ENISA and Cloud Security
|
|
- Branden Patterson
- 8 years ago
- Views:
Transcription
1 ENISA and Cloud Security Dimitra Liveri NIS Expert EuroCloud Forum 2015 Barcelona European Union Agency for Network and Information Security
2 Securing Europe s Information Society Operational Office in Athens 2
3 Positioning ENISA activities 3
4 Agenda Benefits of Cloud Computing Risks in Cloud Computing ENISA Activities in Cloud Security ENISA tools Risk Assessment for SMEs Cloud Certification Schemes List Next steps 4
5 Cloud Computing is a Business model Cloud Computing is another way of providing IT services Characteristics are - Highly standardized services - Highly standardized SLAs Using such a service is outsourcing Cloud SLAs are usually much more standardized than in other outsourcing contracts 5
6 Cloud Computing is a Deployment Model Cloud computing is a deployment model Information processing - In a shared environment - using shared computing resources Resources can be quickly scaled to meet changed demand Cloud deployments are usually much more standardized and automated than legacy IT Cloud is a deployment model Google / Conny Zhou 6
7 Cloud Opportunities Economies of Scale Better ROI Cost of security spread to all customers Efficient solutions More efficient resource utilization also means cost savings High Resiliency Better back up services Better business recovery Standardised solutions Better patch management Better software update management Portable and interoperable 7
8 Cloud Challenges Isolation Failures control resides to the cloud provider Loss of Governance Customer cedes some control to the provider (depending on the deployment model) This also affects security Management GUI and API compromise Identity and access management are particularly important Full access to all resources (keys to many kingdoms) Data protection The CSP usually becomes data processor in terms of DP legislation Data processing in datacentres abroad can imply that certain DP requirements cannot be met in the Cloud Presentation Title Speaker Name 8
9 Differences in Requirements for Governments vs. Companies Private Sector Difference depending on the scale i.e. Large companies and SMEs Investment from cost perspective Public Sector Legacy Data Legacy Applications Legacy Processes Special information assurance requirements EASIER TO MAKE THE RIGHT DECISION NEEDS MORE TIME TO ADOPT 9
10 ENISA s work in the area of Cloud 2009 Cloud computing risk assessment 2009 Cloud security Assurance framework 2012 Procure secure (Security in SLAs) 2013 Critical cloud computing 2013 Incident reporting for cloud computing 2013 Securely deploying GovClouds 2013 Support EU Cloud Strategy 2014 Cloud Certification Meta-Framework 2014 Procurement security in GovClouds 2015 Cloud Security guide for SMEs 10
11 ENISA engages the community ENISA Cloud Security and Resilience experts group 11
12 Cloud Computing Risk Assessment Addressed to: public sector, private sector (large companies and SMEs), governmental agencies 12
13 Risk Assessment in the Cloud Famous 2009 Guide Updated in 2012 Security Guide for SMEs
14 Security guide for SMEs Small and medium size enterprises (SMEs) are an important driver for innovation and growth in the EU Cloud Computing is a means for innovation, but cloud is for the SMEs still a challenge. ENISA in this study presents: - 11 security opportunities (compared to legacy IT benefits) - 11 security risks (compared with legacy IT risks) - 12 security questions for the SME to ask the provider (in one security cheat sheet - 2 comprehensive scenarios - Some legal advice 14
15 and online tool Where you can: rate your opportunities from cloud rate your risks produce a risks map get your security questions 15
16 Governmental Clouds Addressed to: public sector, governmental agencies 16
17 Governmental Cloud reports (1/2) 2010: Guide on security and resilience for Governmental Clouds Presentation of the security benefits and drawbacks for the public sector to go in the cloud First steps need to be done towards taking the decision to go cloud 2013: Good practice guide on how to securely deploy Governmental Clouds Definition of a governmental cloud (in a mature market) State of cloud computing adoption in the EU public sector Case studies of different approaches in adopting a cloud solution 17
18 Governmental Cloud reports (2/2) 2014: Security Framework for Governmental Clouds 4 phases, 10 different steps and the specific actions to be taken in each one 4 use case scenarios to find the solutions that better fits each implementation Presentation Title Speaker Name 18
19 Critical Clouds Addressed to: private sector, (public sector in some cases) 19
20 ENISA s Critical Cloud Study First assessment of CIIP aspects of Cloud computing Illustrates dependencies and provides examples for failures Provides recommendations for Cloud security governance from the CIIP perspective Conclusions can be applied to Governmental Cloud usage 20
21 Incident Reporting for Cloud Computing Cloud computing incidents could have major impact. Large scale incidents should be reported to improve trust Public sector and industry should agree on scope and thresholds of reporting. ENISA suggests a model for incident reporting of cloud incidents involving CSPs and regulators. 21
22 Cloud in the Critical Sectors Critical Clouds Cloud Computing in the Finance Sector Cloud supporting Health care systems and services Cloud supporting egovernment 22
23 Good Practices for the use of Cloud Computing in the area of Finance Sector Identification of critical challenges to cloud computing adoption in the Finance sector Assess legal and regulatory context (challenges and opportunities) in all member states Support industry and understand their uptake why do some use and some don t use cloud Propose recommendations 23
24 Cloud Certification Addressed to: private sector - large companies and SMEs, (public sector and governmental agencies in some cases) 24
25 The EU Cloud Strategy EU should not only be cloud-friendly, but also cloud active The European Commission s strategy Unleashing the potential of cloud computing in Europe Adopted on 27 September 2012, it is designed to speed up and increase the use of cloud computing across the economy Cutting through the jungle of technical standards Development of model safe and fair contract terms and conditions A European Cloud Partnership to drive innovation and growth from the public sector I am pleased that ETSI launched and steered the Cloud Standards Coordination (CSC) initiative in a fully transparent and open way for all stakeholders....ensuring technical security requirements are mapped onto certification, as ENISA is leading... we officially launch the platform for public sector cooperation with this "Cloud for Europe" initiative. This is an enormous step forward. Neelie Kroes, European Commissioner for the Digital Agenda Oct
26 ENISA realising the EU Cloud Strategy: Certification Strategic objective of EC Strategy: List of voluntary certification schemes Cloud Certification Schemes List (CCSL): List of existing certification schemes 13 Certification schemes included Powered by ENISA, supported by the EC and the Cloud Selected Industry Group (C-SIG) Cloud Certification Schemes Metaframework (CCSM): Meta-framework based on existing certification schemes Mapping detailed ICT security requirements of the public sector in the EU (11 countries and more will come) Matrix will results to be used for procurement Visit: 26
27 How we draw CCSM Country A Country B Security requirement Security requirement Security requirement Security requirement Security requirement Security requirement Security requirement Security requirement CCSM Security objectives Security objective Security objective Security objective Security objective Security objective Requirements not covered by CCSM or existing certification schemes remain to be evaluated separately. Cloud Certification Scheme Cloud Certification Scheme Scheme ref Scheme ref Scheme ref Scheme ref Scheme ref Scheme ref Scheme ref Scheme ref Scheme ref Scheme ref Scheme ref Scheme ref Scheme ref 27
28 Next steps Ex-post analysis of cloud incidents (early 2016) EU perspective on ex post analysis (forensics) for cloud incidents: 8 countries(it, ES, IE, NL, GR, FR, EE, UK): Academia, LEAs, Forensics Specialists, CERTs. Challenges, procedures, tools, legal restrictions ICT in e-health (2016) Challenges and opportunities of ICT deployments in ehealth (medical records, patient records etc) Cloud computing use case in ehealth Big data use case in e Health 28
29 Thank you and Welcome! PO Box 1309, Heraklion, Greece Tel:
ENISA and Cloud Security
ENISA and Cloud Security Rossen Naydenov Network Information Security Officer Critical Information Infrastructure Protection Department - ENISA European Union Agency for Network and Information Security
More informationENISA and Cloud Security
Click icon to add picture Click icon to add picture ENISA and Cloud Security Dimitra Liveri NIS Expert EuroCloud Forum 2015 Barcelona 07-10-2015 European Union Agency for Network and Informaton Security
More informationCloud and Critical Information Infrastructures
Cloud and Critical Information Infrastructures Cloud computing in ENISA Dr. Evangelos Ouzounis Head of Infrastructure & Services Unit www.enisa.europa.eu About ENISA The European Union Network and Information
More informationCloud Computing - Cyber Security Challenges for the Finance Sector
Cloud Computing - Cyber Security Challenges for the Finance Sector Dr. Evangelos Ouzounis Head of Unit Secure Infrastructures and Services - ENISA European Union Agency For Network And Information Security
More informationHow To Write An Article On The European Cyberspace Policy And Security Strategy
EU Cybersecurity Policy & Legislation ENISA s Contribution Steve Purser Head of Core Operations Oslo 26 May 2015 European Union Agency for Network and Information Security Agenda 01 Introduction to ENISA
More informationEuropean Cloud. Computing Strategy. State of play: 1-2014. Ken Ducatel DG CONNECT
European Cloud State of play: 1-2014 Computing Strategy Ken Ducatel DG CONNECT What is at stake? Cloud as a growth engine Boost GDP : 940 bn cumulative impact for 2015-2020 250bn in 2020 Boosts productivity
More informationEuropean Cloud Computing. Strategy. Cloud standards. Ken Ducatel DG CONNECT
European Cloud Computing Cloud standards Strategy Ken Ducatel DG CONNECT The Cloud Computing Strategy The European Commission's strategy 'Unleashing the potential of cloud computing in Europe' Adopted
More informationProf. Udo Helmbrecht
Prof. Udo Helmbrecht Guiding EU Cybersecurity from Policy to Implementation Udo Helmbrecht Executive Director Information Security for the Public Sector 2015 Stockholm 02/09/15 European Union Agency for
More informationENISA What s On? ENISA as facilitator for enhanced Network and Information Security in Europe. CENTR General Assembly, Brussels October 4, 2012
ENISA What s On? ENISA as facilitator for enhanced Network and Information Security in Europe CENTR General Assembly, Brussels October 4, 2012 christoffer.karsberg@enisa.europa.eu 1 Who we are ENISA was
More informationEuropean Cloud Computing Strategy
European Cloud Computing Strategy Key actions and state of play Jorge GASOS DG Connect, European Commission Jorge.Gasos@ec.europa.eu Impact on providers and users Cloud services: market forecast Supply
More informationHow To Understand And Understand The European Priorities In Information Security
European priorities in information security Graeme Cooper Head of Public Affairs Unit, ENISA 12th International InfoSec and Data Storage Conference, 26th September 2013, Sheraton Hotel, Sofia, Bulgaria
More informationSecurity and privacy standardization for the SME community
Security and privacy standardization for the SME community NLO meeting, Athens, March 4th 2015 European Union Agency for Network and Information Security www.enisa.europa.eu PROJECT CONTEXT European Union
More informationCloud Security Standardisation & Certification. Arjan de Jong Policy Advisor Information Security
Cloud Security Standardisation & Certification Arjan de Jong Policy Advisor Information Security Overview Economics of standardization and certification (EU) Legal requirements for (cloud) security International
More informationNational-level Risk Assessments
European Union Agency for Network and Information Security www.enisa.europa.eu Executive summary This report is based on a study and analysis of approaches to national-level risk assessment and threat
More informationEU Priorities in Cybersecurity. Steve Purser Head of Core Operations Department June 2013
EU Priorities in Cybersecurity Steve Purser Head of Core Operations Department June 2013 Agenda About ENISA The EU Cyber Security Strategy Protecting Critical Information Infrastructure National & EU Cyber
More informationUnleashing the Potential of Cloud Computing in Europe - What is it and what does it mean for me?
EUROPEAN COMMISSION MEMO Brussels, 27 September 2012 Unleashing the Potential of Cloud Computing in Europe - What is it and what does it mean for me? See also IP/12/1025 What is Cloud Computing? Cloud
More informationDemystifying cloud computing for SMEs
Demystifying cloud computing for SMEs Tools & Guides for SMEs moving to the Cloud Silvana Muscella, Founder and CEO Trust-IT Services Ltd s.muscella@trust-itservices.com @silvanamuscella www.cloudwatchhub.eu
More informationProcurement Innovation for Cloud Services in Europe - PICSE
Procurement Innovation for Cloud Services in Europe - PICSE Sara Garavelli, Trust-IT Services s.garavelli@trust-itservices.com ICT Proposer s Day, 9 October 2014, Florence, Italy 1 The road to PICSE Cloud
More informationCooperation in Securing National Critical Infrastructure
Cooperation in Securing National Critical Infrastructure Dr. Steve Purser Head of Core Operations Department European Network and Information Security Agency Agenda About ENISA Protecting Critical Information
More informationAn SME perspective on Cloud Computing November 09. Survey
An SME perspective on Cloud Computing November 09 About ENISA The European Network and Information Security Agency (ENISA) is an EU agency created to advance the functioning of the internal market. ENISA
More informationCOMMISSION STAFF WORKING DOCUMENT. Report on the Implementation of the Communication 'Unleashing the Potential of Cloud Computing in Europe'
EUROPEAN COMMISSION Brussels, 2.7.2014 SWD(2014) 214 final COMMISSION STAFF WORKING DOCUMENT Report on the Implementation of the Communication 'Unleashing the Potential of Cloud Computing in Europe' Accompanying
More informationEnhancing Cyber Security in Europe Dr. Cédric LÉVY-BENCHETON NIS Expert Cyber Security Summit 2015 Milan 16 April 2015
Enhancing Cyber Security in Europe Dr. Cédric LÉVY-BENCHETON NIS Expert Cyber Security Summit 2015 Milan 16 April 2015 European Union Agency for Network and Information Security Summary 1 Presentation
More informationENISA: Cybersecurity policy in Energy Dr. Andreas Mitrakas, LL.M., M.Sc., Head of Unit Quality & data mgt
ENISA: Cybersecurity policy in Energy Dr. Andreas Mitrakas, LL.M., M.Sc., Head of Unit Quality & data mgt Cyber European Union Security Agency for Network Energia, and Informa8on Rome, Security 24/09/15
More informationSecurity Framework for Governmental Clouds
Security Framework for Governmental Clouds European Union Agency for Network and Information Security www.enisa.europa.eu About ENISA The European Union Agency for Network and Information Security (ENISA)
More informationSome Public Sector Cloud Views
Some Public Sector Cloud Views Herbert.Leitold@a-sit.at Digital Enterprise Europe, London, June 11 th, 2014 Zentrum für sichere Informationstechnologie - Austria Expectations and Take Up some are high
More informationEuropean Privacy Reporter
Is this email not displaying correctly? Try the web version or print version. ISSUE 02 European Privacy Reporter An Update on Legal Developments in European Privacy and Data Protection November 2012 In
More informationCloud Computing Security ENISA. Daniele Catteddu, CISM, CISA. DigitPA egovernment e Cloud computing. www.enisa.europa.eu
Cloud Computing Security ENISA Daniele Catteddu, CISM, CISA DigitPA egovernment e Cloud computing Agenda Introduction to ENISA ENISA objectives in Cloud computing Reaching the objectives Benefits, risks
More informationCloud Computing. and the European Strategy. State of play: 12-2013. Dan-Mihai CHIRILĂ DG CONNECT
Cloud Computing State of play: 12-2013 Dan-Mihai CHIRILĂ DG CONNECT and the European Strategy Cloud: an elastic execution environment of resources involving multiple stakeholders and providing a metered
More informationDr. Vangelis OUZOUNIS Senior Expert Security Policies ENISA. evangelos.ouzounis@enisa.europa.eu
Dr. Vangelis OUZOUNIS Senior Expert Security Policies ENISA evangelos.ouzounis@enisa.europa.eu 5 th German Anti-Spam Summit Koeln, 5 th of Sept. 2007 www.enisa.europa.eu 1 Agenda NIS a Challenge for the
More informationThe Future of Cloud Computing: Elasticity, Legacy Support, Interoperability and Quality of Service
The Future of Cloud Computing: Elasticity, Legacy Support, Interoperability and Quality of Service Introduction and overview of the workshop Alex Delis and Michael Pantazoglou, University of Athens www.sucreproject.eu
More informationExpert Group on Cloud Computing Services and Standards ( EGCCSS ) Formation of Working Groups
For Discussion on 27 May 2014 Paper EGCCSS-6-3 Expert Group on Cloud Computing Services and Standards ( EGCCSS ) Formation of Working Groups Purpose To propose the setting up of two Working Groups under
More informationCLOUD COMPUTING FOR ehealth DATA PROTECTION ISSUES
CLOUD COMPUTING FOR ehealth DATA PROTECTION ISSUES GLOBAL FORUM 2009 ICT & The Future of the Internet - Monday, October 19 th 2009 paolo.balboni@bakernet.com Introduction & Structure ENISA Working Group
More informationNational Cyber Security Strategies
May 2012 National Cyber Security Strategies About ENISA The European Network and Information Security Agency (ENISA) is an EU agency created to advance the functioning of the internal market. ENISA is
More informationBerlin, 15 th November 2013. Mark Dunne SaaSAssurance
Berlin, 15 th November 2013 Mark Dunne SaaSAssurance SaaSAssurance guidance to Irish Government on Cloud Adoption Who are SaaSAssurance? Diverse multilingual European team Focus on the here and now Digital
More informationCouncil of the European Union Brussels, 4 July 2014 (OR. en) Mr Uwe CORSEPIUS, Secretary-General of the Council of the European Union
Council of the European Union Brussels, 4 July 2014 (OR. en) 11603/14 ADD 1 COVER NOTE From: date of receipt: 2 July 2014 To: No. Cion doc.: Subject: RECH 323 TELECOM 140 MI 521 DATAPROTECT 100 COMPET
More informationCloud Security Introduction and Overview
Introduction and Overview Klaus Gribi Senior Security Consultant klaus.gribi@swisscom.com May 6, 2015 Agenda 2 1. Cloud Security Cloud Evolution, Service and Deployment models Overview and the Notorious
More informationENISA Cloud Computing Security Strategy
ENISA Cloud Computing Security Strategy Dr Giles Hogben European Network and Information Security Agency (ENISA) What is Cloud Computing? Isn t it just old hat? What is cloud computing ENISA s understanding
More informationSummary Report Report # 1. Security Challenges of Cross-Border Use of Cloud Services under Special Consideration of ENISA s Contributions
Summary Report Report # 1 Security Challenges of Cross-Border Use of Cloud Services under Special Consideration of ENISA s Contributions COINS Summer School 2015 on Could Security Prepared by: Nabeel Ali
More informationCloud Computing Security ENISA. Daniele Catteddu, CISM, CISA. Convegno Associazione Italiana Information Systems Auditors. www.enisa.europa.
Cloud Computing Security ENISA Daniele Catteddu, CISM, CISA Convegno Associazione Italiana Information Systems Auditors Agenda Introduction to ENISA ENISA objectives in Cloud computing Reaching the objectives
More informationNIS Direktive und Europäische sicherheitsrelevante Projekte Udo Helmbrecht Executive Director, ENISA
NIS Direktive und Europäische sicherheitsrelevante Projekte Udo Helmbrecht Executive Director, ENISA ViS!T - Verwaltung integriert sichere Informationstechnologie, Wien, 29.10.2014 European Union Agency
More informationENISA TRAINING. Tentative agenda for workshop. Supported and co- organised by: TLP WHITE JANUARY 2016
ENISA TRAINING Tentative agenda for workshop Supported and co- organised by: TLP WHITE JANUARY 2016 www.enisa.europa.eu European Union Agency For Network And Information Security Tentative agenda for the
More informationICT 7: Advanced cloud infrastructures and services
ICT 7: Advanced cloud infrastructures and services Jorge GASOS DG CONNECT Jorge.Gasos@ec.europa.eu Cloud Computing: a fast growing market Cloud Computing - EU27 Global cloud computing market 8000 7000
More informationEU Cybersecurity Strategy and Proposal for Directive on network and information security (NIS) {JOIN(2013) 1 final} {COM(2013) 48 final}
EU Cybersecurity Strategy and Proposal for Directive on network and information security (NIS) {JOIN(2013) 1 final} {COM(2013) 48 final} Trust and Security Unit DG Communica5ons Networks, Content and Technology
More informationCloud computing: benefits, risks and recommendations for information security
Cloud computing: benefits, risks and recommendations for information security Dr Giles Hogben Secure Services Programme Manager European Network and Information Security Agency (ENISA) Goals of my presentation
More informationMulti-Jurisdictional Study: Cloud Computing Legal Requirements. Julien Debussche Associate January 2015
Multi-Jurisdictional Study: Cloud Computing Legal Requirements Julien Debussche Associate January 2015 Content 1. General Legal Framework 2. Data Protection Legal Framework 3. Security Requirements 4.
More informationCyber Europe 2012. Key Findings and Recommendations
Cyber Europe 2012 December 2012 On National and International Cyber Exercises S I Acknowledgements ENISA wishes to thank all persons and organisations which have contributed to this exercise. In particular,
More informationCloud Standardization, Compliance and Certification. Class 2012 event 25.rd of October 2012 Dalibor Baskovc, CEO Zavod e-oblak
Cloud Standardization, Compliance and Certification Class 2012 event 25.rd of October 2012 Dalibor Baskovc, CEO Zavod e-oblak Todays Agenda IT Resourcing with Cloud Computing and related challenges Landscape
More informationCloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab Qing.Liu@chi.frb.org
Cloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab Qing.Liu@chi.frb.org 1 Disclaimers This presentation provides education on Cloud Computing and its security
More informationCloud Standards Coordination Final Report November 2013 VERSION 1.0
November 2013 VERSION 1.0 Executive Summary The European Commission Communication on the European Cloud strategy identifies a key action for standardisation in this context: Key action 1: Cutting through
More informationSummary of responses to the public consultation on Cloud computing run by CNIL from October to December 2011 and analysis by CNIL
Summary of responses to the public consultation on Cloud computing run by CNIL from October to December 2011 and analysis by CNIL 1. Definition of Cloud Computing In the public consultation, CNIL defined
More informationCloud Security Incident Reporting
European Union Agency for Network and Information Security www.enisa.europa.eu About ENISA The European Union Agency for Network and Information Security (ENISA) is a centre of network and information
More informationSupporting CSIRTs in the EU Marco Thorbruegge Head of Unit Operational Security European Union Agency for Network and Information Security
Supporting CSIRTs in the EU Marco Thorbruegge Head of Unit Operational Security European Union Agency for Network and Information Security www.enisa.europa.eu European Union Agency for Network and Information
More informationCloud computing and personal data protection. Gwendal LE GRAND Director of technology and innovation CNIL
Cloud computing and personal data protection Gwendal LE GRAND Director of technology and innovation CNIL 1 Data protection in Europe Directive 95/46/EC Loi 78-17 du 6 janvier 1978 amended in 2004 (France)
More informationEuropean Union Agency for Network and Information Security ENISA ANNUAL REPORT
European Union Agency for Network and Information Security ENISA ANNUAL REPORT 2013 Europe Direct is a service to help you find answers to your questions about the European Union. Freephone number (*):
More informationEU policy on Network and Information Security and Critical Information Infrastructure Protection
EU policy on Network and Information Security and Critical Information Infrastructure Protection Andrea SERVIDA European Commission Directorate General Information Society and Media - DG INFSO Unit A3
More informationWhite Paper on CLOUD COMPUTING
White Paper on CLOUD COMPUTING INDEX 1. Introduction 2. Features of Cloud Computing 3. Benefits of Cloud computing 4. Service models of Cloud Computing 5. Deployment models of Cloud Computing 6. Examples
More informationStandards for Cyber Security
Best Practices in Computer Network Defense: Incident Detection and Response M.E. Hathaway (Ed.) IOS Press, 2014 2014 The authors and IOS Press. All rights reserved. doi:10.3233/978-1-61499-372-8-97 97
More informationThe role of certification and standards for trusted Cloud solutions
The role of certification and standards for trusted Cloud solutions A CloudWATCH webinar 2014 Cloud Security Alliance - All Rights Reserved. Agenda 15:00 Welcome and Introduction 10 15:10 The role of
More informationCLOUD COMPUTING Contractual and data protection aspects
CLOUD COMPUTING Contractual and data protection aspects Cloudscape VI 25 February 2014, Bruxelles Paolo Balboni Ph.D., Founding Partner, ICT Legal Consulting Domenico Converso LL.M., Senior Associate,
More informationehealth in support of safety, quality and continuity of care within and across borders
ehealth in support of safety, quality and continuity of care within and across borders Gerard Comyn Acting Director Information Society & Media DG European Commission http://europa.eu.int/information_society/activities/health/index_en.htm
More informationCLOUD COMPUTING LESSONS LEARNED. Marc Vael, Chief Audit Executive Smals / President ISACA Belgium, November 2015
CLOUD COMPUTING LESSONS LEARNED Marc Vael, Chief Audit Executive Smals / President ISACA Belgium, November 2015 WHEN WAS THE TERM USED FOR THE FIRST TIME? 26 th of October 1997 WHO HYPED ALL THIS? What's
More informationVirtual Appliance Instructions for ENISA CERT Training TLP WHITE APRIL 2015. European Union Agency For Network And Information Security
Virtual Appliance Instructions for ENISA CERT Training TLP WHITE APRIL 2015 www.enisa.europa.eu European Union Agency For Network And Information Security About ENISA The European Union Agency for Network
More informationCloud Computing and Government Services August 2013 Serdar Yümlü SAMPAŞ Information & Communication Systems
eenviper White Paper #4 Cloud Computing and Government Services August 2013 Serdar Yümlü SAMPAŞ Information & Communication Systems 1 Executive Summary Cloud computing could revolutionise public services
More informationTaking on the Cloud Challenge in Europe
Taking on the Challenge in Europe scape VII Conference, Brussels Jonathan Sage Government and Regulatory Affairs Cyber Security and Policy Lead, Europe @jonathansage, uk.linkedin.com/in/jonathansageibm
More informationsuggests an excess which could create confusion necessary among cloud users and service providers alike.
Organization Section Line Number Commen t Type General, Technical, Editorial MS 1 All Ge The document does not identify trends (if any) attributable to SMEs although these are listed as specific targets.
More informationICT 7: Advanced cloud infrastructures and services. ICT 8: Boosting public sector productivity and innovation through cloud computing services
ICT 7: Advanced cloud infrastructures and services ICT 8: Boosting public sector productivity and innovation through cloud computing services ICT 9: Tools and Methods for Software Development Dan-Mihai
More informationTowards defining priorities for cybersecurity research in Horizon 2020's work programme 2016-2017 Contributions from the Working Group on Secure ICT
Towards defining priorities for cybersecurity research in Horizon 2020's work programme 2016-2017 Contributions from the Working Group on Secure ICT - Research and Innovation of the NIS Platform 8 April
More informationOUTCOME OF PROCEEDINGS
Council of the European Union Brussels, 18 November 2014 15585/14 COPS 303 POLMIL 103 CYBER 61 RELEX 934 JAI 880 TELECOM 210 CSC 249 CIS 13 COSI 114 OUTCOME OF PROCEEDINGS From: Council On: 17 18 November
More informationCyber Security and Cloud Computing. Dr Daniel Prince Course Director MSc in Cyber Security d.prince@lancaster.ac.uk
Cyber Security and Cloud Computing Dr Daniel Prince Course Director MSc in Cyber Security d.prince@lancaster.ac.uk Scope of Today SME Attractors for Cloud Switching to the Cloud Public Private Hybrid Big
More informationAchieving Global Cyber Security Through Collaboration
Achieving Global Cyber Security Through Collaboration Steve Purser Head of Core Operations Department December 2013 European Union Agency for Network and Information Security www.enisa.europa.eu Agenda
More informationHow To Win The Gpa Award For Best Project Design
eeurope Awards for egovernment - 2005 Winners, Honourable Mentions and Nominees Enabling egovernment Theme 1: The right environment Creating the best environment to enable government, businesses and citizens
More informationENISA workshop on Security Certification of ICT products in Europe
ENISA workshop on Security Certification of ICT products in Europe Introduction On 16th of March 2016 ENISA organised a workshop aiming at bringing together stakeholders from the ICT security certification
More informationEuroCloud Star Audit. A strong partnership that provides you with a competitive advantage
EuroCloud Star Audit A strong partnership that provides you with a competitive advantage Strong and advantageous? 5 topics to consider 99% of all organisations are SME, with little internal Know- how.
More informationWorking Group on. First Working Group Meeting 29.5.2012
Working Group on Cloud Security and Privacy (WGCSP) First Working Group Meeting 29.5.2012 1 Review of fexisting i Standards d and Best Practices on Cloud Security Security Standards and Status List of
More informationENISA s contribution to the development of Network and Information Security within the Community
ENISA s contribution to the development of Network and Information Security within the Community By Andrea PIROTTI Executive Director ENISA WSIS Implementation Mechanism: Action Line C5. 15 May 2006 1
More informationRole of contracts in Cloud Computing an Overview. Kevin McGillivray Doctoral Candidate (NRCCL)
Role of contracts in Cloud Computing an Overview Kevin McGillivray Doctoral Candidate (NRCCL) Barriers/Challenges to Cloud Transparency Compliance Legal Shared infrastructure Subcontractors (and their
More informationCyber Security in Austria
Cyber Security in Austria The Austrian Cyber Security Strategy Andreas Reichard 18 th May, 2015 Roadmap Austrian Cyber Security Strategy 1/2 MRV MRV 11/2011 03/2012 06/2012 09/2012 10/2012 03/2013 Fed.
More informationA Comparison of IT Governance & Control Frameworks in Cloud Computing. Jack D. Becker ITDS Department, UNT & Elana Bailey
A Comparison of IT Governance & Control Frameworks in Cloud Computing Jack D. Becker ITDS Department, UNT & Elana Bailey ITDS Department, UNT MS in IS AMCIS 2014 August, 2014 Savannah, GA Presentation
More informationCYSPA - EC projects supporting NIS
CYSPA - EC projects supporting NIS Nina Olesen, EOS March 2014 Athens, Greece www.cyspa.eu CYSPA the European project The European Cyber Security Protection Alliance, or CYSPA, is an initiative by 17 organisationsfrom
More informationCloud standards: Ready for Prime Time. CloudWatch webinar: Standards ready for prime time (part 2) 1
Cloud standards: Ready for Prime Time CloudWatch webinar: Standards ready for prime time (part 2) 1 Agenda 15:00 Welcome and introduction 15:05 IEEE P2301: Guide for Cloud Portability and Interoperability
More informationDigital Agenda for Europe Cartagena de Indias, September 1, 2015
Digital Agenda for Europe Cartagena de Indias, September 1, 2015 Javier Huerta Bravo From the Digital Agenda (2010)... Commission ICT strategy for 2010-2020 Problems identified: Lack of investment in networks
More informationLegal aspects of cloud computing
Legal aspects of cloud computing Belrim Events Cloud Computing - Revolution or Nightmare? Antoon Dierick, DLA Piper Brussels 20 March 2014 Agenda 1. What is Cloud computing? 2. Cloud from a regulatory
More informationCloud Security Guide for SMEs
European Union Agency for Network and Information Security www.enisa.europa.eu About ENISA The European Union Agency for Network and Information Security (ENISA) is a centre of network and information
More informationMethodologies for the identification of Critical Information Infrastructure assets and services
Methodologies for the identification of Critical Information Infrastructure assets and services Guidelines for charting electronic data communication networks European Union Agency for Network and Information
More informationICT transforming business in the UK. Ian Osborne Director, Business to Business, Intellect
ICT transforming business in the UK Ian Osborne Director, Business to Business, Intellect Agenda - ICT Transforming Society - Cloud Computing Cloud Data Centres - IT as a Service - Personal choices for
More informationWORK PROGRAMME 2013 27 NOVEMBER 2012
WORK PROGRAMME 2013 27 NOVEMBER 2012 2 Contents 1 EXECUTIVE SUMMARY...7 1.1 Introduction... 7 1.2 Structure... 7 1.2.1 Core operational activities... 7 1.2.2 Operational Horizontal activities... 7 1.2.3
More informationInformation Security: Cloud Computing
Information Security: Cloud Computing Simon Taylor MSc CLAS CISSP CISMP PCIRM Director & Principal Consultant All Rights Reserved. Taylor Baines Limited is a Registered Company in England & Wales. Registration
More informationBEUC s contribution on Cloud Computing for the Public Hearing in the ITRE Committee, European Parliament, 29 May 2013
BEUC s contribution on Cloud Computing for the Public Hearing in the ITRE Committee, European Parliament, 29 May 2013 Contact: Digital and Consumer Contracts Teams digital@beuc.eu - consumercontracts@beuc.eu
More informationCloud Competency Programme Workshop [1] Secure cloud services in a regulated environment
Cloud Competency Programme Workshop [1] Secure cloud services in a regulated environment Rob Price Member, Cloud Industry Forum www.cloudindustryforum.org Last 2 years in Public Sector Cloud Public Cloud
More informationPrivacy in the Cloud: Data Protection and Security in Cloud Computing
SPEECH/11/859 Viviane REDING Vice-President of the European Commission, EU Justice Commissioner Privacy in the Cloud: Data Protection and Security in Cloud Computing Round-table High Level conference on
More informationTowards a Cloud of Public Services
Towards a Cloud of Public Services Public administrations are often organised in silos: monolithic architecture models make it difficult to re-use services for the development of new applications. What
More informationPCP and PPP trends and user stories in Europe
PCP and PPP trends and user stories in Europe Sara Garavelli, Trust-IT Services Shareholder & Project Manager & PICSE - Procurement Innovation for Cloud Services in Europe s.garavelli@trust-itservices.com
More informationEurope Offers Incentives to Cloud Computing Growth
6 November 2012 Europe Offers Incentives to Cloud Computing Growth By Alistair Maughan The European Commission has issued a Communication setting out a road map for the future growth of cloud computing
More informationCyber Security in Europe
Cyber Security in Europe Steve Purser Head of Core Operations Dept. - ENISA www.enisa.europa.eu Agenda About ENISA The ENISA Threat Landscape National Cyber Security Strategies Supporting the CERT Community
More informationCOMMUNICATIONS ALLIANCE LTD
COMMUNICATIONS ALLIANCE LTD Communications Alliance Response to ACS Discussion Paper on a Potential Cloud Computing Consumer Protocol - 1 - TABLE OF CONTENTS INTRODUCTION 2 SECTION 1 OVERVIEW OF RESPONSE
More informationENISA Work programme
ENISA Work programme 2016 SECURITY Including multiannual planning www.enisa.europa.eu European Union Agency for Network and Information Security About ENISA The European Union Agency for Network and Information
More information(DRAFT)( 2 ) MOTION FOR A RESOLUTION
05 Motions for resolutions, and other B8 documents 05_09. Motions to wind up debate on statements by other institutions: Rule 123(2) Cover page EUROPEAN PARLIAMENT 2014 2019 Plenary sitting [.2014] B[8-/2014](
More informationEuropean Innovation Partnership on Active and Healthy Ageing. Action Group C2 Interoperable Independent Living Solutions
European Innovation Partnership on Active and Healthy Ageing Action Group C2 Interoperable Independent Living Solutions Peter Wintlev-Jensen and Marianne van den Berg European Commission 21-22 June 2012
More informationNationwide Deployment of Social Alarms in Sweden
Nationwide Deployment of Social Alarms in Sweden ehealth forum May 13 th 2014, Athens Greece The EIP AHA Scale-up Strategy Background problems and uncertainties Background the root of the problem The telecommunication
More information