The European Platform in Network and Information Security (NIS) Fabio Martinelli

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "The European Platform in Network and Information Security (NIS) Fabio Martinelli"

Transcription

1 The European Platform in Network and Information Security (NIS) Fabio Martinelli Istituto di Informatica e Telematica Consiglio Nazionale delle Ricerche IIT-CNR, Pisa, Italy

2 Cyber security directive - (Network and Information Security NIS) A new initiative launched by the Commission for member states and companies in order to support the adoption of the new Cyber Security Directive (launched on Jan 2013 revised this Jan.) The aim of the proposed Directive is to ensure a high common level of network and information security (NIS). This means improving the security of the Internet and the private networks and information systems underpinning the functioning of our societies and economies. This will be achieved by requiring the Member States to increase their preparedness and improve their cooperation with each other, and by requiring operators of critical infrastructures, such as energy, transport, and key providers of information society services, as well as public administrations to adopt appropriate steps to manage security risks and report serious incidents to the national competent authorities. 2

3 Cyber security directive (NIS) -2 The directive mainly addresses the necessity to increase the cyber security level of all the member states In particular, consolidation and cooperation of national CERTs able to share incidents information creation of national preparedness plans for cyber security (including authorities etc) including risk management plans 3

4 Cyber security directive (NIS) -3 At the national level it recommends: (a) The definition of the objectives and priorities of the strategy based on an up-todate risk and incident analysis; (b) A governance framework to achieve the strategy objectives and priorities, including a clear definition of the roles and responsibilities of the government bodies and the other relevant actors; (c) The identification of the general measures on preparedness, response and recovery, including cooperation mechanisms between the public and private sectors; (d) An indication of the education, awareness raising and training programmes; (e) Research and development plans and a description of how these plans reflect the identified priorities. 4

5 Cyber security directive (NIS) -4 Among the requirements: Member States shall ensure that public administrations and market operators take appropriate technical and organisational measures to manage the risks posed to the security of the networks and information systems which they control and use in their operations. Having regard to the state of the art, these measures shall guarantee a level of security appropriate to the risk presented. In particular, measures shall be taken to prevent and minimise the impact of incidents affecting their network and information system on the core services they provide and thus ensure the continuity of the services underpinned by those networks and information systems. 5

6 The NIS platform To support the EU cyber security directive EU decided to create a public/private/cooperation in the form of a EU platform on Network and Information Security (NIS) Unique opportunity to better understand NIS Challenges, Threats and Risks A platform for bringing together policy and technical experts to debate about the current and future challenges A platform for influencing future R&D in NIS issues

7 Topics of the NIS platform 1. Organisational measures: practices to define, guide or evaluate an organisation s cybersecurity, specifically its capability to identify, assess and mitigate cybersecurity risks, and to deter and handle incidents; (Risk management for cyber security) 2. Secure products and services: practices to demonstrate the ability of products or services to provide a good level of cybersecurity performance as part of the ICT value chain; (Assurance) 3. Metrics, measurement and language / taxonomy for cyber risk: practices for measuring, describing and evaluating cyber risks, impacts, threats, controls, etc. (Metrics and measurements for cybersecurity) 4. Information exchange: practices for the exchange of cyber incident information, to allow cyber incident reports to be understood and acted upon in the framework of complex cooperation schemes; to facilitate a high level view of all cyber incidents which facilitates spotting trends and directing resources; (Information exchange) 5. Cybersecurity resources: practices to manage and develop cybersecurity knowledge, skills and resources within an organisation or a sector. (Cybersecurity best practices) 7

8 WGs structure Eventually 3 WGs have best established (two mainly operational and one mainly research&innovation oriented): WG1 on Risk Management aims to identify best practice in cybersecurity risk management activities, provide guidance to enhance levels of information security and facilitate the voluntary take-up of the practices; WG2 on Information Sharing aims to promote the sharing of cyber threat information and incidents and allowing coordination in both the public and private segments of the EU; WG3 on Secure ICT R&I WG3 will address issues related to Cyber Security research and innovation in the context of the EU Strategy for Cyber Security.

9 WG3 deliverables WG3 Main deliverables

10 WG3 initial activities WG3 met in Sept. 27 / Dec. 12: Get participants to know each other; Contribute to the terms of reference (TOR); Share knowledge and content related to the Strategic Research Agenda (SRA); Draft a structure that facilitates this work.

11 WG3 Steps achieved Strategic Research Agenda ToC (draft): Executive Summary Introduction Background Description of Area of Interest Description of the AoI s vision Description of the issues and challenges Identification of Technology, Policy and Regulation Enablers Inhibitors SRA ToC Gap analysis (tech., policy, regulation, and competences) for achieving the vision

12 ToC (draft): (cont.) Cross-analysis of all areas of interest s enablers and inhibitors Finding commonalities (e.g., two enablers shared by AoIs) Finding conflicts (e.g., one enabler becomes and inhibitor) Giving research priorities Roadmap Timelines Identification of R&D&I instruments Key performance indicators Other aspects as Economic and Social benefits (using results from the business and educations deliverables) Biblio Appendix SRA ToC (II)

13 Deliverable: Strategic Areas Research of Interest Agenda (SRA)

14 Thanks!

Towards defining priorities for cybersecurity research in Horizon 2020's work programme 2016-2017 Contributions from the Working Group on Secure ICT

Towards defining priorities for cybersecurity research in Horizon 2020's work programme 2016-2017 Contributions from the Working Group on Secure ICT Towards defining priorities for cybersecurity research in Horizon 2020's work programme 2016-2017 Contributions from the Working Group on Secure ICT - Research and Innovation of the NIS Platform 8 April

More information

EU Cybersecurity Strategy and Proposal for Directive on network and information security (NIS) {JOIN(2013) 1 final} {COM(2013) 48 final}

EU Cybersecurity Strategy and Proposal for Directive on network and information security (NIS) {JOIN(2013) 1 final} {COM(2013) 48 final} EU Cybersecurity Strategy and Proposal for Directive on network and information security (NIS) {JOIN(2013) 1 final} {COM(2013) 48 final} Trust and Security Unit DG Communica5ons Networks, Content and Technology

More information

CYSPA - EC projects supporting NIS

CYSPA - EC projects supporting NIS CYSPA - EC projects supporting NIS Nina Olesen, EOS March 2014 Athens, Greece www.cyspa.eu CYSPA the European project The European Cyber Security Protection Alliance, or CYSPA, is an initiative by 17 organisationsfrom

More information

EU Cybersecurity Policy & Legislation ENISA s Contribution

EU Cybersecurity Policy & Legislation ENISA s Contribution EU Cybersecurity Policy & Legislation ENISA s Contribution Steve Purser Head of Core Operations Oslo 26 May 2015 European Union Agency for Network and Information Security Agenda 01 Introduction to ENISA

More information

Safety by trust: British model of cyber security. David Wallace, First Secretary, Head of of the Policy Delivery Group British Embassy in Warsaw

Safety by trust: British model of cyber security. David Wallace, First Secretary, Head of of the Policy Delivery Group British Embassy in Warsaw Safety by trust: British model of cyber security David Wallace, First Secretary, Head of of the Policy Delivery Group British Embassy in Warsaw Strategy Structure Campaign Partnerships Strategy The UK

More information

European priorities in information security

European priorities in information security European priorities in information security Graeme Cooper Head of Public Affairs Unit, ENISA 12th International InfoSec and Data Storage Conference, 26th September 2013, Sheraton Hotel, Sofia, Bulgaria

More information

EU policy on Network and Information Security and Critical Information Infrastructure Protection

EU policy on Network and Information Security and Critical Information Infrastructure Protection EU policy on Network and Information Security and Critical Information Infrastructure Protection Andrea SERVIDA European Commission Directorate General Information Society and Media - DG INFSO Unit A3

More information

Cyber security in education in Greece

Cyber security in education in Greece Cyber security in education in Greece Sokratis K. Katsikas ska@unipi.gr NIST SP800-50 NIS education in Europe EU Cyber security strategy and NIS directive http://eeas.europa.eu/policies/eu-cybersecurity/cybsec_comm_en.pdf

More information

BIC a multi-lateral international cooperation strategy based on in-country Extended Working Groups (EWGs)

BIC a multi-lateral international cooperation strategy based on in-country Extended Working Groups (EWGs) Mr. James Clarke, Waterford Institute of Technology, Telecommunications Software and Systems Group In cooperation with Dr. Barend Taute, BIC IAG member, CSIR Meraka Institute & EuroAfrica ICT/P8 Technical

More information

Cyber Security in Austria

Cyber Security in Austria Cyber Security in Austria The Austrian Cyber Security Strategy Andreas Reichard 18 th May, 2015 Roadmap Austrian Cyber Security Strategy 1/2 MRV MRV 11/2011 03/2012 06/2012 09/2012 10/2012 03/2013 Fed.

More information

Helmut Wacket Head of Oversight Division. Cybersecurity: regulatory framework and central bank initiatives in the EU

Helmut Wacket Head of Oversight Division. Cybersecurity: regulatory framework and central bank initiatives in the EU Helmut Wacket Head of Oversight Division Cybersecurity: regulatory framework and central bank initiatives in the EU Cybersecurity in the EU Securing network and information systems in the EU is essential

More information

ESCoRTS A European network for the Security of Control & Real Time Systems

ESCoRTS A European network for the Security of Control & Real Time Systems ESCoRTS A European network for the Security of Control & Real Time Systems Luc Van den Berghe CEN-CENELEC Management Centre 20/05/10 Luxembourg workshop 1 Recommendations from a CEN/BT WG161 Survey in

More information

EFFECTS+ Clustering of Trust and Security Research Projects, Identifying Results, Impact and Future Research Roadmap Topics

EFFECTS+ Clustering of Trust and Security Research Projects, Identifying Results, Impact and Future Research Roadmap Topics EFFECTS+ Clustering of Trust and Security Research Projects, Identifying Results, Impact and Future Research Roadmap Topics Frances CLEARY 1, Keith HOWKER 2, Fabio MASSACCI 3, Nick WAINWRIGHT 4, Nick PAPANIKOLAOU

More information

Usage Control in Cloud Systems

Usage Control in Cloud Systems Usage Control in Cloud Systems Paolo Mori Istituto di Informatica e Telematica Consiglio Nazionale delle Ricerche Pisa Italy Agenda Examples of usage of Cloud services Usage Control Model Policy Language

More information

DORSET & WILTSHIRE FIRE AND RESCUE AUTHORITY Performance, Risk and Business Continuity Management Policy

DORSET & WILTSHIRE FIRE AND RESCUE AUTHORITY Performance, Risk and Business Continuity Management Policy Not Protectively Marked Item 6 Appendix B DORSET & WILTSHIRE FIRE AND RESCUE AUTHORITY Management Policy The Dorset & Wiltshire Fire and Rescue Authority () is the combined fire and rescue authority for

More information

Cyber Security Strategy

Cyber Security Strategy NEW ZEALAND S Cyber Security Strategy 2015 A secure, resilient and prosperous online New Zealand Ministerial Foreword The internet and technology have become a fundamental element in our lives. We use

More information

Overview TECHIS60851. Manage information security business resilience activities

Overview TECHIS60851. Manage information security business resilience activities Overview Information security business resilience encompasses business continuity and disaster recovery from information security threats. As well as addressing the consequences of a major security incident,

More information

EU Cybersecurity: Ensuring Trust in the European Digital Economy

EU Cybersecurity: Ensuring Trust in the European Digital Economy EU Cybersecurity: Ensuring Trust in the European Digital Economy Synthesis of the FIC Breakfast-Debate 15 October 2013, Brussels With the participation of Tunne Kelam Member of the European Parliament'

More information

Release of the Draft Cybersecurity Procurement Language for Energy Delivery Systems

Release of the Draft Cybersecurity Procurement Language for Energy Delivery Systems Release of the Draft Cybersecurity Procurement Language for Energy Delivery Systems Energy Sector Control Systems Working Group Supporting the Electricity Sector Coordinating Council, Oil & Natural Gas

More information

The European CYberSecurity cppp ECYS Draft Proposal

The European CYberSecurity cppp ECYS Draft Proposal The European CYberSecurity cppp ECYS Draft Proposal 12 April 2016 The urgency to act We cannot miss the window opportunity for budgetary reasons: create a synergy among the different EC budgets via the

More information

Council of the European Union Brussels, 5 March 2015 (OR. en)

Council of the European Union Brussels, 5 March 2015 (OR. en) Council of the European Union Brussels, 5 March 2015 (OR. en) Interinstitutional File: 2013/0027 (COD) 6788/15 LIMITE TELECOM 59 DATAPROTECT 23 CYBER 13 MI 139 CSC 55 CODEC 279 NOTE From: Presidency To:

More information

NIS Direktive und Europäische sicherheitsrelevante Projekte Udo Helmbrecht Executive Director, ENISA

NIS Direktive und Europäische sicherheitsrelevante Projekte Udo Helmbrecht Executive Director, ENISA NIS Direktive und Europäische sicherheitsrelevante Projekte Udo Helmbrecht Executive Director, ENISA ViS!T - Verwaltung integriert sichere Informationstechnologie, Wien, 29.10.2014 European Union Agency

More information

CYSPA launch event - Turkey

CYSPA launch event - Turkey CYSPA launch event - Turkey Rome, 09 June 2014 Ankara 17th February, 2015 Luigi REBUFFI CEO EOS CYSPA Coordination www.cyspa.eu CYSPA launch events 6 June 2014 - UK: London 9 June 2014 IT: Rome 30 June

More information

Implementing Executive Order and Presidential Policy Directive 21

Implementing Executive Order and Presidential Policy Directive 21 Implementing Executive Order 13636 and Presidential Policy Directive 21 2013 2014 Winter Energy Conference November 1, 2013 Bob Kolasky Director, EO-PPD Integrated Task Force Announcement of the EO and

More information

ENISA What s On? ENISA as facilitator for enhanced Network and Information Security in Europe. CENTR General Assembly, Brussels October 4, 2012

ENISA What s On? ENISA as facilitator for enhanced Network and Information Security in Europe. CENTR General Assembly, Brussels October 4, 2012 ENISA What s On? ENISA as facilitator for enhanced Network and Information Security in Europe CENTR General Assembly, Brussels October 4, 2012 christoffer.karsberg@enisa.europa.eu 1 Who we are ENISA was

More information

Committees Date: Subject: Public Report of: For Information Summary

Committees Date: Subject: Public Report of: For Information Summary Committees Audit & Risk Management Committee Finance Committee Subject: Cyber Security Risks Report of: Chamberlain Date: 17 September 2015 22 September 2015 Public For Information Summary Cyber security

More information

Internet Governance and Cybersecurity Patrick Curry MACCSA patrick.curry@maccsa.net

Internet Governance and Cybersecurity Patrick Curry MACCSA patrick.curry@maccsa.net Internet Governance and Cybersecurity Patrick Curry MACCSA patrick.curry@maccsa.net This project has received funding from the European Union s Seventh Framework Programme for research, technological development

More information

OUTCOME OF PROCEEDINGS

OUTCOME OF PROCEEDINGS Council of the European Union Brussels, 18 November 2014 15585/14 COPS 303 POLMIL 103 CYBER 61 RELEX 934 JAI 880 TELECOM 210 CSC 249 CIS 13 COSI 114 OUTCOME OF PROCEEDINGS From: Council On: 17 18 November

More information

Building International Cooperation for Trustworthy ICT (BIC) Presented by: Michel Riguidel, Telecom Paris-Tech

Building International Cooperation for Trustworthy ICT (BIC) Presented by: Michel Riguidel, Telecom Paris-Tech Building International Cooperation for Trustworthy ICT (BIC) Presented by: Michel Riguidel, Telecom Paris-Tech Objectives/Challenges/Timeline Int l cooperation (INCO) between the EU and the programme agencies

More information

Future cybersecurity threats and research needs.

Future cybersecurity threats and research needs. www.thalesgroup.com Future cybersecurity threats and research needs. 3 rd Franco-American Workshop on Cybersecurity Lyon Kreshnik Musaraj kreshnik.musaraj@thalesgroup.com December 9. 2014 2 / Challenges

More information

Cyber Defence Capability Assessment Tool (CDCAT ) Improving cyber security preparedness through risk and vulnerability analysis

Cyber Defence Capability Assessment Tool (CDCAT ) Improving cyber security preparedness through risk and vulnerability analysis Cyber Defence Capability Assessment Tool (CDCAT ) Improving cyber security preparedness through risk and vulnerability analysis An analogue approach to a digital world What foundations is CDCAT built on?

More information

Towards new mission-oriented RTI policy and new rationales for programming and priority-setting

Towards new mission-oriented RTI policy and new rationales for programming and priority-setting Towards new mission-oriented RTI policy and new rationales for programming and priority-setting Insights from the case of security K. Matthias Weber (AIT) E. Anders Eriksson (FOI) EU-SPRI Conference Helsinki,

More information

ICT. Suffolk Coastal District Council and Waveney District Council s ICT Strategy. Strategy

ICT. Suffolk Coastal District Council and Waveney District Council s ICT Strategy. Strategy ICT Suffolk Coastal District Council and Waveney District Council s Strategy 2 Introduction and Aims The aim of the ICT strategy is to provide a strategic vision and framework for the direction of East

More information

April 28, 2014. Ms. Hada Flowers Regulatory Secretariat Division General Services Administration 1800 F Street, NW, 2 nd Floor Washington, DC

April 28, 2014. Ms. Hada Flowers Regulatory Secretariat Division General Services Administration 1800 F Street, NW, 2 nd Floor Washington, DC April 28, 2014 Ms. Hada Flowers Regulatory Secretariat Division General Services Administration 1800 F Street, NW, 2 nd Floor Washington, DC RE: Information Technology Sector Coordinating Council (IT SCC)

More information

National Initiative for Cyber Security Education

National Initiative for Cyber Security Education 2014/PPWE/SEM2/007 Agenda Item: 5 National Initiative for Cyber Security Education Submitted by: United States Women Business and Smart Technology Seminar Beijing, China 23 May 2014 NICE OVERVIEW Women

More information

Parametric Attack Graph Construction and Analysis

Parametric Attack Graph Construction and Analysis Parametric Attack Graph Construction and Analysis Leanid Krautsevich Department of Computer Science, University of Pisa Largo Bruno Pontecorvo 3, Pisa 56127, Italy Istituto di Informatica e Telematica,

More information

FFIEC Cybersecurity Assessment Tool Overview for Chief Executive Officers and Boards of Directors

FFIEC Cybersecurity Assessment Tool Overview for Chief Executive Officers and Boards of Directors Overview for Chief Executive Officers and Boards of Directors In light of the increasing volume and sophistication of cyber threats, the Federal Financial Institutions Examination Council 1 (FFIEC) developed

More information

ETIP Wind Steering Committee meeting Monday 7th March 2016 11:00 16:45 EWEA office, Rue d Arlon 80 6th floor Bruxelles AGENDA

ETIP Wind Steering Committee meeting Monday 7th March 2016 11:00 16:45 EWEA office, Rue d Arlon 80 6th floor Bruxelles AGENDA ETIP Wind Steering Committee Meeting: ETIP Wind Steering Committee meeting Monday 7th March 2016 11:00 16:45 EWEA office, Rue d Arlon 80 6th floor Bruxelles AGENDA 11:00 11:30 11:30 12:00 12:00-12:45 12:45

More information

European Roadmap for Cyber-Physical Systems in Manufacturing. C P S Vision, Objectives, Impact and project methodology

European Roadmap for Cyber-Physical Systems in Manufacturing. C P S Vision, Objectives, Impact and project methodology European Roadmap for Cyber-Physical Systems in Manufacturing C P S Vision, Objectives, Impact and project methodology scorpius Vision 2 C P S is aiming to became the catalyst for CPS4MFG (CPS for Manufacturing)

More information

NICE and Framework Overview

NICE and Framework Overview NICE and Framework Overview Bill Newhouse NIST NICE Leadership Team Computer Security Division Information Technology Lab National Institute of Standards and Technology TABLE OF CONTENTS Introduction to

More information

EU Priorities in Cybersecurity. Steve Purser Head of Core Operations Department June 2013

EU Priorities in Cybersecurity. Steve Purser Head of Core Operations Department June 2013 EU Priorities in Cybersecurity Steve Purser Head of Core Operations Department June 2013 Agenda About ENISA The EU Cyber Security Strategy Protecting Critical Information Infrastructure National & EU Cyber

More information

On the European experience in critical infrastructure protection

On the European experience in critical infrastructure protection DCAF a centre for security, development and the rule of law On the European experience in critical infrastructure protection Valeri R. RATCHEV ratchevv@yahoo.com @ratchevv DCAF/CSDM 1 This presentation

More information

Cybersecurity Audit Why are we still Vulnerable? November 30, 2015

Cybersecurity Audit Why are we still Vulnerable? November 30, 2015 Cybersecurity Audit Why are we still Vulnerable? November 30, 2015 John R. Robles, CISA, CISM, CRISC www.johnrrobles.com jrobles@coqui.net 787-647-3961 John R. Robles- 787-647-3961 1 9/11-2001 The event

More information

The internet and digital technologies play an integral part

The internet and digital technologies play an integral part The Cyber challenge Adjacent Digital Politics Ltd gives an overview of the EU Commission s Cyber Security Strategy and Commissioner Ashton s priorities to increase cyber security in Europe The internet

More information

BOTSWANA NATIONAL CYBER SECURITY STRATEGY PROJECT

BOTSWANA NATIONAL CYBER SECURITY STRATEGY PROJECT BOTSWANA NATIONAL CYBER SECURITY STRATEGY PROJECT Presenter: C. MASIGA Event: ICT PITSO 2015 Date: 25/08/15 PRESENTATION OUTLINE Current Situational Analysis Remedial Actions for CSA Expected Benefits

More information

Legal Aspects of the MonIKA-Project - Privacy meets Cybersecurity

Legal Aspects of the MonIKA-Project - Privacy meets Cybersecurity Legal Aspects of the MonIKA-Project - Privacy meets Cybersecurity Sebastian Meissner Security Incident Information Sharing Workshop Berlin, 26.07.2013 Introduction Opening question Privacy & cybersecurity:

More information

Cyber Security in EU: ENISA approach

Cyber Security in EU: ENISA approach Cyber Security in EU: ENISA approach Konstantinos Moulinos, Security Expert European Union Network and Information Security Agency in Electricity Distribution Grids, Brussels European Union Agency for

More information

The Growth of the European Cybersecurity Market and of a EU Cybersecurity Industry

The Growth of the European Cybersecurity Market and of a EU Cybersecurity Industry The Growth of the European Cybersecurity Market and of a EU Cybersecurity Industry Yves Lagoude, Director of European Affairs and Thales & Member of the Board of Directors of EOS European Organisation

More information

Horizon 2020 - ICT Call 2016 Topic Preview 5 th May 2015

Horizon 2020 - ICT Call 2016 Topic Preview 5 th May 2015 Horizon 2020 - ICT Call 206 Topic Preview 5 th May 205 Call Identifier: H2020-ICT-206 Call Publication: late Q3 205 Call Deadline: Q-2 206 (except for the instrument) Estimated budget for this call: 970

More information

CYBER SECURITY SERVICES PWNED

CYBER SECURITY SERVICES PWNED CYBER SECURITY SERVICES PWNED Jens Thonke Capital Market Day 16 Sept 2015 1 AGENDA Cyber Security Services in brief Market overview and key trends Offering and channels Competition Enabling growth Performance

More information

Dr. Vangelis OUZOUNIS Senior Expert Security Policies ENISA. evangelos.ouzounis@enisa.europa.eu

Dr. Vangelis OUZOUNIS Senior Expert Security Policies ENISA. evangelos.ouzounis@enisa.europa.eu Dr. Vangelis OUZOUNIS Senior Expert Security Policies ENISA evangelos.ouzounis@enisa.europa.eu 5 th German Anti-Spam Summit Koeln, 5 th of Sept. 2007 www.enisa.europa.eu 1 Agenda NIS a Challenge for the

More information

Information governance strategy 2014-16

Information governance strategy 2014-16 Information Commissioner s Office Information governance strategy 2014-16 Page 1 of 16 Contents 1.0 Executive summary 2.0 Introduction 3.0 ICO s corporate plan 2014-17 4.0 Regulatory environment 5.0 Scope

More information

West Sussex County Council Resilience Policy

West Sussex County Council Resilience Policy West Sussex County Council Resilience Policy INDEX page 2 Policy Statement page 3 Vision Statement,Values and General Principles page 4 Introduction and purpose page 4 Scope of the Policy page 4 The Council

More information

Lessons from Defending Cyberspace

Lessons from Defending Cyberspace Lessons from Defending Cyberspace The Challenge of Addressing National Cyber Risk Andy Purdy Workshop on Cyber Security Center for American Studies, Christopher Newport College 10 28-2009 Cyber Threat

More information

NIST Cybersecurity Framework What It Means for Energy Companies

NIST Cybersecurity Framework What It Means for Energy Companies Daniel E. Frank J.J. Herbert Mark Thibodeaux NIST Cybersecurity Framework What It Means for Energy Companies November 14, 2013 Your Panelists Dan Frank J.J. Herbert Mark Thibodeaux 2 Overview The Cyber

More information

Infocomm Security Masterplan 2

Infocomm Security Masterplan 2 INFOCOMM DEVELOPMENT AUTHORITY OF SINGAPORE 8 Temasek Boulevard #14-00 Suntec Tower 3 Singapore 038988 Tel : 65-62110888 Fax : 65-62112222 www.ida.gov.sg April 2009 Infocomm Security Masterplan 2 The Infocomm

More information

National Cyber Security Strategy 2015-2017

National Cyber Security Strategy 2015-2017 National Cyber Security Strategy 2015-2017 Table of Contents Table of Contents...i Executive Summary... 1 1. Introduction... 2 2. Context - People, Economy, and State... 4 3. Guiding Principles... 10 4.

More information

Harrow Business Consultative Panel. Business Continuity Management. Responsible Officer: Myfanwy Barrett Director of Finance and Business Strategy

Harrow Business Consultative Panel. Business Continuity Management. Responsible Officer: Myfanwy Barrett Director of Finance and Business Strategy Meeting: Harrow Business Consultative Panel Date: 18 th July 2006 Subject: Business Continuity Management Responsible Officer: Myfanwy Barrett Director of Finance and Business Strategy Contact Officer:

More information

TDL Recommendations to NIS (WG3/SRA)

TDL Recommendations to NIS (WG3/SRA) TDL Recommendations to NIS (WG3/SRA) Editors: Pascal Bisson, Jim Clarke, Amardeo Sarma, Daan Velthausz, Volkmar Lotz, Arthur Leijtens, Stefan Bumerl Contributors: community members at large with special

More information

Cyber Security in EU: ENISA approach

Cyber Security in EU: ENISA approach Cyber Security in EU: ENISA approach Konstantinos Moulinos, Security Expert European Union Network and Information Security Agency Norwegian Energy Days 2015, Oslo European Union Agency for Network and

More information

IAPP Global Privacy Summit Protecting Privacy Under the Cybersecurity Microscope

IAPP Global Privacy Summit Protecting Privacy Under the Cybersecurity Microscope IAPP Global Privacy Summit Protecting Privacy Under the Cybersecurity Microscope March 6, 2014 Victoria King UPS (404) 828-6550 vking@ups.com Lisa J. Sotto Hunton & Williams LLP (212) 309-1223 lsotto@hunton.com

More information

CYBER SECURITY FOUNDATION - OUTLINE

CYBER SECURITY FOUNDATION - OUTLINE CYBER SECURITY FOUNDATION - OUTLINE Cyber security - Foundation - Outline Document Administration Copyright: QT&C Group Ltd, 2014 Document version: 0.2 Author: N R Landman (MD and Principal Consultant)

More information

City Technology Platform Technical Architecture Context

City Technology Platform Technical Architecture Context December 2013 City Technology Platform Technical Architecture Context Intro A major component of the 24m Future City Demonstrator award from the Technology Strategy Board (TSB) has been the design and

More information

Working Party on Information Security and Privacy

Working Party on Information Security and Privacy Unclassified DSTI/ICCP/REG(2003)5/REV1 DSTI/ICCP/REG(2003)5/REV1 Unclassified Organisation de Coopération et de Développement Economiques Organisation for Economic Co-operation and Development 02-Jul-2003

More information

Bradford J. Willke, CISSP

Bradford J. Willke, CISSP Engineering National Cybersecurity and Critical Information Infrastructure Protection Bradford J. Willke, CISSP 16 October 2007 ITU Regional Workshop Buenos Aires, Argentina Overview Purpose: This session

More information

Public consultation on the contractual public-private partnership on cybersecurity and possible accompanying measures

Public consultation on the contractual public-private partnership on cybersecurity and possible accompanying measures Public consultation on the contractual public-private partnership on cybersecurity and possible accompanying measures Fields marked with are mandatory. Public consultation on the contractual public-private

More information

Presidency of the Council of Ministers THE NATIONAL PLAN FOR CYBERSPACE PROTECTION AND ICT SECURITY

Presidency of the Council of Ministers THE NATIONAL PLAN FOR CYBERSPACE PROTECTION AND ICT SECURITY Presidency of the Council of Ministers THE NATIONAL PLAN FOR CYBERSPACE PROTECTION AND ICT SECURITY December 2013 Presidency of the Council of Ministers THE NATIONAL PLAN FOR CYBERSPACE PROTECTION AND

More information

CYBER SECURITY AND RISK MANAGEMENT. An Executive level responsibility

CYBER SECURITY AND RISK MANAGEMENT. An Executive level responsibility CYBER SECURITY AND RISK MANAGEMENT An Executive level responsibility Cyberspace poses risks as well as opportunities Cyber security risks are a constantly evolving threat to an organisation s ability to

More information

TRANSPORT FOR LONDON SAFETY, HEALTH AND ENVIRONMENT ASSURANCE COMMITTEE

TRANSPORT FOR LONDON SAFETY, HEALTH AND ENVIRONMENT ASSURANCE COMMITTEE AGENDA ITEM 9 TRANSPORT FOR LONDON SAFETY, HEALTH AND ENVIRONMENT ASSURANCE COMMITTEE SUBJECT: REVIEW OF TFL RESILIENCE MANAGEMENT POLICY FRAMEWORK DATE: 20 JULY 2010 1 PURPOSE AND DECISION REQUIRED 1.1

More information

The EBF would like to take the opportunity to note few general remarks on key issues as follows:

The EBF would like to take the opportunity to note few general remarks on key issues as follows: Ref.:EBF_001314 Brussels, 17 June 2013 Launched in 1960, the European Banking Federation is the voice of the European banking sector from the European Union and European Free Trade Association countries.

More information

Building Blocks of a Cyber Resilience Program. Monika Josi monika.josi@safis.ch

Building Blocks of a Cyber Resilience Program. Monika Josi monika.josi@safis.ch Building Blocks of a Cyber Resilience Program Monika Josi monika.josi@safis.ch About me Chief Security Advisor for Microsoft Europe, Middle East and Africa providing support to Governments and CIIP until

More information

Project Resilience and Public Private Partnerships

Project Resilience and Public Private Partnerships + Sara BOUCHON Carmelo DI MAURO RGS Srl Risk Governance Solutions Project Resilience and Public Private Partnerships 3rd Miracle Conference Resilience October 30th, 31st and November 1st, 2013 Kennemerland

More information

CYBER SECURITY STRATEGY OF THE CZECH REPUBLIC FOR THE 2011 2015 PERIOD

CYBER SECURITY STRATEGY OF THE CZECH REPUBLIC FOR THE 2011 2015 PERIOD CYBER SECURITY STRATEGY OF THE CZECH REPUBLIC FOR THE 2011 2015 PERIOD The 2011 2015 Cyber Security Strategy of the Czech Republic is linked to the Security Strategy of the Czech Republic and reflects

More information

GRUAN Station Report for Potenza

GRUAN Station Report for Potenza WMO/IOC/UNEP/ICSU GLOBAL CLIMATE OBSERVING SYSTEM (GCOS) 7th GRUAN Implementation- Coordination Meeting (ICM-7) Matera, Italy 23 February 27 February 2015 Doc. 8.12 (11.II.2015) Session 8 GRUAN Station

More information

Cyber security Indian perspective & Collaboration With EU

Cyber security Indian perspective & Collaboration With EU Cyber security Indian perspective & Collaboration With EU Abhishek Sharma, BIC IAG member, On behalf of Dr. A.S.A Krishnan, Sr. Director, Department of Electronics & Information Technology Government of

More information

ICT Internal Audit Strategy 2009-10 to 2011-12. Report by the Head of Finance

ICT Internal Audit Strategy 2009-10 to 2011-12. Report by the Head of Finance Audit Committee 24 September 2009 Item No. 12 ICT Internal Audit Strategy 2009-10 to 2011-12 Report by the Head of Finance This report introduces the ICT Internal Audit Strategy and asks the Audit Committee

More information

Achieving Global Cyber Security Through Collaboration

Achieving Global Cyber Security Through Collaboration Achieving Global Cyber Security Through Collaboration Steve Purser Head of Core Operations Department December 2013 European Union Agency for Network and Information Security www.enisa.europa.eu Agenda

More information

Track 14. Networking and Coordination Cluster of CSAs / NoEs in Trust and Security

Track 14. Networking and Coordination Cluster of CSAs / NoEs in Trust and Security Track 14 Networking and Coordination Cluster of CSAs / NoEs in Trust and Security Session proposed and chaired by Jim Clarke, Waterford Institute of Technology TSSG, Project coordinator of FP7 BIC CA.

More information

WHAT S ABOUT CYBERSECURITY, WP 2016-2017

WHAT S ABOUT CYBERSECURITY, WP 2016-2017 WHAT S ABOUT CYBERSECURITY, WP 2016-2017 ERRIN-SOST CYBERSECURITY BROKERAGE 30-SEP-2015 Dr. Marina Martínez García Programme Officer H2020 Spanish Officer for Science and Technology, SOST-CDTI 80.000 M

More information

Cooperation in Securing National Critical Infrastructure

Cooperation in Securing National Critical Infrastructure Cooperation in Securing National Critical Infrastructure Dr. Steve Purser Head of Core Operations Department European Network and Information Security Agency Agenda About ENISA Protecting Critical Information

More information

aecert Roadmap Eng. Mohammed Gheyath Director, Technical Affairs TRA

aecert Roadmap Eng. Mohammed Gheyath Director, Technical Affairs TRA aecert Roadmap Eng. Mohammed Gheyath Director, Technical Affairs TRA Agenda Introduction aecert Vision & Mission The need to establish a UAE National CERT Constituent Framework & Service Catalog National

More information

Accenture Cyber Security Transformation. October 2015

Accenture Cyber Security Transformation. October 2015 Accenture Cyber Security Transformation October 2015 Today s Presenter Antti Ropponen, Nordic Cyber Defense Domain Lead Accenture Nordics Antti is a leading consultant in Accenture's security consulting

More information

Enhancing Cyber Security in Europe Dr. Cédric LÉVY-BENCHETON NIS Expert Cyber Security Summit 2015 Milan 16 April 2015

Enhancing Cyber Security in Europe Dr. Cédric LÉVY-BENCHETON NIS Expert Cyber Security Summit 2015 Milan 16 April 2015 Enhancing Cyber Security in Europe Dr. Cédric LÉVY-BENCHETON NIS Expert Cyber Security Summit 2015 Milan 16 April 2015 European Union Agency for Network and Information Security Summary 1 Presentation

More information

Report to Trust Board

Report to Trust Board Report to Trust Board Date of Board Meeting: 25 th November 2009 Subject: Trust Board Lead: NHS Litigation Authority (NHSLA) Assessment Preparation Rosie Musson Head of and Partnerships Presented by: Rosie

More information

Information, Communications and Technology Strategy. Purpose 2. Strategic Aims 2. Introduction 2. ICT Vision for 2015-2020 3. Key themes and aims: 4

Information, Communications and Technology Strategy. Purpose 2. Strategic Aims 2. Introduction 2. ICT Vision for 2015-2020 3. Key themes and aims: 4 Brigade Order Operations Brigade Order Administration 16 Part Part 1 Section Title Information, Communications and Technology Strategy Contents No. Purpose 2 Strategic Aims 2 Introduction 2 ICT Vision

More information

Actions and Recommendations (A/R) Summary

Actions and Recommendations (A/R) Summary Actions and Recommendations (A/R) Summary Priority I: A National Cyberspace Security Response System A/R 1-1: DHS will create a single point-ofcontact for the federal government s interaction with industry

More information

Information Governance Strategy

Information Governance Strategy Information Governance Strategy ONCE PRINTED OFF, THIS IS AN UNCONTROLLED DOCUMENT. PLEASE CHECK THE INTRANET FOR THE MOST UP TO DATE COPY Target Audience: All staff employed or working on behalf of the

More information

Jyväskylä Cyber Security Ecosystem

Jyväskylä Cyber Security Ecosystem Jyväskylä Cyber Security Ecosystem Adjunct Professor, Dr. (Military Sciences), Col (ret.) Martti Lehto 30.9.2015 High Level Cyber Security Comment 4.2.2014 President Sauli Niinistö highlighted cyber security.

More information

Cybersecurity Awareness for Executives

Cybersecurity Awareness for Executives SESSION ID: SOP-R04 Cybersecurity Awareness for Executives Rob Sloan Head of Cyber Content and Data Dow Jones @_rob_sloan Session Overview Aim: Provide a high level overview of an effective cybersecurity

More information

Unleashing the Potential of Cloud Computing in Europe - What is it and what does it mean for me?

Unleashing the Potential of Cloud Computing in Europe - What is it and what does it mean for me? EUROPEAN COMMISSION MEMO Brussels, 27 September 2012 Unleashing the Potential of Cloud Computing in Europe - What is it and what does it mean for me? See also IP/12/1025 What is Cloud Computing? Cloud

More information

ICT Strategy 2 0 1 4-2 0 1 6

ICT Strategy 2 0 1 4-2 0 1 6 2 0 1 4-2 0 1 6 Document revision history Date Version Revision Comment Author / Editor 0 1 Initial draft Gregory Peacock 04/07/2014 0 2 General revision Alan Hough 10/7/2014 0 3 Minor additions Gregory

More information

Cyberspace Situational Awarness in National Security System

Cyberspace Situational Awarness in National Security System Cyberspace Situational Awarness in National Security System Rafał Piotrowski, Joanna Sliwa, Military Communication Institute C4I Systems Department Zegrze, Poland, r.piotrowski@wil.waw.pl, j.sliwa@wil.waw.pl

More information

ISO/IEC 15504 Part 10 Safety Extension. Giuseppe Lami Istituto di Scienza e Tecnologie dell Informazione Consiglio Nezionale delle Ricerche Pisa

ISO/IEC 15504 Part 10 Safety Extension. Giuseppe Lami Istituto di Scienza e Tecnologie dell Informazione Consiglio Nezionale delle Ricerche Pisa ISO/IEC 15504 Part 10 Safety Extension Giuseppe Lami Istituto di Scienza e Tecnologie dell Informazione Consiglio Nezionale delle Ricerche Pisa ISO/IEC 15504 Part 10 talk overview Foundation of the draft

More information

D 6.4 and D7.4 Draft topics of EEGI Implementation Plan 2016-2018 Revision: Definitive

D 6.4 and D7.4 Draft topics of EEGI Implementation Plan 2016-2018 Revision: Definitive Project no.: 282794 Project acronym GRID+ Project title: Supporting the Development of the European Electricity Grids Initiative (EEGI) Instrument: Coordination and support action Thematic priority: ENERGY.2011.7.3-1:

More information

VIRGINIA CYBER SECURITY COMMISSION November 7, 2014

VIRGINIA CYBER SECURITY COMMISSION November 7, 2014 VIRGINIA CYBER SECURITY COMMISSION November 7, 2014 1 Mission Statement The mission of the Virginia Cyber Security Partnership is to establish and maintain a trusted community of public and private sector

More information

Moving from Quality Management System (QMS) to Safety Management System (SMS) Capt. Nasir Iqbal Senior Safety Risk Specialist GCAA, UAE

Moving from Quality Management System (QMS) to Safety Management System (SMS) Capt. Nasir Iqbal Senior Safety Risk Specialist GCAA, UAE Moving from Quality Management System (QMS) to Safety Management System (SMS) Capt. Nasir Iqbal Senior Safety Risk Specialist GCAA, UAE Why SMS Regulatory Requirements ICAO Annex 19 ICAO Doc No. 9859 (SMM)

More information

Cyber security in an organization-transcending way

Cyber security in an organization-transcending way Cyber security in an organization-transcending way EASEE-gas meeting March 19, 2015 Paul Bloemen ICT Security Manager Gasunie Chair Dutch Energy ISAC March 19, 2015 2 What to talk about Why is cyber security

More information

National-level Risk Assessments

National-level Risk Assessments European Union Agency for Network and Information Security www.enisa.europa.eu Executive summary This report is based on a study and analysis of approaches to national-level risk assessment and threat

More information

DORSET & WILTSHIRE FIRE AND RESCUE AUTHORITY Performance, Risk and Business Continuity Management Policy

DORSET & WILTSHIRE FIRE AND RESCUE AUTHORITY Performance, Risk and Business Continuity Management Policy Part Two Part One Not Protectively Marked DORSET & WILTSHIRE FIRE AND RESCUE AUTHORITY Performance, Risk and Business Continuity Management Policy. The Dorset & Wiltshire Fire and Rescue Authority (DWFRA)

More information

Business continuity: Best practices and challenges

Business continuity: Best practices and challenges Middle East Annual Conference 2014 Business continuity: Best practices and challenges Guy Peterson Senior Assurance and Resilience Expert Booz Allen Hamilton Ready for what s next. BCM Trends, Best Practices

More information