1.
Enhancing cyber
defence of
cyber space systems
1
Dr. Nineta Polemi
Programme Manager- E.U. Policies
Directorate-General for Communications Networks,
Content and Technology
Cybersecurity and Digital Privacy Unit H.1

2.
Topics
 Introduction
 Cyber-attacks in Space ecosystem
 Security Management –Cyber Defence
 Cybersecurity Package- Cyber Space Technologies
& Infrastructures
 Conclusions and the way forward
2

3.
Introduction
3

4.
 In our days, most business and military activities
depend upon space technologies & space
infrastructures.
 Space attracts new companies and the "New
Space" will enhance the DSM.
 Space and cyberspace share common critical
assets e.g. networks, software, ICT components,
protocols
 The Space Strategy for Europe (2016) recognizes
the importance of cyber security threats to critical
European space infrastructure
4

5.
Security
Confidentiality
Making asset accessible only to
those authorized to use it
Integrity, Authenticity
Safeguarding accuracy,
identity, completeness of
asset + processing methods
Availability, Non-repudiation
Ensuring that asset is
available when required
and it is not denied
5

6.
 Loss of Availability
DoS , wiretapping, key stealth, insertion, session hijacking,
network routing, hidden channel
 Loss of Integrity
Key guessing, cryptanalytic attacks
Loss of Authenticity
unauthorized access, site impersonation
client-system intrusion (viral infection, backdoor
installation, infor-mation stealing, forged/unvoluntary user
actions, command execution)
 Loss of Confidentiality
Espionage, data & information breach
 Loss of Non-repudiation
key guessing, cryptanalytic attacks
Cyber threats Cyber attacks

7.
Cyber Threats in Space
7
""Protecting satellites from cyber-attacks
isn’t getting any easier"
SpaceNews— March 9, 2017

8.
Cyber- Attacks on
Satellites
 Signals jamming, monitoring (between
satellites and receivers or between transmitting
ground stations and satellites)
• Spoofing manipulates the information and thus
reduces its integrity
• DoS by interrupting electrical power to the space
ground nodes
• .......
• Impacts of Attacks: take control of the satellite,
shut it down, alter its orbit 8

9.
Cyber-attacks in space infrastructures
• Space Critical Information Infrastructures
(CII) can face physical and cyber-attacks at all
levels (networks, ICT systems/equipment,
services, processes)
• Impact of Attacks: destroy space control,
operations, missions, services
9

10.
Cyber-attacks in space software
 Back doors for espionage or sabotage
 Unencrypted data
 Insecure protocols
 Exploitable software flaws
 …..
Space operations and services are global supply
chain services and the propagation rate of a cyber-
attack may catastrophically impact the whole
world!!!!
10

11.
Cyber Risk Assessment -
Security Management
11

12.
Risk Assessment
risk
Vulnera
bility
Threat
Impact
Controls/
countermeasures
risk
Risk Management

13.
13

14.
Security Management (SM)
Risk Management (RM)
Risk Assessment (RA)
Context
Establishment
General
considerations
Basic Criteria
Scope &
boundaries
Organization
for RM
Risk
Identification
Identification
of assets
Identification
of threats
Identification
of existing
controls
Identification
of
vulnerabilities
Identification
of impacts
Risk
Estimation
Selection of
risk
assessment
methodology
Assessment of
threat level
Assessment of
impact level
Risk level
estimation
Risk
Treatment
Categorize
risks
Select controls
Implement
controls
Evaluate-
controls
Security
Reporting
Monitor/Adjust
SLA security
management
Internal/External
Audit
Training
Recommendations

15.
Cyber Defence
15

16.
16

17.
Cyber security directives
and standards
17

18.
18
• CIIP Directive (2012) Critical information infrastructure
protection: towards global cyber-security
• The Cybersecurity Strategy for the European Union (2013)
and the European Agenda on Security (2015) provide the
overall strategic framework for the EU initiatives on
cybersecurity/cybercrime.
• eIDAS Regulation (2014) on electronic identification and
trust services for e-transactions in the internal market.
• cPPP Initiative 2015 ensures that Europe will have a
dynamic, efficient market in cybersecurity products /
services.
• Directive (EU) 2016/1148 (NIS) sets obligations: national
strategies, CSIRT, requirements for operators, national
competent authorities.
EU Cyber Security policies

19.
Cyber security standards
 ISO/IEC 27001:2005 followed by draft ISO/IEC 27001:2013
(building a SM system)
 ISO/IEC 27005:2011 (provides guidelines for information
security risk management)
 ISO 31000:2009 - Principles and Guidelines on
Implementation
 ISO/IEC 31010:2009 - Risk Management - Risk Assessment
Techniques
 ISO/IEC 27002:2005 (best practice recommendations)
 AS/NZS 4360:2004 (Australian/New Zeland standard for RM)
• Supported by a variety of methodologies (see ENISA
repository) and guidelines (ENISA report 2017 "Technical Guidelines for
the implementation of minimum security measures for Digital Service
Providers").
19

20.
1. ISO 28000:2007 on Specification for security management systems
for the SC;
2. ISO 28001:2007 on Security management systems for SC– Best
practices for implementing SC security);
3. ISO 28003:2007 on Security management systems for the SC-
Requirements for auditors of SC security management systems;
4. ISO 28004:2007 on Security management systems for the SC–
Guidelines for the implementation of ISO 28000.
ISO Supply Chain (SC) security
standards

21.
Cybersecurity Package
21

22.
Building EU Resilience to
cyber attacks
Reformed ENISA
EU cybersecurity Certification
Framework
NIS Directive Implementation
Rapid emergency response –
Blueprint & Cybersecurity
Emergency Response Fund
Cybersecurity competence network
with a European Cybersecurity
Research and Competence Centre
Building strong EU cyber skills base,
improving cyber hygiene and
awareness
Creating effective
EU cyber deterrence
Identifying malicious actors
Stepping up the law
enforcement response
Stepping up public-private
cooperation against cybercrime
Stepping up political response
Building cybersecurity deterrence
through the Member States' defence
capability
Strengthening
international cooperation
on cybersecurity
Promoting global cyber stability and
contributing to Europe's strategic
autonomy in cyberspace
Strengthening cyber dialogues
Modernising export controls,
including for critical cyber-
surveillance technologies
Continue rights-based capacity
building model
Deepen EU-NATO cooperation on
cybersecurity, hybrid threats
and defence
22
Cybersecurity
Act
Communication
Recommendation

23.
ENISA: towards a reformed EU
Cybersecurity Agency
23
Be an independent centre
of expertise
Promote cooperation
&coordination at Union level
Promote high level of
awareness of citizens
& businesses
Support
capacity building &
preparedness
Assist EU Institutions/
MSs in policy
development
& implementation
Increase
cybersecurity
capabilities at Union
level to complement
MSs action
Promote the use of certification &
contribute to the cybersecurity
certification framework
Contribute
to high
Cybersecurity

24.
ICT cybersecurity certification
• The issue
• The digitalisation of our society generates greater need for cyber secure
products and services
• Cybersecurity certification plays an important role in increasing trust of
digital products and services
Current landscape
• emergence of separate national initiatives lacking mutual recognition
(e.g. France, UK, Germany, Netherlands, Italy)
• Current European mechanisms (SOG-IS MRA) have limited membership
(12 MSs), involve high costs and long duration

25.
ENISA
Prepares
candidate
scheme
ECCG
Advises and
assists
preparation
ENISA
Consults Industry
& Standardization
Bodies
ENISA
Transmits
candidate
scheme to the
European
Commission
European
Commission
Adopts
Candidate
Scheme
A European
Cybersecurity
Certification
Scheme
European
Commission
Requests ENISA
to prepare a
Candidate
Scheme
European Cybersecurity
Certification Group (MSs)
Advices ENISA or may propose
the preparation of a scheme to
the Commission
How will the certification framework work in practice
In a nutshell: EC proposes & decides, Group advices (and may propose), ENISA prepares schemes

26.
1. Blueprint - Recommendation on Coordinated Response to Large Scale
Cybersecurity Incidents and Crises (COM(2017) 6100).
2. ENISA (COM(4776/2)) - Tasks relating to operational cooperation at
Union level
• The Agency shall contribute to develop a cooperative response, at
Union and Member States level, to large-scale cross-border incidents
or crises related to cybersecurity
3. Cybersecurity Emergency Response Fund - Joint Communication
"Resilience, Deterrence and Defence: Building strong cybersecurity for the
EU", JOIN(2017) 450/1
3 lines of actions for improving resilience:

27.
A cybersecurity competence
network with a European
Cybersecurity Research and
Competence Centre
• Reinforcing EU's cybersecurity technologic
capabilities and skills

28.
28
European
Cybersecurity
Research and
Competence
network &
Centre
MS
cybersecurity
competence
centre
MS
cybersecurity
competence
centre
MS
cybersecurity
competence
centre
MS
cybersecurity
competence
centre
MS
cybersecurity
competence
centre
MS
cybersecurity
competence
centre
MS
cybersecurity
competence
centre
MS
cybersecurity
competence
centre
MS
cybersecurity
competence
centre
MS
cybersecurity
competence
centre
MS
cybersecurity
competence
centre
MS
cybersecurity
competence
centre
MS
cybersecurity
competence
centre
MS
cybersecurity
competence
centre
MS
cybersecurity
competence
centre
Idea in a nutshell
•Builds on the work of Member States and
the cPPP to:
•Stimulate development and deployment
of technology in cybersecurity
•Give impetus to innovation and
competitiveness of the EU industry on the
global scene in the development of next-
generation digital technologies (AI,
quantum computing, block chain, secure
digital identities)
•Support industry through testing and
simulation to underpin the cybersecurity
certification
•Complement skills development efforts at
EU and national level
•In the second phase - stimulate synergies
between civilian and defence markets
that share common challenges

29.
Making the Most of NIs
• Core elements of the Communication
Presenting key conclusions of the analysis of the issues covered in the
Annex, which are seen as important points of reference and potential
inspiration from the point of view of the transposition into national law.
 Accompanied by an Annex with practical suggestions
• Based on good practices and recommendations issued by ENISA
• Examples from Member States
• Interpretation of Directive's provisions and of how they would work in
practice

30.
Conclusions
• Space and cyber space ecosystems are merging
• Cyber secure space systems, technologies and
infrastructures can be regarded as a strategic
opportunity to:
 enhance the DSM in connection to "New Space",
 guarantee mission assurance for space assets ,
 enhance cyber defence operations.
• The cyber security community & the space
community need to collaborate and get prepared to
defend all space assets against the growing
sophisticated cyber-attacks.

31.
Next Steps
• Build (national, EU, international) synergies
between space and cyber security stakeholders.
• Develop mutually agreed mitigation
frameworks for space-cyber risks, compliant
with:
 EU strategies/policies (e.g. Space Strategy for
Europe 2016/2325(INI), Common Security and
Defence Policy –CSDP-, Decision No
541/2014/EU),
 directives (e.g. NIS, GDPR); COM(2017)294;
COM(2017)477
 international standards (e.g. ISO27005).
31

32.
• Thank you for your attention
• Nineta.POLEMI@ec.europa.eu
32