Discussion on MS contribution to the WP2018

Similar documents
cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services

European Union Agency for Network and Information Security

cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services

ENISA Cooperation in the EU / NIS Directive

The NIS Directive and Cybersecurity in

Securing Europe s IoT Devices and Services

The Network and Information Security Directive - ENISA's contribution

The Role of ENISA in the Implementation of the NIS Directive Anna Sarri Officer in NIS CIP Workshop Vienna 19 th September 2017

Call for Expressions of Interest

Infrastructures and Service Dimitra Liveri Network and Information Security Expert, ENISA

Enhancing the cyber security &

Network and Information Security Directive

New cybersecurity landscape in the EU Sławek Górniak 9. CA-Day, Berlin, 28th November 2017

ENISA EU Threat Landscape

Enhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services

Cyber Security in Europe

ENISA s Position on the NIS Directive

ENISA activities in ICT security certification Dr. Prokopios Drogkaris NIS Expert NLO Meeting Athens

The emerging EU certification framework: A role for ENISA Dr. Andreas Mitrakas Head of Unit EU Certification Framework Conference Brussels 01/03/18

Cybersecurity in the EU Steve Purser Head of Operational Departments, ENISA Regional Cybersecurity Forum Sofia, Bulgaria 29 th November 2016 European

Directive on security of network and information systems (NIS): State of Play

Securing Europe's Information Society

Directive on Security of Network and Information Systems

Enhancing the security of CIIPs in Europe - ENISA s Approach Dimitra Liveri Network and Information Security Expert

NIS Standardisation ENISA view

Package of initiatives on Cybersecurity

WORK PROGRAMME 2015 INCLUDING MULTI-ANNUAL PLANNING

NIS Directive development The Incident Notification Framework

ENISA S WORK ON ICS AND SMART GRID SECURITY

Cybersecurity Strategy of the Republic of Cyprus

The Digitalisation of Finance

Technical guidelines implementing eidas

EISAS Enhanced Roadmap 2012

Cyber Security Beyond 2020

The European Policy on Critical Information Infrastructure Protection (CIIP) Andrea SERVIDA European Commission DG INFSO.A3

Security Aspects of Trust Services Providers

The EU Cybersecurity Package: Implications for ENISA Dr. Steve Purser Head of ENISA Core Operations Athens, 30 th January 2018

Cyber Security in Europe and CEER s new PEER initiative

Cybersecurity & Digital Privacy in the Energy sector

Information sharing in the EU policy on NIS & CIIP. Andrea Servida European Commission DG INFSO-A3

Valérie Andrianavaly European Commission DG INFSO-A3

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO

NIS-Directive and Smart Grids

IoT and Smart Infrastructure efforts in ENISA

Brussels, 19 May 2011 COUNCIL THE EUROPEAN UNION 10299/11 TELECOM 71 DATAPROTECT 55 JAI 332 PROCIV 66. NOTE From : COREPER

Shaping the Cyber Security R&D Agenda in Europe, Horizon 2020

EU Data Protection Triple Threat for May of 2018 What Inside Counsel Needs to Know

Bradford J. Willke. 19 September 2007

Critical Information Infrastructure Protection. Role of CIRTs and Cooperation at National Level

NATIONAL CYBER SECURITY STRATEGY. - Version 2.0 -

Centre for cybersecurity Belgium : Role, Missions et future capacities

COMMISSION STAFF WORKING DOCUMENT EXECUTIVE SUMMARY OF THE IMPACT ASSESSMENT. Accompanying the document

EU policy on Network and Information Security & Critical Information Infrastructures Protection

ENISA & Cybersecurity. Steve Purser Head of Technical Competence Department December 2012

Achieving Global Cyber Security Through Collaboration

Minutes of National Laison Officer s Meeting,

ENISA & Cybersecurity. Dr. Udo Helmbrecht Executive Director, European Network & Information Security Agency (ENISA) 25 October 2010

Technology's role in General Data Protection Regulation Dr. Prokopios Drogkaris Officer in NIS SECPRE 2017 Oslo

CONCLUSIONS OF THE WESTERN BALKANS DIGITAL SUMMIT APRIL, SKOPJE

Towards a European Cloud Computing Strategy

Future-Proof Security & Privacy in IoT

CSIRT capacity building Andrea Dufkova CSIRT-relations, COD1 NLO meeting Athens June 8. European Union Agency for Network and Information Security

Security Challenges with ITS : A law enforcement view

ENISA And Standards Adri án Belmonte ETSI Security Week Event Sophia Antipolis (France) 22th June

Security and resilience in Information Society: the European approach

CEF e-invoicing. Presentation to the European Multi- Stakeholder Forum on e-invoicing. DIGIT Directorate-General for Informatics.

ERCI cybersecurity seminar Guildford ERCI cybersecurity seminar Guildford

2017 ANNUAL TRUST SERVICES SECURITY INCIDENTS ANALYSIS. ENISA Article 19 Team

Introductory Speech to the Ramboll Event on the future of ENISA. Speech by ENISA s Executive Director, Prof. Dr. Udo Helmbrecht

EUROPEAN COMMISSION JOINT RESEARCH CENTRE. Information Note. JRC activities in the field of. Cybersecurity

Security and resilience in the Information Society: the role of CERTs/CSIRTs in the context of the EU CIIP policy

Cybersecurity Package

The challenges of the NIS directive from the viewpoint of the Vienna Hospital Association

COUNCIL OF THE EUROPEAN UNION. Brussels, 24 May /13. Interinstitutional File: 2013/0027 (COD)

COMMISSION RECOMMENDATION. of on Coordinated Response to Large Scale Cybersecurity Incidents and Crises

Regulating Cyber: the UK s plans for the NIS Directive

Cyber Security Strategic Level Landscape in Poland. Krzysztof Silicki NASK Institute, Poland ENISA MB, EB

UNCLASSIFIED. National and Cyber Security Branch. Presentation for Gridseccon. Quebec City, October 18-21

COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN

A Strategy for a secure Information Society Dialogue, Partnership and empowerment

Cybersecurity Policy in the EU: Security Directive - Security for the data in the cloud

ENISA today and in the future

Meeting minutes of NLO annual meeting of 8 June 2016

Resolution adopted by the General Assembly on 21 December [on the report of the Second Committee (A/64/422/Add.3)]

Security frameworks for Gov Clouds: A Technical Analysis

CERT.LV activities, role in Latvia and globally. Baiba Kaskina, CERT.LV , Sofia, Bulgaria

European Union Agency for Network and Information Security

ENISA CE2014 After Action Report

H2020 WP Cybersecurity PPP topics

Fundamentals of Cybersecurity/CIIP. Building Capacity: Using a National Strategy & Self-Assessment

Information Sharing and Cooperation

ehealth Ministerial Conference 2013 Dublin May 2013 Irish Presidency Declaration

In Accountable IoT We Trust

Cybersecurity governance in Europe. Sokratis K. Katsikas Systems Security Laboratory Dept. of Digital Systems University of Piraeus

Digital Healthcare. Yordan Iliev Director R&D Healthcare. Regional Cybersecurity Forum, November 2016, Grand Hotel Sofia, Bulgaria

Resilience, Deterrence and Defence: Building strong cybersecurity for the EU

Exploring the European Commission s Network and Information Security Directive (NIS) What every CISO should know

How the European Commission is supporting innovation in mobile health technologies Nordic Mobile Healthcare Technology Congress 2015

CYBER SECURITY AIR TRANSPORT IT SUMMIT

EU Cloud Computing Policy. Luis C. Busquets Pérez 26 September 2017

Transcription:

Discussion on MS contribution to the WP2018, 30 January 2018 European Union Agency for Network and Information Security

Possibilities for MS contribution to the WP2018 Expert Groups ENISA coordinates several expert groups to assist in its activities, provide an opportunity for the MS to be involved (both public and private representatives) The expert groups are linked to the output of the Single Program Document 2018 (Work program) Procurement projects ENISA provides an overview of the projects linked to the output of the Single Program Document 2018 (Work program) 2

EXPERT GROUPS SPD OUTPUT TITLE OF OUTPUT EXPERT GROUP DESCRIPTION IoT Security (IoTSec) Expert Group The group was established in 2017. IoTSEC is an information exchange platform that brings together experts to ensure security and resilience of the entire Internet of Things ecosystem. The group provide input for the 2017 study on Baseline Security Recommendations for IoT in CII and held its first meeting in October 2017. SPD 2018 O.1.1.1 Good practices for security of Internet of Things ENISA ICS Stakeholders Group (EICS) In 2014 ENISA assessed the need of an Expert Group focused on the topic of the ICS/SCADA security, that provides the opportunity for ICS/SCADA experts to address important issues to ENISA in its work to enhance ICS security in the EU, and it will provide the opportunity for ENISA to consult providers and to listen to concerns and ideas. In 2017, an updated To R and a new call for stakeholders was launched in order to include apart from ICS/SCADA experts, stakeholders with expertise in I4.0, IIoT and smart manufacturing. https://resilience.enisa.europa.eu/ics-security European SCADA and Control System Information Exchange(EuroSCSIE) EuroSCSIE is composed of members of European Governments, research institutions, operators, industry that depend or are responsible for the security Critical Infrastructure ICS. The EuroSCSIE was established in June 2005 under the initiative of the U.K. NISCC (today CPNI, Centre for the Protection of the National Infrastructures), with the aim of: (1) Sharing mutually beneficial information regarding electronic security threats, vulnerabilities, incidents, and solutions; (2) Acting as c ross-country facilitator for the exchange of best practices and information; (3) Supporting the EU- Countries policy makers on the matter of Critical Infrastructure Protection ENISA sustains the group since 2014. 3

EXPERT GROUPS SPD OUTPUT TITLE OF OUTPUT EXPERT GROUP DESCRIPTION SPD 2018 O.1.2.1 Annual ENISA Threat Landscape ETL Working Group Working group that supports the yearly ENISA wide publication of the European Threat Landscape. Article 13a Experts Group The Expert Group of Article 13a established in 2010 to develop technical guidelines for incident reporting for Article13a, to discuss the implementation of Article 13a and to share knowledge and exchange views about past incidents, and how to address them. The Group is comprised by the European Commission (EC), Ministries and Telecommunication National Regulatory Authorities of the EU Member States. SPD 2018 O.1.2.3 Support incident reporting activities in the EU Article 19 Experts Group Article19 EG established in 2014 to discuss the implementation of the Article19 of the eidas Regulation that was adopted. In the beginning the group was comprised by experts from ministries, agencies, authorities who would potentially get involved in this area. Now the EG is composed only by the nationally appointed Supervisory Bodies. ENISA together with the EG has developed the incident reporting framework. The EG has two meetings per year where developments and incidents are discussed. 4

EXPERT GROUPS SPD OUTPUT TITLE OF OUTPUT EXPERT GROUP DESCRIPTION ehealth Security Experts Group Group of ehealth Security Experts established in 2015 to share information, exchange knowledge and to disseminate our work. The group supports ENISA activities in ehealth and has contributed to previous ENISA reports (e.g. Smart Hospitals) by providing expert input and findings validation. Expert Group on Finance (EGFI) Group of CISOs, Risk and Policy Managers from financial institutions, such as banks, stock exchanges and similar, established in 2014. The purpose is to raise awareness of Finance sector to ICT risks, promote good practices, discuss security issues and security measures. Cars and Roads SECurity (CaRSEC) Expert Group The group was established in 2016 and supported the work on the 2016 study on Securing Smart Cars. CaRSEC gathers experts in the domains of Smart Cars and Intelligent Road Systems to exchange on cyber security threats, challenges and solutions with the objective to protect the safety of citizens. First meeting was held in October 2016. SPD 2018 O.2.2.2 Supporting the Implementation of the NIS Directive Internet Infrastructure Security and Resilience Reference Group (INFRASEC) INFRASEC involves technical experts from Internet operations (IXP, ISP, Internet organizations), research institutions and interested governmental organizations (cybersecurity / contingency / NRA) focusing on infrastructure security and resilience. INFRASEC provides the opportunity for Internet operational actors to address important issues to ENISA in its work to enhance Internet infrastructure security and resilience in the EU, and it provides the opportunity for ENISA to consult Internet operational actors and to listen to suggestions and ideas. Transport Resilience and Security Expert Group (TRANSSEC) The group was established in 2015. TRANSSEC group is an information exchange platform that brings together experts to ensure security and resilience of Intelligent Public Transports in Europe. The group provided support for the 2015 ENISA studies on Smart Cities and Intelligent Public Transport. 5

EXPERT GROUPS SPD OUTPUT TITLE OF OUTPUT EXPERT GROUP DESCRIPTION SPD 2018 O.2.2.4 Supporting the Payment Services Directive (PSD) Implementation Expert Group on Finance (EGFI) Group of CISOs, Risk and Policy Managers from financial institutions, such as banks, stock exchanges and similar, established in 2014. The purpose is to raise awareness of Finance sector to ICT risks, promote good practices, discuss security issues and security measures. SPD 2018 O.2.2.3 Baseline Security Recommendations for the OES Sectors and DSPs Cloud Security and Resilience experts group The group was established in 2013 and has supported several publications like the Gov Cloud reports, the certification framework for Cloud security and the guidelines for implementing NISD for DSPs. The group is comprised by cloud providers (amazon, Google, IBM etc), certification bodies (CSA, EuroCloud etc) and public administration. Cloud Security and Resilience experts group The group was established in 2013 and has supported several publications like the Gov Cloud reports, the certification framework for Cloud security and the guidelines for implementing NISD for DSPs. The group is comprised by cloud providers (amazon, Google, IBM etc), certification bodies (CSA, EuroCloud etc) and public administration. SPD 2018 O.2.2.6 NIS Directive transposition Transport Resilience and Security Expert Group (TRANSSEC) The group was established in 2015. TRANSSEC group is an information exchange platform that brings together experts to ensure security and resilience of Intelligent Public Transports in Europe. The group provided support for the 2015 ENISA studies on Smart Cities and Intelligent Public Transport. 6

EXPERT GROUPS SPD OUTPUT TITLE OF OUTPUT EXPERT GROUP DESCRIPTION SPD 2018 O.3.1.2 Support EU MS in the development and assessment of NCSS National Cyber Security Strategies Experts Group Group of NCSS experts established in 2014. Public officials, policy makers, from Member States (MS) and EFTA countries, that usually lead the development and implementation of NCSS in their country, support ENISA activities on the topic. The aim of the group is to collaborate by exchanging ideas, good practices and experiences to address important issues related to national cyber security and resilience of national and international CIIs. SPD 2018 O.3.3.1 Cyber Security Challenges European Cyber Security Challenge This group represents the EU member states participating in the European Cyber Security Challenge. It consists of representatives of the relevant authorities or bodies (in some cases national authorities, in other academia) that have the responsibility at national level of conducting the national Cyber Security Challenge, and preparing the national team that represents each participating country at the European Cyber Security Challenge. SPD 2018 O.3.3.2 European Cyber Security Month deployment European Cyber Security Month This group represents the EU member states participating in the European Cyber Security Month. It consists of representatives of the relevant national authorities that have the responsibility at national level of conducting cyber exercises. SPD 2018 O.4.1.1 Cyber Europe 2018 Cyber Europe Exercise This group represents the EU member states participating in the Cyber Europe Exercise. It consists of representatives of the relevant national authorities that have the responsibility at national level of conducting cyber exercises. 7

PROCUREMENT SPD OUTPUT TITLE OF OUTPUT PROJECT SPD 2018 O.1.1.1 Good practices for security of Internet of Things Good practices for security of Internet of Things SPD 2018 O.1.2.1 Annual ENISA Threat Landscape Annual ENISA Threat Landscape 2018 SPD 2018 O.1.2.3 Support incident reporting activities in the EU Incident Reporting Framework for the NISD SPD 2018 O.1.3.2 Economics of vulnerability disclosure Economics of vulnerability disclosure 8

PROCUREMENT SPD OUTPUT TITLE OF OUTPUT PROJECT SPD 2018 O.2.2.1 Recommendations supporting implementation of the eidas Security recommendations for trust service providers and users of trust services Recommendations to support the technical implementation of the eidas Regulation Guidelines on the parameters of the identification of OES (implementation of article 5(7)) SPD 2018 O.2.2.2 Supporting the Implementation of the NIS Directive Good practices on interdependencies between OES and DSPs Guidelines for collecting and analysing security incidents for OESs and DSPs Information Security Audit and Self assessment/management Frameworks Pt A - (Guidelines on assessing DSP s and OES compliance to the NISD security requirements) SPD 2018 O.2.2.3 Baseline Security Recommendations for the OES Sectors and DSPs Good practices in interdependencies risk assessment Pt B - (Guidelines on assessing DSP s and OES compliance to the NISD security requirements) 9

PROCUREMENT SPD OUTPUT TITLE OF OUTPUT PROJECT SPD 2018 O.2.2.4 Supporting the Payment Services Directive (PSD) Implementation Good practices on the implementation of regulatory technical standards SPD 2018 O.2.2.5 Annual ENISA Threat Landscape Annual Privacy Forum 2018 Update of CSIRT training material TRANSIT support (1) SPD 2018 O.3.1.1 Update and provide technical training for MS and EU bodies TRANSIT support (2) TRANSIT support (3) 10

PROCUREMENT SPD OUTPUT TITLE OF OUTPUT PROJECT SPD 2018 O.3.1.3 Support EU MS in their Incident Response Development CSIRT landscape and IR capabilities in Europe 2020 Supporting ENISA in organising the European Cyber Security Challenge SPD 2018 O.3.3.1 Cyber Security Challenges Cyber Challenges Development Scenario Media Incident Support for Cyber Europe 2018 SPD 2018 O.4.1.1 Cyber Europe 2018 CE2018 After action activities SPD 2018 O.4.1.2 Lessons learnt and advice related to cyber crisis cooperation Exercise Incidents Development Open Cybersecurity Situation Awareness Machine prototype SPD 2018 O.4.1.3 Support activities for Cyber Exercise Planning and Cyber Crisis Management CEP development and support 11

Thank you PO Box 1309, 710 01 Heraklion, Greece Tel: +30 28 14 40 9710 info@enisa.europa.eu www.enisa.europa.eu

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback