SlideShare uma empresa Scribd logo

European priorities in information security

European Union Agency for Network and Information Security (ENISA)
European Union Agency for Network and Information Security (ENISA)

© European Union Agency for Network and Information Security (ENISA), 2013 http://enisa.europa.eu

TecnologiaNotícias e política
1 de 17
European Union Agency for Network and Information Security www.enisa.europa.eu European priorities in information security Graeme Cooper Head of Public Affairs Unit, ENISA 12th International InfoSec and Data Storage Conference, 26th September 2013, Sheraton Hotel, Sofia, Bulgaria
European Union Agency for Network and Information Security www.enisa.europa.eu 2 EU Cubersecurity Strategy - essential points “An Open, Safe and Secure Cyberspace” • The norms, principles and values that the EU upholds offline, should also apply online. • Cyberspace must be correctly protected: – Governments have a significant role in ensuring a free and safe cyberspace. – The private sector owns and operates significant parts of cyberspace and has a leading role. • Outside the EU, governments may misuse cyberspace for surveillance and control. – The EU can counter this situation by promoting freedom online and ensuring respect of fundamental rights online.
European Union Agency for Network and Information Security www.enisa.europa.eu 3 Economic Arguments • By completing the Digital Single Market, Europe could boost its GDP by almost €500 billion a year. • For new connected technologies to take off citizens will need trust and confidence. – Currently, Europeans are not confident in their ability to use the Internet for banking or purchases. – They are also reluctant to disclose personal information. – Across the EU, more than one in ten Internet users has been a victim of online fraud. • The EU economy is already affected by cybercrime activities, economic espionage and state-sponsored activities are new threats.
European Union Agency for Network and Information Security www.enisa.europa.eu 4 The Principles • The strategy proposes key principles to guide the EU and international approach: – The EU's core values apply as much in the digital as in the physical world. – Fundamental rights, freedom of expression, personal data and privacy should be protected. – The Internet should be accessible to all citizens. – The digital world must be subject to democratic and efficient multi-stakeholder governance. – Ensuring security is a shared responsibility.
European Union Agency for Network and Information Security www.enisa.europa.eu 5 Strategic Priorities • The Five strategic objectives of the strategy are as follows: – Achieving cyber resilience – Drastically reducing cybercrime – Developing cyberdefence policy and capabilities related to the Common Security and Defence Policy (CSDP) – Developing the industrial and technological resources for cybersecurity – Establishing a coherent international cyberspace policy for the European Union and promoting core EU values ENISA explicitly called upon.
European Union Agency for Network and Information Security www.enisa.europa.eu 6 Achieving Cyber Resilience • Introduces ENISA and explains the policy on NIS. • Makes reference to articles 13a & 13b. • Introduces the legislative proposal. • Stresses the importance of the following: – The establishment of a cybersecurity culture to enhance business opportunities and competitiveness. – Reporting significant incidents to the national NIS competent authorities. – Exchange of information between National NIS competent authorities and other regulatory bodies. – Recognises that exercises at EU level are essential to stimulate cooperation among the MS and the private sector.
European Union Agency for Network and Information Security www.enisa.europa.eu 7 The Legislative Proposal • Key points: – Will help establish common minimum requirements for NIS at national level. – Requires Member States to designate national competent authorities for NIS, set up a competent CERT and adopt a national NIS strategy and a national NIS cooperation plan. – Explains the role of the CERT EU regarding the EU institutions, agencies and bodies. – Requires the establishment of coordinated prevention, detection, mitigation and response mechanisms. – Requires the private sector to develop, at a technical level, its own cyber resilience capacities and share best practices across sectors.
European Union Agency for Network and Information Security www.enisa.europa.eu 8 Achieving Cyber Resilience (1 of 2) • In the area of cyber resilience, the EC asks ENISA to: – Assist the Member States in developing strong national cyber resilience capabilities. – Examine in 2013 the feasibility of Computer Security Incident Response Team(s) for Industrial Control Systems (ICS-CSIRTs) for the EU. – Continue supporting the Member States and the EU institutions in carrying out regular pan-European cyber incident exercises.
European Union Agency for Network and Information Security www.enisa.europa.eu 9 Achieving Cyber Resilience (2 of 2) • Specifically in terms of raising awareness, the Commission asks ENISA to: – Propose in 2013 a roadmap for a "Network and Information Security driving licence". – Support a cybersecurity championship in 2014, where university students will compete in proposing NIS solutions.
European Union Agency for Network and Information Security www.enisa.europa.eu 10 European Cybersecurity Month 2013 http://cybersecuritymonth.eu/
European Union Agency for Network and Information Security www.enisa.europa.eu 11 Developing Resources • There is a risk that Europe becomes excessively dependent on ICT and on security solutions developed outside its frontiers. • Hardware and software components used in critical services and infrastructure must be trustworthy, secure and guarantee the protection of personal data. • In order to mitigate this risk, the strategy proposes two action areas: – Promoting a Single Market for cybersecurity products – Fostering R&D investments and innovation
European Union Agency for Network and Information Security www.enisa.europa.eu 12 Single Market for Products • A high level of security can only be ensured if all in the value chain make security a priority. • The strategy aims to increase cooperation and transparency about security in ICT products: – It calls for the establishment of a platform to identify good cybersecurity practices across the value chain. • COM will support the development of security standards and assist with EU-wide voluntary certification schemes. – Cloud computing and data protection. – critical economic sectors - Industrial Control Systems, energy and transport infrastructure.
European Union Agency for Network and Information Security www.enisa.europa.eu 13 R&D and Innovation • R&D should fill technology gaps in ICT security and prepare for the next generation of security. • The Horizon 2020 Framework Programme for Research and Innovation will be launched in 2014: – There are specific objectives for trustworthy ICT as well as for combating cyber-crime. • Specific attention will be drawn at EU level to optimising and better coordinating various funding programmes
European Union Agency for Network and Information Security www.enisa.europa.eu 14 Developing Resources • The Commission asks ENISA to: – Develop, in cooperation with relevant stakeholders, technical guidelines and recommendations for the adoption of NIS standards and good practices in the public and private sectors. – Collaborate with Europol to identify emerging trends and needs in view of evolving cybercrime and cybersecurity patterns so as to develop adequate digital forensic tools and technologies.
European Union Agency for Network and Information Security www.enisa.europa.eu 15 Further Involvement of ENISA • Although ENISA is not explicitly mentioned in the other strategic priorities, there is clearly a role for the Agency. • The EU Internal Security Strategy explains how ENISA should collaborate with the recently established EU Cyber Crime Centre. • We have a role in creating a strong culture of NIS throughout the EU. • This can only be achieved by bringing communities together and ensuring that information on NIS is shared between such communities in an appropriate manner.
European Union Agency for Network and Information Security www.enisa.europa.eu 16 Concluding Remarks • Complex ICT systems keep our economies running in key sectors such as finance, health, energy, etc. • Many business models are built on the uninterrupted availability of the Internet and the smooth functioning of information systems • EC Recognises the importance of ICT in contributing to EUs economic growth and its role as a critical resource for all economic sectors • ENISA is already well established and contributing in many of the areas described in the EU proposal for an EU cybersecurity strategy.
www.enisa.europa.eu Follow ENISA: European Union Agency for Network and Information Security Thank you. Graeme Cooper, Head of Public Affairs Unit, ENISA ENISA European Union Agency for Network and Information Security Science and Technology Park of Crete (ITE) Vassilika Vouton, 700 13, Heraklion, Greece Athens Office 1 Vass. Sofias & Meg. Alexandrou Marousi 151 24, Athens, Greece

Recomendados

Protecting Europe's Network Infrastructure
Protecting Europe's Network Infrastructure Protecting Europe's Network Infrastructure
Protecting Europe's Network InfrastructureEuropean Union Agency for Network and Information Security (ENISA)
 
EUACM Cybersecurity White Paper
EUACM Cybersecurity White PaperEUACM Cybersecurity White Paper
EUACM Cybersecurity White Paperpteromys_volans
 
Session 2.1 Martin Mühleck
Session 2.1 Martin MühleckSession 2.1 Martin Mühleck
Session 2.1 Martin MühleckCommonwealth Telecommunications Organisation
 
National cyber security strategies
National cyber security strategiesNational cyber security strategies
National cyber security strategiesjcp88600
 
Presentation on EU Directives Impacting Cyber Security for Information Securi...
Presentation on EU Directives Impacting Cyber Security for Information Securi...Presentation on EU Directives Impacting Cyber Security for Information Securi...
Presentation on EU Directives Impacting Cyber Security for Information Securi...Brian Honan
 
CTO-CybersecurityForum-2010-Andrea Gloriso
CTO-CybersecurityForum-2010-Andrea GlorisoCTO-CybersecurityForum-2010-Andrea Gloriso
CTO-CybersecurityForum-2010-Andrea Glorisosegughana
 
1 ecso general_ext_sept2017_bari
1 ecso general_ext_sept2017_bari1 ecso general_ext_sept2017_bari
1 ecso general_ext_sept2017_bariRedazione InnovaPuglia
 
National Strategies against Cyber Attacks - Philip Victor
National Strategies against Cyber Attacks - Philip VictorNational Strategies against Cyber Attacks - Philip Victor
National Strategies against Cyber Attacks - Philip VictorKnowledge Group
 

Recomendados

Protecting Europe's Network Infrastructure
Protecting Europe's Network Infrastructure Protecting Europe's Network Infrastructure
Protecting Europe's Network InfrastructureEuropean Union Agency for Network and Information Security (ENISA)
 
EUACM Cybersecurity White Paper
EUACM Cybersecurity White PaperEUACM Cybersecurity White Paper
EUACM Cybersecurity White Paperpteromys_volans
 
Session 2.1 Martin Mühleck
Session 2.1 Martin MühleckSession 2.1 Martin Mühleck
Session 2.1 Martin MühleckCommonwealth Telecommunications Organisation
 
National cyber security strategies
National cyber security strategiesNational cyber security strategies
National cyber security strategiesjcp88600
 
Presentation on EU Directives Impacting Cyber Security for Information Securi...
Presentation on EU Directives Impacting Cyber Security for Information Securi...Presentation on EU Directives Impacting Cyber Security for Information Securi...
Presentation on EU Directives Impacting Cyber Security for Information Securi...Brian Honan
 
CTO-CybersecurityForum-2010-Andrea Gloriso
CTO-CybersecurityForum-2010-Andrea GlorisoCTO-CybersecurityForum-2010-Andrea Gloriso
CTO-CybersecurityForum-2010-Andrea Glorisosegughana
 
1 ecso general_ext_sept2017_bari
1 ecso general_ext_sept2017_bari1 ecso general_ext_sept2017_bari
1 ecso general_ext_sept2017_bariRedazione InnovaPuglia
 
National Strategies against Cyber Attacks - Philip Victor
National Strategies against Cyber Attacks - Philip VictorNational Strategies against Cyber Attacks - Philip Victor
National Strategies against Cyber Attacks - Philip VictorKnowledge Group
 
Digital Transformation Strategy for Africa, 2020 - 2030 by AU
Digital Transformation Strategy for Africa, 2020 - 2030 by AUDigital Transformation Strategy for Africa, 2020 - 2030 by AU
Digital Transformation Strategy for Africa, 2020 - 2030 by AUEmmanuel Mumuni
 
ECIL: EU Cybersecurity Package and EU Certification Framework
ECIL: EU Cybersecurity Package and EU Certification FrameworkECIL: EU Cybersecurity Package and EU Certification Framework
ECIL: EU Cybersecurity Package and EU Certification FrameworkDeutsche Telekom AG
 
Summer school 2017 giannakoula _european agenda on security
Summer school 2017 giannakoula _european agenda on securitySummer school 2017 giannakoula _european agenda on security
Summer school 2017 giannakoula _european agenda on securityNikolaos Georgitsopoulos
 
CTO-CybersecurityForum-2010-Michael Katundu
CTO-CybersecurityForum-2010-Michael KatunduCTO-CybersecurityForum-2010-Michael Katundu
CTO-CybersecurityForum-2010-Michael Katundusegughana
 
Session 5.3 Alexander Ntoko
Session 5.3 Alexander NtokoSession 5.3 Alexander Ntoko
Session 5.3 Alexander NtokoCommonwealth Telecommunications Organisation
 
Tomasz Czajkowski
Tomasz CzajkowskiTomasz Czajkowski
Tomasz Czajkowskisegughana
 
MARMARA2012_CyberTerror_ElecGrid_OK
MARMARA2012_CyberTerror_ElecGrid_OKMARMARA2012_CyberTerror_ElecGrid_OK
MARMARA2012_CyberTerror_ElecGrid_OKMARIUS EUGEN OPRAN
 
Steve Purser
Steve Purser Steve Purser
Steve Purser globalforum11
 
CIP eu 2016 114(-8)
CIP eu 2016 114(-8)CIP eu 2016 114(-8)
CIP eu 2016 114(-8)Jan Biets [jan_biets@hotmail.com]
 
Cybersecurity nl
Cybersecurity nlCybersecurity nl
Cybersecurity nlMark Johnson
 
EIOPA: CYBER RISKS FOR INSURERS-CHALLENGES AND OPPORTUNITIES
EIOPA: CYBER RISKS FOR INSURERS-CHALLENGES AND OPPORTUNITIESEIOPA: CYBER RISKS FOR INSURERS-CHALLENGES AND OPPORTUNITIES
EIOPA: CYBER RISKS FOR INSURERS-CHALLENGES AND OPPORTUNITIESΔρ. Γιώργος K. Κασάπης
 
Cybersecurity for Critical National Information Infrastructure
Cybersecurity for Critical National Information InfrastructureCybersecurity for Critical National Information Infrastructure
Cybersecurity for Critical National Information InfrastructureDr David Probert
 
Internet Society Singapore Chapter AGM 2019 and update for 2020
Internet Society Singapore Chapter AGM 2019 and update for 2020Internet Society Singapore Chapter AGM 2019 and update for 2020
Internet Society Singapore Chapter AGM 2019 and update for 2020Benjamin Ang
 
Dataistheborder
DataistheborderDataistheborder
Dataistheborderburmaball
 
Singapore Asean cyber conflict and cybersecurity strategy - for Columbia Univ...
Singapore Asean cyber conflict and cybersecurity strategy - for Columbia Univ...Singapore Asean cyber conflict and cybersecurity strategy - for Columbia Univ...
Singapore Asean cyber conflict and cybersecurity strategy - for Columbia Univ...Benjamin Ang
 
SC7 Workshop 2: Big Data Challenges in Cybersecurity
SC7 Workshop 2: Big Data Challenges in CybersecuritySC7 Workshop 2: Big Data Challenges in Cybersecurity
SC7 Workshop 2: Big Data Challenges in CybersecurityBigData_Europe
 
European Directive DRAFT Network and Information Technology Security
European Directive DRAFT Network and Information Technology SecurityEuropean Directive DRAFT Network and Information Technology Security
European Directive DRAFT Network and Information Technology SecurityDavid Sweigert
 
The European cyber security cPPP strategic research & innovation agenda
The European cyber security cPPP strategic research & innovation agendaThe European cyber security cPPP strategic research & innovation agenda
The European cyber security cPPP strategic research & innovation agendaEUBrasilCloudFORUM .
 
EDF2014: Marta Nagy-Rothengass, Head of Unit Data Value Chain, Directorate Ge...
EDF2014: Marta Nagy-Rothengass, Head of Unit Data Value Chain, Directorate Ge...EDF2014: Marta Nagy-Rothengass, Head of Unit Data Value Chain, Directorate Ge...
EDF2014: Marta Nagy-Rothengass, Head of Unit Data Value Chain, Directorate Ge...European Data Forum
 
Cybersecurity isaca
Cybersecurity isacaCybersecurity isaca
Cybersecurity isacaAntoine Vigneron
 
Cyber security and resilience of intelligent public transport
Cyber security and resilience of intelligent public transportCyber security and resilience of intelligent public transport
Cyber security and resilience of intelligent public transportAndrey Apuhtin
 
Cyber security for smart cities an architecture model for public transport
Cyber security for smart cities an architecture model for public transportCyber security for smart cities an architecture model for public transport
Cyber security for smart cities an architecture model for public transportAndrey Apuhtin
 

Mais conteúdo relacionado

Mais procurados

Digital Transformation Strategy for Africa, 2020 - 2030 by AU
Digital Transformation Strategy for Africa, 2020 - 2030 by AUDigital Transformation Strategy for Africa, 2020 - 2030 by AU
Digital Transformation Strategy for Africa, 2020 - 2030 by AUEmmanuel Mumuni
 
ECIL: EU Cybersecurity Package and EU Certification Framework
ECIL: EU Cybersecurity Package and EU Certification FrameworkECIL: EU Cybersecurity Package and EU Certification Framework
ECIL: EU Cybersecurity Package and EU Certification FrameworkDeutsche Telekom AG
 
Summer school 2017 giannakoula _european agenda on security
Summer school 2017 giannakoula _european agenda on securitySummer school 2017 giannakoula _european agenda on security
Summer school 2017 giannakoula _european agenda on securityNikolaos Georgitsopoulos
 
CTO-CybersecurityForum-2010-Michael Katundu
CTO-CybersecurityForum-2010-Michael KatunduCTO-CybersecurityForum-2010-Michael Katundu
CTO-CybersecurityForum-2010-Michael Katundusegughana
 
Tomasz Czajkowski
Tomasz CzajkowskiTomasz Czajkowski
Tomasz Czajkowskisegughana
 
MARMARA2012_CyberTerror_ElecGrid_OK
MARMARA2012_CyberTerror_ElecGrid_OKMARMARA2012_CyberTerror_ElecGrid_OK
MARMARA2012_CyberTerror_ElecGrid_OKMARIUS EUGEN OPRAN
 
Cybersecurity for Critical National Information Infrastructure
Cybersecurity for Critical National Information InfrastructureCybersecurity for Critical National Information Infrastructure
Cybersecurity for Critical National Information InfrastructureDr David Probert
 
Internet Society Singapore Chapter AGM 2019 and update for 2020
Internet Society Singapore Chapter AGM 2019 and update for 2020Internet Society Singapore Chapter AGM 2019 and update for 2020
Internet Society Singapore Chapter AGM 2019 and update for 2020Benjamin Ang
 
Dataistheborder
DataistheborderDataistheborder
Dataistheborderburmaball
 
Singapore Asean cyber conflict and cybersecurity strategy - for Columbia Univ...
Singapore Asean cyber conflict and cybersecurity strategy - for Columbia Univ...Singapore Asean cyber conflict and cybersecurity strategy - for Columbia Univ...
Singapore Asean cyber conflict and cybersecurity strategy - for Columbia Univ...Benjamin Ang
 

Mais procurados (15)

Digital Transformation Strategy for Africa, 2020 - 2030 by AU
Digital Transformation Strategy for Africa, 2020 - 2030 by AUDigital Transformation Strategy for Africa, 2020 - 2030 by AU
Digital Transformation Strategy for Africa, 2020 - 2030 by AU
 
ECIL: EU Cybersecurity Package and EU Certification Framework
ECIL: EU Cybersecurity Package and EU Certification FrameworkECIL: EU Cybersecurity Package and EU Certification Framework
ECIL: EU Cybersecurity Package and EU Certification Framework
 
Summer school 2017 giannakoula _european agenda on security
Summer school 2017 giannakoula _european agenda on securitySummer school 2017 giannakoula _european agenda on security
Summer school 2017 giannakoula _european agenda on security
 
CTO-CybersecurityForum-2010-Michael Katundu
CTO-CybersecurityForum-2010-Michael KatunduCTO-CybersecurityForum-2010-Michael Katundu
CTO-CybersecurityForum-2010-Michael Katundu
 
Session 5.3 Alexander Ntoko
Session 5.3 Alexander NtokoSession 5.3 Alexander Ntoko
Session 5.3 Alexander Ntoko
 
Tomasz Czajkowski
Tomasz CzajkowskiTomasz Czajkowski
Tomasz Czajkowski
 
MARMARA2012_CyberTerror_ElecGrid_OK
MARMARA2012_CyberTerror_ElecGrid_OKMARMARA2012_CyberTerror_ElecGrid_OK
MARMARA2012_CyberTerror_ElecGrid_OK
 
Steve Purser
Steve Purser Steve Purser
Steve Purser
 
CIP eu 2016 114(-8)
CIP eu 2016 114(-8)CIP eu 2016 114(-8)
CIP eu 2016 114(-8)
 
Cybersecurity nl
Cybersecurity nlCybersecurity nl
Cybersecurity nl
 
EIOPA: CYBER RISKS FOR INSURERS-CHALLENGES AND OPPORTUNITIES
EIOPA: CYBER RISKS FOR INSURERS-CHALLENGES AND OPPORTUNITIESEIOPA: CYBER RISKS FOR INSURERS-CHALLENGES AND OPPORTUNITIES
EIOPA: CYBER RISKS FOR INSURERS-CHALLENGES AND OPPORTUNITIES
 
Cybersecurity for Critical National Information Infrastructure
Cybersecurity for Critical National Information InfrastructureCybersecurity for Critical National Information Infrastructure
Cybersecurity for Critical National Information Infrastructure
 
Internet Society Singapore Chapter AGM 2019 and update for 2020
Internet Society Singapore Chapter AGM 2019 and update for 2020Internet Society Singapore Chapter AGM 2019 and update for 2020
Internet Society Singapore Chapter AGM 2019 and update for 2020
 
Dataistheborder
DataistheborderDataistheborder
Dataistheborder
 
Singapore Asean cyber conflict and cybersecurity strategy - for Columbia Univ...
Singapore Asean cyber conflict and cybersecurity strategy - for Columbia Univ...Singapore Asean cyber conflict and cybersecurity strategy - for Columbia Univ...
Singapore Asean cyber conflict and cybersecurity strategy - for Columbia Univ...
 

Semelhante a European priorities in information security

SC7 Workshop 2: Big Data Challenges in Cybersecurity
SC7 Workshop 2: Big Data Challenges in CybersecuritySC7 Workshop 2: Big Data Challenges in Cybersecurity
SC7 Workshop 2: Big Data Challenges in CybersecurityBigData_Europe
 
European Directive DRAFT Network and Information Technology Security
European Directive DRAFT Network and Information Technology SecurityEuropean Directive DRAFT Network and Information Technology Security
European Directive DRAFT Network and Information Technology SecurityDavid Sweigert
 
The European cyber security cPPP strategic research & innovation agenda
The European cyber security cPPP strategic research & innovation agendaThe European cyber security cPPP strategic research & innovation agenda
The European cyber security cPPP strategic research & innovation agendaEUBrasilCloudFORUM .
 
EDF2014: Marta Nagy-Rothengass, Head of Unit Data Value Chain, Directorate Ge...
EDF2014: Marta Nagy-Rothengass, Head of Unit Data Value Chain, Directorate Ge...EDF2014: Marta Nagy-Rothengass, Head of Unit Data Value Chain, Directorate Ge...
EDF2014: Marta Nagy-Rothengass, Head of Unit Data Value Chain, Directorate Ge...European Data Forum
 
Cyber security and resilience of intelligent public transport
Cyber security and resilience of intelligent public transportCyber security and resilience of intelligent public transport
Cyber security and resilience of intelligent public transportAndrey Apuhtin
 
Cyber security for smart cities an architecture model for public transport
Cyber security for smart cities an architecture model for public transportCyber security for smart cities an architecture model for public transport
Cyber security for smart cities an architecture model for public transportAndrey Apuhtin
 
Granada declaration - European Digital Agenda
Granada declaration - European Digital AgendaGranada declaration - European Digital Agenda
Granada declaration - European Digital AgendaEuropean e-Business Lab
 
ENISA - EU strategies for cyber incident response
ENISA - EU strategies for cyber incident responseENISA - EU strategies for cyber incident response
ENISA - EU strategies for cyber incident responseKevin Duffey
 
North European Cybersecurity Cluster - an example of the regional trust platf...
North European Cybersecurity Cluster - an example of the regional trust platf...North European Cybersecurity Cluster - an example of the regional trust platf...
North European Cybersecurity Cluster - an example of the regional trust platf...DATA SECURITY SOLUTIONS
 
Eu cybersecurity strategy 130207
Eu cybersecurity strategy 130207Eu cybersecurity strategy 130207
Eu cybersecurity strategy 130207Yury Chemerkin
 
Digital europeprogram2021 2027
Digital europeprogram2021 2027Digital europeprogram2021 2027
Digital europeprogram2021 2027Simone Torrente
 
SC7 Workshop 3: Enhancing cyber defence of cyber space systems
SC7 Workshop 3: Enhancing cyber defence of cyber space systemsSC7 Workshop 3: Enhancing cyber defence of cyber space systems
SC7 Workshop 3: Enhancing cyber defence of cyber space systemsBigData_Europe
 
Cyber Security Strategies and Approaches
Cyber Security Strategies and ApproachesCyber Security Strategies and Approaches
Cyber Security Strategies and Approachesvngundi
 
ITU Cybersecurity Capabilities
ITU Cybersecurity CapabilitiesITU Cybersecurity Capabilities
ITU Cybersecurity CapabilitiesITU
 
WISER @Ferma Forum, 4-7 October 2015, Venice, Italy
WISER @Ferma Forum, 4-7 October 2015, Venice, ItalyWISER @Ferma Forum, 4-7 October 2015, Venice, Italy
WISER @Ferma Forum, 4-7 October 2015, Venice, ItalyCYBERWISER .eu
 
Looking beyond 2020 IEEE – 13th System of Systems Engineering Conference - So...
Looking beyond 2020 IEEE – 13th System of Systems Engineering Conference - So...Looking beyond 2020 IEEE – 13th System of Systems Engineering Conference - So...
Looking beyond 2020 IEEE – 13th System of Systems Engineering Conference - So...Sandro D'Elia
 

Semelhante a European priorities in information security (20)

SC7 Workshop 2: Big Data Challenges in Cybersecurity
SC7 Workshop 2: Big Data Challenges in CybersecuritySC7 Workshop 2: Big Data Challenges in Cybersecurity
SC7 Workshop 2: Big Data Challenges in Cybersecurity
 
European Directive DRAFT Network and Information Technology Security
European Directive DRAFT Network and Information Technology SecurityEuropean Directive DRAFT Network and Information Technology Security
European Directive DRAFT Network and Information Technology Security
 
The European cyber security cPPP strategic research & innovation agenda
The European cyber security cPPP strategic research & innovation agendaThe European cyber security cPPP strategic research & innovation agenda
The European cyber security cPPP strategic research & innovation agenda
 
EDF2014: Marta Nagy-Rothengass, Head of Unit Data Value Chain, Directorate Ge...
EDF2014: Marta Nagy-Rothengass, Head of Unit Data Value Chain, Directorate Ge...EDF2014: Marta Nagy-Rothengass, Head of Unit Data Value Chain, Directorate Ge...
EDF2014: Marta Nagy-Rothengass, Head of Unit Data Value Chain, Directorate Ge...
 
Cybersecurity isaca
Cybersecurity isacaCybersecurity isaca
Cybersecurity isaca
 
Cyber security and resilience of intelligent public transport
Cyber security and resilience of intelligent public transportCyber security and resilience of intelligent public transport
Cyber security and resilience of intelligent public transport
 
Cyber security for smart cities an architecture model for public transport
Cyber security for smart cities an architecture model for public transportCyber security for smart cities an architecture model for public transport
Cyber security for smart cities an architecture model for public transport
 
Granada declaration - European Digital Agenda
Granada declaration - European Digital AgendaGranada declaration - European Digital Agenda
Granada declaration - European Digital Agenda
 
ENISA - EU strategies for cyber incident response
ENISA - EU strategies for cyber incident responseENISA - EU strategies for cyber incident response
ENISA - EU strategies for cyber incident response
 
North European Cybersecurity Cluster - an example of the regional trust platf...
North European Cybersecurity Cluster - an example of the regional trust platf...North European Cybersecurity Cluster - an example of the regional trust platf...
North European Cybersecurity Cluster - an example of the regional trust platf...
 
Digital single market
Digital single marketDigital single market
Digital single market
 
Eu cybersecurity strategy 130207
Eu cybersecurity strategy 130207Eu cybersecurity strategy 130207
Eu cybersecurity strategy 130207
 
Dantemtc a rouby_european_policies
Dantemtc a rouby_european_policiesDantemtc a rouby_european_policies
Dantemtc a rouby_european_policies
 
Digital europeprogram2021 2027
Digital europeprogram2021 2027Digital europeprogram2021 2027
Digital europeprogram2021 2027
 
SC7 Workshop 3: Enhancing cyber defence of cyber space systems
SC7 Workshop 3: Enhancing cyber defence of cyber space systemsSC7 Workshop 3: Enhancing cyber defence of cyber space systems
SC7 Workshop 3: Enhancing cyber defence of cyber space systems
 
Cyber Security Strategies and Approaches
Cyber Security Strategies and ApproachesCyber Security Strategies and Approaches
Cyber Security Strategies and Approaches
 
ITU Cybersecurity Capabilities
ITU Cybersecurity CapabilitiesITU Cybersecurity Capabilities
ITU Cybersecurity Capabilities
 
WISER @Ferma Forum, 4-7 October 2015, Venice, Italy
WISER @Ferma Forum, 4-7 October 2015, Venice, ItalyWISER @Ferma Forum, 4-7 October 2015, Venice, Italy
WISER @Ferma Forum, 4-7 October 2015, Venice, Italy
 
Enisa and cyber security standards
Enisa and cyber security standardsEnisa and cyber security standards
Enisa and cyber security standards
 
Looking beyond 2020 IEEE – 13th System of Systems Engineering Conference - So...
Looking beyond 2020 IEEE – 13th System of Systems Engineering Conference - So...Looking beyond 2020 IEEE – 13th System of Systems Engineering Conference - So...
Looking beyond 2020 IEEE – 13th System of Systems Engineering Conference - So...
 

Mais de European Union Agency for Network and Information Security (ENISA)

Mais de European Union Agency for Network and Information Security (ENISA) (6)

The Internet of Things: Privacy and Security Issues
The Internet of Things: Privacy and Security IssuesThe Internet of Things: Privacy and Security Issues
The Internet of Things: Privacy and Security Issues
 
Power Supply Dependencies in the Electronic Communications Sector
Power Supply Dependencies in the Electronic Communications SectorPower Supply Dependencies in the Electronic Communications Sector
Power Supply Dependencies in the Electronic Communications Sector
 
Resilience of the Interdomain Routing System
Resilience of the Interdomain Routing System Resilience of the Interdomain Routing System
Resilience of the Interdomain Routing System
 
European Critical Internet Infrastructure: past, present and future challenges
European Critical Internet Infrastructure: past, present and future challengesEuropean Critical Internet Infrastructure: past, present and future challenges
European Critical Internet Infrastructure: past, present and future challenges
 
Trustworthy infrastructure for personal data management
Trustworthy infrastructure for personal data management Trustworthy infrastructure for personal data management
Trustworthy infrastructure for personal data management
 
Enisa internet mapping project-20130523
Enisa internet mapping project-20130523Enisa internet mapping project-20130523
Enisa internet mapping project-20130523
 

Último

New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...panagenda
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
Manual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditManual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditSkynet Technologies
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...AliaaTarek5
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 

Último (20)

New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
Manual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditManual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance Audit
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 

European priorities in information security

  • 1. European Union Agency for Network and Information Security www.enisa.europa.eu European priorities in information security Graeme Cooper Head of Public Affairs Unit, ENISA 12th International InfoSec and Data Storage Conference, 26th September 2013, Sheraton Hotel, Sofia, Bulgaria
  • 2. European Union Agency for Network and Information Security www.enisa.europa.eu 2 EU Cubersecurity Strategy - essential points “An Open, Safe and Secure Cyberspace” • The norms, principles and values that the EU upholds offline, should also apply online. • Cyberspace must be correctly protected: – Governments have a significant role in ensuring a free and safe cyberspace. – The private sector owns and operates significant parts of cyberspace and has a leading role. • Outside the EU, governments may misuse cyberspace for surveillance and control. – The EU can counter this situation by promoting freedom online and ensuring respect of fundamental rights online.
  • 3. European Union Agency for Network and Information Security www.enisa.europa.eu 3 Economic Arguments • By completing the Digital Single Market, Europe could boost its GDP by almost €500 billion a year. • For new connected technologies to take off citizens will need trust and confidence. – Currently, Europeans are not confident in their ability to use the Internet for banking or purchases. – They are also reluctant to disclose personal information. – Across the EU, more than one in ten Internet users has been a victim of online fraud. • The EU economy is already affected by cybercrime activities, economic espionage and state-sponsored activities are new threats.
  • 4. European Union Agency for Network and Information Security www.enisa.europa.eu 4 The Principles • The strategy proposes key principles to guide the EU and international approach: – The EU's core values apply as much in the digital as in the physical world. – Fundamental rights, freedom of expression, personal data and privacy should be protected. – The Internet should be accessible to all citizens. – The digital world must be subject to democratic and efficient multi-stakeholder governance. – Ensuring security is a shared responsibility.
  • 5. European Union Agency for Network and Information Security www.enisa.europa.eu 5 Strategic Priorities • The Five strategic objectives of the strategy are as follows: – Achieving cyber resilience – Drastically reducing cybercrime – Developing cyberdefence policy and capabilities related to the Common Security and Defence Policy (CSDP) – Developing the industrial and technological resources for cybersecurity – Establishing a coherent international cyberspace policy for the European Union and promoting core EU values ENISA explicitly called upon.
  • 6. European Union Agency for Network and Information Security www.enisa.europa.eu 6 Achieving Cyber Resilience • Introduces ENISA and explains the policy on NIS. • Makes reference to articles 13a & 13b. • Introduces the legislative proposal. • Stresses the importance of the following: – The establishment of a cybersecurity culture to enhance business opportunities and competitiveness. – Reporting significant incidents to the national NIS competent authorities. – Exchange of information between National NIS competent authorities and other regulatory bodies. – Recognises that exercises at EU level are essential to stimulate cooperation among the MS and the private sector.
  • 7. European Union Agency for Network and Information Security www.enisa.europa.eu 7 The Legislative Proposal • Key points: – Will help establish common minimum requirements for NIS at national level. – Requires Member States to designate national competent authorities for NIS, set up a competent CERT and adopt a national NIS strategy and a national NIS cooperation plan. – Explains the role of the CERT EU regarding the EU institutions, agencies and bodies. – Requires the establishment of coordinated prevention, detection, mitigation and response mechanisms. – Requires the private sector to develop, at a technical level, its own cyber resilience capacities and share best practices across sectors.
  • 8. European Union Agency for Network and Information Security www.enisa.europa.eu 8 Achieving Cyber Resilience (1 of 2) • In the area of cyber resilience, the EC asks ENISA to: – Assist the Member States in developing strong national cyber resilience capabilities. – Examine in 2013 the feasibility of Computer Security Incident Response Team(s) for Industrial Control Systems (ICS-CSIRTs) for the EU. – Continue supporting the Member States and the EU institutions in carrying out regular pan-European cyber incident exercises.
  • 9. European Union Agency for Network and Information Security www.enisa.europa.eu 9 Achieving Cyber Resilience (2 of 2) • Specifically in terms of raising awareness, the Commission asks ENISA to: – Propose in 2013 a roadmap for a "Network and Information Security driving licence". – Support a cybersecurity championship in 2014, where university students will compete in proposing NIS solutions.
  • 10. European Union Agency for Network and Information Security www.enisa.europa.eu 10 European Cybersecurity Month 2013 http://cybersecuritymonth.eu/
  • 11. European Union Agency for Network and Information Security www.enisa.europa.eu 11 Developing Resources • There is a risk that Europe becomes excessively dependent on ICT and on security solutions developed outside its frontiers. • Hardware and software components used in critical services and infrastructure must be trustworthy, secure and guarantee the protection of personal data. • In order to mitigate this risk, the strategy proposes two action areas: – Promoting a Single Market for cybersecurity products – Fostering R&D investments and innovation
  • 12. European Union Agency for Network and Information Security www.enisa.europa.eu 12 Single Market for Products • A high level of security can only be ensured if all in the value chain make security a priority. • The strategy aims to increase cooperation and transparency about security in ICT products: – It calls for the establishment of a platform to identify good cybersecurity practices across the value chain. • COM will support the development of security standards and assist with EU-wide voluntary certification schemes. – Cloud computing and data protection. – critical economic sectors - Industrial Control Systems, energy and transport infrastructure.
  • 13. European Union Agency for Network and Information Security www.enisa.europa.eu 13 R&D and Innovation • R&D should fill technology gaps in ICT security and prepare for the next generation of security. • The Horizon 2020 Framework Programme for Research and Innovation will be launched in 2014: – There are specific objectives for trustworthy ICT as well as for combating cyber-crime. • Specific attention will be drawn at EU level to optimising and better coordinating various funding programmes
  • 14. European Union Agency for Network and Information Security www.enisa.europa.eu 14 Developing Resources • The Commission asks ENISA to: – Develop, in cooperation with relevant stakeholders, technical guidelines and recommendations for the adoption of NIS standards and good practices in the public and private sectors. – Collaborate with Europol to identify emerging trends and needs in view of evolving cybercrime and cybersecurity patterns so as to develop adequate digital forensic tools and technologies.
  • 15. European Union Agency for Network and Information Security www.enisa.europa.eu 15 Further Involvement of ENISA • Although ENISA is not explicitly mentioned in the other strategic priorities, there is clearly a role for the Agency. • The EU Internal Security Strategy explains how ENISA should collaborate with the recently established EU Cyber Crime Centre. • We have a role in creating a strong culture of NIS throughout the EU. • This can only be achieved by bringing communities together and ensuring that information on NIS is shared between such communities in an appropriate manner.
  • 16. European Union Agency for Network and Information Security www.enisa.europa.eu 16 Concluding Remarks • Complex ICT systems keep our economies running in key sectors such as finance, health, energy, etc. • Many business models are built on the uninterrupted availability of the Internet and the smooth functioning of information systems • EC Recognises the importance of ICT in contributing to EUs economic growth and its role as a critical resource for all economic sectors • ENISA is already well established and contributing in many of the areas described in the EU proposal for an EU cybersecurity strategy.
  • 17. www.enisa.europa.eu Follow ENISA: European Union Agency for Network and Information Security Thank you. Graeme Cooper, Head of Public Affairs Unit, ENISA ENISA European Union Agency for Network and Information Security Science and Technology Park of Crete (ITE) Vassilika Vouton, 700 13, Heraklion, Greece Athens Office 1 Vass. Sofias & Meg. Alexandrou Marousi 151 24, Athens, Greece