Security and privacy standardization for the SME community



Similar documents
ENISA and Cloud Security

Cloud and Critical Information Infrastructures

European Union SME policies. Ulla Hudina

ENISA and Cloud Security

How To Understand And Understand The European Priorities In Information Security

Core Fittings C-Core and CD-Core Fittings

Cyber Security in Europe

How To Write An Article On The European Cyberspace Policy And Security Strategy

Dr. Vangelis OUZOUNIS Senior Expert Security Policies ENISA.

Cooperation in Securing National Critical Infrastructure

Achieving Global Cyber Security Through Collaboration

3 rd -party Security Risk Assessment

ICS-SCADA testing and patching: Recommendations for Europe

ENISA and Cloud Security

Usage of Information & Communication Technology (ICT) tools by Indian SMEs and its impact on their business

NIS Direktive und Europäische sicherheitsrelevante Projekte Udo Helmbrecht Executive Director, ENISA

CYSPA - EC projects supporting NIS

EU Priorities in Cybersecurity. Steve Purser Head of Core Operations Department June 2013

Prof. Udo Helmbrecht

CLOUD COMPUTING FOR ehealth DATA PROTECTION ISSUES

Cyber Security in Austria

Cyber Security and Cloud Computing. Dr Daniel Prince Course Director MSc in Cyber Security

An SME perspective on Cloud Computing November 09. Survey

Our Commitment to Information Security

Public consultation on Building a Capital Markets Union

ENISA Work programme

Implementation of the Small Business Act Developing new assessment instruments

Supporting CSIRTs in the EU Marco Thorbruegge Head of Unit Operational Security European Union Agency for Network and Information Security

Personal data and cloud computing, the cloud now has a standard. by Luca Bolognini

COMMISSION STAFF WORKING DOCUMENT. Report on the Implementation of the Communication 'Unleashing the Potential of Cloud Computing in Europe'

EUROPEAN COMMISSION Enterprise and Industry DG

A case study of performance appraisal in a SME: moving on from the tick-box generation

Cloud computing and personal data protection. Gwendal LE GRAND Director of technology and innovation CNIL

AN OVERVIEW OF INFORMATION SECURITY STANDARDS

Security Controls What Works. Southside Virginia Community College: Security Awareness

CloudingSMEs Deliverable D2.2.4 Roadmap reflecting the SMEs

Report on Hong Kong SME Cloud Adoption and Security Readiness Survey

Security Framework for Governmental Clouds

Powering Up the Network: A Report on Small Business Use of E-business Solutions in Canada

Towards defining priorities for cybersecurity research in Horizon 2020's work programme Contributions from the Working Group on Secure ICT

The ICT Sector and Knowledge-Based Economies in the ESCWA Region: Investing in Innovation

Memorandum to the Public Administration Select Committee

Electric Operations Manager

Council of the European Union Brussels, 4 July 2014 (OR. en) Mr Uwe CORSEPIUS, Secretary-General of the Council of the European Union

ENISA: Cybersecurity policy in Energy Dr. Andreas Mitrakas, LL.M., M.Sc., Head of Unit Quality & data mgt

WORKING GROUP ON CLOUD SECURITY AND PRIVACY

How To Help The European Single Market With Data And Information Technology

EMC CONSULTING SECURITY STANDARDS AND COMPLIANCE SERVICES

Security Guide for ICT Procurement

Challenges in E Procurement Adoption in Europe

Implementing an Environmental Management System

NURSING INFORMATION AND KNOWLEDGE MANAGEMENT

BlueCielo Meridian Today

EUROPEAN COMMISSION ENTERPRISE AND INDUSTRY DIRECTORATE-GENERAL. Space, Security and GMES Security Research and Development

Polish Agency for Enterprise Development

learndirect ecourses E-learning, on-demand

The Future Development of egovernment in Hong Kong

National Cybersecurity Management System: Framework, Maturity Model and Implementation Guide

SMEs and Internet of Things

THE IMPACT OF E-COMMERCE ON SMALL AND MEDIUM SIZED ENTERPRISES(SME) IN AUSTRALIA


European Cloud Computing Strategy

COMMISSION OF THE EUROPEAN COMMUNITIES

Pursuant to Convention No. 108 of the Council of Europe for the protection of persons with regard to the automated processing of personal data;

Cloud Computing Survey Perception of the companies. DPDP - Macedonia

How To Implement An Oiso Medical Device Quality Management System

Cyber Security for Railway Signalling

National Cyber Security Strategies

Survey report on Nordic initiative for social responsibility using ISO 26000

Position Paper. Introduction. General Remarks. Online Platforms

Tentative Action Plan

and Horizon 2020 the future calls Brendan Hawdon Head of Unit Framework Programme European Commission DG Research & Innovation

Asset Management Plan Development and Gap Analysis. Katie Erickson, City of Wyoming

Horizon 2020 Secure Societies

National Cyber Security Strategies. Practical Guide on Development and Execution

Transcription:

Security and privacy standardization for the SME community NLO meeting, Athens, March 4th 2015 European Union Agency for Network and Information Security www.enisa.europa.eu

PROJECT CONTEXT European Union Agency for Network and Information Security www.enisa.europa.eu 2

Information Security in SMEs 60% of SMEs had a security breach in 2014 82% of SMEs consider information security a high or very high priority in 2014, with 31% having as their main driver to protect their costumer information 40% of SMEs don t an have an information security policy 42% of SMEs don t plan or implement ISO 27001, while only 18% completely implement it. European Union Agency for Network and Information Security www.enisa.europa.eu 3

PROJECT OBJECTIVES European Union Agency for Network and Information Security www.enisa.europa.eu 4

OBJECTIVES To prepare a collection of the existing ICT security and privacy (S&P) standards that can be used by European SMEs To determine the main gaps & obstacles in S&P standardization for the SME community To elaborate recommendations for improving adoption rate of S&P standards European Union Agency for Network and Information Security www.enisa.europa.eu 5

PROJECT PHASES European Union Agency for Network and Information Security www.enisa.europa.eu 6

Stock taking on standards International or European standard developing organizations, professional associations, industry associations, etc. Specific standards targeting SMEs Standards for codes of practices, for securing business processes, for procuring secure products, for regulatory compliance, etc. European Union Agency for Network and Information Security www.enisa.europa.eu 7

Preparing questionnaire Determining the level of adoption of S&P standards by European SMEs Discovering the obstacles for the adoption of ICT S&P standards in SMEs Finding areas where standards would be useful to fill existing gaps Proposing strategies that could be introduced to support SMEs European Union Agency for Network and Information Security www.enisa.europa.eu 8

Preparing and conducting interviews Who are our target respondents? International and European standard developing organizations Professional and industry associations developing or promoting the use of standards in SMEs Small businesses associations Existing large initiatives aimed at promoting ICT security in SMEs European Union Agency for Network and Information Security www.enisa.europa.eu 9

Analysis of results of the interviews The status and gaps on the adoption of standards in the SME community The existing needs of the small businesses in this area The main perceived obstacles for adopting standards The possible instruments to move forward in this field European Union Agency for Network and Information Security www.enisa.europa.eu 10

Online privacy tools portal PROJECT RESULTS European Union Agency for Network and Information Security www.enisa.europa.eu 11

A report covering: List of existing ICT S&P standards that can be used by European small businesses. Main conclusions regarding the status of S&P standardization in SMEs. Recommendations on how to increase the adoption of ICT S&P standards in small businesses. European Union Agency for Network and Information Security www.enisa.europa.eu 12

Online privacy tools portal YOUR INPUT European Union Agency for Network and Information Security www.enisa.europa.eu 13

How could you help us? Please contact us if you: Can propose any organization that would be interested in participating in the study Are aware of the existence of S&P standards specifically targeting SMEs in your MS European Union Agency for Network and Information Security www.enisa.europa.eu 14

Thank you Follow ENISA: European Union Agency for Network and Information Security www.enisa.europa.eu

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information