European Union Agency for Network and Information Security

ENISA met the members of its Permanent Stakeholders Group today in Athens

Wed, 07/12/2017 - 17:28

ENISA was pleased to welcome the members of its Permanent Stakeholders Group to its premises in Athens today, 12th July 2017. The members of the group provided input regarding their work for ENISA and its future work programmes. Among the topics of discussion were also the priorities and challenges in the Network and Information Security field.

The PSG is established by the ENISA regulation (EU) 526/2013. The group advises the Executive Director on the development of the Agency’s work programme, and on ensuring the communication with the relevant stakeholders on all related issues. The members, appointed “ad personam”, constitute a multidisciplinary group deriving from industry, academia, and consumer organisations and were selected upon the basis of their own specific expertise and personal merits.

A new Permanent Stakeholders Group will be soon selected, which will serve for the next 2 ½ years.


The list of the currently appointed members is available in the following link: ENISA PSG

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

“Cybersecurity in the age of the Internet of Things and Artificial Intelligence”: Breakfast debate organised by ENISA and MEP Albrecht

Wed, 07/05/2017 - 11:37

© Copyright: Michał Boni‏ @MichalBoni

The breakfast debate, jointly organised by the European Union Agency for Network and Information Security (ENISA) and MEP Jan Philipp Albrecht has just been concluded in Strasbourg, France. Invited guests shared their views and discussed the upcoming challenges concerning information technology security in the European Union.

With the Internet of Things (IoT) and Artificial Intelligence (AI) advancing rapidly and having potential impact on our everyday lives, the participants were invited to join the debate surrounding the question of cybersecurity measures and standards. These new technological developments have the potential to create socio - economic opportunities, while changing the way that humans and machines interact and live, thus posing regulatory, ethical and liability challenges.

The participants included members of the European Parliament, the Commission, representatives of the Presidency of the Council of the European Union, Member states, industry, and academia, as well as the Chairperson and the Deputy Chairperson of the ENISA Management Board. Mariya Gabriel, Commissioner-Designate for the Digital Economy and Society opened the discussion with a keynote speech. ENISA’s Executive Director, Udo Helmbrecht, moderated the expert discussion and Q&A session.


 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

EU operational cooperation under test for the second time

Mon, 07/03/2017 - 11:35

For the second time in less than 2 months the EU CSIRTs Network has responded to the recent global outbreak of ‘NotPetya’ campaign that has also affected Europe.

Since Tuesday, 27th June 2017, a malware outbreak has been infecting IT systems mostly in Europe. News agencies across the globe compared this attack with the recent WannaCry ransomware outburst which shocked the world in May 2017. However there were differences like the attack's initial vector. In the case of WannaCry it was plain exploitation of SMB vulnerabilities while now Microsoft has evidence that a few active infections of the ransomware initially started from the legitimate MEDoc tax accounting updater process.

By utilising effective channels of communications, EU MS CSIRTs have managed to exchange information in a secure and prompt manner. This has resulted in a synchronised cross-border information flow, fast incident response on national level, and better recognition and understanding of the threat and mitigation measures. ENISA has once again actively supported MS CSIRTs on this mission.

The successful cooperation among MS CSIRTs has been driven by the current Estonian Presidency of the Council of the EU in a close cooperation with ENISA and other volunteering MS CSIRTs. This adhoc collaboration effort showed good progress in building trust and operational cooperation among EU MS CSIRTs.

Current Chair of the CSIRTs network, CERT-EE, presents today the operational update and situation overview of the 'NotPetya' campaign on behalf of the CSIRTs network at the Horizontal Working Party on Cyber Security Issues meeting in Brussels.

Udo Helmbrecht, Executive Director of ENISA, said: “For the second time within two months, the world is faced with a major global cyber-attack.  ENISA is once again closely monitoring the situation and working together with the Member States CSIRTs to respond to the cyber attack thereby helping to manage the cybersecurity of European citizens and businesses.”

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

Getting ready for the European Cyber Security Month 2017

Thu, 06/22/2017 - 16:56

 “Building together a joint EU advocacy campaign on NIS topics!” is the motto of this year’s ECSM campaign. Preparation for this year’s Cyber Security Month kick-off event is in collaboration with the Estonian Information Systems Authority. Taking place during the Estonian Presidency, the Estonian Ministry of Economic Affairs & Communication will be hosting the kick-off event at their premises in Tallinn on the 29th September 2017.

The ECSM runs for the entire October, with each of its four weeks focusing on a different topic. During each week, ENISA and its ECSM partners will be organising events and activities centred on each of these themes. Events may have an emphasis on education material, strategy summits, general presentations to users, online quizzes, etc.  2017 marks the 5 year anniversary of the ECSM campaign.

Check out the themes planned for this year’s ECSM:

Week 1: Oct. 2-6
Theme: Cyber Security in Workplace
Targeting businesses, the aim of the theme is to raise awareness amongst company employees, IT professionals & senior management about threats such as Ransomware, Phishing, Malware and to provide general cyber “Hygiene” advice.

Week 2: Oct. 9-13
Theme: Governance, Privacy & Data Protection
Countdown to compliance: Ensure you're ready!!! The aim of this theme is to uncover how to prepare your organization for the new EU Directives and Regulations such as the NIS Directive and the GDPR.


Week 3: Oct. 16-20
Theme: Cyber Security in the Home
The aim of the theme is to raise awareness amongst general users of threats from IoT, online fraud / scams and provide guidance on how protect their home network and protect their online privacy.


Week 4: Oct. 23-27
Theme: Skills in Cyber Security
The theme seeks to support the young with gaining Cyber Security skills via training and education so as to grow the next generation of skilled Cyber Security professionals.

Find out more about the activities and how to get involved here

About ECSM: ECSM is the EU’s annual advocacy campaign taking place in October, which aims to raise awareness on cyber security threats, promote cyber security among citizens and provide up to date security information, through education and sharing of good practices.


ECSM video about all you need to know here

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

Udo Helmbrecht speaks at SEKOP 2017

Mon, 06/19/2017 - 17:30

Prof. Dr. Udo Helmbrecht was invited to this year’s SEKOP conference to speak about cybersecurity and current challenges from a European perspective. Among other key points, Udo Helmbrecht, talked about ENISA's support to the EU's Members states with the implementation of the NIS Directive while referring to the Internal Digital Single Market risks and protection, he mentioned the following needs:

  • Develop new EU business cases for cybersecurity
  • Use cybersecurity as an economic enabler
  • Invest in business intelligence protection, trustworthy products and services

In order to achieve critical asset protection, the Executive Director of ENISA mentioned the necessity for EU collaboration, more capacity building and sovereignty, along with the harmonization of products, services and skills.  Professor Helmbrecht also called for product liability and the implementation of good practices such as mandatory patching in order for basic security protection to be ensured.

ENISA participated with its own booth at the event, which took place from Saturday 17th June to Monday 19th June 2017 in Hausham, Germany. The event invited experts to discuss, during workshops, current issues, approaches to solutions and best practices related to IT trends and cybersecurity. The motto of the conference was “The CISO Agenda 2018 - Next Challenges”.

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

Cybersecurity in the EU Common Security and Defence Policy (CSDP): Challenges and risks for the EU

Thu, 06/15/2017 - 14:30

The study identifies challenges and risks for the EU regarding cyber capacity building in the EU Common Security and Defence Policy (CSDP) context.

Several experts from the public sector, the academia and military, including NATO, contributed to this work in order to give a holistic perspective of cybersecurity requirements, concerns and good practices for military and civilian missions. The study builds on existing EU efforts recommending additional proposals that span across policy, culture, skills, law, capabilities and organizations.

The study is structured around three thematic areas: policies, capacity building, and the integration of cyber in the CSDP missions, with the last one being its main focus.

The full study is available here

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

New cyber security information service launched today by ENISA

Thu, 06/15/2017 - 10:50

“Cyber Security Info Notes” are short papers produced by ENISA on information security topics, which aim at highlighting assessed facts regarding information security related incidents and developments. The main focus is on providing an independent and ‘calm’ opinion and on advising stakeholders targeted by these incidents/developments.

The philosophy and goals of the Agency’s information service are to provide an expert point of view that is not driven by urgency. “Cyber Security Info Notes” deliver a neutral, balanced and comprehensive point of view, together with recommendations. This work consists of a synthesis of both publicly available material and own experience.

ENISA has updated and enhanced its existing “Info Notes” service with the aim of producing useful information for its stakeholder communities based on all of the Agency’s work. The content covers a wide range of cybersecurity information e.g. vulnerabilities, threats, incidents, developments etc.

In addition ENISA aims to establish context out of security information. This contribution will be achieved by putting current events, incidents and news into the context of internal and external work.

ENISA’s Cyber Security Info Notes will be published on a regular basis (1-2 per month) and on a per request basis such as during the event of important cyber security incidents.

For more information visit ENISA’s Cyber Security Info Notes section.

“Disinformation operations in cyber-space”

The first Cyber Security Info Note titled “Disinformation operations in cyber-space” outlines the emergence of disinformation campaigns in cyber-space. In the context of disinformation operations, the note provides an overview of the trending threat of "tainted leaks" and depicts the mitigation approach used against a recent disinformation campaign.

For the full note: Disinformation operations in cyber-space

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

CSIRT maturity evaluation process - How is CSIRT maturity assessed?

Mon, 06/12/2017 - 14:30

CSIRTs will find in ENISA's new report a comprehensive overview about assessment parameters which was also translated into an online survey tool for a direct maturity self-assessment.

The CSIRT maturity improvement process includes a survey with questions and answers for all the parameters of the commonly used SIM3 (Security Incident Management Maturity Model) model, which makes it considerably easier for any CSIRT team to self-assess their maturity in the terms of SIM3. The survey is complete with a mapping to the proposed CSIRT maturity scale (with the steps basic, intermediate and certifiable), so that a team member who use the survey can self-assess their maturity on that scale.

As an additional element of the evaluation process ENISA suggests a peer review methodology. A methodology for how to do peer reviews between trusted teams, complementary to the self-assessment approach and intended as a form  of intra-community mutual support aimed at further enhancing all teams' maturity. The proposed peer review approach is a flexible one, that is expected to suit the needs of all teams involved.

For the full report: Study on CSIRT Maturity – Evaluation Process

For the survey tool (beta version): CSIRT Maturity - Self-assessment Survey

Background:
The EU Network and Information Security Directive  (NISD) creates a CSIRTs network "to contribute to developing confidence and trust between the Member States and to promote swift and effective operational cooperation". The Directive states that each Member State shall designate one or more CSIRTs which shall comply with the requirements set out in point (1) of Annex I (requirements), covering at least the sectors referred to in Annex II and the services referred to in Annex III, responsible for risk and incident handling in accordance with a well-defined process.

The Directive gives high-level requirements that designated CSIRTs must observe, and tasks that they must perform.

ENISA has carried out a considerable amount of work in the CSIRT area, and this work contributes by sharping the role of ENISA in helping CSIRTs on their way to a higher maturity level. With this new practical guide CSIRTs will be better prepared to protect
their constituencies and improve team's maturity.

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

Opening the ENISA Annual Privacy Forum 2017

Tue, 06/06/2017 - 15:11

With a view to stimulate interactive discussions, identify new trends and produce compelling input to policy making, APF17 brings together representatives from policy, academia and the industry as well as the law enforcement community (Europol / EC3), the EDPS and civil society.

Notable speakers in this year's edition of the ENISA APF include: Wojciech Wiewiórowski (EDPS), Prof. Reinhard Posch, (TU Graz & Austria Chief Information Officer), Peter Fleischer (Google) and many more. Compelling discussions are expected in the interactive panels that include Privacy regulation in a global context and Lawful interception and PETs.

ENISA's Head of Stakeholders Relations and administration department, Mr. Paulo Empadinhas, will open the conference tomorrow at 9.00 a.m. together with the Dean of University of Vienna, Prof. Paul Oberhammer, and Prof. Erich Schweighofer.

APF17 is for the first time streamed live at: http://privacyforum.eu/multimedia/ .


Stay connected with #APF17: follow @PrivacyForum_EU and @ENISA_eu on twitter, and the dedicated site http://privacyforum.eu/.

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

“Mastering the Power of Connectivity”: Udo Helmbrecht speaks about 5G infrastructure & connectivity at the Connected Citizens Summit 2017

Wed, 05/31/2017 - 20:15

The summit, which was co-hosted by newspapers Politico and Welt, gathered more than 100 participants from private and public sectors; European institutions, national ministries, international organizations, city governments, civil society organizations and companies across major sectors.

Udo Helmbrecht together with MEP Pilar del Castillo, joined the discussion on infrastructure and answered the question “Are we equipped to master connectivity?’’. Udo Helmbrecht mentioned that cyber security is still underdeveloped specifically for IoT components and that there is still a need for investment in digital skills and infrastructure from the EU level, member States and private sector. Talking about security improvements through the new Telecom Code, which is expected to be adopted by end of 2017 or early 2018, ENISA’s Executive Director said: “The new improvements will certainly contribute to a more secured and harmonised telecommunications environment across Europe”.

For more information about the Connected Citizens Summit 2017: http://www.politico.eu/event/connected-citizens-summit-2/

Related material:
ENISA study on Analysis of security measures deployed by e-communication providers

 

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

Visit to ENISA by the Agency's Management Board Chair and Vice-Chair

Wed, 05/17/2017 - 22:00

The objective of the visit was the exchange of views on a variety of different subjects associated with the ENISA's work programme 2018, the review of the  Agency mandate and the challenges and opportunities associated with it.

In addition the programme during the visit included:

  • Meeting with ENISA’s Executive Director Udo Helmbrecht and staff, for an update on the Wannacry outburst and ENISA's role in the collaboration among EU Member States.
  • A discussion on matters related to ENISA's Management Board activities.
  • Meeting with the Agency's staff.

For more information:  ENISA Management Board

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

National Liaison Officers meet today at ENISA

Wed, 04/26/2017 - 14:59

During the meeting, NLOs exchanged views with ENISA experts and elaborated on the objectives of the year.

The meeting included discussions on the future role of NLOs following the implementation of the NIS Directive and the new ENISA mandate, as well as updates on upcoming events by ENISA such as the European Cyber Security Month (ECSM), the European Cyber Security Challenge (ECSC), and ENISA’s role in the NIS Directive Co-operation Group and the CSIRTs Network.

National Liaison Officers are the first point of contact of ENISA in the Member States, acting as ‘facilitators’ for ENISA activities within their countries. The Network currently comprises thirty-five members of the EU Member States, EEA countries and the European Institutions.

For more information visit ENISA NLOs Network page.

 

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

Danish assessment of the cyber threat against Denmark

Fri, 04/21/2017 - 16:46
The report addresses the threat from cyber activities against Danish authorities and private companies. The main threat emanates from state-sponsored cyber espionage and from cyber crime. State and criminal hackers are continuously developing their skills and their attack methods are growing ever more sophisticated.

 

For the full report: The cyber threat against Denmark

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

'Secure the communications of mail servers'- new factsheet by NCSC

Thu, 04/20/2017 - 15:52

Traditionally, connections between mail servers have hardly been secured. STARTTLS is an extension to provide existing protocols with connection security. If you only use STARTTLS to secure connections between mail servers, this will protect against so-called passive attackers. An active attacker can easily undo the use of STARTTLS. The DANE protocol allows you to verifiably indicate that your server offers a secure connection.

The NCSC recommends enabling STARTTLS and DANE for all your organisation’s incoming and outgoing email traffic.

The National Council Digital Government has decided in September 2016 to include STARTTLS and DANE for email traffic in the list of compulsory open standards. Therefore, it is compulsory for Dutch government bodies to apply these standards when investing in email systems.

The standards STARTTLS and DANE are also part of the initiative 'Secure E-mail Coalition', a partnership of businesses, trade associations and governments. This initiative is aimed at broader adoption of email security and up-to-date standards. This factsheet supports organisations that want to start using these standards.

For more information: https://www.ncsc.nl/english/current-topics/factsheets/factsheet-secure-the-connections-of-mail-servers.html

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

ENISA wins award for Excellence in innovation-transformation at EU Ombudsman Award for Good Administration

Fri, 03/31/2017 - 10:08

The Agency’s project on Redefining European cyber cooperation, is a cyber-crisis simulation executed in real-time (over 48 hours) following two years of planning.

This achievement reflects the continuous efforts of ENISA in innovation, creativity and effectiveness in achieving its goals. It also reflects the Agency work towards developing projects that highly impact and involve the Member states and bring added value to the EU.

Launched in October 2016, the initiative aims to highlight efforts and share best practice within the wider administration of Member States, recognising the contribution of staff at an individual and team level.

The project brings together top IT experts from banks, cybersecurity, transport and energy companies from all Member States. Over the project’s lifetime, more than 1000 participants were trained and benefited from the program.

Ninety (90) projects were nominated from EU Institutions, agencies and other bodies. ENISA competed with sixteen (16) projects under the innovation and transformation category.

Cybersecurity is an area which relies upon the cooperation of all involved parties and the exchange of best practices.

The award also reflects the collaboration across all the Member States in their efforts to respond against cyber threats, and is as much theirs to pride. We urge all partners to continue their commitment and hard work together in ensuring cyber excellence, awareness and security across the EU.  


EU Ombudsman press release

Follow updates on #Eoaward @EUombudsman

Find out more about Cyber Europe 2016 organised by ENISA

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

Celebrating #EU60 years of the Treaties of Rome

Thu, 03/23/2017 - 22:00

On March 25th 1957, the Treaties of Rome was signed by the governments of Belgium, France, Germany, Italy, Luxembourg and the Netherlands. The Commission is celebrating the 60th anniversary with a number of events and activities.

European Commission: The main event organised by the Commission will be Citizens' Dialogue with the HRVP Mogherini on 24 March between 12.00 and 13.30 in the Acquario di Roma in central Rome. The Dialogue, to be attended by 250-300 citizens and (mainly) Erasmus students in Rome, will be focused on the options for the future of the EU, and the difference that the EU should make for the future generations.

The Directorate-General for Education and Culture organises a Jean Monnet Seminar "The Future of Europe: a commitment for You(th)" on 23 and 24 March. The Seminar will be attended by around 100 participants, mainly Jean Monnet professors and youth representatives.

The Directorate-General for Communications Networks, Content and Technology (CNECT) organise the Digital Day, a high-level event with five Commissioners and ministers from all Member States, on 23 March. Check the agenda: https://ec.europa.eu/digital-single-market/en/agenda-digital-day-rome-2017

 
In all EU Member States events are being organised by the EC Representations. A list of these events is available on the inter-institutional webpage dedicated to the 60th Anniversary  in the section "Find events in your country".

EU Institutions: Events will be organised also by other EU Institutions. A list of these events is available on the inter-institutional webpage dedicated to the 60th Anniversary  .The Italian Government will host and organise different events to promote the 60th anniversary. A list of such events is available on the website of the Italian department for European Politics.

Furthermore, don’t miss:

  • Video  testimonials about Europe reflecting the diversity of  citizens and languages in all Member States and three EU Delegations (Bangkok, UN-New York, Rabat).
  • GIF competition – EU GIF story: Participants are invited to create a GIF based upon AV Service's archive material, which will depict a series of historical moments in the EU's history. All #EU60 GIFs will ultimately be shared with the Commission's social media and ultimately be hosted on the European Commission's Giphy Profile.  Winners to be announced on 23 March

  • EU60in60: a 60 second time-lapse video clip giving a glimpse of EU history, spanning from today until the signing of the Treaty of Rome. The clip features the main political milestones of EU integration, as well as major social-cultural events over that period. Link to the clip: http://ec.europa.eu/avservices/video/player.cfm?sitelang=en&ref=I133251
  • Documentary  clip  telling the story of the EU's integration since the signing of the      Treaties of Rome.


All above audio-visual material will be hosted and available for download on the European Commission's Audiovisual Service focus page.

 

Get active on social media -  Share, Update, Tweet!


Share the EU Flag
via Instagram from 25 March! Share pictures, paintings, photos of the EU flag under a common hashtag.  Update profile pictures to one, bearing the EU60 Visual Identity. When tweeting the hashtag #EU60 an EU flag will appear.

Follow        #DigitalDay17


Related material
:

Inter-institutional  page about the 60th anniversary (available in all EU languages)

European Commission's Audiovisual Service focus page about the 60th anniversary (in EN and FR).

Website of the Italian Government about the 60th anniversary (available in IT, EN and FR)

The European Story – 60 years of shared progress (available in EN)

Europe's future is digital: EU countries to commit in Rome to go deeper and further on digital

 Livestream

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

ENISA at CeBIT: The role of cybersecurity within the new digital environment

Wed, 03/22/2017 - 13:55

image c CeBIT

ENISA participates at this year’s CeBIT event with its own booth for the first time. With its presence the Agency aims to raise awareness on cybersecurity and the work it delivers on key themes such as:

  • The Internet of Things
  • Smart homes
  • Smart cars and smart hospitals
  • Critical infrastructure
  • Blockchain technology and mobile payments
  • Standardisation and certification
  • Trainings
  • privacy and virtualisation
  • And much more

ENISA experts on-site liaised with visitors providing insights on ENISA’s work generating interest and participation.

ENISA’s Head of Core Operations, Dr Steve Purser delivered the keynote address  at the Global Industry Club at CeBIT’s International Cybersecurity Conference taking place in Hannover. Speaking to German industry representatives on ‘Dealing with technology evolution - from policy development to implementation’ Purser gave an overview on:

  • Economic considerations and how cybersecurity can act as an economic enabler
  • How ENISA works with stakeholders to influence policy development. Key focus areas involved the implementation of the NIS requirements, GDPR and data breach reporting and the new eIDAS regulation on security incidents
  • Aligning skill-sets with industry needs, looking into exercises and the cybersecurity challenge
  • Implementation, and specifically on identifying and spreading good practices using SMART approaches as an example
  • Challenges and opportunities within cybersecurity  

The discussion with Purser continued during the day at the panel on ‘New experiences, challenges and changes in some global conditions - how to manage Cyber Security?’  with representatives from the public, academic and industry sector.

 

Visit ENISA’s booth

To find out more about the Agency’s work on cybersecurity visit  ENISA  at Hall 6 - Stand E16.


Related material by ENISA:

ENISA's work on IoT and Smart Infrastructures including smart homes, smart cities, smart airports, smart cars, smart hospitals and more

ENISA report on blockchain technology and security

Security of Mobile Payments and Digital Wallets

How to protect critical infrastructures

ENISA study on the security aspects of virtualization

Smartphone Development Guidelines

ENISA online training material

Gaps in NIS standardisation

Challenges of security certification in emerging ICT environments

PETs control matrix: A systematic approach for assessing online privacy tools


 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

Getting ready for the next European Cyber Security Challenge

Fri, 03/17/2017 - 10:20

The first meeting of the representatives that participate in the European Cyber Security Challenge 2017 (ECSC'2017) took place in Brussels on the 15th and16th March.

A number of topics were addressed during the two days relating to the governance of the ECSC competitions, the lessons learned from ECSC'2016 as well as the planning for the ECSC'2017 final event which will take place in November in Spain.

For further information on the European Cyber Security Challenge please refer to http://www.europeancybersecuritychallenge.eu/

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

Gaps in NIS standardisation: Mapping the requirements of the NIS Directive to specific standards

Wed, 03/15/2017 - 13:30

The aim of the study is to provide a mapping of the technical requirements of the NIS Directive to existing standards, to identify gaps and overlaps in related standardisation and provide recommendations for the future work in this area.

The report identifies a relatively small number of gaps and areas of overlap in standardisation where there is no clear best practice to be adopted partly due to the diversity of the current standardisation ecosystem. This allows for several recommendations:

a)      It is recommended that the European Commission adopt a standards based framework for the exchange of threat and defensive measure information, that impacts the functioning of Network Information Infrastructure (NII), with the support of the Member States pursuant to the NIS Directive. The capabilities from this framework underscore NII as a Critical Infrastructure of the EU and its Member States and can further act a manual and reference point.

b)     ENISA urges to adopt open standards in threat exchange. This translates into increased interoperability and improved cooperation and information sharing. In this context, the risk analysis and defensive measures capabilities defined in current standards should be extended, to allow Member States to address the Network Information Infrastructure and NIS provisions necessary to mitigate risk both at a national and regional level.

c)      At another level, it will be useful to highlight the similarities between the USA Cybersecurity Act and the NIS Directive and promote possible synergies in the application of standards.

The publication coincides with the announcement of the European Commission’s Rolling Plan for ICT Standardisation, which aims at providing a bridge between EU policies and standardisation activities in the area of ICT.

Full report available online
For more on the subject
and press enquiries please contact press@enisa.europa.eu  Tel. +302814409576

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

#APF17: Call for Papers

Thu, 03/09/2017 - 10:15

This year’s edition is organised in the light of the implementation of the newly promulgated General Data Protection Regulation (GDPR), and, the recent EC proposal for a Regulation on Privacy and Electronic Communications. Even the best legislative efforts face the challenge of keeping up to speed with the pace of innovative technology and business models that challenge the way personal data is processed and privacy is protected across the EU and beyond; therefore examining what is at stake and where threats thereto originate from becomes of paramount importance.

Get involved to:

  • learn from the professionals in the field
  • participate in a high level debate
  • discover the trends for the future
  • network with key players in privacy and NIS

The call for papers is open until 31th March. To submit your paper please use the conference’s EasyChair page.

Call for papers: At APF 2017, we invite papers presenting original work on the themes of data protection and privacy and their repercussions on technology business, government, law, society, policy and on law enforcement. An inter-disciplinary approach is high in demand to contribute to bridging the gap between research, business models and policy much like proposing new models and interpretations are.

Multidisciplinary papers are particularly welcome, making explicit how the presented work can contribute to bridging the gap between research and policy.

Contributions from policy makers, representatives of competent authorities, such as Data Protection Authorities, industry experts, NGOs and civil society associations are particularly welcome. For detailed information and the aspects with which research and opinion papers should deal with are available at: http://privacyforum.eu/call-for-papers

Submissions must be written in English, should not succeed 8000 words and, need to comply with the Springer LNCS style guide. Authors must submit their papers by the deadline indicated on the conference web site and follow the requirements stated there. Papers will be published in the proceedings of the conference with a publishing house soon to be selected and announced.

Related material:

  • APF 2016 report
  • Last year in Frankfurt at APF 2016, ENISA and its partners proposed a technology readiness platform for privacy enhancing technologies. A report on the current situation and the roadmap of the ongoing project available online


To receive the latest news and updates sign up for the RSS feeds, follow #APF17  and #PrivacyForum_EU on twitter and the dedicated site http://privacyforum.eu/


About APF 2017:
ENISA, DG CONNECT, and the Law Faculty of the University of Vienna, Arbeitsgruppe Rechtsinformatikis jointly organise the two-day event with the objective of providing a forum to academia, industry and policy makers.

For information please contact the APF Committee via the following link

For press enquiries please contact press@enisa.europa.eu,  Tel. 2814 409576

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

Pages