ENISA Cooperation in the EU / NIS Directive

Size: px
Start display at page:

Download "ENISA Cooperation in the EU / NIS Directive"

Transcription

1 ENISA Cooperation in the EU / NIS Directive Paulo Empadinhas Head of Administration & Stakeholders Relations IT STAR Milan, Italy 28 th October 2016 European Union Agency for Network and Information Security

2 The EU Cyber Security Agency Securing Europe s Information Society 2

3 Positioning ENISA activities 3

4 Agenda 1 ENISA, NCSS and the NIS Directive 2 Critical Information Infrastructure Protection 3 Building Capabilities on Cyber Security 4 Security in emerging technologies 5 Conclusion 4

5 EU Policy Context ENISA II new mandate eidas Directive article 19 EU Cyber Security Strategy (COM) The NIS Directive EU Cloud Computing Strategy and Partnership (COM) EU s CIIP action plan Telecom Package article 13 a, art. 4 5

6 The NIS Directive National Cyber Security Strategies Cloud Computing Services Online Marketplaces Digital Service Providers Strategic Cooperation Group Incident Reporting Security Requirements Operators of Essential Services Transport Energy and Drinking water supply and distribution Healthcare Search Engines Tactical/Operational CSIRTs Network Banking and Financial market infrastructures About the NIS Directive Digital Infrastructure (DNS, IXPs, TLD) 6

7 National Cyber Security Strategies 25 NCSS in EU; a few under development Effective cooperation between public stakeholders Overlaps in mandates Lack of resources Evaluation of NCSS is an issue 7

8 ENISA Supports the MSs ENISA NCSS EU map ENISA REPORTS E Learning & Workshops ENISA NCSS Expert Group & Art.14 Requests 8

9 NCSS Lifecycle NCSS Secure Infrastructure and Services Unit ENISA 9

10 Strategic Objectives of NCSS 10

11 ENISA supporting Critical Sectors

12 Critical Sectors in the EU Critical Sectors identified by 17 examined Member States and 1 EFTA. Energy Transport ICT Water Financial Health Public & Legal Order Civil Admin. Chemical & Nuclear Industry Space & Research

13 CIIP Governance EU Member States Three profiles of CIIP-governance Centralised approach Decentralised approach Co-regulation with private sector Centralised characteristics Central authority across sectors. Comprehensive legislation Examples: France Public Agency Public Agency Public Agency Principle of subsidiarity. Strong cooperation between public agencies. Sector-specific legislation. Example : Sweden Public Agency Decentralised characteristics Council Public Agency Institutionalised cooperation with the private sector Horizontal relationship between public and private parties Example: The Netherlands Public Agency Co-regulation characteristics PPP Private Actors Sector Sector Sector Sector Sector Sector 13

14 Key findings in EU MS s CIIP Governance Public-private Cooperation Incident Reporting Cooperation between private and public stakeholders 2 Ten out of 18 examined countries have developed partnerships with private actors 6 10 Trend towards more institutionalised forms of cooperation with the private stakeholders PPP Working groups (or similar) Informal All sectors Security Incident Reporting Only five of 17 examined countries have established mandatory incident reporting across all sectors 10 All Member States have implemented mandatory incident reporting in the telecommunications 2 sector Limited to specific sectors None Other important sectors: Finance, Energy, Public Administration 14

15 Critical Information Infrastructure Protection in Europe: ENISA s efforts Communication networks: Critical information Infrastructure and Internet Infrastructure ICS SCADA Smart grids ehealth Finance Transport 15

16 Cybersecurity in the energy sector Increasing interest by MSs in securing national power grids Smart grid is the future energy infrastructure EECSP ENISA has established relationships with Public sector(ceer, ACER, ENER) Private sector(ee-isac) ENISA keeps active two SG: EuroSCSIE EICS Key messages Sharing experiences and deploying good practices improves the situation More involvement by energy utilities and NRAs is required CIIP Secure Infrastructure and Services Unit ENISA 16

17 Incident Reporting for the Telecom Sector Article 13a of the Framework Directive (2009/140/EC), is introduced in the 2009 reform of the EU regulatory framework for electronic communications. Art. 13a addresses security and integrity of public electronic communications networks and services (availability of the service). Art. 13a of Telecom Package: Expert Group with all NRAs (EU and EFTA) & EC Non-binding technical guidelines (strong adoption among MS) 4 years of success annual reporting from Telecoms to NRAs and then to ENISA and EC Impact evaluation available March More incident reporting schemes: Article 4 on data breaches - Telecom Package Article 19 on breaches of trust services - eidas NIS Directive (affecting many sectors) 17

18 Total reported incidents (numeric) Impact on services (percentage) Fixed telephony Fixed internet Mobile telephony Mobile internet 18

19 Cyber Security for ICS SCADA EuroSCSIE ICS Security Stakeholder Group Protecting Industrial Control Systems. Recommendations for Europe and Member States Can we learn from SCADA security incidents? Window of exposure a real problem for SCADA systems? Good Practices for an EU ICS Testing Coordination Capability Certification of Cyber Security skills of ICS/SCADA professionals In 2015 ENISA developed a study on ICS SCADA maturity models 19

20 Cyber Security of Finance Sector Challenges Unclear regulatory and policy environment Not enough awareness on challenges coming from new technologies by industry and regulatory authorities Implementation of NIS directive in the Finance Sector - Minimum security measures - Incident reporting - Information sharing Recommendations EU wide harmonization of legal and regulatory requirements Bridge the knowledge and awareness gap on cyber security of new technologies Good practices and guidelines in the area of NIS Next steps Cooperate with regulators to harmonize the requirements - for Cloud adoption in finance - Incident reporting and security measures Help raise awareness for cyber security challenges on new technologies Promote good practices in incident reporting, certifications 20

21 ehealth Cyber Security Challenges Electronic Health Records are one of the most critical systems in all MS There is no specific regulation on the protection of critical ehealth infrastructures; either the general IT law applies or there is no provision Cross border incidents remain a grey area for the MS as there are no specific guidelines for information exchange Recommendations Identify and classify the critical ehealth infrastructures in national level Introduce cyber security guidelines for the protection of the critical ehealth infrastructures Invest on an incident reporting scheme and minimum security measures for ehealth organisations Next steps Smart Hospitals: Cyber Security Threats Healthcare and Cloud Computing 21

22 Conclusions Cyber attacks on CIIs is now the norm than a future trend. Failure to detect threats is often more costly than false alarms. MS and private sector, with the assistance of ENISA, should co-operate to protect CIIs sharing experiences and information developing and deploying good practices co-operate with NRAs to achieve EU wide harmonization of EU regulations 4 Collaboration is Everything. 22

23 Thankyou PO Box 1309, Heraklion, Greece Tel: Presentation Title Speaker Name ( To edit click Insert/ Header & footer)

European Union Agency for Network and Information Security

European Union Agency for Network and Information Security Critical Information Infrastructure Protection in the EU Evangelos Ouzounis Head of Secure Infrastructure and Services Regional Cybersecurity Forum Sofia, Bulgaria 29 th November 2016 European Union Agency

More information

Enhancing the security of CIIPs in Europe - ENISA s Approach Dimitra Liveri Network and Information Security Expert

Enhancing the security of CIIPs in Europe - ENISA s Approach Dimitra Liveri Network and Information Security Expert Enhancing the security of CIIPs in Europe - ENISA s Approach Dimitra Liveri Network and Information Security Expert European Union Agency For Network And Information Security Securing Europe s Information

More information

cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services

cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services Enhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services European Union Agency for Network and Information Security Securing Europe s Information society 2

More information

Securing Europe s IoT Devices and Services

Securing Europe s IoT Devices and Services Securing Europe s IoT Devices and Services Dr. Evangelos OUZOUNIS Head of Unit - Secure Infrastructure and Services Validation Workshop Berlin 16 October 2015 European Union Agency for Network and Information

More information

Discussion on MS contribution to the WP2018

Discussion on MS contribution to the WP2018 Discussion on MS contribution to the WP2018, 30 January 2018 European Union Agency for Network and Information Security Possibilities for MS contribution to the WP2018 Expert Groups ENISA coordinates several

More information

The NIS Directive and Cybersecurity in

The NIS Directive and Cybersecurity in The NIS Directive and Cybersecurity in ehealth Dr. Athanasios Drougkas Officer in NIS Belgian Hospitals Meeting on Security Brussels 13 th October European Union Agency For Network And Information Security

More information

New cybersecurity landscape in the EU Sławek Górniak 9. CA-Day, Berlin, 28th November 2017

New cybersecurity landscape in the EU Sławek Górniak 9. CA-Day, Berlin, 28th November 2017 in the EU Sławek Górniak 9. CA-Day, Berlin, 28th November 2017 European Union Agency for Network and Information Security Positioning ENISA activities CAPACITY Hands on activities POLICY Support MS & COM

More information

ENISA EU Threat Landscape

ENISA EU Threat Landscape ENISA EU Threat Landscape 24 th February 2015 Dr Steve Purser ENISA Head of Department European Union Agency for Network and Information Security www.enisa.europa.eu Agenda ENISA Areas of Activity Key

More information

cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services

cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services Enhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services European Union Agency for Network and Information Security Securing Europe s Information society 2

More information

Cyber Security in Europe

Cyber Security in Europe Cyber Security in Europe ENISA supporting the National Cyber Security Strategies An evaluation framework Liveri Dimitra Security and Resilience of Communication Networks Officer www.enisa.europa.eu Securing

More information

The Network and Information Security Directive - ENISA's contribution

The Network and Information Security Directive - ENISA's contribution The Network and Information Security Directive - ENISA's contribution Konstantinos Moulinos Information Security Expert 3rd IMPROVER- ERNCIP Operators Workshop Lisbon 23.05.2018 European Union Agency for

More information

The Role of ENISA in the Implementation of the NIS Directive Anna Sarri Officer in NIS CIP Workshop Vienna 19 th September 2017

The Role of ENISA in the Implementation of the NIS Directive Anna Sarri Officer in NIS CIP Workshop Vienna 19 th September 2017 The Role of ENISA in the Implementation of the NIS Directive Anna Sarri Officer in NIS CIP Workshop Vienna 19 th September 2017 European Union Agency for Network and Information Security Positioning ENISA

More information

Enhancing the cyber security &

Enhancing the cyber security & Enhancing the cyber security & resilience of transport infrastructure in Europe European Union Agency for Network and Information Security Securing Europe s Information society 2 Positioning ENISA activities

More information

NIS Standardisation ENISA view

NIS Standardisation ENISA view NIS Standardisation ENISA view Dr. Steve Purser Brussels, 19 th September 2017 European Union Agency for Network and Information Security Instruments For Improving Cybersecurity Policy makers have a number

More information

Network and Information Security Directive

Network and Information Security Directive Network and Information Security Directive Provisions + ENISA s activities Dr Evangelos Ouzounis Head of Secure Infrastructure and Services Unit, ENISA European Union Agency for Network and Information

More information

Call for Expressions of Interest

Call for Expressions of Interest Call for Expressions of Interest ENISA M/CEI/17/T01 Experts for assisting in the implementation of the annual ENISA Work Programme TECHNICAL DESCRIPTION CONTENTS TECHNICAL DESCRIPTION... 3 1. INTRODUCTION...

More information

Cyber Security in Europe and CEER s new PEER initiative

Cyber Security in Europe and CEER s new PEER initiative NARUC-CEER International Forum, 27 April 2017, Arlington, Virginia Cyber Security in Europe and CEER s new PEER initiative Lord Mogg, CEER President Outline New EU legislativedevelopments: NIS Directive

More information

Package of initiatives on Cybersecurity

Package of initiatives on Cybersecurity Package of initiatives on Cybersecurity Presentation to Members of the IMCO Committee Claire Bury Deputy Director-General, DG CONNECT Brussels, 12 October 2017 Building EU Resilience to cyber attacks Creating

More information

ENISA s Position on the NIS Directive

ENISA s Position on the NIS Directive ENISA s Position on the NIS Directive 1 Introduction This note briefly summarises ENISA s position on the NIS Directive. It provides the background to the Directive, explains its significance, provides

More information

NIS-Directive and Smart Grids

NIS-Directive and Smart Grids NIS-Directive and Smart Grids Workshop on European Smart Grid Cybersecurity: Emerging Threats and Countermeasures Marie Holzleitner Table of Content Aims & Objectives Affected Parties Selected Requirements

More information

Infrastructures and Service Dimitra Liveri Network and Information Security Expert, ENISA

Infrastructures and Service Dimitra Liveri Network and Information Security Expert, ENISA Security and resilience for ehealth Infrastructures and Service Dimitra Liveri Network and Information Security Expert, ENISA European Union Agency For Network And Information Security Securing Europe

More information

The emerging EU certification framework: A role for ENISA Dr. Andreas Mitrakas Head of Unit EU Certification Framework Conference Brussels 01/03/18

The emerging EU certification framework: A role for ENISA Dr. Andreas Mitrakas Head of Unit EU Certification Framework Conference Brussels 01/03/18 The emerging EU certification framework: A role for ENISA Dr. Andreas Mitrakas Head of Unit EU Certification Framework Conference Brussels 01/03/18 European Union Agency for Network and Information Security

More information

Cyber Security Beyond 2020

Cyber Security Beyond 2020 Paulo Empadinhas Steve Purser NLO meeting ENISA Athens 26/04/2017 European Union Agency for Network and Information Security Main findings ENISA s current tasks and product portfolio shall be retained.

More information

The EU Cybersecurity Package: Implications for ENISA Dr. Steve Purser Head of ENISA Core Operations Athens, 30 th January 2018

The EU Cybersecurity Package: Implications for ENISA Dr. Steve Purser Head of ENISA Core Operations Athens, 30 th January 2018 The EU Cybersecurity Package: Implications for ENISA Dr. Steve Purser Head of ENISA Core Operations Athens, 30 th January 2018 European Union Agency for Network and Information Security Outline 1. Cybersecurity

More information

Securing Europe's Information Society

Securing Europe's Information Society Securing Europe's Information Society Dr. Udo Helmbrecht Executive Director European Network and Information Security Agency 16 June 2010 FIRST AGM Miami 16/6/2010 1 Agenda ENISA overview Challenges EU

More information

Directive on security of network and information systems (NIS): State of Play

Directive on security of network and information systems (NIS): State of Play Directive on security of network and information systems (NIS): State of Play Svetlana Schuster Unit H1 Cybersecurity and Digital Privacy DG Communications Networks, Content and Technology, European Commission

More information

Cybersecurity Strategy of the Republic of Cyprus

Cybersecurity Strategy of the Republic of Cyprus Cybersecurity Strategy of the Republic of Cyprus George Michaelides Commissioner of Electronic Communications and Postal Regulation http://www.ocecpr.org.cy 12 th February 2016 Cybersecurity Strategy of

More information

ENISA & Cybersecurity. Steve Purser Head of Technical Competence Department December 2012

ENISA & Cybersecurity. Steve Purser Head of Technical Competence Department December 2012 ENISA & Cybersecurity Steve Purser Head of Technical Competence Department December 2012 Agenda Protecting Critical Information Infrastructure Input to EU & MS Cyber Security Strategies Assisting Operational

More information

Cybersecurity & Digital Privacy in the Energy sector

Cybersecurity & Digital Privacy in the Energy sector ENERGY INFO DAYS Brussels, 25 October 2017 Cybersecurity & Digital Privacy in the Energy sector CNECT.H1 Cybersecurity & Digital Privacy, DG CNECT ENER.B3 - Retail markets; coal & oil, DG ENER European

More information

Enhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services

Enhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services Enhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services European Union Agency for Network and Information Security Securing Europe s Information society 2

More information

Valérie Andrianavaly European Commission DG INFSO-A3

Valérie Andrianavaly European Commission DG INFSO-A3 Security and resilience in the Information Society: towards a CIIP policy in the EU Valérie Andrianavaly European Commission DG INFSO-A3 valerie.andrianavaly@ec.europa.eu Network and information security:

More information

Technical guidelines implementing eidas

Technical guidelines implementing eidas Technical guidelines implementing eidas Sławek Górniak CA/Day Berlin 19 th September 2016 European Union Agency for Network and Information Security About ENISA 2 Positioning ENISA activities 3 ENISA and

More information

EU policy on Network and Information Security & Critical Information Infrastructures Protection

EU policy on Network and Information Security & Critical Information Infrastructures Protection EU policy on Network and Information Security & Critical Information Infrastructures Protection Köln, 10 March 2011 Valérie ANDRIANAVALY European Commission Directorate General Information Society and

More information

13967/16 MK/mj 1 DG D 2B

13967/16 MK/mj 1 DG D 2B Council of the European Union Brussels, 4 November 2016 (OR. en) 13967/16 'I/A' ITEM NOTE From: To: General Secretariat of the Council No. prev. doc.: 11911/3/16 REV 3 No. Cion doc.: 11013/16 Subject:

More information

Introductory Speech to the Ramboll Event on the future of ENISA. Speech by ENISA s Executive Director, Prof. Dr. Udo Helmbrecht

Introductory Speech to the Ramboll Event on the future of ENISA. Speech by ENISA s Executive Director, Prof. Dr. Udo Helmbrecht Introductory Speech to the Ramboll Event on the future of ENISA Speech by ENISA s Executive Director, Prof. Dr. Udo Helmbrecht BRUSSELS 22 ND MARCH 2017 www.enisa.europa.eu European Union Agency For Network

More information

NIS Directive development The Incident Notification Framework

NIS Directive development The Incident Notification Framework NIS Directive development The Incident Notification Framework Dan Tofan #certcon 30.10.2017 Bucharest European Union Agency for Network and Information Security Topics 01 NISD Short Intro 02 The incident

More information

COMMISSION STAFF WORKING DOCUMENT EXECUTIVE SUMMARY OF THE IMPACT ASSESSMENT. Accompanying the document

COMMISSION STAFF WORKING DOCUMENT EXECUTIVE SUMMARY OF THE IMPACT ASSESSMENT. Accompanying the document EUROPEAN COMMISSION Strasbourg, 7.2.2013 SWD(2013) 31 final COMMISSION STAFF WORKING DOCUMENT EXECUTIVE SUMMARY OF THE IMPACT ASSESSMENT Accompanying the document Proposal for a Directive of the European

More information

Achieving Global Cyber Security Through Collaboration

Achieving Global Cyber Security Through Collaboration Achieving Global Cyber Security Through Collaboration Steve Purser Head of Core Operations Department December 2013 European Union Agency for Network and Information Security www.enisa.europa.eu Agenda

More information

Promoting Global Cybersecurity

Promoting Global Cybersecurity Promoting Global Cybersecurity Presented to ITU-T Study Group 17 Geneva, Switzerland 6 October 2005 Robert Shaw ITU Internet Strategy and Policy Advisor ITU Strategy and Policy Unit 1 Agenda Critical Infrastructures

More information

Security and resilience in the Information Society: the role of CERTs/CSIRTs in the context of the EU CIIP policy

Security and resilience in the Information Society: the role of CERTs/CSIRTs in the context of the EU CIIP policy Security and resilience in the Information Society: the role of CERTs/CSIRTs in the context of the EU CIIP policy Andrea Glorioso European Commission DG INFSO-A3 Andrea.Glorioso@ec.europa.eu Network and

More information

WORK PROGRAMME 2015 INCLUDING MULTI-ANNUAL PLANNING

WORK PROGRAMME 2015 INCLUDING MULTI-ANNUAL PLANNING DECISION No MB/2014/12 of the Management Board of the European Union Agency for Network and Information Security WORK PROGRAMME 2015 INCLUDING MULTI-ANNUAL PLANNING (Adopted at the MB Meeting on 28 October

More information

CONCLUSIONS OF THE WESTERN BALKANS DIGITAL SUMMIT APRIL, SKOPJE

CONCLUSIONS OF THE WESTERN BALKANS DIGITAL SUMMIT APRIL, SKOPJE CONCLUSIONS OF THE WESTERN BALKANS DIGITAL SUMMIT 2018 18-19 APRIL, SKOPJE CONCLUSIONS OF THE WESTERN BALKANS DIGITAL SUMMIT 2018 At the Trieste Western Balkans Summit, we stressed the importance of the

More information

The Digitalisation of Finance

The Digitalisation of Finance Speech by ENISA s Executive Director, Prof. Dr. Udo Helmbrecht Annual Conference on the Digitalisation of Finance organised by CEPS BRUSSELS, BELGIUM JUNE 2018 www.enisa.europa.eu European Union Agency

More information

IoT and Smart Infrastructure efforts in ENISA

IoT and Smart Infrastructure efforts in ENISA IoT and Smart Infrastructure efforts in ENISA Dr. Dan Tofan IoT workshop BEREC 01.02.2017, Brussels European Union Agency for Network and Information Security Everything becomes connected Manufacturers

More information

EISAS Enhanced Roadmap 2012

EISAS Enhanced Roadmap 2012 [Deliverable November 2012] I About ENISA The European Network and Information Security Agency (ENISA) is a centre of network and information security expertise for the EU, its Member States, the private

More information

Cybersecurity in the EU Steve Purser Head of Operational Departments, ENISA Regional Cybersecurity Forum Sofia, Bulgaria 29 th November 2016 European

Cybersecurity in the EU Steve Purser Head of Operational Departments, ENISA Regional Cybersecurity Forum Sofia, Bulgaria 29 th November 2016 European Cybersecurity in the EU Steve Purser Head of Operational Departments, ENISA Regional Cybersecurity Forum Sofia, Bulgaria 29 th November 2016 European Union Agency for Network and Information Security Positioning

More information

Directive on Security of Network and Information Systems

Directive on Security of Network and Information Systems European Commission - Fact Sheet Directive on Security of Network and Information Systems Brussels, 6 July 2016 Questions and Answers The European Parliament's plenary adopted today the Directive on Security

More information

ENISA S WORK ON ICS AND SMART GRID SECURITY

ENISA S WORK ON ICS AND SMART GRID SECURITY AMSTERDAM, OCTOBER 15, 2012 ENISA S WORK ON ICS AND SMART GRID SECURITY Dr. Evangelos OUZOUNIS Head of CIIP & Resilience Unit ENISA 1 Why is it important? Industrial networks is the CI for the SCADA and

More information

The European Policy on Critical Information Infrastructure Protection (CIIP) Andrea SERVIDA European Commission DG INFSO.A3

The European Policy on Critical Information Infrastructure Protection (CIIP) Andrea SERVIDA European Commission DG INFSO.A3 The European Policy on Critical Information Infrastructure Protection (CIIP) Andrea SERVIDA European Commission DG INFSO.A3 Andrea.Servida@ec.europa.eu What is at stake with CIIs The World Economic Forum

More information

COUNCIL OF THE EUROPEAN UNION. Brussels, 24 May /13. Interinstitutional File: 2013/0027 (COD)

COUNCIL OF THE EUROPEAN UNION. Brussels, 24 May /13. Interinstitutional File: 2013/0027 (COD) COUNCIL OF THE EUROPEAN UNION Brussels, 24 May 2013 Interinstitutional File: 2013/0027 (COD) 9745/13 TELECOM 125 DATAPROTECT 64 CYBER 10 MI 419 CODEC 1130 NOTE from: Presidency to: Delegations No. Cion

More information

Security Aspects of Trust Services Providers

Security Aspects of Trust Services Providers Security Aspects of Trust Services Providers Please replace background with image European Union Agency for Network and Information Security 24 th September 2013 www.enisa.europa.eu Today s agenda 09:30-10:00

More information

ENISA activities in ICT security certification Dr. Prokopios Drogkaris NIS Expert NLO Meeting Athens

ENISA activities in ICT security certification Dr. Prokopios Drogkaris NIS Expert NLO Meeting Athens ENISA activities in ICT security certification Dr. Prokopios Drogkaris NIS Expert NLO Meeting Athens 30.01.2018 European Union Agency for Network and Information Security What are these symbols anyway?

More information

ENISA & Cybersecurity. Dr. Udo Helmbrecht Executive Director, European Network & Information Security Agency (ENISA) 25 October 2010

ENISA & Cybersecurity. Dr. Udo Helmbrecht Executive Director, European Network & Information Security Agency (ENISA) 25 October 2010 ENISA & Cybersecurity Dr. Udo Helmbrecht Executive Director, European Network & Information Security Agency (ENISA) 25 October 2010 Agenda Some Definitions Some Statistics ENISA & Cybersecurity Conclusions

More information

A Strategy for a secure Information Society Dialogue, Partnership and empowerment

A Strategy for a secure Information Society Dialogue, Partnership and empowerment A Strategy for a secure Information Society Dialogue, Partnership and empowerment Gerard.Galler@ec.europa.eu European Commission DG Information Society & Media Unit INFSO/A3: Internet; Network & Information

More information

2017 ANNUAL TRUST SERVICES SECURITY INCIDENTS ANALYSIS. ENISA Article 19 Team

2017 ANNUAL TRUST SERVICES SECURITY INCIDENTS ANALYSIS. ENISA Article 19 Team 2017 ANNUAL TRUST SERVICES SECURITY INCIDENTS ANALYSIS ENISA Article 19 Team 23 10 2018 GENERAL MODEL SECURITY SUPERVISION Market operators/providers assess security risks, take appropriate measures, and

More information

European Union Agency for Network and Information Security

European Union Agency for Network and Information Security Towards a Digital Single Market for NIS products and services Dr. Athanasios Drougkas and Ms. Dimitra Liveri ENISA ENISA Validation Workshop Brussels 12 October 2016 European Union Agency for Network and

More information

Technology's role in General Data Protection Regulation Dr. Prokopios Drogkaris Officer in NIS SECPRE 2017 Oslo

Technology's role in General Data Protection Regulation Dr. Prokopios Drogkaris Officer in NIS SECPRE 2017 Oslo Technology's role in General Data Protection Regulation Dr. Prokopios Drogkaris Officer in NIS SECPRE 2017 Oslo 15.9.2017 European Union Agency for Network and Information Security Fighting fraud in school

More information

Brussels, 19 May 2011 COUNCIL THE EUROPEAN UNION 10299/11 TELECOM 71 DATAPROTECT 55 JAI 332 PROCIV 66. NOTE From : COREPER

Brussels, 19 May 2011 COUNCIL THE EUROPEAN UNION 10299/11 TELECOM 71 DATAPROTECT 55 JAI 332 PROCIV 66. NOTE From : COREPER COUNCIL OF THE EUROPEAN UNION Brussels, 19 May 2011 10299/11 TELECOM 71 DATAPROTECT 55 JAI 332 PROCIV 66 NOTE From : COREPER To: COUNCIL No Cion. prop.: 8548/11 TELECOM 40 DATAPROTECT 27 JAI 213 PROCIV38

More information

Information sharing in the EU policy on NIS & CIIP. Andrea Servida European Commission DG INFSO-A3

Information sharing in the EU policy on NIS & CIIP. Andrea Servida European Commission DG INFSO-A3 Information sharing in the EU policy on NIS & CIIP Andrea Servida European Commission DG INFSO-A3 Andrea.Servida@ec.europa.eu COM(2006) 251 - Towards a secure Information Society DIALOGUE structured and

More information

European Cybersecurity PPP European Cyber Security Organisation - ECSO November 2016

European Cybersecurity PPP European Cyber Security Organisation - ECSO November 2016 European Cybersecurity PPP European Cyber Security Organisation - ECSO November 2016 Présentation Géraud Canet geraud.canet@cea.fr ABOUT THE CYBERSECURITY cppp 3 AIM 1. Foster cooperation between public

More information

COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN

COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN 24-27 July 2016 1 CONTENT INTRODUCTION POLICY OBJECTIVES POLICY AND LEGISLATIVE PRINCIPLES CYBER SECURITY STRATEGY CHALLENGES AND OPPORTUNITIES CAPACITY BUILDING

More information

Bradford J. Willke. 19 September 2007

Bradford J. Willke. 19 September 2007 A Critical Information Infrastructure Protection Approach to Multinational Cyber Security Events Bradford J. Willke 19 September 2007 Overview A framework for national Critical Information Infrastructure

More information

Security and resilience in Information Society: the European approach

Security and resilience in Information Society: the European approach Security and resilience in Information Society: the European approach Andrea Servida Deputy Head of Unit European Commission DG INFSO-A3 Andrea.servida@ec.europa.eu What s s ahead: mobile ubiquitous environments

More information

ENISA And Standards Adri án Belmonte ETSI Security Week Event Sophia Antipolis (France) 22th June

ENISA And Standards Adri án Belmonte ETSI Security Week Event Sophia Antipolis (France) 22th June ENISA And Standards Adri án Belmonte ETSI Security Week Event Sophia Antipolis (France) 22th June European Union Agency for Network and Information Security Summary 01 What's ENISA? 02 Some challenges

More information

ENISA today and in the future

ENISA today and in the future Udo Helmbrecht Executive Director ENISA COMMITTEE ON INDUSTRY, RESEARCH AND ENERGY European Parliament Brussels, 2 September 2014 For publication European Union Agency for Network and Information Security

More information

Minutes of National Laison Officer s Meeting,

Minutes of National Laison Officer s Meeting, Minutes of National Laison Officer s Meeting, February 2014 Draft 20 March 2014 European Union Agency for Network and Information Security www.enisa.europa.eu Document History //DRAFT ONLY - DELETE THIS

More information

Resilience, Deterrence and Defence: Building strong cybersecurity for the EU

Resilience, Deterrence and Defence: Building strong cybersecurity for the EU Resilience, Deterrence and Defence: Building strong cybersecurity for the EU 1 Building strong cybersecurity for the EU: Resilience, Deterrence and Defence From reactive to pro-active and cross-policy

More information

Cyber security: a building block of the Digital Single Market

Cyber security: a building block of the Digital Single Market Cyber security: a building block of the Digital Single Market Dr. Andreas Mitrakas Workshop Building blocks of the Ubiquitous Digital Single Market, European Parliament, 13/11/2014 European Union Agency

More information

How the European Commission is supporting innovation in mobile health technologies Nordic Mobile Healthcare Technology Congress 2015

How the European Commission is supporting innovation in mobile health technologies Nordic Mobile Healthcare Technology Congress 2015 How the European Commission is supporting innovation in mobile health technologies Nordic Mobile Healthcare Technology Congress 2015 Claudia Prettner, Unit for Health and Well-Being, DG CONNECT Table of

More information

Cybersecurity Policy in the EU: Security Directive - Security for the data in the cloud

Cybersecurity Policy in the EU: Security Directive - Security for the data in the cloud Cybersecurity Policy in the EU: The Network and Information Security Directive - Security for the data in the cloud Microsoft Commitment to Cybersecurity Security at the heart of our products and services

More information

European Directives and reglements for Information security

European Directives and reglements for Information security Е а а И ац а *** European Directives and reglements for Information security Krassi BOGDANOVA LISO for the Secretariat-General, the Cabinets of Commissioners and the European Political Strategy Centre,

More information

Cybersecurity in Asia-Pacific State of play, key issues for trade and e-commerce

Cybersecurity in Asia-Pacific State of play, key issues for trade and e-commerce Cybersecurity in Asia-Pacific State of play, key issues for trade and e-commerce 5-8 September 2017 Yogyakarta, Indonesia Sameer Sharma Senior Advisor ITU Digital Infrastructure for Connectivity SDGs Evolution

More information

Cybersecurity governance in Europe. Sokratis K. Katsikas Systems Security Laboratory Dept. of Digital Systems University of Piraeus

Cybersecurity governance in Europe. Sokratis K. Katsikas Systems Security Laboratory Dept. of Digital Systems University of Piraeus Cybersecurity governance in Europe Sokratis K. Katsikas Systems Security Laboratory Dept. of Digital Systems University of Piraeus ska@unipi.gr Elements of a national cybersecurity strategy Set the vision,

More information

EU Data Protection Triple Threat for May of 2018 What Inside Counsel Needs to Know

EU Data Protection Triple Threat for May of 2018 What Inside Counsel Needs to Know EU Data Protection Triple Threat for May of 2018 What Inside Counsel Needs to Know The General Data Protection Regulation (GDPR) The eprivacy Regulation (epr) The Network and Information Security Directive

More information

Protecting Critical Information Infrastructure in times of increasing cyber conflict

Protecting Critical Information Infrastructure in times of increasing cyber conflict Protecting Critical Information Infrastructure in times of increasing cyber conflict Jan Neutze Director of Cybersecurity Policy (Europe/Middle East/Africa) Microsoft Critical Infrastructures are under

More information

Cybersecurity Package

Cybersecurity Package Cybersecurity Package Highlights of key initiatives Domenico Ferrara Policy officer @ DG CONNECT Brussels, 12 December 2017 1 2013-2017: Evolving threat landscape Proliferation of (poorly secured) IoT

More information

Netherlands Cyber Security Strategy. Michel van Leeuwen Head of Cyber Security Policy Ministry of Security and Justice

Netherlands Cyber Security Strategy. Michel van Leeuwen Head of Cyber Security Policy Ministry of Security and Justice Netherlands Cyber Security Strategy Michel van Leeuwen Head of Cyber Security Policy Ministry of Security and Justice 1 Netherlands: small country, big time vulnerable #1 80% online banking 95% youth uses

More information

Council of the European Union Brussels, 14 September 2017 (OR. en)

Council of the European Union Brussels, 14 September 2017 (OR. en) Council of the European Union Brussels, 14 September 2017 (OR. en) 12205/17 ADD 1 COVER NOTE From: date of receipt: 13 September 2017 To: CYBER 128 TELECOM 208 DATAPROTECT 142 JAI 786 MI 630 CSC 206 Secretary-General

More information

EUROPEAN COMMISSION JOINT RESEARCH CENTRE. Information Note. JRC activities in the field of. Cybersecurity

EUROPEAN COMMISSION JOINT RESEARCH CENTRE. Information Note. JRC activities in the field of. Cybersecurity EUROPEAN COMMISSION JOINT RESEARCH CENTRE Information Note JRC activities in the field of Cybersecurity Date: 28 January, 2016 JRC activities in the field of Cybersecurity 1. Societal and political context

More information

Exploring the European Commission s Network and Information Security Directive (NIS) What every CISO should know

Exploring the European Commission s Network and Information Security Directive (NIS) What every CISO should know Exploring the European Commission s Network and Information Security Directive (NIS) What every CISO should know Aristotelis Tzafalias Programme Officer, Trust and Security DG Communications Networks,

More information

European Cybersecurity PPP European Cyber Security Organisation - ECSO

European Cybersecurity PPP European Cyber Security Organisation - ECSO European Cybersecurity PPP European Cyber Security Organisation - ECSO Luigi Rebuffi CEO, EOS Secretary General, ECSO European Cyber Security Organisation Objectives of the cppp Gather industrial and public

More information

H2020 WP Cybersecurity PPP topics

H2020 WP Cybersecurity PPP topics Info Day 2017 SC7 Secure Societies 06-07/03/2017 H2020 WP 2017 - Cybersecurity PPP topics Rafael Tesoro Cybersecurity & Digital Privacy, DG CNECT Cyberspace: a backbone of digital society & economic growth

More information

Committed to connecting the world

Committed to connecting the world ITU-T: Standardization Sector Produces standards covering all fields of telecommunications on a worldwide basis and defines tariff and accounting principles for international telecommunication services

More information

Resolution adopted by the General Assembly on 21 December [on the report of the Second Committee (A/64/422/Add.3)]

Resolution adopted by the General Assembly on 21 December [on the report of the Second Committee (A/64/422/Add.3)] United Nations A/RES/64/211 General Assembly Distr.: General 17 March 2010 Sixty-fourth session Agenda item 55 (c) Resolution adopted by the General Assembly on 21 December 2009 [on the report of the Second

More information

Dr. Emadeldin Helmy Cyber Risk & Resilience Bus. Continuity Exec. Director, NTRA. The African Internet Governance Forum - AfIGF Dec 2017, Egypt

Dr. Emadeldin Helmy Cyber Risk & Resilience Bus. Continuity Exec. Director, NTRA. The African Internet Governance Forum - AfIGF Dec 2017, Egypt Dr. Emadeldin Helmy Cyber Risk & Resilience Bus. Continuity Exec. Director, NTRA The African Internet Governance Forum - AfIGF2017 5 Dec 2017, Egypt Agenda Why? Threats Traditional security? What to secure?

More information

Critical Information Infrastructure Protection. Role of CIRTs and Cooperation at National Level

Critical Information Infrastructure Protection. Role of CIRTs and Cooperation at National Level Critical Information Infrastructure Protection Role of CIRTs and Cooperation at National Level 1 Global Cybersecurity Agenda (GCA) GCA is designed for cooperation and efficiency, encouraging collaboration

More information

ehaction Joint Action to Support the ehealth Network

ehaction Joint Action to Support the ehealth Network Stakeholder Engagement - Consultation (22 August 2017) ehaction Joint Action to Support the ehealth Network 3 rd Joint Action to Support the ehealth Network Open Consultation 1 Participants of the 3 rd

More information

About Issues in Building the National Strategy for Cybersecurity in Vietnam

About Issues in Building the National Strategy for Cybersecurity in Vietnam Vietnam Computer Emergency Response Team - VNCERT About Issues in Building the National Strategy for Cybersecurity in Vietnam Vu Quoc Khanh Director General Outline Internet abundance Security situation

More information

Draft ENISA Work programme 2017 STATUS: DRAFT VERSION: JANUARY, European Union Agency For Network And Information Security

Draft ENISA Work programme 2017 STATUS: DRAFT VERSION: JANUARY, European Union Agency For Network And Information Security Draft ENISA Work programme 2017 STATUS: DRAFT VERSION: JANUARY, 2016 www.enisa.europa.eu European Union Agency For Network And Information Security About ENISA The European Union Agency for Network and

More information

Creating NIS Compliant Country in a Non-Regulated Environment. Jurica Čular

Creating NIS Compliant Country in a Non-Regulated Environment. Jurica Čular Creating NIS Compliant Country in a Non-Regulated Environment Jurica Čular (jcular@zsis.hr) What NIS actually is? NIS Directive NIS Network Information Security Directive EU Cyber Security Policy Mandatory

More information

Information Sharing and Cooperation

Information Sharing and Cooperation Information Sharing and Cooperation Building Partnerships Between Private and Public Actors SANS 2008 European Community SCADA and Process Control Summit, 8-11 September, Amsterdam Dr. Åke J. Holmgren

More information

FINNISH CYBER DEFENSE MODEL GUIDED TOUR

FINNISH CYBER DEFENSE MODEL GUIDED TOUR FINNISH CYBER DEFENSE MODEL GUIDED TOUR SPAM Botnets Identity theft Phishing Denial of Service Defacements @codenomicon BACKGROUND Sindri Bjarnason - sindri@codenomicon.com Senior Solution Engineer at

More information

Cybersecurity. Quality. security LED-Modul. basis. Comments by the electrical industry on the EU Cybersecurity Act. manufacturer s declaration

Cybersecurity. Quality. security LED-Modul. basis. Comments by the electrical industry on the EU Cybersecurity Act. manufacturer s declaration Statement Comments by the electrical industry on the EU Cybersecurity Act manufacturer s declaration industrial security Cybersecurity Quality basis security LED-Modul Statement P January 2018 German Electrical

More information

The challenges of the NIS directive from the viewpoint of the Vienna Hospital Association

The challenges of the NIS directive from the viewpoint of the Vienna Hospital Association The challenges of the NIS directive from the viewpoint of the Vienna Hospital Association page 1 Cybersecurity Strategy Essential Points The norms, principles and values that the City of Vienna and the

More information

Secure Societies Work Programme Call

Secure Societies Work Programme Call Secure Societies Work Programme 2018-2020 2019 Call Andrea DE CANDIDO Deputy Head of Unit Innovation and Industry for Security European Commission andrea.de-candido@ec.europa.eu Outline 1. Policy context

More information

Centre for cybersecurity Belgium : Role, Missions et future capacities

Centre for cybersecurity Belgium : Role, Missions et future capacities Centre for cybersecurity Belgium : Role, Missions et future capacities NLO meeting 30/01/2018 Phédra Clouner Deputy Director CCB 01 CCB mission & services Page 2 Legal Basis R.D. 10/10/2014 Contribute

More information

European Cybersecurity cppp and ECSO. org.eu

European Cybersecurity cppp and ECSO.   org.eu European Cybersecurity cppp and ECSO www.ecs org.eu ABOUT THE EUROPEAN CYBERSECURITY PPP A EUROPEAN PPP ON CYBERSECURITY The European Commission has signed on July 2016 a PPP with the private sector for

More information

ehealth action in the EU

ehealth action in the EU ehealth action in the EU ehealth for smart and inclusive growth 13 February 2014 Jerome Boehm DG SANCO ehealth and Health Technology Assessment General Health Objectives of the EU cooperation on ehealth

More information

U.S. Japan Internet Economy Industry Forum Joint Statement October 2013 Keidanren The American Chamber of Commerce in Japan

U.S. Japan Internet Economy Industry Forum Joint Statement October 2013 Keidanren The American Chamber of Commerce in Japan U.S. Japan Internet Economy Industry Forum Joint Statement 2013 October 2013 Keidanren The American Chamber of Commerce in Japan In June 2013, the Abe Administration with the support of industry leaders

More information

HEALTH IN ECSO (European Cyber Security Organisation) 18 October 2017

HEALTH IN ECSO (European Cyber Security Organisation) 18 October 2017 HEALTH IN ECSO (European Cyber Security Organisation) 18 October 2017 ABOUT THE EUROPEAN CYBERSECURITY PPP A EUROPEAN PPP ON CYBERSECURITY The European Commission has signed on July 2016 a PPP with the

More information