Cyber Security in Europe Steve Purser Head of Core Operations Dept. - ENISA www.enisa.europa.eu
Agenda About ENISA The ENISA Threat Landscape National Cyber Security Strategies Supporting the CERT Community Pan European Exercises Protecting EU Critical Information Infrastructure www.enisa.europa.eu 2 2
ENISA Activities Recommendations Mobilising Communities Policy Implementation Hands on www.enisa.europa.eu 3
Agenda About ENISA The ENISA Threat Landscape National Cyber Security Strategies Supporting the CERT Community Pan European Exercises Protecting EU Critical Information Infrastructure www.enisa.europa.eu 4 4
The ENISA Threat Landscape The ENISA Threat Landscape provides an overview of threats and current and emerging trends. It is based on publicly available data and provides an independent view on observed threats, threat agents and threat trends. Over 250 recent reports from a variety of resources have been analysed. www.enisa.europa.eu 5
Developed Overview www.enisa.europa.eu 6
Agenda About ENISA The ENISA Threat Landscape National Cyber Security Strategies Supporting the CERT Community Pan European Exercises Protecting EU Critical Information Infrastructure www.enisa.europa.eu 7 7
National Cyber Security Strategies in the EU 19 EU MS have a strategy Source: http://www.enisa.europa.eu/activities/resilience-and-ciip/national-cyber-security-strategies-ncsss/national-cyber-securitystrategies-in-the-world www.enisa.europa.eu 8
High level goals www.enisa.europa.eu 9
Long term impact www.enisa.europa.eu 10
ENISA doctrine: NCSS Lifecycle Design 2012 Good practice Guide Adjust Implement 2012 Good practice Guide 2014 Evaluation framework Evaluate www.enisa.europa.eu 11
Agenda About ENISA The ENISA Threat Landscape National Cyber Security Strategies Supporting the CERT Community Pan European Exercises Protecting EU Critical Information Infrastructure 12 www.enisa.europa.eu 12
CERT Community building www.enisa.europa.eu 13
CERT Training material available https://www.enisa.europa.eu/activities/cert/support/exercise www.enisa.europa.eu 14
Agenda About ENISA The ENISA Threat Landscape National Cyber Security Strategies Supporting the CERT Community Pan European Exercises Protecting EU Critical Information Infrastructure 15 www.enisa.europa.eu 15
Cybersecurity Exercises Supported by ENISA Cyber Europe 2010 Europe s first multinational cybersecurity exercise between public sector agencies Joint EU-US Cybersecurity Exercise 2011 First transatlantic cooperation exercise Table-top exercise - what-if scenarios Cyber Europe 2012 Large scale realistic cyber-crisis exercise Public and private sectors involved Cyber Europe 2014 In the strategic phase Joint EU-US Cybersecurity Exercise 2014/2015 - In preparation phase www.enisa.europa.eu 16
Agenda About ENISA The ENISA Threat Landscape National Cyber Security Strategies Supporting the CERT Community Pan European Exercises Protecting EU Critical Information Infrastructure 17 www.enisa.europa.eu 17
Methodologies for the Identification of Critical Information Infrastructure Assets and Services Help MS to Develop methodologies for identification of CIIs assets and services Assess internal and external interdependencies Collaborate with all stakeholders Prepare to face future challenges www.enisa.europa.eu 18
Critical Information Infrastructures Protection Energy: ICS SCADA and Smart Grids Finance Sector ehealth Smart Transport Maritime Telecommunications www.enisa.europa.eu 19
Example: EU wide Security Breach Notifications Annual reports about large outages in EU s telecoms More information on http://www.enisa.europa.eu/activities/resilience-and-ciip/incidents-reporting www.enisa.europa.eu 20
2 nd ENISA National Cyber Security Conference 13 th of May in Riga Save the date!! www.enisa.europa.eu 21
Conclusions ENISA works together with operational communities to identify pragmatic solutions to current security issues. We issue concrete advice on how to improve system security and which implementations to favour. The solutions we propose are based on industry best practice and are therefore known to work. By working in this way, we put security to the service of EU industry and improve the competitiveness of our industries. www.enisa.europa.eu 22
Thank you for your attention For more information visit: http://www.enisa.europa.eu Follow ENISA: European Union Agency for Network and Information Security www.enisa.europa.eu