European Directives and reglements for Information security

Similar documents
Cybersecurity & Digital Privacy in the Energy sector

EU policy on Network and Information Security & Critical Information Infrastructures Protection

ENISA EU Threat Landscape

ENISA s Position on the NIS Directive

Directive on security of network and information systems (NIS): State of Play

COUNCIL OF THE EUROPEAN UNION. Brussels, 24 May /13. Interinstitutional File: 2013/0027 (COD)

13967/16 MK/mj 1 DG D 2B

The EU Cybersecurity Package: Implications for ENISA Dr. Steve Purser Head of ENISA Core Operations Athens, 30 th January 2018

Brussels, 19 May 2011 COUNCIL THE EUROPEAN UNION 10299/11 TELECOM 71 DATAPROTECT 55 JAI 332 PROCIV 66. NOTE From : COREPER

Resilience, Deterrence and Defence: Building strong cybersecurity for the EU

Cyber Security in Europe

Package of initiatives on Cybersecurity

NATIONAL CYBER SECURITY STRATEGY. - Version 2.0 -

The European Policy on Critical Information Infrastructure Protection (CIIP) Andrea SERVIDA European Commission DG INFSO.A3

COMMISSION RECOMMENDATION. of on Coordinated Response to Large Scale Cybersecurity Incidents and Crises

New cybersecurity landscape in the EU Sławek Górniak 9. CA-Day, Berlin, 28th November 2017

Information sharing in the EU policy on NIS & CIIP. Andrea Servida European Commission DG INFSO-A3

European Union Agency for Network and Information Security

The challenges of the NIS directive from the viewpoint of the Vienna Hospital Association

Horizon 2020 Security

GDPR - How it may clear up the digital market. Anett Mádi-Nátor, Cyber Services Plc.

NIS Standardisation ENISA view

OUTCOME DOCUMENT OF THE INTERNATIONAL CONFERENCE ON CYBERLAW, CYBERCRIME & CYBERSECURITY

3.4 The EU as a partner in cyber diplomacy and defence

Cyber Security in Europe and CEER s new PEER initiative

Resolution adopted by the General Assembly on 21 December [on the report of the Second Committee (A/64/422/Add.3)]

10007/16 MP/mj 1 DG D 2B

A Strategy for a secure Information Society Dialogue, Partnership and empowerment

RESOLUTION 45 (Rev. Hyderabad, 2010)

Cybersecurity Strategy of the Republic of Cyprus

Achieving Global Cyber Security Through Collaboration

Securing Europe's Information Society

THE CYBER SECURITY ENVIRONMENT IN LITHUANIA

Shaping the Cyber Security R&D Agenda in Europe, Horizon 2020

Exploring the European Commission s Network and Information Security Directive (NIS) What every CISO should know

MOTION FOR A RESOLUTION

COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN

H2020 WP Cybersecurity PPP topics

A comprehensive approach on personal data protection in the European Union

Commonwealth Cyber Declaration

ENISA Cooperation in the EU / NIS Directive

Introductory Speech to the Ramboll Event on the future of ENISA. Speech by ENISA s Executive Director, Prof. Dr. Udo Helmbrecht

Security and resilience in Information Society: the European approach

Digital Single Market Strategy for Europe

Cybersecurity Policy in the EU: Security Directive - Security for the data in the cloud

ETNO Reflection Document on the EC Proposal for a Directive on Network and Information Security (NIS Directive)

COMMISSION STAFF WORKING DOCUMENT EXECUTIVE SUMMARY OF THE IMPACT ASSESSMENT. Accompanying the document

G8 Lyon-Roma Group High Tech Crime Subgroup

The NIS Directive and Cybersecurity in

The UK s National Cyber Security Strategy

EISAS Enhanced Roadmap 2012

Ms. Izumi Nakamitsu High Representative for Disarmament Affairs United Nations

10025/16 MP/mj 1 DG D 2B

Global cybersecurity and international standards

ENISA today and in the future

JOINT MOTION FOR A RESOLUTION

EUROPEAN COMMISSION JOINT RESEARCH CENTRE. Information Note. JRC activities in the field of. Cybersecurity

Assessment of the progress made in the implementation of and follow-up to the outcomes of the World Summit on the Information Society

10496/18 MC/sl 1 DGD 2

Draft Resolution for Committee Consideration and Recommendation

Call for Expressions of Interest

Cybersecurity Package

European Transport Policy: ITS in action ITS Action Plan Directive 2010/40/EU

LIMITE EN COUNCIL OF THE EUROPEAN UNION. Brussels, 21 October /13 LIMITE CO EUR-PREP 37. NOTE General Secretariat of the Council

CONCLUSIONS OF THE WESTERN BALKANS DIGITAL SUMMIT APRIL, SKOPJE

RESOLUTION 130 (REV. BUSAN, 2014)

RESOLUTION 130 (Rev. Antalya, 2006)

Directive on Security of Network and Information Systems

NIS-Directive and Smart Grids

The GDPR and NIS Directive: Risk-based security measures and incident notification requirements

Economic and Social Council

The Digitalisation of Finance

INDEPENDENT COMMUNICATIONS AUTHORITY OF SOUTH AFRICA(ICASA) CYBERSECURITY PRESENTATION AT SAIGF. 28 th November 2018

EU Research for Secure Societies

Cybersecurity for ALL

Society, the economy and the state depend on information and communications technology (ICT).

ENISA & Cybersecurity. Dr. Udo Helmbrecht Executive Director, European Network & Information Security Agency (ENISA) 25 October 2010

Project CyberSouth Cooperation on cybercrime in the Southern Neighbourhood

December 10, Statement of the Securities Industry and Financial Markets Association. Senate Committee on Banking, Housing, and Urban Development

Itu regional workshop

Network and Information Security Directive

cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services

VdTÜV Statement on the Communication from the EU Commission A Digital Single Market Strategy for Europe

COUNCIL OF THE EUROPEAN UNION. Brussels, 28 January 2003 (OR. en) 15723/02 TELECOM 78 JAI 307 PESC 593

Resolution: Advancing the National Preparedness for Cyber Security

STANDARDS TO HELP COMPLY WITH EU LEGISLATION. EUROPE HAS WHAT IT TAKES INCLUDING THE WILL?

Protecting your data. EY s approach to data privacy and information security

Valérie Andrianavaly European Commission DG INFSO-A3

Towards a European Cloud Computing Strategy

13543/17 PhL/at 1 DG G 3 B

Cybersecurity & Spam after WSIS: How MAAWG can help

The commission communication "towards a general policy on the fight against cyber crime"

Harmonisation of Digital Markets in the EaP. Vassilis Kopanas European Commission, DG CONNECT

Cyber Security Beyond 2020

Secure Societies Work Programme Call

Internet of Things, A European Outlook Antonis Tzortzakakis, Treasurer ECTA

13303/17 CB/ek 1 DGE 2B

Cybersecurity governance in Europe. Sokratis K. Katsikas Systems Security Laboratory Dept. of Digital Systems University of Piraeus

Cybersecurity in Asia-Pacific State of play, key issues for trade and e-commerce

Bradford J. Willke. 19 September 2007

Transcription:

Е а а И ац а *** European Directives and reglements for Information security Krassi BOGDANOVA LISO for the Secretariat-General, the Cabinets of Commissioners and the European Political Strategy Centre, European Commission 17/09/2015

Regulations, Directives and other acts Legally binding acts "Directive": is a legislative act that sets out a goal that all EU countries must achieve. "Regulation": A "regulation" it must be applied in its entirety across the EU. "Decisions": In Community law, a decision is binding in its entirety on all those to whom it is addressed. Non-binding acts "Strategy": The purpose of strategy, is to help the decision-maker define a course of action when, per definition, unpredictable events could occur. "Recommendation": Recommendation as a legal instrument encourages those to whom it is addressed to act in a particular way without being binding on them. "Opinions": Opinions shall have no binding force.

The history of European acts for Information security First step Next 1 st EU strategy mentioning the majors threats was published in 2003. Later in 2006 a strategy for a secure information society (COM(2006)251) was adopted in order to coordinate efforts for building up trust and confidence in electronic communications and services. On 30 March 2009, the Commission adopted a Communication (COM(2009) 149) on Critical Information Infrastructure protection (CIIP). Additionally, the Commission launched an action plan with five pillars of actions. A Council Resolution on "A collaborative European approach to network and information security" adopted on 18 December 2009. The European Commission's Digital Agenda for Europe (COM(2010) 245) forms one of the seven pillars of the initiative Europe 2020 Strategy. Internal Security Strategy in action (COM(2010)673).

After THE DIGITAL AGENDA The Digital Single Market A Digital Single Market is one in which the free movement of goods, persons, services and capital is ensured and where individuals and businesses can seamlessly access and exercise online activities under conditions of fair competition, and a high level of consumer and personal data protection, irrespective of their nationality or place of residence. Achieving a Digital Single Market will ensure that Europe maintains its position as a world leader in the digital economy, helping European companies to grow globally.

CORRELATION BETWEEN DIGITAL SINGLE MARKET & INFORMATION SECURITY

Pillar II and the question of cybersecurity Legislative proposals to reform the current telecoms rules 2016 Review the Audiovisual Media Services Directive 2016 Comprehensive analysis of the role of platforms in the market including illegal content on the Internet 2015 Review the e-privacy Directive 2016 Establishment of a Cybersecurity contractual Public-Private Partnership 2016

Directive 95/46 what is new The Cybersecurity can only be sound and effective if it is based on fundamental rights and freedoms as enshrined in the Charter of Fundamental Rights of the European Union and EU core values. Any information sharing for the purposes of cyber security, when personal data is at stake, should be compliant with EU data protection law and take full account of the individuals' rights in this field. The new legislation will require much stronger protection of personal data and procedures and tools for managing information loss and reporting. The new legislation, taking effect in summer 2016 is EU law. The same law applies in all EU member states and there will be few exceptions.

Directive on network and information security (NIS) An EU cyber security strategy was presented by the Commission and in 2013. The cybersecurity strategy "An Open, Safe and Secure Cyberspace" represents the EU's comprehensive vision on how best to prevent and respond to cyber disruptions and attacks. Specific actions are aimed at enhancing cyber resilience of information systems, reducing cybercrime and strengthening EU international cyber-security policy and cyber defence. The proposed legislation will oblige companies to be audited for preparedness and to notify national authorities of cyber incidents with a significant impact.

Directive on network and information security (NIS) The strategy articulates the EU's vision of cyber-security in terms of five priorities: Achieving cyber resilience Drastically reducing cybercrime Developing cyber defence policy and capabilities related to the Common Security and Defence Policy (CSDP) Developing the industrial and technological resources for cyber-security Establishing a coherent international cyberspace policy for the European Union and promoting core EU values

Coordination between NIS competent authorities/certs, law enforcement and defence

Possible difficulties The network and information security directive (NIS) is progressing slowly, despite several attempts to nudge it closer to completion. Currently the situation ins blocked in the Council s court, with three working group meetings this month, including one on Wednesday 16 th of September. The next informal, three-way discussions with the Commission will be called before November. Member states see digital security as a national issue Cybersecurity legislation is still being held up by member state reluctance to report attacks on their digital networks: There is a fear that the legislation won't have the effect in the end. On the other hand, the member states fear they will sacrifice some of their interests in case of mandatory and too detailed reporting.

Thank you for your attention!

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback