Security and resilience in the Information Society: the role of CERTs/CSIRTs in the context of the EU CIIP policy

Similar documents
Valérie Andrianavaly European Commission DG INFSO-A3

Security and resilience in Information Society: the European approach

Information sharing in the EU policy on NIS & CIIP. Andrea Servida European Commission DG INFSO-A3

The European Policy on Critical Information Infrastructure Protection (CIIP) Andrea SERVIDA European Commission DG INFSO.A3

EU policy on Network and Information Security & Critical Information Infrastructures Protection

A Strategy for a secure Information Society Dialogue, Partnership and empowerment

Securing Europe's Information Society

Brussels, 19 May 2011 COUNCIL THE EUROPEAN UNION 10299/11 TELECOM 71 DATAPROTECT 55 JAI 332 PROCIV 66. NOTE From : COREPER

Cyber Security in Europe

ENISA S WORK ON ICS AND SMART GRID SECURITY

Directive on Security of Network and Information Systems

ENISA EU Threat Landscape

Package of initiatives on Cybersecurity

Enhancing the security of CIIPs in Europe - ENISA s Approach Dimitra Liveri Network and Information Security Expert

COUNCIL OF THE EUROPEAN UNION. Brussels, 24 May /13. Interinstitutional File: 2013/0027 (COD)

EISAS Enhanced Roadmap 2012

Cybersecurity & Digital Privacy in the Energy sector

ENISA Cooperation in the EU / NIS Directive

Directive on security of network and information systems (NIS): State of Play

Securing Europe s IoT Devices and Services

European Union Agency for Network and Information Security

cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services

Bradford J. Willke. 19 September 2007

13967/16 MK/mj 1 DG D 2B

ENISA s Position on the NIS Directive

COUNCIL OF THE EUROPEAN UNION. Brussels, 28 January 2003 (OR. en) 15723/02 TELECOM 78 JAI 307 PESC 593

H2020 & THE FRENCH SECURITY RESEARCH

The NIS Directive and Cybersecurity in

Enhancing the cyber security &

ENISA & Cybersecurity. Dr. Udo Helmbrecht Executive Director, European Network & Information Security Agency (ENISA) 25 October 2010

Cybersecurity Strategy of the Republic of Cyprus

CONCLUSIONS OF THE WESTERN BALKANS DIGITAL SUMMIT APRIL, SKOPJE

Cybersecurity governance in Europe. Sokratis K. Katsikas Systems Security Laboratory Dept. of Digital Systems University of Piraeus

Discussion on MS contribution to the WP2018

10025/16 MP/mj 1 DG D 2B

Critical Infrastructure Protection (CIP) as example of a multi-stakeholder approach.

Promoting Global Cybersecurity

New cybersecurity landscape in the EU Sławek Górniak 9. CA-Day, Berlin, 28th November 2017

The commission communication "towards a general policy on the fight against cyber crime"

COMMISSION STAFF WORKING DOCUMENT EXECUTIVE SUMMARY OF THE IMPACT ASSESSMENT. Accompanying the document

Network and Information Security Directive

EUROPEAN COMMISSION JOINT RESEARCH CENTRE. Information Note. JRC activities in the field of. Cybersecurity

Australian Government Cyber-security Activities in the Pacific

COMMISSION RECOMMENDATION. of on Coordinated Response to Large Scale Cybersecurity Incidents and Crises

Background Note on Possible arrangements for a Technology Facilitation Mechanism and other science, technology and innovation issues

The emerging EU certification framework: A role for ENISA Dr. Andreas Mitrakas Head of Unit EU Certification Framework Conference Brussels 01/03/18

H2020 Opportunities in the Area of Security and Critical Infrastructure Protection

Towards a European Cloud Computing Strategy

Cyber Security in Europe and CEER s new PEER initiative

The EU Cybersecurity Package: Implications for ENISA Dr. Steve Purser Head of ENISA Core Operations Athens, 30 th January 2018

EUROPEAN ORGANISATION FOR SECURITY SUPPLY CHAIN SECURITY WHITE PAPER

cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services

Call for Expressions of Interest

CENTER FOR SECURITY STUDIES

MELANI: Information exchange a story of success

SAINT PETERSBURG DECLARATION Building Confidence and Security in the Use of ICT to Promote Economic Growth and Prosperity

Outreach and Partnerships for Promoting and Facilitating Private Sector Emergency Preparedness

NATIONAL CYBER SECURITY STRATEGY. - Version 2.0 -

Critical Infrastructure Protection & Resilience Europe / Asia. Conference Discussion Reviews

GENERIC CONTROL SYSTEM ARCHITECTURE FOR CRITICAL INFRASTRUCTURE PROTECTION

NIS-Directive and Smart Grids

Commonwealth Cyber Declaration

H2020 WP Cybersecurity PPP topics

UPU UNIVERSAL POSTAL UNION. CA C 4 SDPG AHG DRM Doc 3. Original: English COUNCIL OF ADMINISTRATION. Committee 4 Development Cooperation

21ST OSCE ECONOMIC AND ENVIRONMENTAL FORUM

CEF Telecom Calls: CEF-TC : Cyber Security TZAFALIAS ARISTOTELIS POLICY OFFICER DG CONNECT

Dr. Emadeldin Helmy Cyber Risk & Resilience Bus. Continuity Exec. Director, NTRA. The African Internet Governance Forum - AfIGF Dec 2017, Egypt

Introductory Speech to the Ramboll Event on the future of ENISA. Speech by ENISA s Executive Director, Prof. Dr. Udo Helmbrecht

Plan of action for Implementation of the Sendai Framework for Disaster Risk Reduction in Central Asia and South Caucasus Region

Critical Infrastructure Protection in the European Union

Cyber Security and Protecting Critical Information Infrastructures

NIS Directive : Call for Proposals

Way to new challenges

Emergency Management Response and Recovery. Mark Merritt, President September 2011

Resolution adopted by the General Assembly on 14 December [without reference to a Main Committee (A/61/L.44 and Add.1)]

ENISA activities in ICT security certification Dr. Prokopios Drogkaris NIS Expert NLO Meeting Athens

John Snare Chair Standards Australia Committee IT/12/4

COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN

Cybersecurity for ALL

Improving Resilience in European e-communication networks MTP 1

NEW INNOVATIONS NEED FOR NEW LAW ENFORCEMENT CAPABILITIES

CERT.LV activities, role in Latvia and globally. Baiba Kaskina, CERT.LV , Sofia, Bulgaria

Resilience, Deterrence and Defence: Building strong cybersecurity for the EU

The Future of Solid State Lighting in Europe

A Framework for Information Sharing and Alerting

Resolution adopted by the General Assembly. [without reference to a Main Committee (A/62/L.30 and Add.1)]

Exploring the European Commission s Network and Information Security Directive (NIS) What every CISO should know

ICTPSP Call Theme 2 ICT for energy efficiency and sustainability in urban areas. Dr. Manuel SANCHEZ JIMENEZ

ehealth action in the EU

Trustworthy ICT. FP7-ICT Objective 1.5 WP 2013

RESOLUTION 45 (Rev. Hyderabad, 2010)

ETNO Reflection Document on the EC Proposal for a Directive on Network and Information Security (NIS Directive)

Implementation Strategy for Cybersecurity Workshop ITU 2016

Between 1981 and 1983, I worked as a research assistant and for the following two years, I ran a Software Development Department.

NIS Standardisation ENISA view

The Digitalisation of Finance

Infrastructures and Service Dimitra Liveri Network and Information Security Expert, ENISA

Government-Industry Collaboration: 7 Steps for Resiliency in Critical Infrastructure Protection

ENISA & Cybersecurity. Steve Purser Head of Technical Competence Department December 2012

UN General Assembly Resolution 68/243 GEORGIA. General appreciation of the issues of information security

Transcription:

Security and resilience in the Information Society: the role of CERTs/CSIRTs in the context of the EU CIIP policy Andrea Glorioso European Commission DG INFSO-A3 Andrea.Glorioso@ec.europa.eu

Network and information security: The European Context Strategy for a Secure Information Society [COM(2006)251] Policy initiatives on: fighting against spam, spyware and malware [COM(2006)688] promoting data protection by PET [COM(2007)228] fighting against cyber crime [COM(2007)267] Proposed package to reform the Regulatory Framework for e-communications [COM(2007)697, COM(2007)698, COM(2007) 699] European Network and Information Security Agency, (ENISA) established in 2004 A policy initiative on CIIP is announced in the CLWP 2008 [COM(2007) 640]

Towards a secure Information Society DIALOGUE structured and multi-stakeholder PARTNERSHIP greater awareness & better understanding of the challenges Open & inclusive multi-stakeholder debate EMPOWERMENT commitment to responsibilities of all actors involved

Dialogue & Partnership: CLWP 2008 Policy initiative on CIIP Objectives Enhance the level of CIIP preparedness and response across the EU Ensure that adequate and consistent levels of preventive, detection, emergency and recovery measures are put in operation Approach Build on national and private sector initiatives Engage relevant public and private stakeholders Adopt all-hazard approach Strengthen the synergies between 1 st and 3 rd pillar measures

Dialogue & Partnership: Challenges for CIIP Organisational: build trusted relationships and engage the stakeholders at the EU level Policy orientations: achieve a better understanding and clarity on the guiding policy principles Issues: National vs. European information infrastructures (criteria); long-term Internet stability & resilience; preventive, detection/early warning & reaction measures; recovery and continuity strategies; sharing knowledge and good practices; cross-sector proactive information assurance methods; risk management approach and tools; inter-dependencies, in particular across heterogeneous infrastructures;

CIIP - Preparatory activities (1) 2006 Study on Availability and Robustness of Electronic Communications Infrastructures (ARECI) 2007 Informal meeting of national experts on CIIP Brussels, 19 January 2007 Public consultation on the final ARECI report drafted by Alcatel-Lucent - April 2007 Member States and private sector meeting on the outcomes of the public consultation Brussels, 18 June 2007 Workshop on cc TLD s contingency practices, 19/09/2007 Workshop on challenges for awareness raising, 07/12/2007 Study on Critical dependencies of energy, finance and transport infrastructures on ICT infrastructures

CIIP - Preparatory activities (2) 2008 Workshop on Learning from large scale attacks on the Internet: policy implications, Brussels, 17 January 2008; Meeting with MS on the criteria to identify European Critical Infrastructures in the ICT sector, Brussels, 5 February 2008; Planned studies and projects funded under EPCIP financial scheme: "Prevention, Preparedness and Consequence Management of Terrorism and other Security Related Risks ;

CIIP - Preparatory activities (3) 2008 (cont.) Meeting on Sectoral criteria for the identification of European Critical Infrastructures in the ICT sector, Brussels, 29 May 2008; Workshop on The role of the private sector for Critical Information Infrastructure Protection, Brussels, 25 June 2008;

CIIP - Preparatory activities (4) 2008 (cont.) Workshop on Learning from large scale attacks on the Internet: policy implications, Brussels, 17 January 2008; Lessons learned?

Lessons learned the way forward (1/3) Build resilience / Harden the infrastructure Servers and links redundancy, Anycast Security of routing protocol / traffic exchange Security of DNS service Profiling attackers and understanding their objectives (know your enemies) Response preparedness National contingency plan for the Internet Cyber exercises at national/international level are crucial Strengthen multinational cooperation for rapid response (formal rather than informal) Importance of CERTs/CSIRTs and their role for national and international cooperation Measurement - monitoring of traffic Computers at the edges could be leveraged to build collective intelligence

Lessons learned the way forward (2/3) Technology will not be sufficient Study the economics of security and cyber crime R. Anderson (et al) report on Security Economics and the Internal Market (ENISA) Set-up Public Private Partnership (PPP) Importance of the role of government, which is to coordinate and be a good user Develop cross-sector and cross-organisational cooperation on national, EU and international levels

Lessons learned the way forward (3/3) Agree on responsibility s allocation Information and best practices sharing importance of trust EISAS (European Information Sharing an Alert System) feasibility study (ENISA) Call for proof of concept implementation of an EISAS (closed on May 15) Raising awareness and education of individuals, public bodies, corporate users and service providers

CIIP Flowchart (tentative) Implementation for the ICT sector of the European Programme on Critical Infrastructures Protection framework (EPCIP) by defining the criteria for identification of European Critical Information Infrastructures (ECIIs) Communication Action Plan Strengthening the incident response capability for Europe by creating: 1. National CERTs in all Member States 2. EISAS multi-lingual European Information Sharing and Alert System Creation of a strong and trusted EU Public- Private Partnership determining the good practices to be followed, in terms of: -Industrial deployment -Public policy practices International dimension: creating a unified European security voice and strategy in international discussions and fora (in particular for the Internet). Global security dialogue post-wsis to create guidelines on risk preparedness and response

Food for thought What are the (new) areas CERTs/CSIRTs should focus on? Mobile networks? Satellite networks? SCADA? What is the role of CERTs/CSIRTs in: Strengthening national response capability Strengthening the EU response capability Sharing of continuity plans? European Cyberstorm?

Food for thought What are the minimal (baseline) services and functions for national CERTs as pillar for national incident response capability and as a basis for structured and effective European and international cooperation? What should be the scope of the constituency of a national CERT/CSIRT? Should the principle of subsidiarity entities operating as close as possible to the relevant constituency be applied to CERTs/CSIRTs? In such a case, how should such entities be coordinated to ensure that all citizens are covered and can benefit to the utmost from synergies between entities? Can/should CERTs/CSIRTs play more than an operational role in order to enhance security and resilience of the Information Society in the EU? Are they already doing it?

Web Sites DG INFSO Web site on the EU policy on secure Information Society http://ec.europa.eu/information_society/ policy/nis/index_en.htm Page on CIIP http://ec.europa.eu/information_society/policy/nis/ strategy/activities/ciip/index_en.htm

Security and resilience in the Information Society: the role of CERTs/CSIRTs in the context of the EU CIIP policy THANK YOU QUESTIONS/COMMENTS: Andrea Glorioso European Commission DG INFSO-A3 Andrea.Glorioso@ec.europa.eu

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback