Achieving Global Cyber Security Through Collaboration

Transcription

1 Achieving Global Cyber Security Through Collaboration Steve Purser Head of Core Operations Department November 2013 European Union Agency for Network and Information Security

2 Agenda About ENISA The EU Cyber Security Strategy Protec7ng Cri7cal Informa7on Infrastructure Input to EU & MS Cyber Security Strategies Assis7ng Opera7onal Communi7es Security & Data Breach No7fica7on European Union Agency for Network and Information Security 2 2

3 ENISA The European Network & Informa7on Security Agency (ENISA) was formed in The Agency is a Centre of Exper7se that supports the Commission and the EU Member States in the area of informa7on security. We facilitate the exchange of informa7on between EU ins7tu7ons, the public sector and the private sector. European Union Agency for Network and Information Security 3

4 Ac-vi-es The Agency s principal ac7vi7es are as follows: Advising and assis7ng the Commission and the Member States on informa7on security. Collec7ng and analysing data on security prac7ces in Europe and emerging risks. Promo7ng risk assessment and risk management methods. Awareness- raising and co- opera7on between different actors in the informa7on security field. European Union Agency for Network and Information Security 4

5 Agenda About ENISA The EU Cyber Security Strategy Protec7ng Cri7cal Informa7on Infrastructure Input to EU & MS Cyber Security Strategies Assis7ng Opera7onal Communi7es Security & Data Breach No7fica7on European Union Agency for Network and Information Security 5 5

6 EU Cyber Security Strategy The Five strategic objec7ves of the strategy: Achieving cyber resilience Dras7cally reducing cybercrime Developing cyberdefence policy and capabili7es related to the Common Security and Defence Policy (CSDP) Developing the industrial and technological resources for cybersecurity Establishing a coherent interna7onal cyberspace policy for the European Union and promote core EU values. ENISA explicitly called upon. European Union Agency for Network and Information Security 6

7 EU Cybersecurity Strategy The Commission asks ENISA to: Assist the Member States in developing strong na7onal cyber resilience capabili7es. Examine in 2013 the feasibility of Computer Security Incident Response Team(s) for Industrial Control Systems (ICS- CSIRTs) for the EU. Con7nue suppor7ng the Member States and the EU ins7tu7ons in carrying out regular pan- European cyber incident exercises. Propose in 2013 a roadmap for a "Network and Informa7on Security driving licence". Support a cybersecurity championship in 2014, where university students will compete in proposing NIS solu7ons. European Union Agency for Network and Information Security 7

8 EU Cybersecurity Strategy The Commission asks ENISA to: Support the organisa7on of a yearly cybersecurity month. Develop, in coopera7on with relevant stakeholders, technical guidelines and recommenda7ons for the adop7on of NIS standards and good prac7ces in the public and private sectors. Collaborate with Europol to iden7fy emerging trends and needs in view of evolving cybercrime and cybersecurity pa[erns so as to develop adequate digital forensic tools and technologies. European Union Agency for Network and Information Security 8

9 Agenda About ENISA The EU Cyber Security Strategy Protec7ng Cri7cal Informa7on Infrastructure Input to EU & MS Cyber Security Strategies Assis7ng Opera7onal Communi7es Security & Data Breach No7fica7on European Union Agency for Network and Information Security 9 9

10 The ENISA Threat Landscape The ENISA Threat Landscape provides an overview of threats and current and emerging trends. It is based on publicly available data and provides an independent view on observed threats, threat agents and threat trends. Over 120 recent reports from a variety of resources have been analysed. European Union Agency for Network and Information Security 10

11 Developed overview European Union Agency for Network and Information Security 11

12 Cyber Exercises Cyber Europe Europe s first ever interna7onal cyber security exercise EU- US exercise, Also a first : work with COM & MS to build transatlan7c coopera7on Cyber Europe Developed from 2010 & 2011 exercises. Involves MS, private sector and EU ins7tu7ons. Highly realis7c exercise, Oct 2012 European Union Agency for Network and Information Security 12

13 Securing New Technologies European Union Agency for Network and Information Security 13

14 Agenda About ENISA The EU Cyber Security Strategy Protec7ng Cri7cal Informa7on Infrastructure Input to EU & MS Cyber Security Strategies Assis7ng Opera7onal Communi7es Security & Data Breach No7fica7on European Union Agency for Network and Information Security

15 Austria Czech Republic Estonia Finland France Germany Hungary Lithuania Luxemburg Netherlands Poland Romania Slovakia United Kingdom Member States with NCSS European Union Agency for Network and Information Security 15

16 Good Prac-ce Guide ENISA deliverable of 2012 Describes: Known good prac7ces, standards and policies The elements of a good Cyber Security Strategy Ins7tu7ons and roles iden7fied in a Strategy Par7es involved in the development lifecycle Challenges in developing and maintaining a Strategy European Union Agency for Network and Information Security

17 Agenda About ENISA The EU Cyber Security Strategy Protec7ng Cri7cal Informa7on Infrastructure Input to EU & MS Cyber Security Strategies Assis7ng Opera7onal Communi7es Security & Data Breach No7fica7on European Union Agency for Network and Information Security

18 Suppor-ng Opera-onal Communi-es - Overview European Union Agency for Network and Information Security

19 in 2005 Na-onal/governmental CERTs the situa-on has changed ESTABLISHED IN 2005: Finland France Germany Hungary The Netherlands Norway Sweden UK Baseline capabilities of n/g CERTs Initially defined in 2009 (operational aspects) In 2010 Policy recommendations drafted In 2012 ENISA continues to work on a harmonisation together with MS Status Report 2012 National/governmental CERT capabilities updated recommendations 2012 European Union Agency for Network and Information Security 19

20 CERT Exercises and training material ENISA CERT training/exercise material, used since 2009, was extended to host 23 different topics and training exercises including: Technical aspects Organisa7onal aspects Opera7onal aspects Addi7onally a Roadmap was created to answer the ques7on How could ENISA provide more proac7ve and efficient CERT training? European Union Agency for Network and Information Security 20

21 Fostering CERT- LEA Collabora-on Main goals: Define key concepts Describe the technical and legal/regulatory aspects of the fight against cybercrime Compile an inventory of opera7onal, legal/regulatory and procedural barriers and challenges and possible ways to overcome these challenges Collect exis7ng good and best prac7ces Develop recommenda7ons Focus on CERT- LEA coopera7on European Union Agency for Network and Information Security

22 Agenda About ENISA The EU Cyber Security Strategy Protec7ng Cri7cal Informa7on Infrastructure Input to EU & MS Cyber Security Strategies Assis7ng Opera7onal Communi7es Security & Data Breach No7fica7on European Union Agency for Network and Information Security

23 Security & Data Breach No-fica-on Suppor7ng MS in implemen7ng Ar7cle 13a of the Telecommunica7ons Framework Direc7ve Supported NRA s in implemen7ng the provisions under ar7cle 13a Developed and implemented the process for collec7ng annual na7onal reports of security breaches Developed minimum security requirements and propose associated metrics and thresholds Suppor7ng COM and MS in defining technical implementa7on measures for Ar7cle 4 of the eprivacy Direc7ve. Recommenda7ons for the implementa7on of Ar7cle 4. Collabora7on with Art.29 TS in producing a severity methodology for the assessment of breaches by DPAs European Union Agency for Network and Information Security

24 Ar-cle 13a - Incidents incidents from 11 countries, 9 countries without significant incidents, 9 countries with incomplete implementa7on Most incidents Affect mobile comms (60%) Are caused by hardware/sokware failures (47%) third party failures (33%), natural disasters (12%) Many involve power cuts (20%) Natural disasters (storm, floods, et cetera) oken cause power cuts, which cause outages European Union Agency for Network and Information Security 24

25 Ar-cle 13a - Incidents incidents from 18 countries, 9 countries without significant incidents, 1 country with incomplete implementa7on Most incidents Are caused by System failures (76%), third party failures (13%), Malicious ac7ons (8%) natural disasters (6%) European Union Agency for Network and Information Security 25

26 Ques-ons? Follow ENISA: European Union Agency for Network and Information Security