How To Understand And Understand The European Priorities In Information Security



Similar documents
How To Write An Article On The European Cyberspace Policy And Security Strategy

EU Priorities in Cybersecurity. Steve Purser Head of Core Operations Department June 2013

Towards defining priorities for cybersecurity research in Horizon 2020's work programme Contributions from the Working Group on Secure ICT

Achieving Global Cyber Security Through Collaboration

Enhancing Cyber Security in Europe Dr. Cédric LÉVY-BENCHETON NIS Expert Cyber Security Summit 2015 Milan 16 April 2015

Prof. Udo Helmbrecht

Achieving Global Cyber Security Through Collaboration

JOINT COMMUNICATION TO THE EUROPEAN PARLIAMENT, THE COUNCIL, THE EUROPEAN ECONOMIC AND SOCIAL COMMITTEE AND THE COMMITTEE OF THE REGIONS

Dr. Vangelis OUZOUNIS Senior Expert Security Policies ENISA.

OUTCOME OF PROCEEDINGS

EU Cybersecurity: Ensuring Trust in the European Digital Economy

ENISA What s On? ENISA as facilitator for enhanced Network and Information Security in Europe. CENTR General Assembly, Brussels October 4, 2012

EU Cybersecurity Strategy and Proposal for Directive on network and information security (NIS) {JOIN(2013) 1 final} {COM(2013) 48 final}

ENISA TRAINING. Tentative agenda for workshop. Supported and co- organised by: TLP WHITE JANUARY 2016

Cyber Security for Railway Signalling

The Growth of the European Cybersecurity Market and of a EU Cybersecurity Industry

National Cyber Security Strategy

COMMISSION STAFF WORKING DOCUMENT. Report on the Implementation of the Communication 'Unleashing the Potential of Cloud Computing in Europe'

Honourable members of the National Parliaments of the EU member states and candidate countries,

Cloud and Critical Information Infrastructures

National Cyber Security Strategies

Virtual Appliance Instructions for ENISA CERT Training TLP WHITE APRIL European Union Agency For Network And Information Security

Supporting CSIRTs in the EU Marco Thorbruegge Head of Unit Operational Security European Union Agency for Network and Information Security

The internet and digital technologies play an integral part

EU policy on Network and Information Security and Critical Information Infrastructure Protection

Having regard to the Treaty on the Functioning of the European Union, and in particular Article 16 thereof,

Cooperation in Securing National Critical Infrastructure

Council of the European Union Brussels, 4 July 2014 (OR. en) Mr Uwe CORSEPIUS, Secretary-General of the Council of the European Union

Cyber Security in EU: ENISA approach

Cybersecurity and the Romanian business environment in the regional and European context

Cyber Security in Europe

ENISA and Cloud Security

The EU s approach to Cyber Security and Defence

Commonwealth Approach to Cybergovernance and Cybersecurity. By the Commonwealth Telecommunications Organisation

EUROPEAN COMMISSION ENTERPRISE AND INDUSTRY DIRECTORATE-GENERAL. Space, Security and GMES Security Research and Development

Cyber Security Strategy

CYSPA - EC projects supporting NIS

Cyber Security in EU: ENISA approach

CYSPA launch event - Turkey

Council of the European Union Brussels, 4 March 2015 (OR. en) Delegations No. prev. doc.: 9298/5/14 EU Cybersecurity Strategy: Road map development

Security and privacy standardization for the SME community

Horizon 2020 Secure Societies

GLOBAL CONFERENCE ON CYBERSPACE 2015 CHAIR S STATEMENT

COMMISSION OF THE EUROPEAN COMMUNITIES

Cybersecurity Strategy of the Republic of Cyprus

Public consultation on the contractual public-private partnership on cybersecurity and possible accompanying measures

Proposal for a DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL

5957/1/10 REV 1 GS/np 1 DG H 2 B LIMITE EN

Safety by trust: British model of cyber security. David Wallace, First Secretary, Head of of the Policy Delivery Group British Embassy in Warsaw

S. ll IN THE SENATE OF THE UNITED STATES

Cyber security initiatives in European Union and Greece The role of the Regulators

The UK cyber security strategy: Landscape review. Cross-government

Building up a European Cybersecurity

Proposal for a DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL

CYBER SECURITY AND CYBER DEFENCE IN THE EUROPEAN UNION OPPORTUNITIES, SYNERGIES AND CHALLENGES

Cyber Europe Key Findings and Recommendations

Cyber security Indian perspective & Collaboration With EU

National Cyber Security Policy -2013

Michael Yakushev PIR-Center, Moscow (Russia)

Cyber Security Strategy

European Union Agency for Network and Information Security ENISA ANNUAL REPORT

Cyber Diplomacy A New Component of Foreign Policy 6

United Nations General Assembly s Overall Review of the Implementation of WSIS Outcomes

Working Party on Information Security and Privacy

Cyberspace Situational Awarness in National Security System

ENISA and Cloud Security

Microsoft s cybersecurity commitment

How To Discuss Cybersecurity In European Parliament

Security Guide for ICT Procurement

Strategic Priorities for the Cooperation against Cybercrime in the Eastern Partnership Region

Germany: Report on Developments in the Field of Information and Telecommunications in the Context of International Security (RES 69/28),

ENISA: Cybersecurity policy in Energy Dr. Andreas Mitrakas, LL.M., M.Sc., Head of Unit Quality & data mgt

Council of the European Union Brussels, 5 June 2015 (OR. en) Delegations No. prev. doc.: 9298/5/14 EU Cybersecurity Strategy: Road map development

Internet Governance and Cybersecurity Patrick Curry MACCSA

Cyber Security and Cyber Warfare: The EU approach and experience Prof. Claudio CILLI CIA, CISA, CISSP, CISM, CSSLP, CRISC, CGEIT, M.Inst.

2. Taking into account the developments in the next five years, which are the actions to be launched at the EU level?

CYBER SECURITY LEGISLATION AND POLICY INITIATIVES - UGANDA CASE

Cyber Stability 2015 Geneva, 09 July African Union Perspectives on Cybersecurity and Cybercrime Issues.

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist,

WORK PROGRAMME NOVEMBER 2012

NIS Direktive und Europäische sicherheitsrelevante Projekte Udo Helmbrecht Executive Director, ENISA

Making our Cyber Space Safe

How To Prevent Cyber Crime

GOVERNMENT OF THE REPUBLIC OF LITHUANIA

Cyber Security Recommendations October 29, 2002

DIGITALEUROPE and European Services Forum (ESF) response to the Draft Supervision Rules on Insurance Institutions Adopting Digitalised Operations

ENISA and Cloud Security

Transcription:

European priorities in information security Graeme Cooper Head of Public Affairs Unit, ENISA 12th International InfoSec and Data Storage Conference, 26th September 2013, Sheraton Hotel, Sofia, Bulgaria European Union Agency for Network and Information Security www.enisa.europa.eu

EU Cubersecurity Strategy essential points An Open, Safe and Secure Cyberspace The norms, principles and values that the EU upholds offline, should also apply online. Cyberspace must be correctly protected: Governments have a significant role in ensuring a free and safe cyberspace. The private sector owns and operates significant parts of cyberspace and has a leading role. Outside the EU, governments may misuse cyberspace for surveillance and control. The EU can counter this situation by promoting freedom online and ensuring respect of fundamental rights online. European Union Agency for Network and Information Security www.enisa.europa.eu 2

Economic Arguments By completing the Digital Single Market, Europe could boost its GDP by almost 500 billion a year. For new connected technologies to take off citizens will need trust and confidence. Currently, Europeans are not confident in their ability to use the Internet for banking or purchases. They are also reluctant to disclose personal information. Across the EU, more than one in ten Internet users has been a victim of online fraud. The EU economy is already affected by cybercrime activities, economic espionage and state sponsored activities are new threats. European Union Agency for Network and Information Security www.enisa.europa.eu 3

The Principles The strategy proposes key principles to guide the EU and international approach: The EU's core values apply as much in the digital as in the physical world. Fundamental rights, freedom of expression, personal data and privacy should be protected. The Internet should be accessible to all citizens. The digital world must be subject to democratic and efficient multi stakeholder governance. Ensuring security is a shared responsibility. European Union Agency for Network and Information Security www.enisa.europa.eu 4

Strategic Priorities The Five strategic objectives of the strategy are as follows: Achieving cyber resilience Drastically reducing cybercrime Developing cyberdefence policy and capabilities related to the Common Security and Defence Policy (CSDP) Developing the industrial and technological resources for cybersecurity Establishing a coherent international cyberspace policy for the European Union and promoting core EU values ENISA explicitly called upon. European Union Agency for Network and Information Security www.enisa.europa.eu 5

Achieving Cyber Resilience Introduces ENISA and explains the policy on NIS. Makes reference to articles 13a & 13b. Introduces the legislative proposal. Stresses the importance of the following: The establishment of a cybersecurity culture to enhance business opportunities and competitiveness. Reporting significant incidents to the national NIS competent authorities. Exchange of information between National NIS competent authorities and other regulatory bodies. Recognises that exercises at EU level are essential to stimulate cooperation among the MS and the private sector. European Union Agency for Network and Information Security www.enisa.europa.eu 6

The Legislative Proposal Key points: Will help establish common minimum requirements for NIS at national level. Requires Member States to designate national competent authorities for NIS, set up a competent CERT and adopt a national NIS strategy and a national NIS cooperation plan. Explains the role of the CERT EU regarding the EU institutions, agencies and bodies. Requires the establishment of coordinated prevention, detection, mitigation and response mechanisms. Requires the private sector to develop, at a technical level, its own cyber resilience capacities and share best practices across sectors. European Union Agency for Network and Information Security www.enisa.europa.eu 7

Achieving Cyber Resilience (1 of 2) In the area of cyber resilience, the EC asks ENISA to: Assist the Member States in developing strong national cyber resilience capabilities. Examine in 2013 the feasibility of Computer Security Incident Response Team(s) for Industrial Control Systems (ICS CSIRTs) for the EU. Continue supporting the Member States and the EU institutions in carrying out regular pan European cyber incident exercises. European Union Agency for Network and Information Security www.enisa.europa.eu 8

Achieving Cyber Resilience (2 of 2) Specifically in terms of raising awareness, the Commission asks ENISA to: Propose in 2013 a roadmap for a "Network and Information Security driving licence". Support a cybersecurity championship in 2014, where university students will compete in proposing NIS solutions. European Union Agency for Network and Information Security www.enisa.europa.eu 9

European Cybersecurity Month 2013 http://cybersecuritymonth.eu/ European Union Agency for Network and Information Security www.enisa.europa.eu 10

Developing Resources There is a risk that Europe becomes excessively dependent on ICT and on security solutions developed outside its frontiers. Hardware and software components used in critical services and infrastructure must be trustworthy, secure and guarantee the protection of personal data. In order to mitigate this risk, the strategy proposes two action areas: Promoting a Single Market for cybersecurity products Fostering R&D investments and innovation European Union Agency for Network and Information Security www.enisa.europa.eu 11

Single Market for Products A high level of security can only be ensured if all in the value chain make security a priority. The strategy aims to increase cooperation and transparency about security in ICT products: It calls for the establishment of a platform to identify good cybersecurity practices across the value chain. COM will support the development of security standards and assist with EU wide voluntary certification schemes. Cloud computing and data protection. critical economic sectors Industrial Control Systems, energy and transport infrastructure. European Union Agency for Network and Information Security www.enisa.europa.eu 12

R&D and Innovation R&D should fill technology gaps in ICT security and prepare for the next generation of security. The Horizon 2020 Framework Programme for Research and Innovation will be launched in 2014: There are specific objectives for trustworthy ICT as well as for combating cyber crime. Specific attention will be drawn at EU level to optimising and better coordinating various funding programmes European Union Agency for Network and Information Security www.enisa.europa.eu 13

Developing Resources The Commission asks ENISA to: Develop, in cooperation with relevant stakeholders, technical guidelines and recommendations for the adoption of NIS standards and good practices in the public and private sectors. Collaborate with Europol to identify emerging trends and needs in view of evolving cybercrime and cybersecurity patterns so as to develop adequate digital forensic tools and technologies. European Union Agency for Network and Information Security www.enisa.europa.eu 14

Further Involvement of ENISA Although ENISA is not explicitly mentioned in the other strategic priorities, there is clearly a role for the Agency. The EU Internal Security Strategy explains how ENISA should collaborate with the recently established EU Cyber Crime Centre. We have a role in creating a strong culture of NIS throughout the EU. This can only be achieved by bringing communities together and ensuring that information on NIS is shared between such communities in an appropriate manner. European Union Agency for Network and Information Security www.enisa.europa.eu 15

Concluding Remarks Complex ICT systems keep our economies running in key sectors such as finance, health, energy, etc. Many business models are built on the uninterrupted availability of the Internet and the smooth functioning of information systems EC Recognises the importance of ICT in contributing to EUs economic growth and its role as a critical resource for all economic sectors ENISA is already well established and contributing in many of the areas described in the EU proposal for an EU cybersecurity strategy. European Union Agency for Network and Information Security www.enisa.europa.eu 16

Thank you. Graeme Cooper, Head of Public Affairs Unit, ENISA ENISA European Union Agency for Network and Information Security Science and Technology Park of Crete (ITE) Vassilika Vouton, 700 13, Heraklion, Greece Athens Office 1 Vass. Sofias & Meg. Alexandrou Marousi 151 24, Athens, Greece Follow ENISA: European Union Agency for Network and Information Security www.enisa.europa.eu

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information