ENISA & Cybersecurity. Dr. Udo Helmbrecht Executive Director, European Network & Information Security Agency (ENISA) 25 October 2010

Similar documents
Package of initiatives on Cybersecurity

Securing Europe's Information Society

ENISA EU Threat Landscape

A Strategy for a secure Information Society Dialogue, Partnership and empowerment

EU policy on Network and Information Security & Critical Information Infrastructures Protection

Strategic and operational threat analysis at Europol's EC3

Directive on security of network and information systems (NIS): State of Play

Cyber Security Beyond 2020

Cyber Security in Europe

Information sharing in the EU policy on NIS & CIIP. Andrea Servida European Commission DG INFSO-A3

Cybersecurity governance in Europe. Sokratis K. Katsikas Systems Security Laboratory Dept. of Digital Systems University of Piraeus

Achieving Global Cyber Security Through Collaboration

10025/16 MP/mj 1 DG D 2B

The commission communication "towards a general policy on the fight against cyber crime"

Brussels, 19 May 2011 COUNCIL THE EUROPEAN UNION 10299/11 TELECOM 71 DATAPROTECT 55 JAI 332 PROCIV 66. NOTE From : COREPER

ENISA s Position on the NIS Directive

Cybersecurity & Digital Privacy in the Energy sector

EUROPEAN COMMISSION JOINT RESEARCH CENTRE. Information Note. JRC activities in the field of. Cybersecurity

Systemic Analyser in Network Threats

Between 1981 and 1983, I worked as a research assistant and for the following two years, I ran a Software Development Department.

13967/16 MK/mj 1 DG D 2B

Valérie Andrianavaly European Commission DG INFSO-A3

Enhancing the cyber security &

Introductory Speech to the Ramboll Event on the future of ENISA. Speech by ENISA s Executive Director, Prof. Dr. Udo Helmbrecht

Cyber Security Roadmap

Cybersecurity Strategy of the Republic of Cyprus

COUNCIL OF THE EUROPEAN UNION. Brussels, 24 May /13. Interinstitutional File: 2013/0027 (COD)

COMMISSION RECOMMENDATION. of on Coordinated Response to Large Scale Cybersecurity Incidents and Crises

The Digitalisation of Finance

ENISA today and in the future

Cyber Security in Europe and CEER s new PEER initiative

15412/16 RR/dk 1 DGD 1C

NIS Standardisation ENISA view

Designing Robustness and Resilience in Digital Investigation Laboratories

ENISA Cooperation in the EU / NIS Directive

Discussion on MS contribution to the WP2018

cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services

Promoting Global Cybersecurity

Security and resilience in the Information Society: the role of CERTs/CSIRTs in the context of the EU CIIP policy

Cybersecurity Package

Securing Europe s IoT Devices and Services

Resilience, Deterrence and Defence: Building strong cybersecurity for the EU

Security and resilience in Information Society: the European approach

The European Policy on Critical Information Infrastructure Protection (CIIP) Andrea SERVIDA European Commission DG INFSO.A3

European Union Agency for Network and Information Security

cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services

UCD Centre for Cybersecurity & Cybercrime Investigation

Directive on Security of Network and Information Systems

Trustworthy ICT. FP7-ICT Objective 1.5 WP 2013

EISAS Enhanced Roadmap 2012

The EU Cybersecurity Package: Implications for ENISA Dr. Steve Purser Head of ENISA Core Operations Athens, 30 th January 2018

NEW INNOVATIONS NEED FOR NEW LAW ENFORCEMENT CAPABILITIES

Cybersecurity in Government

Centre for cybersecurity Belgium : Role, Missions et future capacities

CONCLUSIONS OF THE WESTERN BALKANS DIGITAL SUMMIT APRIL, SKOPJE

The NIS Directive and Cybersecurity in

Cybersecurity for ALL

INTERNATIONAL TELECOMMUNICATION UNION

COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN

The challenges of the NIS directive from the viewpoint of the Vienna Hospital Association

Legal Foundation and Enforcement: Promoting Cybersecurity

NIS-Directive and Smart Grids

Cyber Intel within European Cybercrime Center Ops

Global cybersecurity and international standards

ENISA today and in the future

Itu regional workshop

Electronic payments in the Netherlands

Call for Expressions of Interest

Network and Information Security Directive

Resolution adopted by the General Assembly on 21 December [on the report of the Second Committee (A/64/422/Add.3)]

Cybersecurity in Asia-Pacific State of play, key issues for trade and e-commerce

RESOLUTION 130 (Rev. Antalya, 2006)

LIMITE EN COUNCIL OF THE EUROPEAN UNION. Brussels, 26 September 2008 (30.09) (OR. fr) 13567/08 LIMITE ENFOPOL 170 CRIMORG 150

RISING CYBER SECURITY CAPABILITY WITH A UNIQUE NETWORK OF TRUSTED PARTNERS. Jan De Blauwe Chairman Cyber Security Coalition Belgium

Bradford J. Willke. 19 September 2007

Media Kit. California Cybersecurity Institute

Enhancing the security of CIIPs in Europe - ENISA s Approach Dimitra Liveri Network and Information Security Expert

Cybersecurity, Trade, and Economic Development

Netherlands Cyber Security Strategy. Michel van Leeuwen Head of Cyber Security Policy Ministry of Security and Justice

Cyber Security Development. Ghana in Perspective

International cyber strategy for Norway

Cyber Security Strategy

The Network and Information Security Directive - ENISA's contribution

Workshop on Cyber Security & Cyber Crime Policies. Policies for African Diplomats

COUNCIL OF THE EUROPEAN UNION. Brussels, 28 January 2003 (OR. en) 15723/02 TELECOM 78 JAI 307 PESC 593

Current procedures, challenges and opportunities for collection and analysis of Criminal Justice statistics CERT-GH

Innovation policy for Industry 4.0

Medical Device Cybersecurity: FDA Perspective

About Issues in Building the National Strategy for Cybersecurity in Vietnam

CYBERCRIME AS A NEW FORM OF CONTEMPORARY CRIME

ISACA National Cyber Security Conference 8 December 2017, National Bank of Romania

COMMISSION STAFF WORKING DOCUMENT EXECUTIVE SUMMARY OF THE IMPACT ASSESSMENT. Accompanying the document

COUNTERING IMPROVISED EXPLOSIVE DEVICES

Cybersecurity, safety and resilience - Airline perspective

Towards a European Cloud Computing Strategy

H2020 WP Cybersecurity PPP topics

INTERMEDIATE EVALUATION

NIS Country Reports Overview Document

Rohana Palliyaguru Director -Operations Sri Lanka CERT CC APCERT AGM and Conference, 24 th October 2018 Shanghai, China MINISTRY OF TELECOMMUNICATION

G8 Lyon-Roma Group High Tech Crime Subgroup

Transcription:

ENISA & Cybersecurity Dr. Udo Helmbrecht Executive Director, European Network & Information Security Agency (ENISA) 25 October 2010

Agenda Some Definitions Some Statistics ENISA & Cybersecurity Conclusions 2

Definitions (I) Cyber Crime Crime on the internet has a new dimension. The technology allows organized crime to scale their business, especially outside the legal boundaries of states. Cyber Espionage We had military espionage for thousands of years. The only difference between traditional espionage and cyber espionage is the use of technology. Another aspect is espionage because of philosophical disagreement. Cyber Warfare We are facing a new type of asymmetric warfare with a new paradigm and no taxonomy. 3

Definitions (II) Cyber security refers to the protection of information, information systems and infrastructure from those threats that are associated with using ICT systems in a globally connected environment. 4

Agenda Definitions Some Statistics ENISA & Cybersecurity Conclusions 5

Global Trend of Incidences Source: CSI Report 2009 6

Types of attacks experienced Most Frequent: - Malware Infection - Theft of laptop Less Frequent: - Exploit of wireless network - Password Sniffing 7

Average Financial Losses (for the last five years) 8

The Key External Threats 9

Risk Trends Source: BSI 2009 10

Risk Potential Source: BSI 2009 11

Agenda Definitions Some Statistics ENISA & Cybersecurity Conclusions 12

Cybersecurity The Problem There are many definitions of Cybersecurity essentially, we are talking about securing data and systems in the global environment. Adopting this point of view, Cybersecurity is by definition a global concern. From a technological perspective, there is little that separates classical information security from Cybersecurity. Due to the nature of the problem, advances in Cybersecurity are most likely to be achieved through political cooperation. 13

International Cooperation An effective approach to Cybersecurity will require a coherent policy approach at the international level. In order to respond successfully to this need, Europe will have to solve two similar issues: Achieving a coherent policy approach within its borders. Achieving a policy approach that is aligned with the goals of its international partners. In resolving both issues, it will be necessary to carefully balance the needs of the public and private sectors. 14

Stakeholders There are many stakeholders that will need to be consulted in attempting to define policy requirements in this area: The Member States of the EU. The EU institutions. Other sovereign states and nations. International organisations such as OECD, ICANN,... Industry associations.... There is therefore clearly a need for facilitation and mediation of the dialogue. 15

ENISA The European Network & Information Security Agency (ENISA) was formed in 2004. The Agency is a Centre of Expertise that supports the Commission and the EU Member States in the area of information security. We facilitate the exchange of information between EU institutions, the public sector and the private sector.

Activities The Agency s principal activities are as follows: Advising and assisting the Commission and the Member States on information security. Collecting and analysing data on security practices in Europe and emerging risks. Promoting risk assessment and risk management methods. Awareness-raising and co-operation between different actors in the information security field.

Prevention vs. Execution We should distinguish between prevention and execution at the European level. Institutions/agencies such as Europol and Member States agencies fight cybercrime in an operational manner. Agencies like ENISA work on prevention and probably in the future civil detection (i.e. early warning) and supporting other agencies in the area of law enforcement. Collaboration or Service Centres for special tasks could be build between agencies, e.g. ENISA and Europol including MS s agencies. 18

Agenda Definitions Some Statistics ENISA & Cybersecurity Conclusions 19

Conclusions ENISA s core business is to facilitate dialogue: Between Member States. Between the EU institutions and the Member States. Between the public and the private sector. As a Centre of Expertise in the area of Network and Information security, we are ideally placed to support the Commission and MS in formulating Cybersecurity policy. As an Agency that deals extensively with good practice, we can also help industry face the day-today challenges of the changing threat environment. 20

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback