European Union Agency for Network and Information Security

2020 CTI-EU | Bonding EU Cyber Threat Intelligence

Tue, 12/17/2019 - 13:00

Just as in previous years (2017, 2018), ENISA organizes the third version of its bonding event on Cyber Threat Intelligence (CTI). The event is going to take place in the THON-EU Hotel in Brussels on 30th and 31st January 2020.

The event aims at bringing together experts, practitioners, researchers, academia and individuals who are interested in the developments in the area of CTI. CTI EU is a forum for discussing European and international developments in CTI, get informed about the current trends in CTI, meeting CTI service providers and get informed about current CTI offerings, requirements, use cases, tools and practices.

Indicative topics to be covered in this year’s events are:

  • CTI Good Practices and developments
  • CTI Technology (Tools/Services/technologies)
  • CTI in various sectors
  • CTI Data and CTI Metrics
  • Developments in the Threat Landscape
  • Threat intelligence platforms
  • CTI production and consumption with the European Commission and its bodies

European and international speakers will present a number of talks related to CTI. Some examples:

  • "Cyber Threat Intelligence, the Microsoft Way", Tom Finley, Microsoft
  • “Threat Intelligence Orchestration and Automation”, Martin Ohl, McAfee
  • CTI in MISP, (Title and speaker to be announced)
  • “Open Source CTI platform”, ANSSI, (Speaker to be announced)
  • “Technology enablement in the intelligence cycle and the role of TIPs”, Andreas Sfakianakis
  • “Script-kiddies Today, Cybercrime Kingpins Tomorrow: How Malware-as-a-Service Providers Change Your Threat Landscape” , Marco Riccardi, quoscient
  • “Public-Private Partnership in the Fight Against Cybercrime: Cybercrime Landscape in Japan and JC3 Initiatives", Japan's JC3, (Speaker to be announced)
  • “Cybersecurity and Hybrid Threats: Putting in context incidents and open source intelligence “, Georgios Giannopoulos, JRC
  • "Full Stack Cyber Attack model", Francisco Luis de Andres Perez
  • “Implementation of TIBER-BE”, Dominik Smoniewski, National Bank of Belgium
  • “CTI Data and Metrics - what, where, who, how many? time to take out the garbage”, Jart Armin, SISSDEN BV NL
  • EDA (Title and speaker to be announced)
  • “EU cyber diplomacy toolbox “, EEAS, (Speaker to be announced)
  • CERT EU (Title and speaker to be announced)
  • “CTI: a unified European approach for shared situational awareness and coordinated response”, Ioannis Askoxylakis, DG-CONNECT.

During the event, a panel discussion will take place. Subject of this panel will be a discussion on CTI production and consumption within European Commission, focussing on requirements and priorities. Short statements (ca. 5-10 minutes) from EDA, EEAS, CONNECT, CERT-EU and ENISA will be presented on what kind of CTI they are interested in, what are the methods for producing, how this is going to be developed in the future (new Commission, Joint Cybersecurity Unit, Cybersecurity Competence Centres, etc.).

Besides the presentations, in this year’s event demos, tools and approaches will be showcased in a special room. Attendees will be in the position to visit the stands of presenting organizations, interact with organizations and get informed about CTI service and tool offerings.

Location

Thon Hotel EU
Address: Rue de la Loi 75, 1040 Bruxelles, Belgium
Phone: +32 2 204 39 11
Thon Hotel EU Website

Event Page

You can find the page of the event from the following link: 2020 CTI-EU Event Page

Registration

Registration is free-of-charge and mandatory. You can register for the workshop via the following link: Registration Form

Privacy statement

You can find the privacy statement from the following link: Privacy statement.

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

Supporting the deployment of the EU Cybersecurity Certification Framework

Tue, 12/10/2019 - 08:00

Dr. Andreas Mitrakas, ENISA

Pursuant to the EU Cybersecurity Act that entered into force on 27th June 2019, ENISA supports and promotes the development and implementation of Union policy on cybersecurity certification of ICT products, services and processes.

This validation workshop on “Supporting the deployment of the EU Cybersecurity Certification Framework” aimed to present the efforts that ENISA has undertaken since the entry into force of the Act and throughout 2019. Presentations included analysis and recommendations as well as input on the response to Commission requests notably on a Common Criteria scheme.

The debate on the various deliverables called for engaging discussions with an expert audience on such areas as, handling of vulnerabilities; maintenance of a scheme in Common Criteria; content of a cybersecurity certification scheme; aspects of deployment of a scheme and market buy-in; aspects related to standardisation and the need to align planning certification schemes with the evolution of standards. 

Responding to Commission requests, ENISA is currently carrying out work on two different cybersecurity certification schemes, related to Common Criteria and Cloud services.

The objective of this workshop in terms of validating deliverables with stakeholders was met and it demonstrated in practical terms the engagement of the Agency in terms of accountability and stakeholders’ involvement in the production of its output. This is an area to be monitored further.

 

Note to editors:

Further information on Cybersecurity Certification can be found here:  Bolstering ENISA in the EU Cybersecurity Certification Framework.

For further queries:

Please contact press@enisa.europa.eu.

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

ENISA proposes Best Practices and Techniques for Pseudonymisation

Tue, 12/03/2019 - 08:00

In the light of the General Data Protection Regulation (GDPR), the challenge of proper application of pseudonymisation to personal data is gradually becoming a highly debated topic in many different communities, ranging from research and academia to justice and law enforcement and to compliance management in several organisations across Europe.

The ENISA ‘Pseudonymisation techniques and best practices report’, amongst other, especially discusses the parameters that may influence the choice of pseudonymisation techniques in practice, such as data protection, utility, scalability and recovery. It also builds on specific use cases for the pseudonymisation of certain types of identifiers (IP address, email addresses, complex data sets).

One of the main outcomes of the report is that there is no single easy solution to pseudonymisation that works for all approaches in all possible scenarios. On the contrary, it requires a high level of competence in order to apply a robust pseudonymisation process, possibly reducing the threat of discrimination or re-identification attacks, while maintaining the degree of utility necessary for the processing of pseudonymised data.

On 12 November 2019, ENISA in co-operation with the Data Protection Authority of the German Federal State of Schleswig-Holstein (ULD) held a dedicated workshop on “Pseudonymisation and relevant security techniques” that aimed to further discuss and elaborate on the current state-of-the-art and existing experience on this field.

 

Further Information

The ENISA Pseudonymisation techniques and best practices report

The ENISA GDPR & deploying pseudonymisation techniques news

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

Cybersecurity certification: lifting the EU into the cloud

Mon, 12/02/2019 - 08:00

In accordance with article 48(2) of the EU Cybersecurity Act, the European Commission has requested ENISA to prepare a cybersecurity certification candidate scheme for cloud services, taking into account existing and relevant schemes and standards.

Cloud services provide important business opportunities for public administration and businesses. A single European cloud certification is critical for enabling the free flow of non-personal data, which allows for the unrestricted movement of data across borders and information systems within the EU.

The cybersecurity certification of cloud services will bring enhanced trust and legal certainty in the security of cross-border data processing, as acknowledged by the Free Flow of Data Regulation (Regulation (EU) 2018).  Certified cloud services will reinforce the impact of this regulation helping the EU data economy to further contribute to GDP growth.

The Commission has facilitated the work of the Cloud Service Provider Certification (CSPCERT) Working Group in this area. CSPCERT is a private and public stakeholder group, which has worked to provide a recommendation in relation to the security certification of cloud services to ENISA, the European Commission and the Member States, available here: CSPCERT WG - Recommendations for the implementation of the CSP Certification scheme.

A call for expressions of interest for an Ad-Hoc Working Group for Cloud Cybersecurity Certification will be launched in due course and will be posted on the ENISA website.

 

Note to editors:

Further information on Cybersecurity Certification can be found here: Bolstering ENISA in the EU Cybersecurity Certification Framework.

 

For further queries:

Please contact press@enisa.europa.eu

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

Cyber agencies assess future cooperation opportunities

Fri, 11/29/2019 - 11:00

The purpose of the meeting was to assess the progress achieved since the 2018 MoU and to plan the future cooperation activities for 2020-2021. The MoU provides a comprehensive cooperative framework through which civil-military synergies can be promoted, ultimately aiming to improve cybersecurity of all stakeholders and support Member States’ cyber defence programmes. 

In 2019, quadrilateral cooperation was further enhanced with various activities, regular exchanges on topical cybersecurity aspects and participation in respective events of interest.

Looking ahead, the collaboration roadmap prepared by the MoU working group envisages concrete activities on cyber training & education, technology development. The updated roadmap sets ambitious objectives for the coming year, effectively taking the level of cooperation to a new level. As part of the cooperation, the four partners are planning to organise a major event in the second part of 2020, improve their cooperation along the lines of major cybersecurity policy implementation (notably, the Cybersecurity Act) and the update Cyber Defence Policy Framework. They also commit to pay additional attention to improving incident response mechanisms and processes as well as increased joint contributions to high visibility events on Cybersecurity and Cyber Defence.

EDA Chief Executive Jorge Domecq said: “The efforts required by the implementation of the Cyber Defence Policy Framework and, in general, by our contributing Member States in the cyber defence domain are consistently increasing, and require specialised and committed resources. The collaboration enabled by the MoU is a key factor of our efforts to harmonize these efforts, avoid duplication and support Member States in their capability development programmes”.

ENISA Chief Executive Director Juhan Lepassar said: “I trust this new roadmap will enable the four partners to a closer, more effective collaboration and provide a valuable platform to help the European Union achieve the aims of the EU cyber crisis cooperation Blueprint”.

The Head of Europol's European Cybercrime Centre, Steven Wilson said: "This agreement has paved the road for a number of significant developments in the fight against cybercrime. At Europol's European Cybercrime Centre, we welcome the challenges and opportunities that are to come and continue to believe that we are stronger together in our efforts of securing Europe in the digital age."   

The Head of CERT-EU, Saâd Kadhi, stated: “As an entity with a mission to act as the cybersecurity information exchange and incident response coordination hub for its constituents, cooperation runs through CERT-EU’s veins. This MoU, and the ambitious deliverables we have set ourselves, is truly key to strengthening our collective capabilities and reinforcing the ties between the cyber defence, security and law enforcement communities".


More information:

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

ENISA launches a tool which maps security measures for OES to international standards

Thu, 11/28/2019 - 08:00

Copyright: Shutterstock

The new tool is now available through an online platform dedicated to operators in the sectors of energy, transport, banking, financial market infrastructures, health, drinking water supply & distribution and digital infrastructures. Developed by ENISA, the tool is aimed at Operators of Essential Services, as well as public regulatory authorities of the Member States.

The initiative stems from the NIS directive (EU) 2016/1148, which provides for the establishment of security measures for those operators offering essential services across the EU, in order to achieve a high common level of Security of Network and Information System. 

The specific work stream of the NIS Directive Cooperation Group on security measures for OES enabled the analysis of security requirements in the EU against the most frequently used international information security standards across the defined sectors. The result of this analysis is visible in the tool as it compiles the existing security measures identified.

The tool facilitates the search of security measures and their respective security controls in international standards. It also helps assessing their use in the Member States and in various NISD sectors.

  • Operators can use this tool to map their own standards to the proposed security measures, enabling the assessment of their information security practices against the requirements adopted by the Cooperation Group.
  • The Member States can use this tool to identify issues and look for solutions when assessing the security measures of their national OES and possibly identify a mapping to corresponding national security measures of other Member States.


The ENISA ‘Minimum Security Measures for Operators of Essentials Services – Tool’.

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

Knowledge-building on Cryptography for eIDAS Supervisory Bodies

Wed, 11/27/2019 - 16:30

In total 34 experts from 13 Member States attended the training, which is a part of the Agency’s support for the ENISA Article 19 Expert Group. The ENISA Article 19 group was set up by ENISA in 2015 to bring together experts from supervisory bodies who supervise Article 19 of the eIDAS, i.e. the security requirements for providers of electronic trust services in Europe.

Day one – Cryptography foundations

Day one of the knowledge building was dedicated to the foundations of cryptography and the cryptographic primitives. For this first day, ENISA had contracted the services of Professor Christian Rechberger, crypto researcher at TU Graz IAIK, and his colleague Daniel Kales. They went over cryptographic primitives and the foundations, and discussed new developments in the area of quantum-safe algorithms, as well as new cryptographic protocols such as homomorphic encryption and zero-knowledge proof-systems.

In the afternoon participants did some hands-on work and practical exercises to delve into multiparty computation, discussing threats and use-cases for the new cryptography. 

Day two – Applied cryptography

Day two of the knowledge building was dedicated to the application of cryptography in practice. For this second day ADACOM put together a programme with different teachers and subject matter experts from the University of the Aegean, QMSCERT, Ascertia, Gemalto amongst others.

This second day covered themes including the IT infrastructure and architecture of a qualified Trust Service Provider (TSP), a roadmap for a TSP for complying with eIDAS, audits under eIDAS, from the perspective of the Conformity Assessment Body (CAB), and also more technical topics like remote Qualified Signature Creation Device solutions, remote ID Identification, secure remote on-boarding. In the afternoon participants did a hands-on exercise on two-factor biometric authentication architectures using smartphones and hardware security module One Time Passwords (OTPs).

Further Information:

  • This work has been carried out under Output O.1.2.3 ‘Support incident reporting activities in the EU’ of the 2019 Annual work programme of ENISA.
  • In 2015, ENISA founded the Article 19 Expert Group, to bring together experts from supervisory bodies, to discuss on the technical details of incident reporting and the supervision of the security requirements in Article 19. Article 19 of the eIDAS Regulation requires that trust service providers assess risks, take appropriate security measures, and notify significant security incidents and breaches of integrity to the national supervisory bodies. A representative from RTR Austria chairs the group, ENISA acts as its secretariat, and ENISA supports the group with logistics, collaboration tools, as well as breach reporting tooling and analysis.
  • The ENISA Article 19 Expert Group

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

ENISA organises Maritime Cybersecurity Workshop in Lisbon

Wed, 11/27/2019 - 13:30

Multiple experts representing EU maritime sector stakeholders, such as port authorities, terminal operators, shipping companies and national competent authorities gathered in Lisbon to attend the ENISA Maritime Cybersecurity Workshop. The speaker line-up included presentations from DG CONNECT, DG MOVE and EMSA, as well as speakers from maritime operators, the industry and experts from Information Sharing and Analysis Centres (ISACs).

A significant part of the workshop was dedicated to a discussion on the ENISA ‘Port Cybersecurity - Good practices for cybersecurity in the maritime sector report’, which was published on the same day. Workshop participants exchanged views on the key findings of the report and voiced their opinion on what they would like to see ENISA working on next in the maritime sector.  

The afternoon session focused on the concept of ISACs, including presentations on good practices and lessons learnt from similar initiatives in other sectors. Subsequent discussions focused on the specific needs of the maritime stakeholders for such an information-sharing platform specifically for the EU maritime sector and on how ENISA could support the creation of an EU maritime ISAC.

 

Futher information

The ENISA ‘Port Cybersecurity - Good practices for cybersecurity in the maritime sector report

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

ENISA cybersecurity certification preparation underway

Wed, 11/27/2019 - 08:00

Today, ENISA is chairing the kick-off meeting in Athens, Greece of the ad-hoc working group to prepare the first cybersecurity certification scheme in accordance with the Cybersecurity Act.

Following the request from the European Commission, ENISA has set up an Ad hoc Working group to support the preparation of a candidate cybersecurity certification scheme to serve as a successor to the existing SOG-IS (“Senior Officials Group Information Systems Security“) MRA (Mutual Recognition Agreement), which has 20 years of experience.

The scheme looks into common information technology security evaluation criteria, which is likely to improve the internal market conditions of technology products, services and processes. These common criteria have proven particularly efficient for the certification of chips and smartcards and has therefore contributed to enhance the level of security of electronic signature devices, for means of identification such as passports, banking cards, tachographs for lorries.

The Working Group is composed of 20 selected members representing industry (developers, evaluators), as well as around 12 participants from accreditation bodies and Members States.

 

Notes to editors:

Further information on Cybersecurity Certification Framework can be found here: Bolstering ENISA in the EU Cybersecurity Certification Framework.

 

For further queries:

Please contact press@enisa.europa.eu

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

New Executive Board Member

Thu, 11/21/2019 - 16:00

Today, ENISA held a management Board meeting, chaired by Jean Baptiste Demaison of ANSSI. This included a workshop with the members of the Management Board (MB) and ENISA staff on the preparations for the Agency’s future strategy.

Elections for a member of the ENISA Executive Board (EB) was also held during the two days meeting. The role of the Executive Board is to prepare decisions to be adopted by the Management Board.

We warmly congratulate MB Member Mr Hans de Vries from The Netherlands and Member Mr Rastislav Janota from Slovakia on their election to the EB as member and alternate, respectively.

The MB’s role is to ensure that the Agency carries out its tasks under conditions, which enables it to serve in accordance with the founding Regulation. The MB is composed of one representative from each EU Member State and two representatives from the European Commission are also part of the Board.

The Agency amicably thanks Ms. Despina Spanou for her engagement, commitment to the ENISA EB and for helping to advance cybersecurity in Europe. We wish her all the best in her future endeavours.

 

Notes to editors

Further information on the Management Board and the Executive Board and their respective roles can be found on our website.

 

For further queries:

Please contact press@enisa.europa.eu

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

29th Article 13a telecom security meeting in Belgrade

Mon, 11/18/2019 - 09:00

The meeting was opened by Mr. Vladica Tintor, Director of RATEL, who gave an overview of the structure and activities of RATEL. Jovan Milosavljevic gave a great talk on the work of the National Centre for the Prevention of Security Risks in ICT systems, i.e. the national CSIRT, how they work, how breach reporting is set up and what the current priorities are, etc. The national CSIRT is a part of RATEL.

The meeting proceeded with liaison statements from related groups like the NIS Cooperation Group, and the NIS CG work streams on digital services and digital infrastructure. ENISA presented its paper on Security Supervision under the European Electronic Communications Code (EECC), which is due to be published in December. The EECC expands the telecom security provisions in Article 13a of the Framework directive and will cover also so-called Over-the-top providers of communications services.

At the end of the day ENISA opened discussions about a number of challenges, which will have to be addressed by the group going forward under the new legislative framework, such as the new definition of security in the EECC, the new reporting parameters in the EECC and the new ENISA tool for EECC breach reporting CIRAS (Cyber Incident Reporting and Analysis System). As a social event offered by RATEL the group paid a visit to the Nikola Tesla museum in Belgrade. Tesla was the first to envisage and develop wireless/radio communication technology and he foresaw that indeed such communication technology would drastically change the world.

On the second day, each country give an update on their state of play and relevant recent incidents. ENISA presented a plan and timeline for updating the Article 13a security framework, which needs adaptation for the EECC. BEREC presented the results of its survey on 5G auctions. BAKOM, the telecom regulator of Switzerland, gave an overview of its work on power outages and their impact on telecom networks.

The Article 13a group will change name and, where needed, membership, to adapt to the new legislation, the EECC. In 2020, much of the work of the group will be dedicated to updating the guidelines for security measures and to adapt the incident reporting process to the new provisions.

If you like to know more about this work, or if you want to join our telecom security mailing lists to be kept up to date about our telecom security work or to receive invitations for future telecom security meetings, please contact us via resilience@enisa.europa.eu 

 

Background

  • This work is done under ENISA's Annual work program output O.1.2.3 “Supporting incident reporting activities in the EU”
  • The ENISA Article 13a expert group was set up in 2010. There have been 29 meetings so far. The next meeting will be held on 12, 13 February 2020 in Brussels and the first day, 12 February, will be open for experts from the sector (operators, telecom vendors/suppliers, telecom security consultancies, etc).
  • The guidelines of the Article 13a group can be found on the ENISA Article 13a expert group portal

 

For further queries:

Please contact press@enisa.europa.eu

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

GDPR & deploying pseudonymisation techniques

Fri, 11/15/2019 - 13:30

Pseudonymisation is a well-known de-identification process that has gained additional attention following the adoption of GDPR, where it is referenced as both a security and data protection by design mechanism. In addition, in the GDPR context, pseudonymisation can motivate the relaxation, to a certain degree, of data controllers’ legal obligations if properly applied.

Given the growing importance of pseudonymisation for several data processing sectors, the main objective of the ULD-ENISA workshop, held in Berlin, was to advance existing debates on the deployment of pseudonymisation solutions as a means to meet GDPR requirements and data controller/processor obligations. To this end, the workshop aimed to discuss and touch upon core pseudonymisation techniques, practical approaches and existing application instantiations along to legal and economic issues.

One of the main outcomes of the workshop was that there is not one single pseudonymisation solution that could be applied in all cases. Indeed, while several different technical approaches are available today, a risk assessment process should provide for the best possible one for each particular case, based on the context and the desired utility level. Further work is, thus, needed as regards practical examples and real-life implementation scenarios, both on the technical, as well as on the legal side.

For further information and material about the workshop, please visit the dedicated page: ULD - ENISA Workshop: Pseudonymisation and relevant security technologies.

ENISA will be publishing a report entitled ‘Pseudonymisation techniques and best practices’ in the coming week. The report aims to contribute to and advance the relevant discussions in the field, regarding practical implementation of data pseudonymisation.

 

For queries:

Please contact press@enisa.europa.eu

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

Advisory Group discusses Work Programme 2021

Wed, 11/13/2019 - 08:35

Members of the Advisory Group with ENISA Executive Director, Juhan Lepassaar and Head of Core Operations, Steve Purser

On 12 and 13 November 2019, the Advisory Group (AG) of the European Union Agency for Cybersecurity met in Athens, Greece to provide advice on the content of the ENISA Work Programme 2021.

Different sessions looked at the areas defined in the Cybersecurity Act and explored key ideas from a variety of perspectives including the viewpoints of industry, academia, relevant EU agencies and bodies and consumer protection specialists.

The Advisory Group is a statutory body of ENISA, formerly named the Permanent Stakeholder Group. Meetings of the Advisory Group are an important part of the Agency’s commitment to a stakeholder-driven approach to EU cybersecurity and help ensure that a wide range of opinions are taken into account when creating future work plans.

The current AG is approaching the end of its mandate and a new call for expression of interest for the selection of the new AG members will be published soon on our website.

 

Further information:

On the AG's role and composition are available on the Advisory Group's page.

For other queries, please contact press@enisa.europe.eu

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

Advisory Group discusses Work Programme 2021

Wed, 11/13/2019 - 08:35

Members of the Advisory Group with ENISA Executive Director, Juhan Lepassaar and Head of Core Operations, Steve Purser

 

On 12 and 13 November 2019, the Advisory Group (AG) of the European Union Agency for Cybersecurity met in Athens, Greece to provide advice on the content of the ENISA Work Programme 2021.

 

Different sessions looked at the areas defined in the Cybersecurity Act and explored key ideas from a variety of perspectives including the viewpoints of industry, academia, relevant EU agencies and bodies and consumer protection specialists.

 

The Advisory Group is a statutory body of ENISA, formerly named the Permanent Stakeholder Group. Meetings of the Advisory Group are an important part of the Agency’s commitment to a stakeholder-driven approach to EU cybersecurity and help ensure that a wide range of opinions are taken into account when creating future work plans.

 

The current AG is approaching the end of its mandate and a new call for expression of interest for the selection of the new AG members will be published soon on our website.

 

Further information:

On the Advisory Group’s role and composition: https://www.enisa.europa.eu/about-enisa/structure-organization/advisory-group

 

For other queries, please contact press@enisa.europe.eu

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

CyLEEx19: Inside a simulated cross-border cyber-attack on critical infrastructure

Thu, 10/31/2019 - 13:00

“Hola bankers. Your time is running out! You have only 5 hours left to pay up the ransom before Armageddon, otherwise we will bring down your e-banking services and exfiltrate your precious data.”

This was one of the tasks set for CyLEEx19, the first cyber law enforcement exercise of its kind, which saw 20 cybercrime investigators and cybersecurity experts from the public and private sector come together at Europol’s headquarters on 31 October to test the EU Law Enforcement Emergency Response Protocol in a simulated environment.

Exercise CyLEEx19, organised by Europol’s European Cybercrime Centre (EC3) and the European Union Agency for Cybersecurity (ENISA), painted a dark scenario, inspired by malicious cyber activities affecting the public and private sector across Europe and beyond. Participants were called upon to react collectively to the simulated large-scale cyber-attacks related to incidents such as misuse of IT resources, unauthorised access to systems, vulnerability exploitations, Distributed Denial of Service (DDoS), and malware infections.

Participants were asked to respond to these cyber incidents and decide on the optimal response measures, including if such threats warrant the triggering of the emergency response procedure. By performing the majority of the processes documented in the Protocol, the participants increased their preparedness in case of a real-life international cyber-attack and identified possibilities for improvement of the process.

Cybercrime investigators from the Joint Cybercrime Action Taskforce (J-CAT), namely France (Police Nationale), the Netherlands (Politie), Spain (Policia Nacional) and Norway (Politiet) took part in this exercise, alongside representatives from EC3’s Advisory Groups on financial services (Banco Santander and Citi) and the internet security industry (Palo Alto Networks), together with experts from Europol, ENISA and Eurojust.

 

The EU Law Enforcement Emergency Response Protocol

In the wake of the 2017 WannaCry and NotPetya attacks, the Council of the European Union adopted the new EU Law Enforcement Emergency Response Protocol to address the growing problem of planning and coordinating between governments, agencies, and companies when cyber-attacks occur across international boundaries. The Protocol is part of the EU Blueprint for Coordinated Response to Large-Scale Cross-Border Cybersecurity Incidents and Crises (Commission Recommendation (EU) 2017/1584 of 13 September 2017 on coordinated response to large-scale cybersecurity incidents and crises C/2017/6100).

The EU Law Enforcement Emergency Response Protocol determines the procedures, roles and responsibilities of key players both within the EU and beyond; secure communication channels and 24/7 contact points for the exchange of critical information; as well as the overall coordination and de-confliction mechanism.

This cyber simulation exercise was developed within the EMPACT 2019 Operational Action Plan Cyber Attacks against Information Systems (CAIS) under the leadership of France as action leader. The exercise is also part of the cooperation framework set up under the Memorandum of Understanding signed by European Union Agency for Cybersecurity (ENISA), the European Defence Agency (EDA), the European Cybercrime Centre (EC3) and the Computer Emergency Response Team for the EU Institutions, Agencies and Bodies (CERT-EU).

The outcomes of the exercise and the feedback provided by the participants in the evaluation stage will be analysed by Europol’s European Cybercrime Centre and ENISA. Detailed lessons learned will be set forth in order to establish a list of actions to improve cyber resilience and the emergency response to large-scale cyber-attacks in Europe and beyond.

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

NIS Cooperation group and knowledge building meetings concluded in Athens

Thu, 10/24/2019 - 11:30

The first group NIS Cooperation meeting, NIS CG Work Stream 5 is a working group of competent authorities for digital services under the NIS Directive, i.e. online marketplaces, online search engines, and cloud services. The second, NIS CG Work Stream 10 is a group of competent authorities for digital infrastructure under the NIS Directive, i.e. the internet exchanges, the domain name system, and the top-level domains.

During this joint session, ENISA organised a small exercise to discuss cooperation and collaboration, cross-sector and cross-border, because both groups of experts are dealing with operators and enterprises with digital infrastructure across the EU, often operating across borders. Different breakout groups reported a number of challenges, mainly on the alignment and communication between the national authorities supervising operators and providers across the EU. ENISA will follow up on the results of this exercise in the coming months, together with the groups.

ENISA also organised two knowledge-building days for experts working at competent authorities under the NIS Directive. At the start of the week, a network expert from RIPE NCC gave a seminar on internet infrastructure. At the end of the week, ENISA offered a full day seminar on cloud security.

 

Background

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

ENISA welcomes Minister Pierrakakis

Fri, 10/18/2019 - 11:00

 ENISA’s Executive Director, Juhan Lepassaar welcomed the delegation from the Ministry, which included Mr. Kyriakos Pierrakakis - Minister of Digital Governance, Mr. Antonis Tzortzakakis, Secretary General of Telecommunications and Post, Mr. Konstantinos Champidis - Chief of Staff to the Minister of Digital Governance, Ms. Tonia Pediaditaki - Legal Counsel to the Secretary General of Telecommunications and Post, Ms. Maria Karava - Special Advisor to the Secretary General of Telecommunications and Post / Project Manager and Ms. Maria Mavridaki - Special Advisor for International Affairs.

The topics for the meeting covered the needs of new building for the Agency and possible areas of future collaboration in cybersecurity with the Greek government.

ENISA experts also took the opportunity to give further details on the initiatives the Agency works on such as:

  • Critical Infrastructure protection and national strategies
  • Ongoing work on electronic ID and eIDAS
  • Cybersecurity Certification
  • The European Cybersecurity Month and other outreach programmes

 

FOR queries:

Please contact press@enisa.europa.eu

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

ENISA says goodbye to Prof. Dr. Udo Helmbrecht after 10 years in Office

Tue, 10/15/2019 - 15:00

He was appointed to the role of Executive Director by the Management Board of ENISA in 2009, which was renewed in 2014 for an additional 5 years.

Our Executive Director will be remembered in the history of ENISA for the exceptional milestones he leaves behind. At a time when the future of the Agency was still doubtful, he managed to secure the last two essential extensions of the mandate, this last one making the Agency permanent. Last but certainly not least, he achieved the conclusion of the Cybersecurity Act with the opportunity to introduce the first European Cybersecurity Certification Scheme and strengthening the role of the Agency.

Udo handed over his duties to his successor, Mr. Juhan Lepassaar who will start his 5-year term tomorrow, 16th October 2019.

Today, Udo attended his last Management Board of ENISA Meeting, which includes the election of the Chairperson and the Deputy Chairperson. We would like to congratulate Mr Jean-Baptiste Demaison from ANSSI (France) on his re-election as Chairperson and Mr Krzysztof Silicki of NASK (Poland) on his re-election as Deputy Chairperson.

Thus turning a new page of ENISA’s history today, we, the staff of ENISA, would like to express our gratefulness to Udo, the man who committed to the Agency and thank him for transforming ENISA into the mature organisation it has now become.

We would like to wish him the best in his new endeavours and we hope he will remember us as fondly as we will remember him.

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

1st Inter-EU ISACs meeting at ENISA

Thu, 10/10/2019 - 11:00

The chairpersons of the three EU ISACs (Energy, Finance and Rail), the European Commission, the EA-ISAC, the FS-ISAC, GSMA, as well as experts with deep knowledge on the issue came together to exchange views and experiences.

The groups engaged in fruitful dialogues around governance models, communication practices and the tools available to them. ENISA presented its activities in the existing ISACs and explained its role in facilitating information sharing in the context of the new Cybersecurity Act. The European Commission gave information on funding solutions and the way forward with Connecting Europe Facility (CEF).

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

ENISA welcomed a delegation from Finland

Wed, 10/09/2019 - 10:00

The delegation consisted of the Permanent State Secretary of the Ministry of Foreign Affairs of Finland, Mr. Matti Anttonen, H.E. Mr. Juha Pyykkö, Ambassador of Finland in Athens, Mr. Esko Männistö, Counsellor at the Ministry of Foreign Affairs, Finland and Mr. Sampo Saarinen, Deputy Head of Mission, Embassy of Finland in Athens.

The delegation met with the Head of Core Operations, Steve Purser, and cybersecurity experts from the Core Operations Department, who introduced the European Cybersecurity Act, the new Cybersecurity Certification Framework and other contributions the Agency makes to the EU policy agenda. The ensuing discussion touched upon a number of challenges that the global cybersecurity community is facing and how ENISA could assist Member States in facing these challenges.

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

Pages