Cyber Security in Europe

Transcription

1 Cyber Security in Europe Steve Purser Head of Core Operations Dept. - ENISA

2 Agenda About ENISA The ENISA Threat Landscape National Cyber Security Strategies Supporting the CERT Community Pan European Exercises Protecting EU Critical Information Infrastructure 2 2

3 ENISA Activities Recommendations Mobilising Communities Policy Implementation Hands on 3

4 Agenda About ENISA The ENISA Threat Landscape National Cyber Security Strategies Supporting the CERT Community Pan European Exercises Protecting EU Critical Information Infrastructure 4 4

5 The ENISA Threat Landscape The ENISA Threat Landscape provides an overview of threats and current and emerging trends. It is based on publicly available data and provides an independent view on observed threats, threat agents and threat trends. Over 250 recent reports from a variety of resources have been analysed. 5

6 Developed Overview 6

7 Agenda About ENISA The ENISA Threat Landscape National Cyber Security Strategies Supporting the CERT Community Pan European Exercises Protecting EU Critical Information Infrastructure 7 7

8 National Cyber Security Strategies in the EU 19 EU MS have a strategy Source: 8

9 High level goals 9

10 Long term impact 10

11 ENISA doctrine: NCSS Lifecycle Design 2012 Good practice Guide Adjust Implement 2012 Good practice Guide 2014 Evaluation framework Evaluate 11

12 Agenda About ENISA The ENISA Threat Landscape National Cyber Security Strategies Supporting the CERT Community Pan European Exercises Protecting EU Critical Information Infrastructure

13 CERT Community building 13

14 CERT Training material available

15 Agenda About ENISA The ENISA Threat Landscape National Cyber Security Strategies Supporting the CERT Community Pan European Exercises Protecting EU Critical Information Infrastructure

16 Cybersecurity Exercises Supported by ENISA Cyber Europe 2010 Europe s first multinational cybersecurity exercise between public sector agencies Joint EU-US Cybersecurity Exercise 2011 First transatlantic cooperation exercise Table-top exercise - what-if scenarios Cyber Europe 2012 Large scale realistic cyber-crisis exercise Public and private sectors involved Cyber Europe 2014 In the strategic phase Joint EU-US Cybersecurity Exercise 2014/ In preparation phase 16

17 Agenda About ENISA The ENISA Threat Landscape National Cyber Security Strategies Supporting the CERT Community Pan European Exercises Protecting EU Critical Information Infrastructure

18 Methodologies for the Identification of Critical Information Infrastructure Assets and Services Help MS to Develop methodologies for identification of CIIs assets and services Assess internal and external interdependencies Collaborate with all stakeholders Prepare to face future challenges 18

19 Critical Information Infrastructures Protection Energy: ICS SCADA and Smart Grids Finance Sector ehealth Smart Transport Maritime Telecommunications 19

20 Example: EU wide Security Breach Notifications Annual reports about large outages in EU s telecoms More information on

21 2 nd ENISA National Cyber Security Conference 13 th of May in Riga Save the date!! 21

22 Conclusions ENISA works together with operational communities to identify pragmatic solutions to current security issues. We issue concrete advice on how to improve system security and which implementations to favour. The solutions we propose are based on industry best practice and are therefore known to work. By working in this way, we put security to the service of EU industry and improve the competitiveness of our industries. 22

23 Thank you for your attention For more information visit: Follow ENISA: European Union Agency for Network and Information Security