Future-Proof Security & Privacy in IoT
|
|
- Katrina Golden
- 5 years ago
- Views:
Transcription
1 All rights reserved, Arthur s Legal B.V. Future-Proof Security & Privacy in IoT From State of Play, To State of The Art Arthur van der Wees, LLM Managing Director Arthur s Legal, the global tech-by-design law firm & strategic knowledge partner Expert Advisor to the European Commission (IoT, Data Value Chain, AI, Robotics, Computing, Cybersecurity, Privacy & Accountability) Project Leader H2020 IoT LSPs & CSAs Activity Group on Trust, Security, Privacy, Accountability & Liability Specialist Task Force ETSI (STF 547) Co-Leader for Security in IoT & Privacy in IoT Co-Founding Member, Alliance for IoT Innovation (AIOTI) Leader AIOTI Privacy in IoT Taskforce & Co-Leader Security in IoT Taskforce
2 Smart Everything What s Your Next Smart?
3 Combination of Smart Features & Functionalities But Do They Actually Work?
4 Smart Everything: Symbiosis of Functional and Non-Functional Functionalities
5 Multi-Disciplinary Inter-Disciplinary All rights reserved, Arthur s Legal B.V.
6 Stand-Alone vs Hyper-Connectivity
7 Who is Responsible? All rights reserved, Arthur s Legal B.V.
8 Fragmentation
9 What Can We Do? What Should We Do?
10 Back to Basics
11 All rights reserved, Arthur s Legal B.V. People, Process, Technology & Data Human-Centric Organisations & Systems Data, Information, Knowledge Process People & Society Technology
12 From Static Markets to Dynamic Markets
13 From State of Play to State of the Art
14 From Rule-Based to Principle-Based
15 From Continual to Continuous
16 From Compliance to Accountability
17 Digital Transparency
18 All rights reserved, Arthur s Legal B.V. From 2018, Digital & Data Are Highly Regulated Domains PSD2: 13 January 2018 NIS: 9 May 2018 Identifying operators of Essential Services 9 November 2018 GDPR: 25 May 2018 Trade Secrets Directive 9 June 2018 Radio Equipment Directive (2016) Registration of radio equipment within some categories: 12 June 2018 e-privacy Regulation (draft) Free Flow of Data Regulation (draft) Cyber Security Act & Certification Scheme (draft) Public Services Information Directive (revision) 1 January 2018 All rights reserved, Arthur s Legal B.V.
19 All rights reserved, Arthur s Legal B.V. A. Technical Measures B. Organisational Measures C. Policies & Documentation
20 Build Your Own SOTA Security in IoT Model It s Easy; Just Think N-Dimensional! SOTA Security Recommendations, Frameworks & Guidelines Security Requirements & Principles (450+ Unique) 3. Segmentation into 4 Layers & 3 Dimensions 4. Structure, Systemize & Semantic Sanitization without Interpretation 5. Context (initially: each of the 5 LSPs) 6. Stakeholders (User, Customer, Supplier, Policy Makers, SDO, Authorities) 7. 5 Life Cycle Metholodogies (Device, Data, Stakeholder, Context, Legal) 8. Interdependencies & Double-Looping
21 Security & Privacy in IoT / State of the Art (SOTA) 1. European Commission (EC) & Alliance for Internet of Things Innovation (AIOTI): Report on Workshop on Security & Privacy in IoT (2016 & 2017) 2. Alliance for Internet of Things Innovation (AIOTI): Report on Workshop on Security and Privacy in the Hyper-Connected World (2016) 3. European Commission (EC): Best available techniques reference document for the cyber-security and privacy of the 10 minimum functional requirements of the Smart Metering Systems (2016) 4. European Union Agency for Network and Information Security (ENISA): Auditing Security Measures (2013) 5. European Union Agency for Network and Information Security (ENISA): Cloud Certification Schemes Metaframework (2014) 6. Energy Expert Cyber Security Platform: Cyber Security in the Energy Sector (2017) 7. HM Government, Department for Transport and Centre for the Protection of National Infrastructure: The Key Principles of Cyber Security for Connected and Automated Vehicles (2017) 8. Autorité de régulation des communications électroniques et des postes (ARCEP): Preparing for the internet of things revolution (2016) 9. United States Department of Commerce (DoC): Fostering the advancement of the Internet of Things (2017) 10. United States Department of Homeland Security: Strategic Principles for Securing the Internet of Things (2016) 11. United States Department of Health and Human Services, Food and Drug Administration: Postmarket Management of Cybersecurity in Medical Devices (2016) 12. United States Department of Health and Human Services, Food and Drug Administration: Content of Premarket Submissions for Management of Cybersecurity in Medical Devices 13. United States Government Accountability Office: Technology Assessment: Internet of Things Status and implications of an increasingly connected world (2017) 14. National Institute of Standards and Technology (NIST): Networks of Things (2016) 15. IoT Alliance Australia (IoTAA): Internet of Things Security Guideline (2017) 16. GSM Association (GSMA): IoT Security Guidelines Overview Document (2016) 17. GSM Association (GSMA): IoT Security Guidelines for Service Ecosystems (2016) 18. GSM Association (GSMA): IoT Security Guidelines for Endpoint Ecosystems (2016) 19. GSM Association (GSMA): IoT Security Guidelines for Network Operators (2016) 20. IoT Security Foundation (IoTSF): IoT Security Compliance Framework (2016) 21. IoT Security Foundation (IoTSF): Connected Consumer Products Best Practice Guidelines (2016) 22. IoT Security Foundation (IoTSF): Vulnerability Disclosure (2016) 23. Broadband Internet Technical Advisory Group (BITAG): Internet of Things (IoT) Security and Privacy Recommendations (2016) 24. International Organization for Standardization (ISO): Internet of Things Preliminary Report (2014) 25. The Center for Internet Security (CIS): Critical Security Controls v6.0 (2016) 35 + Regulatory Technical Standards of Payment Services Directive (2017) US Congress Proposal for IoT Cybersecurity Improvement Act (2017) Online Trust Alliance: IoT Security & Privacy (2017) OWASP IoT Framework Assessment (2018)
22 Dynamic Certification & Assurance How to Validate Continuous SOTA Security, Privacy & Trustworthiness? And How to Partner Up with Authorities?
23 Security & Privacy are Solutions, not Problems Better cybersecurity and (personal) data protection will enable new markets, promote innovation, and give consumers confidence to use new technologies that improve the quality of life. Poor security will likely cause the Digital Technology markets to eventually collapse on itself as consumers, other users and society (the non-users) begin to lose trust in technology from compilations of digital disasters, social meddling and market failure.
24 No One Has A Monopoly In Cyber No one has the Single Silver Bullet for Future-Proof, Continuous Cyber Resilience. Collaboration therefore is even more Essential. But not many are succeeding, yet. Therefore, I Call for Action to the ETSI Security Week Participants to locally, nationally, regionally and globally setting up collaborations with both private & public sectors combined to join forces & co-create with relevant, likeminded stakeholders: The Coalition of The Willing & Able. To navigate, enable and facilitate society, people and markets in this joint, global, challenging & continuous mission.
25 Connect & Collaborate
26 Man & Technology Symbiosis: Hyperconnectivity! Q&A: Anything Goes! Arthurslegal.com
27 Legal Notices All rights reserved, Arthur s Legal B.V. The content of this document is provided as-is and for general information purposes only; it does not constitute strategic, legal or any other professional advice. The content or parts thereof may not be complete, accurate or up to date. Notwithstanding anything contained in this document, Arthur s Legal B.V. and the Institute for Future of Living disclaim responsibility (including where Arthur s Legal B.V., the Institute for Future of Living or any of its officers, employees or contractors have been negligent) for any direct or indirect loss, damage, claim, or liability any person, company, organisation or other entity or body may incur as a result, this to the maximum extent permitted by law.
In Accountable IoT We Trust
In Accountable IoT We Trust AIOTI WG3 Security & Privacy-in-IoT Taskforces, and H2020 CSA CREATE-IoT & LSPs AG Trust in IoT Arthur van der Wees Managing Director Arthur s Legal, the global tech-by-design
More informationDiscussion on MS contribution to the WP2018
Discussion on MS contribution to the WP2018, 30 January 2018 European Union Agency for Network and Information Security Possibilities for MS contribution to the WP2018 Expert Groups ENISA coordinates several
More informationThe NIS Directive and Cybersecurity in
The NIS Directive and Cybersecurity in ehealth Dr. Athanasios Drougkas Officer in NIS Belgian Hospitals Meeting on Security Brussels 13 th October European Union Agency For Network And Information Security
More informationCEN and CENELEC Position Paper on the draft regulation ''Cybersecurity Act''
CEN Identification number in the EC register: 63623305522-13 CENELEC Identification number in the EC register: 58258552517-56 CEN and CENELEC Position Paper on the draft regulation ''Cybersecurity Act''
More informationThe emerging EU certification framework: A role for ENISA Dr. Andreas Mitrakas Head of Unit EU Certification Framework Conference Brussels 01/03/18
The emerging EU certification framework: A role for ENISA Dr. Andreas Mitrakas Head of Unit EU Certification Framework Conference Brussels 01/03/18 European Union Agency for Network and Information Security
More informationEuropean Union Agency for Network and Information Security
Critical Information Infrastructure Protection in the EU Evangelos Ouzounis Head of Secure Infrastructure and Services Regional Cybersecurity Forum Sofia, Bulgaria 29 th November 2016 European Union Agency
More informationcybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services
Enhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services European Union Agency for Network and Information Security Securing Europe s Information society 2
More informationNew cybersecurity landscape in the EU Sławek Górniak 9. CA-Day, Berlin, 28th November 2017
in the EU Sławek Górniak 9. CA-Day, Berlin, 28th November 2017 European Union Agency for Network and Information Security Positioning ENISA activities CAPACITY Hands on activities POLICY Support MS & COM
More informationcybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services
Enhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services European Union Agency for Network and Information Security Securing Europe s Information society 2
More informationIncentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO
White Paper Incentives for IoT Security May 2018 Author: Dr. Cédric LEVY-BENCHETON, CEO Table of Content Defining the IoT 5 Insecurity by design... 5 But why are IoT systems so vulnerable?... 5 Integrating
More informationMedical Device Cybersecurity: FDA Perspective
Medical Device Cybersecurity: FDA Perspective Suzanne B. Schwartz MD, MBA Associate Director for Science and Strategic Partnerships Office of the Center Director (OCD) Center for Devices and Radiological
More informationERCI cybersecurity seminar Guildford ERCI cybersecurity seminar Guildford
Cybersecurity is a EU strategic priority DG CONNECT* > The Digital Single Market strategy aims to open up digital opportunities for people and business and enhance Europe's position as a world leader in
More informationSecurity and resilience in Information Society: the European approach
Security and resilience in Information Society: the European approach Andrea Servida Deputy Head of Unit European Commission DG INFSO-A3 Andrea.servida@ec.europa.eu What s s ahead: mobile ubiquitous environments
More informationENISA EU Threat Landscape
ENISA EU Threat Landscape 24 th February 2015 Dr Steve Purser ENISA Head of Department European Union Agency for Network and Information Security www.enisa.europa.eu Agenda ENISA Areas of Activity Key
More informationCybersecurity & Privacy Enhancements
Business, Industry and Government Cybersecurity & Privacy Enhancements John Lainhart, Director, Grant Thornton The National Institute of Standards and Technology (NIST) is in the process of updating their
More informationOutreach and Partnerships for Promoting and Facilitating Private Sector Emergency Preparedness
2011/EPWG/WKSP/020 Session 4 Outreach and Partnerships for Promoting and Facilitating Private Sector Emergency Preparedness Submitted by: Australia Workshop on Private Sector Emergency Preparedness Sendai,
More informationPackage of initiatives on Cybersecurity
Package of initiatives on Cybersecurity Presentation to Members of the IMCO Committee Claire Bury Deputy Director-General, DG CONNECT Brussels, 12 October 2017 Building EU Resilience to cyber attacks Creating
More informationEnhancing the cyber security &
Enhancing the cyber security & resilience of transport infrastructure in Europe European Union Agency for Network and Information Security Securing Europe s Information society 2 Positioning ENISA activities
More informationCyber Risk and Networked Medical Devices
Cyber Risk and Networked Medical Devices Hot Topics Deloitte & Touche LLP February 2016 Copyright Scottsdale Institute 2016. All Rights Reserved. No part of this document may be reproduced or shared with
More informationTowards a European Cloud Computing Strategy
Towards a European Cloud Computing Strategy Jorge Gasós European Commission Information Society and Media Directorate General Trust and Security Unit Security, privacy, and trust in the information society
More informationENISA s Position on the NIS Directive
ENISA s Position on the NIS Directive 1 Introduction This note briefly summarises ENISA s position on the NIS Directive. It provides the background to the Directive, explains its significance, provides
More informationCybersecurity & Digital Privacy in the Energy sector
ENERGY INFO DAYS Brussels, 25 October 2017 Cybersecurity & Digital Privacy in the Energy sector CNECT.H1 Cybersecurity & Digital Privacy, DG CNECT ENER.B3 - Retail markets; coal & oil, DG ENER European
More informationDIGITIZING INDUSTRY, ICT STANDARDS TO
DIGITIZING INDUSTRY, ICT STANDARDS TO DELIVER ON DIGITAL SINGLE MARKET OBJECTIVES ETSI When Standards Support Policy 14 November 2016 Emilio Davila Gonzalez Unit Start ups & Innovation, EC DG Connect 72%
More informationCyber Security in Europe and CEER s new PEER initiative
NARUC-CEER International Forum, 27 April 2017, Arlington, Virginia Cyber Security in Europe and CEER s new PEER initiative Lord Mogg, CEER President Outline New EU legislativedevelopments: NIS Directive
More informationTelecommunication Development Bureau (BDT)
Telecommunication Development Bureau (BDT) Ref.: BDT/IEE/RME/DM/006 Geneva, 18 December 2017 To: -ITU-D Sector Members -Administrations of ITU Member States -National Regulatory Authorities -Regional and
More informationJoint FIEEC-ZVEI Position on Cybersecurity
Position Paper Joint FIEEC-ZVEI Position on Cybersecurity Digital Market Cyber Security Multilevel toolbox Guidelines Industries Certification Framework self-declaration October 2017 Preface The digital
More informationVdTÜV Statement on the Communication from the EU Commission A Digital Single Market Strategy for Europe
Author Date VdTÜV-WG Cybersecurity October, 3 rd 2015 VdTÜV Statement on the Communication from the EU Commission A Digital Single Market Strategy for Europe VdTÜV e.v. welcomes the Communication on a
More informationENISA activities in ICT security certification Dr. Prokopios Drogkaris NIS Expert NLO Meeting Athens
ENISA activities in ICT security certification Dr. Prokopios Drogkaris NIS Expert NLO Meeting Athens 30.01.2018 European Union Agency for Network and Information Security What are these symbols anyway?
More informationSTANDARDS TO HELP COMPLY WITH EU LEGISLATION. EUROPE HAS WHAT IT TAKES INCLUDING THE WILL?
ETSI SUMMIT Releasing the Flow Data Protection and Privacy in a Data-Driven Economy 19 April 2018 STANDARDS TO HELP COMPLY WITH EU LEGISLATION. EUROPE HAS WHAT IT TAKES INCLUDING THE WILL? Presented by
More informationNIS Standardisation ENISA view
NIS Standardisation ENISA view Dr. Steve Purser Brussels, 19 th September 2017 European Union Agency for Network and Information Security Instruments For Improving Cybersecurity Policy makers have a number
More informationThe NIST Cybersecurity Framework
The NIST Cybersecurity Framework U.S. German Standards Panel 2018 April 10, 2018 Adam.Sedgewick@nist.gov National Institute of Standards and Technology About NIST Agency of U.S. Department of Commerce
More informationCybersecurity in Asia-Pacific State of play, key issues for trade and e-commerce
Cybersecurity in Asia-Pacific State of play, key issues for trade and e-commerce 5-8 September 2017 Yogyakarta, Indonesia Sameer Sharma Senior Advisor ITU Digital Infrastructure for Connectivity SDGs Evolution
More informationCall for Expressions of Interest
Call for Expressions of Interest ENISA M/CEI/17/T01 Experts for assisting in the implementation of the annual ENISA Work Programme TECHNICAL DESCRIPTION CONTENTS TECHNICAL DESCRIPTION... 3 1. INTRODUCTION...
More informationENISA And Standards Adri án Belmonte ETSI Security Week Event Sophia Antipolis (France) 22th June
ENISA And Standards Adri án Belmonte ETSI Security Week Event Sophia Antipolis (France) 22th June European Union Agency for Network and Information Security Summary 01 What's ENISA? 02 Some challenges
More informationEU Data Protection Triple Threat for May of 2018 What Inside Counsel Needs to Know
EU Data Protection Triple Threat for May of 2018 What Inside Counsel Needs to Know The General Data Protection Regulation (GDPR) The eprivacy Regulation (epr) The Network and Information Security Directive
More informationBHConsulting. Your trusted cybersecurity partner
Your trusted cybersecurity partner BH Consulting Securing your business BH Consulting is an award-winning, independent provider of cybersecurity consulting and information security advisory services. Recognised
More informationHorizon 2020 Security
Horizon 2020 Security Best Practices for Security Proposal Writing Armand Nachef Coordinator of the French Security NCP Consortium, CEA armand.nachef@cea.fr KEY MESSAGES FOR PUTTING TOGETHER A HORIZON
More informationStriving for efficiency
Ron Dekker Director CESSDA Striving for efficiency Realise the social data part of EOSC How to Get the Maximum from Research Data Prerequisites and Outcomes University of Tartu, 29 May 2018 Trends 1.Growing
More informationThe Australian Government s Approach to Critical Infrastructure Resilience
The Australian Government s Approach to Critical Infrastructure Resilience GNSS Workshop University of New South Wales 4 December 2013 Mr Kris Garred, Director Critical Infrastructure Policy Attorney-General
More informationH2020 Opportunities in the Area of Security and Critical Infrastructure Protection
H2020 Opportunities in the Area of Security and Critical Infrastructure Protection Angelo MARINO Head of Unit Security Research AIIC General Assembly Rome, 26/10/2013 NOT LEGALLY BINDING Outline The context:
More informationU.S. Japan Internet Economy Industry Forum Joint Statement October 2013 Keidanren The American Chamber of Commerce in Japan
U.S. Japan Internet Economy Industry Forum Joint Statement 2013 October 2013 Keidanren The American Chamber of Commerce in Japan In June 2013, the Abe Administration with the support of industry leaders
More informationETNO Reflection Document on the EC Proposal for a Directive on Network and Information Security (NIS Directive)
ETNO Reflection Document on the EC Proposal for a Directive on Network and Information Security (NIS Directive) July 2013 Executive Summary ETNO supports the European Commission s global approach to cyber-security
More informationCybersecurity Protecting your crown jewels
Cybersecurity Protecting your crown jewels Our cyber security services We view cybersecurity through a series of interconnected lenses. This rounded approach is designed to provide you with confidence:
More informationKey Findings from the Global State of Information Security Survey 2017 Indonesian Insights
www.pwc.com/id Key Findings from the State of Information Security Survey 2017 n Insights Key Findings from the State of Information Security Survey 2017 n Insights By now, the numbers have become numbing.
More informationThe Network and Information Security Directive - ENISA's contribution
The Network and Information Security Directive - ENISA's contribution Konstantinos Moulinos Information Security Expert 3rd IMPROVER- ERNCIP Operators Workshop Lisbon 23.05.2018 European Union Agency for
More informationENISA S WORK ON ICS AND SMART GRID SECURITY
AMSTERDAM, OCTOBER 15, 2012 ENISA S WORK ON ICS AND SMART GRID SECURITY Dr. Evangelos OUZOUNIS Head of CIIP & Resilience Unit ENISA 1 Why is it important? Industrial networks is the CI for the SCADA and
More informationPrinciples for a National Space Industry Policy
Principles for a National Space Industry Policy Commonwealth of Australia 2011 DIISR 11/144 This work is copyright. Apart from any use as permitted under the Copyright Act 1968, no part may be reproduced
More informationCONCLUSIONS OF THE WESTERN BALKANS DIGITAL SUMMIT APRIL, SKOPJE
CONCLUSIONS OF THE WESTERN BALKANS DIGITAL SUMMIT 2018 18-19 APRIL, SKOPJE CONCLUSIONS OF THE WESTERN BALKANS DIGITAL SUMMIT 2018 At the Trieste Western Balkans Summit, we stressed the importance of the
More informationThe Role of ENISA in the Implementation of the NIS Directive Anna Sarri Officer in NIS CIP Workshop Vienna 19 th September 2017
The Role of ENISA in the Implementation of the NIS Directive Anna Sarri Officer in NIS CIP Workshop Vienna 19 th September 2017 European Union Agency for Network and Information Security Positioning ENISA
More informationCyber Risks in the Boardroom Conference
Cyber Risks in the Boardroom Conference Managing Business, Legal and Reputational Risks Perspectives for Directors and Executive Officers Preparing Your Company to Identify, Mitigate and Respond to Risks
More informationRun the business. Not the risks.
Run the business. Not the risks. RISK-RESILIENCE FOR THE DIGITAL BUSINESS Cyber-attacks are a known risk to business. Today, with enterprises becoming pervasively digital, these risks have grown multifold.
More information13967/16 MK/mj 1 DG D 2B
Council of the European Union Brussels, 4 November 2016 (OR. en) 13967/16 'I/A' ITEM NOTE From: To: General Secretariat of the Council No. prev. doc.: 11911/3/16 REV 3 No. Cion doc.: 11013/16 Subject:
More informationThe Key Principles of Cyber Security for Connected and Automated Vehicles. Government
The Key Principles of Cyber Security for Connected and Automated Vehicles Government Contents Intelligent Transport System (ITS) & Connected and Automated Vehicle (CAV) System Security Principles: 1. Organisational
More informationOTA & IoT A Shared & Collaborative Responsibility. 24 October 2017
OTA & IoT A Shared & Collaborative Responsibility 24 October 2017 Online Trust Alliance Founded as Industry Trade Organisation in 2007 65 members (e.g. DigiCert, Symantec, Verisign, Microsoft, Twitter,
More informationNATIONAL CYBER SECURITY STRATEGY. - Version 2.0 -
NATIONAL CYBER SECURITY STRATEGY - Version 2.0 - CONTENTS SUMMARY... 3 1 INTRODUCTION... 4 2 GENERAL PRINCIPLES AND OBJECTIVES... 5 3 ACTION FRAMEWORK STRATEGIC OBJECTIVES... 6 3.1 Determining the stakeholders
More informationSecurity Aspects of Trust Services Providers
Security Aspects of Trust Services Providers Please replace background with image European Union Agency for Network and Information Security 24 th September 2013 www.enisa.europa.eu Today s agenda 09:30-10:00
More informationMaking Privacy Operational
Making Privacy Operational Introduction to the Privacy Management Reference Model John Sabo Director, Global Government relations CA, Inc. and President, ISTPA john.t.sabo@ca.com Michael Willett President,
More informationMEDICAL DEVICE CYBERSECURITY: FDA APPROACH
MEDICAL DEVICE CYBERSECURITY: FDA APPROACH CYBERMED SUMMIT JUNE 9TH, 2017 SUZANNE B. SCHWARTZ, MD, MBA ASSOCIATE DIRECTOR FOR SCIENCE & STRATEGIC PARTNERSHIPS CENTER FOR DEVICES AND RADIOLOGICAL HEALTH
More informationPlatform Economy and Trustworthiness Standardization
Security for Industrie 4.0 Platform Economy and Trustworthiness Standardization Siemens Corporate Technology and Member of the German Platform Industrie 4.0 Industrie 4.0 Connecting business processes
More informationSecurity Challenges with ITS : A law enforcement view
Security Challenges with ITS : A law enforcement view Central Observatory for Intelligent Transportation Systems FRENCH MINISTRY OF INTERIOR GENDARMERIE NATIONALE Colonel Franck MARESCAL franck.marescal@gendarmerie.interieur.gouv.fr
More informationCybersecurity Risk Management:
Cybersecurity Risk Management: Building a Culture of Responsibility G7 ICT and Industry Multistakeholder Conference September 25 2017 Adam Sedgewick asedgewick@doc.gov Cybersecurity in the Department of
More informationDirective on Security of Network and Information Systems
European Commission - Fact Sheet Directive on Security of Network and Information Systems Brussels, 6 July 2016 Questions and Answers The European Parliament's plenary adopted today the Directive on Security
More informationNetwork and Information Security Directive
Network and Information Security Directive Provisions + ENISA s activities Dr Evangelos Ouzounis Head of Secure Infrastructure and Services Unit, ENISA European Union Agency for Network and Information
More informationSOC 3 for Security and Availability
SOC 3 for Security and Availability Independent Practioner s Trust Services Report For the Period October 1, 2015 through September 30, 2016 Independent SOC 3 Report for the Security and Availability Trust
More informationThe EU Cybersecurity Package: Implications for ENISA Dr. Steve Purser Head of ENISA Core Operations Athens, 30 th January 2018
The EU Cybersecurity Package: Implications for ENISA Dr. Steve Purser Head of ENISA Core Operations Athens, 30 th January 2018 European Union Agency for Network and Information Security Outline 1. Cybersecurity
More informationApr. 10, Vulnerability disclosure and handling processes strengthen security programs
Joint Comments on "Framework for Improving Critical Infrastructure Cybersecurity" version 1.1 Before the National Institute of Standards and Technology Apr. 10, 2017 We the undersigned companies, civil
More informationEU Cloud Computing Policy. Luis C. Busquets Pérez 26 September 2017
EU Cloud Computing Policy Luis C. Busquets Pérez 26 September 2017 The digital revolution is built on data Most economic activity will depend on data within a decade Potential of the data-driven economy
More informationGlobal cybersecurity and international standards
World Class Standards Global cybersecurity and international standards Professor Solange Ghernaouti-Hélie sgh@unil.ch Faculty of Business and Economics, University of Lausanne Member of the Hight Level
More informationPOSTMARKET MANAGEMENT OF CYBERSECURITY IN MEDICAL DEVICES FINAL GUIDANCE MARCH 29, TH ANNUAL MEDICAL DEVICE QUALITY CONGRESS
POSTMARKET MANAGEMENT OF CYBERSECURITY IN MEDICAL DEVICES FINAL GUIDANCE MARCH 29, 2017 14TH ANNUAL MEDICAL DEVICE QUALITY CONGRESS 1 Fact vs. Myth Let s Play: Fact vs. Myth The FDA is the federal entity
More informationSOC for cybersecurity
April 2018 SOC for cybersecurity a backgrounder Acknowledgments Special thanks to Francette Bueno, Senior Manager, Advisory Services, Ernst & Young LLP and Chris K. Halterman, Executive Director, Advisory
More informationStrengthening the Cybersecurity of Federal Networks and Critical Infrastructure
Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure Executive Order 13800 Update July 2017 In Brief On May 11, 2017, President Trump issued Executive Order 13800, Strengthening
More informationIoT and Privacy by Design
IoT and Privacy by Design A recap on previous presentation More recent work on GDPR, NIS Cyber Security, and the Human Right to Privacy The design process for consumer goods and services 2 current examples
More informationTrustworthy ICT. FP7-ICT Objective 1.5 WP 2013
Trustworthy ICT FP7-ICT-2013-10 Objective 1.5 WP 2013 1 General Overview Focused in a limited number of technologies in emerging application of high economic impact in the security area, Cloud Computing
More informationNational Policy and Guiding Principles
National Policy and Guiding Principles National Policy, Principles, and Organization This section describes the national policy that shapes the National Strategy to Secure Cyberspace and the basic framework
More informationITU Asia-Pacific Centres of Excellence Training on Conformity and Interoperability. Session 2: Conformity Assessment Principles
ITU Asia-Pacific Centres of Excellence Training on Conformity and Interoperability Session 2: Conformity Assessment Principles 12-16 October 2015 Beijing, China Keith Mainwaring ITU Expert Agenda 1. Context
More informationWhy you should adopt the NIST Cybersecurity Framework
Why you should adopt the NIST Cybersecurity Framework It s important to note that the Framework casts the discussion of cybersecurity in the vocabulary of risk management Stating it in terms Executive
More informationIMPROVING CYBERSECURITY AND RESILIENCE THROUGH ACQUISITION
IMPROVING CYBERSECURITY AND RESILIENCE THROUGH ACQUISITION Briefing for OFPP Working Group 19 Feb 2015 Emile Monette GSA Office of Governmentwide Policy emile.monette@gsa.gov Cybersecurity Threats are
More informationSTRENGTHENING THE CYBERSECURITY OF FEDERAL NETWORKS AND CRITICAL INFRASTRUCTURE
STRENGTHENING THE CYBERSECURITY OF FEDERAL NETWORKS AND CRITICAL INFRASTRUCTURE By the authority vested in me as President by the Constitution and the laws of the United States of America, it is hereby
More informationCyber risk resilience
Cyber risk resilience A consistent approach for a consistently major risk Sara Walton Standards Market Development (Risk, Resilience, Governance) 12 Sept 2017 Copyright 2017 BSI. All rights reserved 1
More informationCOMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN
COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN 24-27 July 2016 1 CONTENT INTRODUCTION POLICY OBJECTIVES POLICY AND LEGISLATIVE PRINCIPLES CYBER SECURITY STRATEGY CHALLENGES AND OPPORTUNITIES CAPACITY BUILDING
More informationEnhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services
Enhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services European Union Agency for Network and Information Security Securing Europe s Information society 2
More informationCybersecurity Presidential Policy Directive Frequently Asked Questions. kpmg.com
Cybersecurity Presidential Policy Directive Frequently Asked Questions kpmg.com Introduction On February 12, 2013, the White House released the official version of the Presidential Policy Directive regarding
More informationDr. Emadeldin Helmy Cyber Risk & Resilience Bus. Continuity Exec. Director, NTRA. The African Internet Governance Forum - AfIGF Dec 2017, Egypt
Dr. Emadeldin Helmy Cyber Risk & Resilience Bus. Continuity Exec. Director, NTRA The African Internet Governance Forum - AfIGF2017 5 Dec 2017, Egypt Agenda Why? Threats Traditional security? What to secure?
More informationSecuring Europe s IoT Devices and Services
Securing Europe s IoT Devices and Services Dr. Evangelos OUZOUNIS Head of Unit - Secure Infrastructure and Services Validation Workshop Berlin 16 October 2015 European Union Agency for Network and Information
More informationHow the European Commission is supporting innovation in mobile health technologies Nordic Mobile Healthcare Technology Congress 2015
How the European Commission is supporting innovation in mobile health technologies Nordic Mobile Healthcare Technology Congress 2015 Claudia Prettner, Unit for Health and Well-Being, DG CONNECT Table of
More informationThe New Healthcare Economy is rising up
The New Healthcare Economy is rising up February 2017 The ever-rising costs of healthcare are fostering innovative solutions and disruptive business models Cybersecurity concerns come to medical technology
More informationBHConsulting. Your trusted cybersecurity partner
Your trusted cybersecurity partner BH Consulting Securing your business BH Consulting is an award-winning, independent provider of cybersecurity consulting and information security advisory services. Recognised
More informationInternet of Things, A European Outlook Antonis Tzortzakakis, Treasurer ECTA
Internet of Things, A European Outlook Antonis Tzortzakakis, Treasurer ECTA Internet of Things IoT represents the next step towards the digitalisation of our society and economy, where objects and people
More informationNIS-Directive and Smart Grids
NIS-Directive and Smart Grids Workshop on European Smart Grid Cybersecurity: Emerging Threats and Countermeasures Marie Holzleitner Table of Content Aims & Objectives Affected Parties Selected Requirements
More informationBusiness Assurance for the 21st Century
14/07/2011 Navigating the Information Assurance landscape AUTHORS Niall Browne NAME AFFILIATION Shared Assessments Program Michael de Crespigny (CEO) Jim Reavis Kurt Roemer Raj Samani Information Security
More informationDigital Platforms for 'Interoperable and smart homes and grids'
25 October 2017, Brussels Digital Platforms for 'Interoperable and smart homes and grids' Focus Area "Digitising and Transforming European Industry and Services by Svet Mihaylov DG CONNECT WP 2018-2020
More informationCyber Security: Threat and Prevention
Expand Your Horizons Webinar Series Cyber Security: Threat and Prevention February 24, 2015 1:00 1:45pm The Webinar will begin shortly. You can ask a question in the box on the right hand side. We will
More informationFDA & Medical Device Cybersecurity
FDA & Medical Device Cybersecurity Closing Keynote, February 19, 2017 Suzanne B. Schwartz, M.D., MBA Associate Director for Science & Strategic Partnerships Center for Devices and Radiological Health US
More informationPresented by Ingrid Fredeen and Pamela Passman. Copyright 2017NAVEXGlobal,Inc. AllRightsReserved. Page 0
Cyber Security and Inside Threats: Turning Policies into Practices Presented by Ingrid Fredeen and Pamela Passman Copyright 2017NAVEXGlobal,Inc. AllRightsReserved. Page 0 Presented By Ingrid Fredeen, J.D.
More informationEY Consulting. Is your strategy planning for the future or creating it? #TransformativeAge
2018 Ernst & Young Advisory. All rights reserved. Graphics studio France 1802SG1267. ED 04082018 EY Consulting Is your strategy planning for the future or creating it? #TransformativeAge The better the
More informationInformation Security Forum Hvad er nyt fra ISF?
Information Security Forum Hvad er nyt fra ISF? v. Christian Kjær, ISF Chapter Agent Danmark Sikkerhed & Revision 7. September 2018 1 Agenda Kort introduktion til Information Security Forum Hvad interesserer
More informationThe National Medical Device Information Sharing & Analysis Organization (MD-ISAO) Initiative Session 2, February 19, 2017 Moderator: Suzanne
The National Medical Device Information Sharing & Analysis Organization (MD-ISAO) Initiative Session 2, February 19, 2017 Moderator: Suzanne Schwartz, Assoc. Dir., CDRH, FDA Denise Anderson, MBA, President,
More informationBradford J. Willke. 19 September 2007
A Critical Information Infrastructure Protection Approach to Multinational Cyber Security Events Bradford J. Willke 19 September 2007 Overview A framework for national Critical Information Infrastructure
More informationHow Secure is Blockchain? June 6 th, 2017
How Secure is Blockchain? June 6 th, 2017 Before we get started... This is a 60 minute webcast For better viewing experience, close all other applications For better sound quality, please use headphones
More informationENISA Cooperation in the EU / NIS Directive
ENISA Cooperation in the EU / NIS Directive Paulo Empadinhas Head of Administration & Stakeholders Relations IT STAR Milan, Italy 28 th October 2016 European Union Agency for Network and Information Security
More information