Package of initiatives on Cybersecurity

Similar documents
Resilience, Deterrence and Defence: Building strong cybersecurity for the EU

Cybersecurity Package

Cybersecurity & Digital Privacy in the Energy sector

The EU Cybersecurity Package: Implications for ENISA Dr. Steve Purser Head of ENISA Core Operations Athens, 30 th January 2018

Directive on security of network and information systems (NIS): State of Play

ENISA & Cybersecurity. Dr. Udo Helmbrecht Executive Director, European Network & Information Security Agency (ENISA) 25 October 2010

ENISA EU Threat Landscape

Cyber Security in Europe

European Union Agency for Network and Information Security

EU policy on Network and Information Security & Critical Information Infrastructures Protection

13967/16 MK/mj 1 DG D 2B

ENISA s Position on the NIS Directive

Brussels, 19 May 2011 COUNCIL THE EUROPEAN UNION 10299/11 TELECOM 71 DATAPROTECT 55 JAI 332 PROCIV 66. NOTE From : COREPER

A Strategy for a secure Information Society Dialogue, Partnership and empowerment

COMMISSION RECOMMENDATION. of on Coordinated Response to Large Scale Cybersecurity Incidents and Crises

cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services

Cyber Security Beyond 2020

ENISA Cooperation in the EU / NIS Directive

CONCLUSIONS OF THE WESTERN BALKANS DIGITAL SUMMIT APRIL, SKOPJE

Valérie Andrianavaly European Commission DG INFSO-A3

Discussion on MS contribution to the WP2018

ERCI cybersecurity seminar Guildford ERCI cybersecurity seminar Guildford

NIS Standardisation ENISA view

Call for Expressions of Interest

New cybersecurity landscape in the EU Sławek Górniak 9. CA-Day, Berlin, 28th November 2017

cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services

Cyber Security in Europe and CEER s new PEER initiative

The emerging EU certification framework: A role for ENISA Dr. Andreas Mitrakas Head of Unit EU Certification Framework Conference Brussels 01/03/18

The challenges of the NIS directive from the viewpoint of the Vienna Hospital Association

Securing Europe's Information Society

COUNCIL OF THE EUROPEAN UNION. Brussels, 24 May /13. Interinstitutional File: 2013/0027 (COD)

ENISA activities in ICT security certification Dr. Prokopios Drogkaris NIS Expert NLO Meeting Athens

The Digitalisation of Finance

Securing Europe s IoT Devices and Services

10025/16 MP/mj 1 DG D 2B

Cybersecurity Strategy of the Republic of Cyprus

COMMISSION STAFF WORKING DOCUMENT EXECUTIVE SUMMARY OF THE IMPACT ASSESSMENT. Accompanying the document

Network and Information Security Directive

EISAS Enhanced Roadmap 2012

The European Policy on Critical Information Infrastructure Protection (CIIP) Andrea SERVIDA European Commission DG INFSO.A3

POSITION PAPER. Initial position on the EU cybersecurity package OCTOBER 2017

H2020 WP Cybersecurity PPP topics

Digital Platforms for 'Interoperable and smart homes and grids'

Security and resilience in the Information Society: the role of CERTs/CSIRTs in the context of the EU CIIP policy

Enhancing the cyber security &

Security and resilience in Information Society: the European approach

The NIS Directive and Cybersecurity in

Position Paper of the ASD Civil Aviation Cybersecurity Taskforce

ETNO Reflection Document on the EC Proposal for a Directive on Network and Information Security (NIS Directive)

Policies in the Quantum era

Between 1981 and 1983, I worked as a research assistant and for the following two years, I ran a Software Development Department.

Directive on Security of Network and Information Systems

European Directives and reglements for Information security

Itu regional workshop

Information sharing in the EU policy on NIS & CIIP. Andrea Servida European Commission DG INFSO-A3

EUROPEAN COMMISSION JOINT RESEARCH CENTRE. Information Note. JRC activities in the field of. Cybersecurity

Infrastructures and Service Dimitra Liveri Network and Information Security Expert, ENISA

IGF 2018 Workshop Proposals Pre-Evaluation Figures

***I DRAFT REPORT. EN United in diversity EN. European Parliament 2018/0328(COD)

GLobal Action on CYbercrime (GLACY) Assessing the Threat of Cybercrime in Mauritius

Cybersecurity governance in Europe. Sokratis K. Katsikas Systems Security Laboratory Dept. of Digital Systems University of Piraeus

The Role of ENISA in the Implementation of the NIS Directive Anna Sarri Officer in NIS CIP Workshop Vienna 19 th September 2017

COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN

The European Cloud Initiative and High Performance Computing (HPC) Teratec 2016

Committee on the Internal Market and Consumer Protection

National Policy and Guiding Principles

Harmonisation of Digital Markets in the EaP. Vassilis Kopanas European Commission, DG CONNECT

NIS-Directive and Smart Grids

The UK s National Cyber Security Strategy

CEN and CENELEC Position Paper on the draft regulation ''Cybersecurity Act''

STANDARDS TO HELP COMPLY WITH EU LEGISLATION. EUROPE HAS WHAT IT TAKES INCLUDING THE WILL?

eidas Regulation (EU) 910/2014 eidas implementation State of Play

Strategic Transport Research and Innovation Agenda - STRIA

The Network and Information Security Directive - ENISA's contribution

***I DRAFT REPORT. EN United in diversity EN. European Parliament 2017/0225(COD)

Bradford J. Willke. 19 September 2007

Bringing EU Cybersecurity & privacy research results closer to the market

Draft ENISA Work programme 2017 STATUS: DRAFT VERSION: JANUARY, European Union Agency For Network And Information Security

Introductory Speech to the Ramboll Event on the future of ENISA. Speech by ENISA s Executive Director, Prof. Dr. Udo Helmbrecht

ehealth in Europe: at the convergence of technology, medicine, law and society

Resolution adopted by the General Assembly on 21 December [on the report of the Second Committee (A/64/422/Add.3)]

Cybersecurity in Asia-Pacific State of play, key issues for trade and e-commerce

Regulating Cyber: the UK s plans for the NIS Directive

How the European Commission is supporting innovation in mobile health technologies Nordic Mobile Healthcare Technology Congress 2015

Exploring the European Commission s Network and Information Security Directive (NIS) What every CISO should know

This document corrects document COM(2017)477 final of

Implementing the Administration's Critical Infrastructure and Cybersecurity Policy

NATIONAL CYBER SECURITY STRATEGY. - Version 2.0 -

Systemic Analyser in Network Threats

The commission communication "towards a general policy on the fight against cyber crime"

Cyber security: a building block of the Digital Single Market

Commonwealth Cyber Declaration

GENERIC CONTROL SYSTEM ARCHITECTURE FOR CRITICAL INFRASTRUCTURE PROTECTION

EUROPEAN ORGANISATION FOR SECURITY SUPPLY CHAIN SECURITY WHITE PAPER

14965/17 MK/ec 1 DG D 2B

ENISA today and in the future

European Cybersecurity in Public Private Partnership

National Cyber Security Strategy - Qatar. Michael Lewis, Deputy Director

Cyber Security: Threat and Prevention

EU Innovation Investments: The Challenges met by Innovation Infrastructures Today in Europe

Transcription:

Package of initiatives on Cybersecurity Presentation to Members of the IMCO Committee Claire Bury Deputy Director-General, DG CONNECT Brussels, 12 October 2017

Building EU Resilience to cyber attacks Creating effective EU cyber deterrence Reformed ENISA Identifying malicious actors EU Certification Framework Stepping up the law enforcement response Communication NIS Directive Implementation Stepping up public-private cooperation against cybercrime Recommendation Rapid emergency response Blueprint & Cybersecurity Emergency Response Fund Stepping up political and Cybersecurity network with a European Cybersecurity Research and Competence Centre Building deterrence through the Member States' defence capabilities Cybersecurity Act Building strong EU cyber skills base, improving cyber hygiene and awareness diplomatic response 1

Ensuring the full implementation of NIS Put in place comprehensive and ambitious national strategies Ensure effective and adequately resourced national CSIRTs Ensure effectiveness of implementation and enforcement Align the national approaches on Operators of Essential Extend the scope of the NIS Directive to additional sectors, e.g. public administration 2

ENISA - New Mandate and objectives Promote the use of certification & contribute to the certification framework Increase capabilities at Union level to complement s action Be an independent of expertise Contribute to high Cybersecurity Promote cooperation &coordination at Union level Assist EU Institutions and s in policy development &implementation Support capacity building & preparedness Promote high level of awareness of citizens & businesses 3

Handling large scale Cybersecurity incidents Blueprint - Cooperation at all levels Technical: Incident handling; Monitoring and continuous analysis of threats and risk Operational: Preparing decision-making; Coordinate the management of the crisis; Assess the impact at EU level Political: Management of both cyber and non-cyber aspects of the crisis including Cybersecurity Emergency Response Fund Allow Member States to seek help at the EU level during or following a major incident. Complement existing crisis management mechanisms at EU level. Rapid response capability in the interests of solidarity. Draw on national expertise along the lines of the EU Civil Protection Mechanism. 4

European Cybersecurity Research and Competence network & Centre 5

ICT certification: Our proposal A voluntary European certification framework. to enable the creation of individual EU certification schemes for ICT products and services that are valid across the EU. 6

How will the framework work in practice ENISA Consults Industry & Standardization Bodies European Commission Requests ENISA to prepare a Candidate Scheme ENISA Prepares candidate scheme ENISA Transmits candidate scheme to the European Commission European Commission Adopts Candidate Scheme A European Cybersecurity Certification Scheme European Cybersecurity Certification Group (s) ECCG Advices ENISA or may propose Advises and the preparation of a scheme to assists the Commission preparation In a nutshell: EC proposes & decides, Group advices (and may propose), ENISA prepares schemes 7

Proposal for a Regulation on the Free Flow of Non-personal Data Presentation to Members of the IMCO Committee Claire Bury Deputy Director-General, DG CONNECT Brussels, 12 October 2017 1

Proposal for a Regulation Adopted by the Commission on 13 September 2017 (SoTEU). Essence: Member States may no longer require businesses and citizens to store or process data within their territory. Core problem: Obstacles to data mobility in the EU. Important element of the DSM strategy since the outset. 2

Evidence gathering process by the European Commission: 2 public consultations: platforms, online intermediaries, data, cloud computing and the collaborative economy in 2015; building a European data economy in 2017; 4 dedicated studies and study workshops; 3 structured dialogue meetings with s and numerous bilateral discussions; Stakeholder engagement / workshops; 2 impact assessments. 3

Obstacles to data mobility Data localisation requirements by Member States' public authorities; Vendor lock-in practices by cloud service providers; Legal uncertainty leading to caution on the market regarding cross-border data storage and processing; Lack of trust due to security risks and concerns about the cross-border availability of data for regulatory purposes. 4

Unlocking cross-border data storage and processing for EU business Creating legal certainty for crossborder storing and processing of data within the EU; No multiplication of IT systems for EU companies (SMEs) active in different Member States; Enabling innovative cross-border data ecosystems in Europe; A competitive EU single market for secure, reliable and affordable cloud services (avoiding vendor lock-in). 5

The proposed Regulation: Principles-based, not detailed (Better Regulation): The free flow of non-personal data principle The principle of data availability for regulatory control purposes Actions to make sure cloud service providers and users develop self-regulatory codes of conduct for easier switching of provider and/or porting data back to inhouse servers Governance by single points of contact per Member State, 6 forming an expert group.

Single EU Data Space 7

Free movement of data is essential for the European Data Economy Data and data flows "feed" technological innovation (IoT, AI, blockchain, fintech, smart mobility, e-health) Enabling free flow of data in the EU is estimated to grow the European Data 8 Economy with an additional 4% of the GDP by 2020

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback