitical Issues: 94. Risk of disadvantaging EU industries globally. 95. Lack of alignment with global cybersecurity standards. 96. Increased reliance on non-EU technology providers. --- ### Other General Arguments: 97. Insufficient consultation with affected industries. 98. Perceived overemphasis on cybersecurity at the cost of innovation. 99. Lack of clarity on how success will be measured. 100. Risk of regulatory fatigue among businesses.

Nice presentation! How do I get grafana dashboard for BNG Blaster?

awesome talk, I should have found it sooner very informative and useful

For some reason we have various BGP peerings across our physical VPC peer links (one per vrf). Would we continue to run these BGP neighbours across the virtual VPC peer link (po500)?

Best explanation and in depth deep dive explanation on design & integrations and implementation of Segment routing concept, Conclusion - Segment routing or MPLS-TE both depends on requirement of our architecture or service provisioning, All technologies such as MPLS-L3-VPN, MPLS-L2-VPN, MPLS-TE, all are equally great and best technologies itself with its own advantages and benefits and applications.... Segment routing is Not enhancement of MPLS but technique of lower overhead of Packet encapsulation transverse over network.

Hat dieser Hackathon eigentlich mal stattgefunden für 25Gbit CPE's? Oder ist die "Lösung" einfach das was Stapelberg in seinem Blog geschrieben hat?

Segment Routing - The best way of explaining new feature of MPLS technology.

Nice presentation 👍

Finally, IPv6-only pfsync ^^

Great practical introduction to containerlab, Jens!

Great presentation.

Schee! 😊

It has been a great event. Looking forward for #DENOG15

This is the best primer on module creation ever!

Aviate - Navigate - Communicate - Another important rule in aviation. Fix Your network first, Think about options, Communicate The problem

Great to hear from ISC.

But i must make a good plan for the community-numbers ans that meanings😅

Greatest video over BGP Communities that I watched, i must probe it tomorrow

can you please help to provide guidance for IXP setup?

Oliver Knapp is wrong at several places. The C-VLAN is not a "Customer-VLAN" but instead a service vlan (VOIP, IP, MULTICAST, TV, WHATEVER). N:1 and 1:1 are totally different aggregations. Most of what he said in the middle of the talk is wrong.

Excellent presentation!

It's a bit too abstract, but he stated it was not a tutorial. Good job.

Nice talk!

Great talk Pim. Too bad you talk so slow ;)

awesome - well done guys

"Vincentz - Hat of Network" :)

Spannender Einblick. Wusste nicht, dass das mit den "Titeln" in corporate so ernst genommen wird.

Thank you

Great video, thanks for doing this topic!

very nice

Init7 ❤️

Great Presentation. Thank you!

Traurige Deutschengeräusche.

the Image is very bad!

Ich erinnere mich noch an die Berichterstattung. Dass das so knapp aus dem Boden gestampft wurde, ist der eigentliche Skandal. Gut gemacht, super erklärt!

Hi. I'm trying to use Blaster to simulate PPPoE sessions, but it's failed. BNG Blaster sends PADI, and BNG already replied PADO, but after that, BNG Blaster did not send more packets to establish session. Could you help me to check why ?

Awesome!!!! Thank you!

👍

One aspect of blameless post mortems is to go out to those who make mistakes, get introspection, and recommendations as to what can prevent others from making the same mistakes. In other words, the attitude I always took in post mortems was that if you make a mistake that is human, but if you can make the mistake, others can and therefore who was closest to the mistake has the most valuable perspective in how to keep others from making that mistake. One challenge is getting junior folks to adopt this idea that mistakes are opportunities to do better not just individually but collectively. It would be interesting to get your view on what can be done to cultivate this.

I noticed you didn't cover structured decision models. One of the really cool things about aviation decision making is that the decision models are collaborative and foster improved communications. This is another area we really can learn in IT from aviation.

There are some cases where some pieces of airplanes are still not redundant. There are non-redundant parts in trim control systems for example. But these have extra certification requirements and inspection requirements. So there are ways of compensating for non-redundance in IT too.

An important point in the two pilot rule is also division of roles between pilot flying and pilot monitoring. This division of tasks is super-important too. The second operator in your view can also be checking monitoring periodically, scan for unexpected behaviors etc.

An important part of checklists though is workload reduction and this is a *big* reason we need checklists in IT. For example, if you are responding to an alert at 3am, having a checklist that does not require scrolling makes it far easier to follow steps and not forget anything. And I mean "workload" here in the aviation sense in terms of number of things you are facing at the same time. On the sterile flight deck rule you have the same point you are making, which is to divide tasks so that people have to pay attention to fewer things at the same time.

das beste beispiel fuer unglaublich viele dieser faktoren ist immernoch die "grosse gitlab outage": man scheitert oft beim beherrschen der systeme und kommt so nicht an den luftfahrt standard - aber all die surrounding sachen hat man zur verfuegung und kann sie im Griff haben, so eben z.B. uebermuedete Leute nicht alleine lassen, standardisierte Verfahren fuer Checks wie "bin ich auf dem richtigen System?", standadisierte Erkennungszeichen fuer kritische Systeme etc. Mein aha-moment war vor vielen jahren, als ich anfing bei change requests die "rollback" punkte wirklich auszufuellen und -denken. leider wurde das nicht gross aufgegriffen damals. fuer failure exercises: beim veritas cluster gab's nen fire drill feature - wir haben in 4 jahren, wo ich damit gearbeitet hab, nicht EINMAL durchbekommen, dass wir das probieren durften. bei nem config management system hab ich es direkt geplant, sowas zu machen und es scheiterte daran, dass ich halt unbedingt effektive gruppenzusammensetzungen fuer die fire drills empfohlen hab. fuer meetings? da geht das IMMER. aber doch nicht fuer sicheren betrieb! was Du ueber Decision making gesagt hast, ist sehr interessant und war mir neu - der Vergleich zur Schifffahrt, auf jedem Schiff ein Alleinherrscher, und die vielen Ungluecke durch abwechselnde Korrekturversuche draengt sich auf.