Cyber Security in EU: ENISA approach

Transcription

1 Cyber Security in EU: ENISA approach Konstantinos Moulinos, Security Expert European Union Network and Information Security Agency in Electricity Distribution Grids, Brussels European Union Agency for Network and Information Security Securing Europe s Information Society Operational Office in Athens 2 1

2 Positioning ENISA activities 3 Terms and interrelationships Critical Infrastructure Protection* Energy Energy sector (e.g. gas, nuclear) Security & safety Energy sector Smart grid cybersecurity National Strategies 4 2

3 EU Policy Context Energy and CIIP Directive 114/2008 Proposal for a NIS Directive EU s CIIP action plan EU Cyber Security Strategy (COM Digital Single Market strategy 5 Why cyber? ICS-CERT Year in Review 2014 HP Enterprise Security s 2014 Global Report on the Cost of Cyber Crime by the Ponemon Institute Many incidents but no major disruptions yet Everybody agrees that we have to do something but what? 6 3

4 Cyber security management Smart grid dependencies on telcos Smart grid threat landscape Risk assessment Information Security Intelligence Smart grid devices certification ICS SCADA security Governance and roles Appropriate security measures Cost of implementation Security measures Incident Reporting Cyber Security is not only technical but also operational and organisational? Root causes? Assets affected 7 ENISA effort in Smart Grids Challenging area, emerging technology Different types of stakeholders Various sizes of organizations Not a clear view of the market Setting baseline cyber security measures for Smart Grids Not an easy task Consensus is needed ENISA aims to reach better harmonisation across the EU this way contributing to the Digital Single Market Strategy Collaboration with the European Commission Smart Grids Task Force (SGTF) Adoption by the SGTF EG2 and CEN/CENELEC/ETSI Smart Grid Coordination Group Practical guide to deploy baseline security measures 8 4

5 like curling 9 An example of Incident Reporting: Telecoms Most major outages were caused by software bugs and hardware failures Detailed Causes and Affected Assets (Percentage of all incidents) Most major outages affected base stations and switches 10 5

6 Governance models report- Why? Low participation of public authorities in EG2 ad hoc group on Smart grid security measures Overlapping mandates amongst different national authorities TSOs do not consider smart grid security as their problem Energy regulators usually not empowered with cyber security mandate Smart grids an emerging area sometimes not covered by CIIs 11 Status of existing governance models Legend: Size: Roles and Responsibilities o Small: No roles and responsibilities defined o Medium: Definition ongoing o Large: Roles and responsibilities already defined Color: Smart Grid Framework o Red: Existing Smart Grid Framework o Blue: No existing Smart Grid Framework Sub-quadrants position: Smart Grids and Critical Infrastructure Protection o Right: Smart Grid part of National Cyber Security Strategy (NCSS) o Left: Smart Grid not part of NCSS o Up: Smart Grids part of National Critical Infrastructures (NCIs) o Down: Smart Grids not part of NCIs 12 6

7 Information Sharing ERNCIP European Reference Network for Critical Infrastructure Protection. TNCEIP Thematic Network on Critical Energy Infrastructure Protection DENSEK European Energy - ISAC NIS platform ENISA SISEC Smart Infrastructures Security Experts Community ENISA ICS Security Stakeholder Group Collaboration with: CEER ACER ENTSO-E Eurelectric 13 Trends Mandatory incident reporting (EU) Information sharing and analysis (EU) Baseline security measures (EU) National risk assessment (MS) Compliance Audits (MS) 14 7

8 Key recommendations Governance Model Foster R&D as a Requirement Identify and AnalyzeCost of Measures Common EU Energy Framework Trusted Information Sharing Initiatives Increase User Awareness National Risk Assessment National Energy Framework Incident Response Capabilities and Report Mechanisms Definition of Roles and Responsibilities Collaboration Platform Join International Forums and WG National Forum on Energy Support Dialogue Among Stakeholders Define Baseline Security Requirements 15 Open issues Next Steps Identification of good practices for ICS- SCADA/Smart Grids incident reporting Certification of smart grid components and systems Definition of EU baseline security requirements A roadmap for more harmonized national certification approaches Certification of smart grid cyber security skills Incident response capability for smart grids and relationships to existing national ICS-CERT/Gov CERTs Inject smart grids into NIS platform Bring competent authorities on board 16 8

9 Conclusions Cyber attacks on CIIs is now the norm than a future trend MS and private sector, with the assistance of ENISA, should co-operate to protect CIIs sharing experiences and information developing and deploying good practices co-operate with NRAs to achieve EU wide harmonization of EU regulations Collaboration is Everything 17 Konstantinos Moulinos [email protected] 9