Cloud and Critical Information Infrastructures

Size: px
Start display at page:

Download "Cloud and Critical Information Infrastructures"

Transcription

1 Cloud and Critical Information Infrastructures Cloud computing in ENISA Dr. Evangelos Ouzounis Head of Infrastructure & Services Unit

2 About ENISA The European Union Network and Information Security Agency Gives advice on information security issues to national authorities, EU institutions, businesses and citizens Acts as a forum for sharing good NIS practices Facilitates information exchange and collaboration Setup in 2004 new mandate till 2020 ENISA has an advisory role and focuses on prevention and preparedness 2

3 Challenges in the Cloud Security and resilience Compliance with regulatory requirements Data protection and privacy Loss of governance 3

4 ENISA and the EU Cloud Strategy EU should not only be cloud-friendly, but also cloud -active The strategic plan of the EC to enable and facilitate the adoption of cloud services in the public and private sector across the EU. Key Objectives: produce a list of standards that could apply to Cloud Computing create a contract/ SLA template for procuring cloud services establish a European Cloud Partnership Working groups: ETSI: Cloud Standards Coordination The cloud security working group on Certification schemes The cloud security working group on Code of Conduct The cloud security working group on SLAs European Cloud Partnership 4

5 Proposed NIS Directive and Incident Reporting 4 4 Market operator or public administration 3 4 Competent national authority 2 5 Security measures Notifying Early warning Informing Summary reporting 1 Proposed by the EC in February 2013 Our focus: Article 14 on security requirements and notifications Public Cooperation network of competent authorities ENISA report: Incident Reporting for Cloud Computing 5

6 ENISA supporting EC policies European Cloud Partnership Participating in working groups Governmental clouds Cloud Computing Certification Risk assessment for SMEs NIS Directive proposal Critical Clouds (2013) Incident Reporting for Cloud Computing 6

7 Supporting the ECP ETSI standardization working group Cloud Standards coordination List of existing cloud standards EC Certification SIG Mapping of existing voluntary certification schemes Common voluntary certification framework SLA SIG Support the SIG activities 7

8 Certification in the Cloud EC Certification Selected Industry Group (SIG) List of certification schemes relevant for cloud Cloud specific schemes? Or cloud relevant schemes? Mapping of cert. schemes against SIG principles One meta-framework for all (ENISA 2014) Information security domains Control objectives organized in sophistication levels (maturity model) 8

9 Cloud Certification Mockup Cloud Certification List site description https://resilience.enisa.europa.eu/cloud-computingcertification/ 9

10 Governmental clouds Support the EU Cloud Strategy to facilitate the take up of cloud services by the public sector in the EU Is this critical? Example: The UK G-Cloud "framework", worth up to 60 million will operate for an initial six-month period, after which successful applicants will be able to sell a range of tools the government expects will include , word processing, hosting, ERP, records management, CRM and other office productivity software Overview of governmental clouds across the EU Good practices of gov cloud implementations Set of recommendations on which aspects the governmental bodies should take into account when setting up a cloud. ENISA report: Securing governmental clouds 10

11 Critical cloud computing CIIP perspective: Preventing large failures and large cyber attacks. IT IT IT IT IT IT IT Kroes (2010): cloud computing may indeed become one of the backbones of our digital future ENISA report: 11

12 Incident Reporting for Cloud Computing Cloud Provider Cloud Provider Criticality of Cloud Services R1 R1 Incidents in scope Critical Infrastructure Critical Infrastructure Large user SME User User Suggested Framework Templates R2 NCA* R3: Summary R1+R2 EU cooperation networks (NCAs, ENISA) ENISA report: Incident Reporting for Cloud Computing 12

13 ENISA Recommendations (1/2) National Risk Assessment Risk Assessment for Critical Clouds Risk assessment framework for SMEs Interconnections and interdependencies in the cloud backbone network Legislative background to support critical clouds Competent authorities network Public sector procurement process Minimum security requirements in different sophistication levels Security measures for gov cloud services Common security certification framework 13

14 ENISA Recommendations (2/2) Promote the definition of a regulatory framework to address the locality problem Compliance with EU data protection law Enhance privacy and data protection in the Cloud Support the development of a common SLA framework for EU Foster research on Cloud Computing security solutions Academia and research centres EU funded projects 14

15 ENISA Cloud Security and Resilience Experts Group 15

16 ENISA s cloud security work 2009 Cloud computing risk assessment 2009 Cloud security control framework 2011 Security and resilience for gov clouds 2011 Security parameters in gov cloud SLAs 2012 Procure secure 2013 Critical Cloud 2013 Incident reporting for cloud computing 2013 Guideline for Govclouds 2013 Cloud Certification (EU Cert SIG) 16

17 Contact us 17

ENISA and Cloud Security

ENISA and Cloud Security ENISA and Cloud Security Dimitra Liveri NIS Expert EuroCloud Forum 2015 Barcelona 07-10-2015 European Union Agency for Network and Information Security Securing Europe s Information Society Operational

More information

ENISA and Cloud Security

ENISA and Cloud Security ENISA and Cloud Security Rossen Naydenov Network Information Security Officer Critical Information Infrastructure Protection Department - ENISA European Union Agency for Network and Information Security

More information

ENISA and Cloud Security

ENISA and Cloud Security Click icon to add picture Click icon to add picture ENISA and Cloud Security Dimitra Liveri NIS Expert EuroCloud Forum 2015 Barcelona 07-10-2015 European Union Agency for Network and Informaton Security

More information

EU Cybersecurity Policy & Legislation ENISA s Contribution

EU Cybersecurity Policy & Legislation ENISA s Contribution EU Cybersecurity Policy & Legislation ENISA s Contribution Steve Purser Head of Core Operations Oslo 26 May 2015 European Union Agency for Network and Information Security Agenda 01 Introduction to ENISA

More information

ENISA What s On? ENISA as facilitator for enhanced Network and Information Security in Europe. CENTR General Assembly, Brussels October 4, 2012

ENISA What s On? ENISA as facilitator for enhanced Network and Information Security in Europe. CENTR General Assembly, Brussels October 4, 2012 ENISA What s On? ENISA as facilitator for enhanced Network and Information Security in Europe CENTR General Assembly, Brussels October 4, 2012 christoffer.karsberg@enisa.europa.eu 1 Who we are ENISA was

More information

EU Priorities in Cybersecurity. Steve Purser Head of Core Operations Department June 2013

EU Priorities in Cybersecurity. Steve Purser Head of Core Operations Department June 2013 EU Priorities in Cybersecurity Steve Purser Head of Core Operations Department June 2013 Agenda About ENISA The EU Cyber Security Strategy Protecting Critical Information Infrastructure National & EU Cyber

More information

Cooperation in Securing National Critical Infrastructure

Cooperation in Securing National Critical Infrastructure Cooperation in Securing National Critical Infrastructure Dr. Steve Purser Head of Core Operations Department European Network and Information Security Agency Agenda About ENISA Protecting Critical Information

More information

Prof. Udo Helmbrecht

Prof. Udo Helmbrecht Prof. Udo Helmbrecht Guiding EU Cybersecurity from Policy to Implementation Udo Helmbrecht Executive Director Information Security for the Public Sector 2015 Stockholm 02/09/15 European Union Agency for

More information

European priorities in information security

European priorities in information security European priorities in information security Graeme Cooper Head of Public Affairs Unit, ENISA 12th International InfoSec and Data Storage Conference, 26th September 2013, Sheraton Hotel, Sofia, Bulgaria

More information

Security and privacy standardization for the SME community

Security and privacy standardization for the SME community Security and privacy standardization for the SME community NLO meeting, Athens, March 4th 2015 European Union Agency for Network and Information Security www.enisa.europa.eu PROJECT CONTEXT European Union

More information

Dr. Vangelis OUZOUNIS Senior Expert Security Policies ENISA. evangelos.ouzounis@enisa.europa.eu

Dr. Vangelis OUZOUNIS Senior Expert Security Policies ENISA. evangelos.ouzounis@enisa.europa.eu Dr. Vangelis OUZOUNIS Senior Expert Security Policies ENISA evangelos.ouzounis@enisa.europa.eu 5 th German Anti-Spam Summit Koeln, 5 th of Sept. 2007 www.enisa.europa.eu 1 Agenda NIS a Challenge for the

More information

Network and Information Security Legislation in the EU

Network and Information Security Legislation in the EU Network and Information Security Legislation in the EU Dr. Marnix Dekker Security expert, Information security officer ENISA @RSA Europe, SPER-R07 Security perspectives Amsterdam, October 31, 2013 www.enisa.europa.eu

More information

CIIP : ENISA s Role in Assisting Member States

CIIP : ENISA s Role in Assisting Member States CIIP : ENISA s Role in Assisting Member States Steve Purser Head of Core Operations SEDE Committee Brussels 21 April 2016 European Union Agency for Network and Information Security ENISA ENISA was formed

More information

European Cloud. Computing Strategy. State of play: 1-2014. Ken Ducatel DG CONNECT

European Cloud. Computing Strategy. State of play: 1-2014. Ken Ducatel DG CONNECT European Cloud State of play: 1-2014 Computing Strategy Ken Ducatel DG CONNECT What is at stake? Cloud as a growth engine Boost GDP : 940 bn cumulative impact for 2015-2020 250bn in 2020 Boosts productivity

More information

NIS Direktive und Europäische sicherheitsrelevante Projekte Udo Helmbrecht Executive Director, ENISA

NIS Direktive und Europäische sicherheitsrelevante Projekte Udo Helmbrecht Executive Director, ENISA NIS Direktive und Europäische sicherheitsrelevante Projekte Udo Helmbrecht Executive Director, ENISA ViS!T - Verwaltung integriert sichere Informationstechnologie, Wien, 29.10.2014 European Union Agency

More information

COMMISSION STAFF WORKING DOCUMENT. Report on the Implementation of the Communication 'Unleashing the Potential of Cloud Computing in Europe'

COMMISSION STAFF WORKING DOCUMENT. Report on the Implementation of the Communication 'Unleashing the Potential of Cloud Computing in Europe' EUROPEAN COMMISSION Brussels, 2.7.2014 SWD(2014) 214 final COMMISSION STAFF WORKING DOCUMENT Report on the Implementation of the Communication 'Unleashing the Potential of Cloud Computing in Europe' Accompanying

More information

Cloud Computing - Cyber Security Challenges

Cloud Computing - Cyber Security Challenges Cloud Computing - Cyber Security Challenges for the Finance Sector Dr. Evangelos Ouzounis Head of Unit Secure Infrastructures and Services - ENISA European Union Agency For Network And Information Security

More information

Cloud Security Standardisation & Certification. Arjan de Jong Policy Advisor Information Security

Cloud Security Standardisation & Certification. Arjan de Jong Policy Advisor Information Security Cloud Security Standardisation & Certification Arjan de Jong Policy Advisor Information Security Overview Economics of standardization and certification (EU) Legal requirements for (cloud) security International

More information

Cloud Computing - Cyber Security Challenges for the Finance Sector

Cloud Computing - Cyber Security Challenges for the Finance Sector Cloud Computing - Cyber Security Challenges for the Finance Sector Dr. Evangelos Ouzounis Head of Unit Secure Infrastructures and Services - ENISA European Union Agency For Network And Information Security

More information

National Cyber Security Strategies

National Cyber Security Strategies May 2012 National Cyber Security Strategies About ENISA The European Network and Information Security Agency (ENISA) is an EU agency created to advance the functioning of the internal market. ENISA is

More information

European Cloud Computing. Strategy. Cloud standards. Ken Ducatel DG CONNECT

European Cloud Computing. Strategy. Cloud standards. Ken Ducatel DG CONNECT European Cloud Computing Cloud standards Strategy Ken Ducatel DG CONNECT The Cloud Computing Strategy The European Commission's strategy 'Unleashing the potential of cloud computing in Europe' Adopted

More information

Cyber security initiatives in European Union and Greece The role of the Regulators

Cyber security initiatives in European Union and Greece The role of the Regulators Cyber security initiatives in European Union and Greece The role of the Regulators Constantinos Louropoulos President of Hellemic Telecoms and Post Commission Agenda Cyberspace challenges EU security initiatives

More information

European Cloud Computing Strategy

European Cloud Computing Strategy European Cloud Computing Strategy Key actions and state of play Jorge GASOS DG Connect, European Commission Jorge.Gasos@ec.europa.eu Impact on providers and users Cloud services: market forecast Supply

More information

Taking on the Cloud Challenge in Europe

Taking on the Cloud Challenge in Europe Taking on the Challenge in Europe scape VII Conference, Brussels Jonathan Sage Government and Regulatory Affairs Cyber Security and Policy Lead, Europe @jonathansage, uk.linkedin.com/in/jonathansageibm

More information

Council of the European Union Brussels, 4 July 2014 (OR. en) Mr Uwe CORSEPIUS, Secretary-General of the Council of the European Union

Council of the European Union Brussels, 4 July 2014 (OR. en) Mr Uwe CORSEPIUS, Secretary-General of the Council of the European Union Council of the European Union Brussels, 4 July 2014 (OR. en) 11603/14 ADD 1 COVER NOTE From: date of receipt: 2 July 2014 To: No. Cion doc.: Subject: RECH 323 TELECOM 140 MI 521 DATAPROTECT 100 COMPET

More information

Enhancing Cyber Security in Europe Dr. Cédric LÉVY-BENCHETON NIS Expert Cyber Security Summit 2015 Milan 16 April 2015

Enhancing Cyber Security in Europe Dr. Cédric LÉVY-BENCHETON NIS Expert Cyber Security Summit 2015 Milan 16 April 2015 Enhancing Cyber Security in Europe Dr. Cédric LÉVY-BENCHETON NIS Expert Cyber Security Summit 2015 Milan 16 April 2015 European Union Agency for Network and Information Security Summary 1 Presentation

More information

Proposal for a DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL

Proposal for a DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL EUROPEAN COMMISSION Brussels, 7.2.2013 COM(2013) 48 final 2013/0027 (COD) Proposal for a DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL concerning measures to ensure a high common level of network

More information

Helmut Wacket Head of Oversight Division. Cybersecurity: regulatory framework and central bank initiatives in the EU

Helmut Wacket Head of Oversight Division. Cybersecurity: regulatory framework and central bank initiatives in the EU Helmut Wacket Head of Oversight Division Cybersecurity: regulatory framework and central bank initiatives in the EU Cybersecurity in the EU Securing network and information systems in the EU is essential

More information

Berlin, 15 th November 2013. Mark Dunne SaaSAssurance

Berlin, 15 th November 2013. Mark Dunne SaaSAssurance Berlin, 15 th November 2013 Mark Dunne SaaSAssurance SaaSAssurance guidance to Irish Government on Cloud Adoption Who are SaaSAssurance? Diverse multilingual European team Focus on the here and now Digital

More information

Good practice guide for CERTs in the area of Industrial Control Systems

Good practice guide for CERTs in the area of Industrial Control Systems Good practice guide for CERTs in the area of Industrial Control Systems Computer Emergency Response Capabilities considerations for ICS October 2013 European Union Agency for Network and Information Security

More information

Cyberspace Situational Awarness in National Security System

Cyberspace Situational Awarness in National Security System Cyberspace Situational Awarness in National Security System Rafał Piotrowski, Joanna Sliwa, Military Communication Institute C4I Systems Department Zegrze, Poland, r.piotrowski@wil.waw.pl, j.sliwa@wil.waw.pl

More information

Achieving Global Cyber Security Through Collaboration

Achieving Global Cyber Security Through Collaboration Achieving Global Cyber Security Through Collaboration Steve Purser Head of Core Operations Department December 2013 European Union Agency for Network and Information Security www.enisa.europa.eu Agenda

More information

Towards defining priorities for cybersecurity research in Horizon 2020's work programme 2016-2017 Contributions from the Working Group on Secure ICT

Towards defining priorities for cybersecurity research in Horizon 2020's work programme 2016-2017 Contributions from the Working Group on Secure ICT Towards defining priorities for cybersecurity research in Horizon 2020's work programme 2016-2017 Contributions from the Working Group on Secure ICT - Research and Innovation of the NIS Platform 8 April

More information

Cyber Europe 2012. Key Findings and Recommendations

Cyber Europe 2012. Key Findings and Recommendations Cyber Europe 2012 December 2012 On National and International Cyber Exercises S I Acknowledgements ENISA wishes to thank all persons and organisations which have contributed to this exercise. In particular,

More information

Cyber Security in EU: ENISA approach

Cyber Security in EU: ENISA approach Cyber Security in EU: ENISA approach Konstantinos Moulinos, Security Expert European Union Network and Information Security Agency Norwegian Energy Days 2015, Oslo European Union Agency for Network and

More information

EU Cybersecurity Strategy and Proposal for Directive on network and information security (NIS) {JOIN(2013) 1 final} {COM(2013) 48 final}

EU Cybersecurity Strategy and Proposal for Directive on network and information security (NIS) {JOIN(2013) 1 final} {COM(2013) 48 final} EU Cybersecurity Strategy and Proposal for Directive on network and information security (NIS) {JOIN(2013) 1 final} {COM(2013) 48 final} Trust and Security Unit DG Communica5ons Networks, Content and Technology

More information

National Cyber Security Strategy 2015-2017

National Cyber Security Strategy 2015-2017 National Cyber Security Strategy 2015-2017 Table of Contents Table of Contents...i Executive Summary... 1 1. Introduction... 2 2. Context - People, Economy, and State... 4 3. Guiding Principles... 10 4.

More information

Proposal for a DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL

Proposal for a DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL EUROPEAN COMMISSION Brussels, XXX [ ](2012) XXX draft Proposal for a DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL concerning measures to ensure a high common level of network and information

More information

Standards for Cyber Security

Standards for Cyber Security Best Practices in Computer Network Defense: Incident Detection and Response M.E. Hathaway (Ed.) IOS Press, 2014 2014 The authors and IOS Press. All rights reserved. doi:10.3233/978-1-61499-372-8-97 97

More information

Methodologies for the identification of Critical Information Infrastructure assets and services

Methodologies for the identification of Critical Information Infrastructure assets and services Methodologies for the identification of Critical Information Infrastructure assets and services Guidelines for charting electronic data communication networks European Union Agency for Network and Information

More information

Cyber Security in Europe

Cyber Security in Europe Cyber Security in Europe Steve Purser Head of Core Operations Dept. - ENISA www.enisa.europa.eu Agenda About ENISA The ENISA Threat Landscape National Cyber Security Strategies Supporting the CERT Community

More information

European Union Agency for Network and Information Security ENISA ANNUAL REPORT

European Union Agency for Network and Information Security ENISA ANNUAL REPORT European Union Agency for Network and Information Security ENISA ANNUAL REPORT 2013 Europe Direct is a service to help you find answers to your questions about the European Union. Freephone number (*):

More information

Cyber Security for Railway Signalling

Cyber Security for Railway Signalling Cyber Security for Railway Signalling Dr. Cédric LÉVY-BENCHETON Network and Information Security Expert European Union Agency for Network and Information Security How to protect signalling system against

More information

National-level Risk Assessments

National-level Risk Assessments European Union Agency for Network and Information Security www.enisa.europa.eu Executive summary This report is based on a study and analysis of approaches to national-level risk assessment and threat

More information

European Privacy Reporter

European Privacy Reporter Is this email not displaying correctly? Try the web version or print version. ISSUE 02 European Privacy Reporter An Update on Legal Developments in European Privacy and Data Protection November 2012 In

More information

Supporting CSIRTs in the EU Marco Thorbruegge Head of Unit Operational Security European Union Agency for Network and Information Security

Supporting CSIRTs in the EU Marco Thorbruegge Head of Unit Operational Security European Union Agency for Network and Information Security Supporting CSIRTs in the EU Marco Thorbruegge Head of Unit Operational Security European Union Agency for Network and Information Security www.enisa.europa.eu European Union Agency for Network and Information

More information

- 'Improving Cyber Security in Europe, the way forward

- 'Improving Cyber Security in Europe, the way forward Report Breakfast Briefing: 'Improving Cyber Security in Europe, the way forward 24 April 2013, European Parliament, Brussels Disclaimer: This report is prepared by the rapporteur, Dr. Alea Fairchild, for

More information

Internet Governance and Cybersecurity Patrick Curry MACCSA patrick.curry@maccsa.net

Internet Governance and Cybersecurity Patrick Curry MACCSA patrick.curry@maccsa.net Internet Governance and Cybersecurity Patrick Curry MACCSA patrick.curry@maccsa.net This project has received funding from the European Union s Seventh Framework Programme for research, technological development

More information

Some Public Sector Cloud Views

Some Public Sector Cloud Views Some Public Sector Cloud Views Herbert.Leitold@a-sit.at Digital Enterprise Europe, London, June 11 th, 2014 Zentrum für sichere Informationstechnologie - Austria Expectations and Take Up some are high

More information

WORK PROGRAMME 2013 27 NOVEMBER 2012

WORK PROGRAMME 2013 27 NOVEMBER 2012 WORK PROGRAMME 2013 27 NOVEMBER 2012 2 Contents 1 EXECUTIVE SUMMARY...7 1.1 Introduction... 7 1.2 Structure... 7 1.2.1 Core operational activities... 7 1.2.2 Operational Horizontal activities... 7 1.2.3

More information

Demystifying cloud computing for SMEs

Demystifying cloud computing for SMEs Demystifying cloud computing for SMEs Tools & Guides for SMEs moving to the Cloud Silvana Muscella, Founder and CEO Trust-IT Services Ltd s.muscella@trust-itservices.com @silvanamuscella www.cloudwatchhub.eu

More information

National Cybersecurity Management System: Framework, Maturity Model and Implementation Guide

National Cybersecurity Management System: Framework, Maturity Model and Implementation Guide National Cybersecurity Management System: Framework, Maturity Model and Implementation Guide Taieb DEBBAGH, PhD, CISA Secretary General Ministry of Industry, Trade and New Technologies, Morocco ITU Regional

More information

EU Regulatory Trends in Data Protection & Cybersecurity What should be on the industry s agenda?

EU Regulatory Trends in Data Protection & Cybersecurity What should be on the industry s agenda? EU Regulatory Trends in Data Protection & Cybersecurity What should be on the industry s agenda? Dr. Jörg Hladjk Counsel European Data Protection & Privacy Practice Hunton & Williams, Brussels Cyber Security

More information

OUTCOME OF PROCEEDINGS

OUTCOME OF PROCEEDINGS Council of the European Union Brussels, 18 November 2014 15585/14 COPS 303 POLMIL 103 CYBER 61 RELEX 934 JAI 880 TELECOM 210 CSC 249 CIS 13 COSI 114 OUTCOME OF PROCEEDINGS From: Council On: 17 18 November

More information

Cyber Security in EU: ENISA approach

Cyber Security in EU: ENISA approach Cyber Security in EU: ENISA approach Konstantinos Moulinos, Security Expert European Union Network and Information Security Agency in Electricity Distribution Grids, Brussels European Union Agency for

More information

Council of the European Union Brussels, 5 March 2015 (OR. en)

Council of the European Union Brussels, 5 March 2015 (OR. en) Council of the European Union Brussels, 5 March 2015 (OR. en) Interinstitutional File: 2013/0027 (COD) 6788/15 LIMITE TELECOM 59 DATAPROTECT 23 CYBER 13 MI 139 CSC 55 CODEC 279 NOTE From: Presidency To:

More information

Expert Group on Cloud Computing Services and Standards ( EGCCSS ) Formation of Working Groups

Expert Group on Cloud Computing Services and Standards ( EGCCSS ) Formation of Working Groups For Discussion on 27 May 2014 Paper EGCCSS-6-3 Expert Group on Cloud Computing Services and Standards ( EGCCSS ) Formation of Working Groups Purpose To propose the setting up of two Working Groups under

More information

Technical Guideline on Security Measures

Technical Guideline on Security Measures European Union Agency for Network and Information Security www.enisa.europa.eu About ENISA The European Union Agency for Network and Information Security (ENISA) is a centre of network and information

More information

Cloud Standardization, Compliance and Certification. Class 2012 event 25.rd of October 2012 Dalibor Baskovc, CEO Zavod e-oblak

Cloud Standardization, Compliance and Certification. Class 2012 event 25.rd of October 2012 Dalibor Baskovc, CEO Zavod e-oblak Cloud Standardization, Compliance and Certification Class 2012 event 25.rd of October 2012 Dalibor Baskovc, CEO Zavod e-oblak Todays Agenda IT Resourcing with Cloud Computing and related challenges Landscape

More information

Cyber Security in Austria

Cyber Security in Austria Cyber Security in Austria The Austrian Cyber Security Strategy Andreas Reichard 18 th May, 2015 Roadmap Austrian Cyber Security Strategy 1/2 MRV MRV 11/2011 03/2012 06/2012 09/2012 10/2012 03/2013 Fed.

More information

Summary Report Report # 1. Security Challenges of Cross-Border Use of Cloud Services under Special Consideration of ENISA s Contributions

Summary Report Report # 1. Security Challenges of Cross-Border Use of Cloud Services under Special Consideration of ENISA s Contributions Summary Report Report # 1 Security Challenges of Cross-Border Use of Cloud Services under Special Consideration of ENISA s Contributions COINS Summer School 2015 on Could Security Prepared by: Nabeel Ali

More information

ENISA perspective on Electronic Trust Services

ENISA perspective on Electronic Trust Services ENISA perspective on Electronic Trust Services Udo Helmbrecht ENISA, Executive Director SECURE Conference, Warsaw, 23 October 2014 www.enisa.europa.eu ENISA activities Recommendations Mobilising Communities

More information

ENISA s contribution to the development of Network and Information Security within the Community

ENISA s contribution to the development of Network and Information Security within the Community ENISA s contribution to the development of Network and Information Security within the Community By Andrea PIROTTI Executive Director ENISA WSIS Implementation Mechanism: Action Line C5. 15 May 2006 1

More information

EU policy on Network and Information Security and Critical Information Infrastructure Protection

EU policy on Network and Information Security and Critical Information Infrastructure Protection EU policy on Network and Information Security and Critical Information Infrastructure Protection Andrea SERVIDA European Commission Directorate General Information Society and Media - DG INFSO Unit A3

More information

JOINT COMMUNICATION TO THE EUROPEAN PARLIAMENT, THE COUNCIL, THE EUROPEAN ECONOMIC AND SOCIAL COMMITTEE AND THE COMMITTEE OF THE REGIONS

JOINT COMMUNICATION TO THE EUROPEAN PARLIAMENT, THE COUNCIL, THE EUROPEAN ECONOMIC AND SOCIAL COMMITTEE AND THE COMMITTEE OF THE REGIONS EUROPEAN COMMISSION HIGH REPRESENTATIVE OF THE EUROPEAN UNION FOR FOREIGN AFFAIRS AND SECURITY POLICY Brussels, 7.2.2013 JOIN(2013) 1 final JOINT COMMUNICATION TO THE EUROPEAN PARLIAMENT, THE COUNCIL,

More information

Technical Guideline on Security Measures

Technical Guideline on Security Measures Technical Guideline on Security Measures DRAFT, Version 1.93, April 2013 TLP GREEN (community wide) ii Technical Guideline on Security Measures About ENISA The European Network and Information Security

More information

EU Directive on Network and Information Security SWD(2013) 31 & SWD(2013) 32. A call for views and evidence

EU Directive on Network and Information Security SWD(2013) 31 & SWD(2013) 32. A call for views and evidence EU Directive on Network and Information Security SWD(2013) 31 & SWD(2013) 32 A call for views and evidence 22 nd May 2013 Contents Contents... 2 Overview: The EU Directive on Network and Information Security...

More information

Working Group on. First Working Group Meeting 29.5.2012

Working Group on. First Working Group Meeting 29.5.2012 Working Group on Cloud Security and Privacy (WGCSP) First Working Group Meeting 29.5.2012 1 Review of fexisting i Standards d and Best Practices on Cloud Security Security Standards and Status List of

More information

ORGANISING NATIONAL CYBERSECURITY CENTRES

ORGANISING NATIONAL CYBERSECURITY CENTRES Information & Security: An International Journal Sarah Backman, vol.32, 2015 http://dx.doi.org/10.11610/isij.3206 ORGANISING NATIONAL CYBERSECURITY CENTRES Sarah BACKMAN Abstract: The emerging trend in

More information

THE CLOUD: OPPORTUNITIES AND ISSUES

THE CLOUD: OPPORTUNITIES AND ISSUES THE CLOUD: OPPORTUNITIES AND ISSUES OF IMMATERIALITY Alberto Pera Partner, Gianni Origoni Grippo Cappelli & Partners THE CLOUD IS A NO-LAND TERRITORY Data can be accessed and processed from anywhere via

More information

Thresholds for annual reporting

Thresholds for annual reporting Thresholds for annual reporting 1h-2h 2h-4h 4h-6h 6h-8h >8h 1% - 2% 2% - 5% 5% - 10% 10% - 15% > 15% 1 Annual reporting 2012 for the first time in the EU, national authorities report about cyber security

More information

Cybersecurity Strategy of the Republic of Cyprus

Cybersecurity Strategy of the Republic of Cyprus Policy Document Cybersecurity Strategy of the Republic of Cyprus Network and Information Security and Protection of Critical Information Infrastructures Version 1.0 23 April 2012 TABLE OF CONTENTS EXECUTIVE

More information

The Growth of the European Cybersecurity Market and of a EU Cybersecurity Industry

The Growth of the European Cybersecurity Market and of a EU Cybersecurity Industry The Growth of the European Cybersecurity Market and of a EU Cybersecurity Industry Yves Lagoude, Director of European Affairs and Thales & Member of the Board of Directors of EOS European Organisation

More information

Cybersecurity cooperation

Cybersecurity cooperation European Union Agency for Network and Information Security www.enisa.europa.eu Page ii About ENISA The European Union Agency for Network and Information Security (ENISA) is a centre of network and information

More information

National Cyber Security Strategies. Practical Guide on Development and Execution

National Cyber Security Strategies. Practical Guide on Development and Execution National Cyber Security Strategies December 2012 National Cyber Security Strategies National Cyber Security Strategies I About ENISA The European Network and Information Security Agency (ENISA) is a centre

More information

Cloud Competency Programme Workshop [1] Secure cloud services in a regulated environment

Cloud Competency Programme Workshop [1] Secure cloud services in a regulated environment Cloud Competency Programme Workshop [1] Secure cloud services in a regulated environment Rob Price Member, Cloud Industry Forum www.cloudindustryforum.org Last 2 years in Public Sector Cloud Public Cloud

More information

ROADMAP. Proposal on a European Strategy for Internet Security

ROADMAP. Proposal on a European Strategy for Internet Security TITLE OF THE INITIATIVE ROADMAP Proposal on a European Strategy for Internet Security TYPE OF INITIATIVE xcwp Non-CWP Implementing act/delegated act LEAD DG RESPONSIBLE UNIT INFSO A3 EXPECTED DATE OF ADOPTION

More information

Partnership for Cyber Resilience

Partnership for Cyber Resilience Partnership for Cyber Resilience Principles for Cyber Resilience 1. Recognition of interdependence: All parties have a role in fostering a resilient shared digital space 2. Role of leadership: Encourage

More information

The Future of Cloud Computing: Elasticity, Legacy Support, Interoperability and Quality of Service

The Future of Cloud Computing: Elasticity, Legacy Support, Interoperability and Quality of Service The Future of Cloud Computing: Elasticity, Legacy Support, Interoperability and Quality of Service Introduction and overview of the workshop Alex Delis and Michael Pantazoglou, University of Athens www.sucreproject.eu

More information

The EBF would like to take the opportunity to note few general remarks on key issues as follows:

The EBF would like to take the opportunity to note few general remarks on key issues as follows: Ref.:EBF_001314 Brussels, 17 June 2013 Launched in 1960, the European Banking Federation is the voice of the European banking sector from the European Union and European Free Trade Association countries.

More information

A Flexible and Comprehensive Approach to a Cloud Compliance Program

A Flexible and Comprehensive Approach to a Cloud Compliance Program A Flexible and Comprehensive Approach to a Cloud Compliance Program Stuart Aston Microsoft UK Session ID: SPO-201 Session Classification: General Interest Compliance in the cloud Transparency Responsibility

More information

Unleashing the Potential of Cloud Computing in Europe - What is it and what does it mean for me?

Unleashing the Potential of Cloud Computing in Europe - What is it and what does it mean for me? EUROPEAN COMMISSION MEMO Brussels, 27 September 2012 Unleashing the Potential of Cloud Computing in Europe - What is it and what does it mean for me? See also IP/12/1025 What is Cloud Computing? Cloud

More information

Introduction of the GCCD. (Global Cybersecurity Center for Development)

Introduction of the GCCD. (Global Cybersecurity Center for Development) Introduction of the GCCD (Global Cybersecurity Center for Development) Contents Ⅰ Ⅱ Ⅲ Ⅳ Ⅴ Ⅵ Ⅶ Background Vision Roles and Responsibilities Organizational Structure and Facilities Partnership Plan GCCD

More information

Cloud Computing. and the European Strategy. State of play: 12-2013. Dan-Mihai CHIRILĂ DG CONNECT

Cloud Computing. and the European Strategy. State of play: 12-2013. Dan-Mihai CHIRILĂ DG CONNECT Cloud Computing State of play: 12-2013 Dan-Mihai CHIRILĂ DG CONNECT and the European Strategy Cloud: an elastic execution environment of resources involving multiple stakeholders and providing a metered

More information

Role of contracts in Cloud Computing an Overview. Kevin McGillivray Doctoral Candidate (NRCCL)

Role of contracts in Cloud Computing an Overview. Kevin McGillivray Doctoral Candidate (NRCCL) Role of contracts in Cloud Computing an Overview Kevin McGillivray Doctoral Candidate (NRCCL) Barriers/Challenges to Cloud Transparency Compliance Legal Shared infrastructure Subcontractors (and their

More information

ENISA Work programme

ENISA Work programme ENISA Work programme 2016 SECURITY Including multiannual planning www.enisa.europa.eu European Union Agency for Network and Information Security About ENISA The European Union Agency for Network and Information

More information

Cyber Security and Cloud Computing. Dr Daniel Prince Course Director MSc in Cyber Security d.prince@lancaster.ac.uk

Cyber Security and Cloud Computing. Dr Daniel Prince Course Director MSc in Cyber Security d.prince@lancaster.ac.uk Cyber Security and Cloud Computing Dr Daniel Prince Course Director MSc in Cyber Security d.prince@lancaster.ac.uk Scope of Today SME Attractors for Cloud Switching to the Cloud Public Private Hybrid Big

More information

Annual Incident Reports 2011

Annual Incident Reports 2011 Annual Incident Reports 2011 October 2012 ii Annual Incident Reports 2011 About ENISA The European Network and Information Security Agency (ENISA) is a centre of network and information security expertise

More information

3 rd Informal Cyber Security Experts Forum Round Table discussion on Cyber Security

3 rd Informal Cyber Security Experts Forum Round Table discussion on Cyber Security Communications Regulatory Authority of the Republic of Lithuania European Security Round Table Microsoft Venue: 3 rd Informal Cyber Security Experts Forum Round Table discussion on Cyber Security Agenda

More information

Cyber Security : preventing and mitigating incidents. Alexander Brown Robert Allen

Cyber Security : preventing and mitigating incidents. Alexander Brown Robert Allen Cyber Security : preventing and mitigating incidents Alexander Brown Robert Allen 07 & 08 October 2015 Cyber Security context of the threat The magnitude and tempo of [cyber security attacks], basic or

More information

Public consultation on the contractual public-private partnership on cybersecurity and possible accompanying measures

Public consultation on the contractual public-private partnership on cybersecurity and possible accompanying measures Public consultation on the contractual public-private partnership on cybersecurity and possible accompanying measures Fields marked with are mandatory. Public consultation on the contractual public-private

More information

Security Framework for Governmental Clouds

Security Framework for Governmental Clouds Security Framework for Governmental Clouds European Union Agency for Network and Information Security www.enisa.europa.eu About ENISA The European Union Agency for Network and Information Security (ENISA)

More information

CYSPA - EC projects supporting NIS

CYSPA - EC projects supporting NIS CYSPA - EC projects supporting NIS Nina Olesen, EOS March 2014 Athens, Greece www.cyspa.eu CYSPA the European project The European Cyber Security Protection Alliance, or CYSPA, is an initiative by 17 organisationsfrom

More information

Hacks, apps and espionage - how protected are you against cyber crime? Top 10 Legal Need-to-Knows

Hacks, apps and espionage - how protected are you against cyber crime? Top 10 Legal Need-to-Knows Hacks, apps and espionage - how protected are you against cyber crime? Top 10 Legal Need-to-Knows 24 February 2015 Callum Sinclair Faith Jayne Agenda Top 10 legal need-to-knows, including: What is cyber

More information

EFFECTS+ Clustering of Trust and Security Research Projects, Identifying Results, Impact and Future Research Roadmap Topics

EFFECTS+ Clustering of Trust and Security Research Projects, Identifying Results, Impact and Future Research Roadmap Topics EFFECTS+ Clustering of Trust and Security Research Projects, Identifying Results, Impact and Future Research Roadmap Topics Frances CLEARY 1, Keith HOWKER 2, Fabio MASSACCI 3, Nick WAINWRIGHT 4, Nick PAPANIKOLAOU

More information

Cloud Security Incident Reporting

Cloud Security Incident Reporting European Union Agency for Network and Information Security www.enisa.europa.eu About ENISA The European Union Agency for Network and Information Security (ENISA) is a centre of network and information

More information

Commonwealth Approach to Cybergovernance and Cybersecurity. By the Commonwealth Telecommunications Organisation

Commonwealth Approach to Cybergovernance and Cybersecurity. By the Commonwealth Telecommunications Organisation Commonwealth Approach to Cybergovernance and Cybersecurity By the Commonwealth Telecommunications Organisation Trends in Cyberspace Cyberspace provides access to ICT Bridging the digital divide and influencing

More information

Critical Infrastructures and Challenges for Enhanced Security and Network Management Dr. Ioannis Chochliouros Evangelos Sfakianakis

Critical Infrastructures and Challenges for Enhanced Security and Network Management Dr. Ioannis Chochliouros Evangelos Sfakianakis Critical Infrastructures and Challenges for Enhanced Security and Network Management Dr. Ioannis Chochliouros Evangelos Sfakianakis 17 th INFOCOM World Conference 2015 Athens, Greece - November 24, 2015

More information

Public Private Partnerships and National Input to International Cyber Security

Public Private Partnerships and National Input to International Cyber Security Public Private Partnerships and National Input to International Cyber Security 10 September 2009 Tallinn, Estonia Maeve Dion Center for Infrastructure Protection George Mason University School of Law Arlington,

More information

CLOUD COMPUTING FOR ehealth DATA PROTECTION ISSUES

CLOUD COMPUTING FOR ehealth DATA PROTECTION ISSUES CLOUD COMPUTING FOR ehealth DATA PROTECTION ISSUES GLOBAL FORUM 2009 ICT & The Future of the Internet - Monday, October 19 th 2009 paolo.balboni@bakernet.com Introduction & Structure ENISA Working Group

More information