European Union Agency for Network and Information Security

The importance of cryptography for the digital society

Mon, 12/12/2016 - 16:20

Within the context of proposals to weakening encryption to facilitate the work of law enforcement, ENISA outlines in seven key messages, the challenges which result from such an act, lowering trust in online services and the smooth implementation of the Digital Dingle Market and EU industry. In the paper it is identified that weakening encryption can affect other aspects of cryptology, and a cost benefit analysis should be deployed prior to any legislation put forward.

 

ENISA sees that:

  • The use of backdoors in cryptography is not a solution, as existing legitimate users are put at risk by the very existence of backdoors.
  • Backdoors do not address the challenge of accessing of decrypting material, because criminals can already develop and use their own cryptographic tools. Furthermore, new technologies are now being deployed making lawful interception in a timely manner very difficult.
  • Judicial oversight may not be a perfect solution; as different interpretations of the legislation may occur.
  • Law enforcement solutions need to be identified without the use of backdoors and key escrow. It is very difficult to restrict technical innovation using legislation.
  • History has shown that technology beats legislation, and criminals are best placed to capitalise on this opportunity.
  • The perception that backdoors and key escrow exist, can potentially affect and undermine the aspirations for a fully embraced Digital Society in Europe.
  • History has shown that legal controls are not always successful, and may harm and inhibit innovation, as seen with previous US experience.

 

ENISA collaborates closely with Europol, with the development of an expert working group on the topic, discussing on technical options to meet the needs of law enforcement while advocating the need to maintain strong encryption.

ENISA’s latest opinion paper is available online

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

EU Agencies meet at the European Parliament

Tue, 12/06/2016 - 14:57

courtesy #euagencies

High-level speakers of the day included Martin Schulz, President of the European Parliament, Kristalina Georgieva, Vice-President of the European Commission, and Herman Van Rompuy, former President of the European Council.

ENISA – the EU cybersecurity Agency – participates at the two-day meeting, sharing with counterparts the role and the contribution of the Agency to the Digital Single Market for the benefit of citizens, consumers, enterprises and public sector organizations in the Union. The agency is represented by the Executive Director, Udo Helmbrecht and the Head of Administration, Paulo Empadinhas.

The conference emphasizes the benefits EU Agencies bring to the economy, stakeholders and policy-making in Europe.

During the first day of the conference four sessions place focus on i) boosting jobs, growth and investment, ii) citizens first iii) justice and home affairs and an iv) innovative Europe. Two new studies carried out by the European Parliament on the impact of the EU Agencies in the EU will be presented during the meeting. The conclusions of day-1 will be presented the following day outlining the way forward.

Read the full press release

Livestream: http://web.ep.streamovations.be/index.php/event/stream/161206-1000-special-eu-agencies-forum-0612am/

 

The EU Agencies Network: The 45 decentralised Agencies and Joint Undertakings of the EU closely interact and cooperate within the EU Agencies Network, a pan-European network, set up by the Heads of EU Agencies, as a collective voice for the Agencies to coordinate, exchange information and agree common positions of shared interest.

For more information:

For more details about the Forum, see the Agenda.

Follow the EU Agencies and the event on Twitter via #EUAgencies and #euagenciesforum

Click here and find out more about how the 45 EU Agencies and Joint Undertakings.

Watch videos about the EU Agencies on YouTube here.

 

EU Agencies press contacts: Dorottya.VANNAI@ext.euipo.europa.eu  and Ruth.MCDONALD@euipo.europa.eu

For press enquiries and  how ENISA contributes to the EU please contact press@enisa.europa.eu

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

ENISA on advancing cybersecurity capabilities and cooperation at ITU regional meeting

Wed, 11/30/2016 - 18:28

On the 29th and 30th November 2016 in Bulgaria, ENISA together with the Telecommunication Development Bureau (BDT) of the International Telecommunication Union (ITU), and the Ministry of Transport, Information Technology and Communications of the Republic of Bulgaria organised the Regional Cybersecurity Forum for Europe.

High-level representatives from forty-three European countries from government, public and national authorities, policymakers, service providers, academia, and cybersecurity experts looked into the challenges, good practices, regional cooperation and information sharing in cybersecurity, with a special focus on National Cybersecurity Strategies (NCSS) and National CSIRTs.

Following the welcome notes of Ivaylo Moskovski (Minister of Transport, Bulgaria) and Jaroslaw Ponder (ITU), ENISA’s Head of Core Operations Dr Steve Purser, in his keynote address, gave an overview of the Agency’s activities in the related fields and how it actively contributes and supports the Member States develop cyber responses through trainings, exercises, supporting CSIRTs and the development of NCSS. The recently NIS Directive lays down the requirements to achieve a higher level of security in the Union. Within this frame, Member States are required to establish a national NIS strategy and CSIRT(s). “Cooperation and trust are key to protect critical infrastructures and to advance cybersecurity capabilities across Europe.” said Steve Purser.

More information about the meeting is available online

For interviews and press enquiries please contact press@enisa.europa.eu

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

Udo Helmbrecht speaks about the need for a strong cybersecurity environment at Think Digital Summit

Wed, 11/30/2016 - 14:44

The impact of the Digital Single Market was at the epicentre of The Think Digital Summit together with Commissioner for Digital Economy G. Oettinger, Belgian Deputy Prime Minister Alexander De Croo, and MEP Marietje Schaake on Tuesday 29th November 2016, in Brussels.

ENISA’s Executive Director, Udo Helmbrecht together with representatives of National Authorities, industry and academia discussed about ‘Cyber space and security for business’, looking into the challenges, threats and the need for cooperation in areas of critical infrastructure such as energy, health, transport and finance and between the public and private sector.

Udo Helmbrecht, who was a speaker at the conference, said: “Finance, ICT and energy sectors have the highest incident costs. Cyber incident figures show up to 1.6% GDP loss in some EU countries. Furthermore, cyber-crime capitalisation in 2016, would reach the level of the second most valuable US company[1]. Legislative initiatives, secure network structure, encryption and standardisation can support towards a strong EU cybersecurity environment”.

The Think Digital Summit is an initiative of European Business Summit. More: http://thinkdigital.eu/    @ebsummiteurope  #td2016

Related material:

ENISA report on cost of incidents http://bit.ly/2b8ZPiZ

ENISA opinion on encryption http://bit.ly/2fYDt6i  

ENISA-Europol joint statement on encryption http://bit.ly/1U76mpR 

ENISA opinion on cybersecurity as economic enabler http://bit.ly/2gbkeEd 

ENISA’s work in eIDAS Regualtion http://bit.ly/29o84Gr 


For interviews and press enquiries
please contact press@enisa.europa.eu

 

 

[1] Source: Bloomberg cybercrime cost from Allianz Cyber Risk Guide
https://www.enisa.europa.eu/news/enisa-news/enisa-activities-in-support-of-trust-services

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

ENISA at Bitkom hub-conference: Feeling secure about your smart device?

Wed, 11/23/2016 - 09:45

This year the Agency shared insights on IoT cybersecurity and smart environments, and showcased a live-demo on securing smart home devices.

The live-demo session, which was presented for the first time, focused on how to securely select, manage and operate smart devices while demonstrating the applicability and cost-effectiveness of good practices. Smart locks served as a representative example of an IoT device. ENISA’s experts illustrated the potential risks presented in products, and proposed a series of recommendations and practical measures to hinder exploit and promote secure use.

Prof. Udo Helmbrecht, Executive Director of ENISA said: “In order to capitalise on the benefits of IoT we need to focus on security and resilience. ENISA works together with industry and the private sector to identify relevant risks and challenges and develop best practices”.

According to ENISA’s studies the main reasons behind the increased cyber security risks associated with IoT, include the lack of a security mindset and standardization, short rollout times for IoT product development, limited device resources, and minimal update mechanisms. These shortcomings can have a strong impact[1] on security. ENISA is active in the IoT domain and has released relevant reports in this area. The Agency believes that the early adoption of its proposed good practices can help boost citizens’ trust and confidence in IoT solutions and pave the way for their wider deployment.

Find out more about ENISA’s work at Bitkom hub-conference: https://www.enisa.europa.eu/events/bitkom-hub16/hub-16

ENISA’s recommendations at Bitkom in an infographic

For interviews and press enquiries please contact press@enisa.europa.eu Tel. +30 2814 409576


[1] the IoT-enabled Mirai botnet, that was able to take down parts of the Internet (Dyn DDoS attack)

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

Growing need for a common security framework, says ENISA Head of Administration at international cybersecurity conference

Thu, 11/17/2016 - 12:37

Image courtesy www.cijic.org

 

ENISA’s Head of Administration, Paulo Empandinhas, was present together with international partners and institutions, and government representatives.

Paulo Empadinhas participated in the panel on "Constitution, State and Cyberspace: Contradiction in terms”? where he spoke on the ‘general data protection regulation and IoT, and the impact in the EU chart of fundamental rights’ explaining the harmonisation, simplification and update in the technological advances that the reform brings.

“Trusting IoT requires a coordinated effort from all actors, as IoT brings smartness and new security challenges” said Paulo Empadinhas. Defining security management at the organisational level, developing information exchange on threats and risks and promoting a common cyber security framework are key to secure IoT. Security concerns include the fact that manufacturers don’t invest in security and the difficulty to secure the entire lifecycle of products, while the notion of security and privacy are closely linked. With this in mind, ENISA proposes the establishment of security procurement guidelines, a framework to evaluate the security of products, and the support of security-driven business models. “There is a need for specific IoT security framework, as safety is a new parameter which needs to be integrated which goes beyond technical requirements. Cross-sector baseline capabilities, public-private collaboration and sectoral guidance, as developed by ENISA, help in this direction” said Paulo Empandinhas.

The event hosted key figures including the Secretary of State for the Presidency of the Council of Ministers Miguel S. Roque and the President of the National Commission for Data Protection Filipa Calvão.

For more information on the event Cyberlaw Research Centre and Institute of Legal and Political Sciences

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

Updated Good Practice Guide on National Cyber Security Strategies by ENISA

Mon, 11/14/2016 - 15:20

ENISA publishes its second National Cyber Security Strategy Good Practice Guide, providing an update to the 2012 ENISA guidebook on the design and implementation of a National Cyber Security Strategy (NCSS).

This guide includes an update on the different steps, objectives and good practices of the first edition, and analyses the status of National Cyber Security Strategies in the European Union and EFTA countries. The key aim is to support EU Member States in their efforts to develop and update their NCSS.

Furthermore, the guide proposes a NCCS lifecycle, with a special emphasis on the ‘evaluation and maintaining’ phase. It presents six steps for the design and development of a NCSS and sixteen objectives for the implementation of the NCSS.

The guide can be used as a tool by governmental bodies that are responsible for cyber security strategies. It highlights good practices, identifies gaps and challenges, and suggests key performance indicators (KPIs) for the evaluation phase. It concludes with a set of recommendations on how to proceed with the development and maintenance of a NCSS.

The guide is targeted at public officials, policy makers and entities involved in the lifecycle of the strategy such as private, civil and industry stakeholders.

The recently adopted NIS Directive requires all EU Member States to develop and adopt a NCSS. For this reason, the guide will particularly assist countries that don't have a strategy already in place, through the design and implementation phase, while assist countries which have a strategy, to update and strengthen their NCSS.

The National Cyber Security Strategy Good Practice Guide  is available online.


For press and media enquiries please contact press@enisa.europa.eu

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

Europe’s talents compete at the European Cyber Security Challenge!

Thu, 11/10/2016 - 16:50

image courtesy if(is)

Teams measured their technical and cooperation skills in attacking and defending computer systems, leading the team from Spain to victory, with Romania and Germany reaching the 2nd and 3rd position respectively.

Participants were welcomed to the challenge and were handed their awards by Prof Pohlmann, Thorsten Menne of the Ministry of Innovation, Science and Research of the State of North Rhine Westphalia and the Head of ENISA's Core Operations Department, Dr Steve Purser. Zinaida Benenson, Sn. Researcher, IT Security Infrastructure Lab, University of Erlangen- Nuremberg, in her keynote speech spoke about why ‘hackers are better psychologists than security experts’.

Teams had to deal with vulnerabilities in web applications, binaries and document files, solve crypto puzzles and hack hardware systems. During the three days of the competition participants had the chance to further interact and attend to teambuilding activities, providing the opportunity to make connections with industry and gain insight into the professional IT security field. 

The European Cyber Security Challenge 2016 Final, hosted at Germany, was attended by teams from Austria, Estonia, Germany, Greece, Ireland, Liechtenstein, Romania, Spain, Switzerland and United Kingdom.

Next year’s challenge is planned to take place at Malaga Spain in November 3, 2017.

A call for participation at the European the Cyber Security Challenge 2017 will be issued before the end of 2016. Please refer to ENISA if you wish to receive further information. Get ready to be the next cyber talent!

Follow on Twitter: @enisa_eu,  #EUCSC2016

 

Related:

European Cyber Security Challenge 2016 award ceremony photos

European Cyber Security Challenge 2016:
http://www.europeancybersecuritychallenge.eu/

https://www.enisa.europa.eu/news/enisa-news/are-you-a-young-cyber-talent-do-you-aim-for-a-career-in-cyber-security

https://www.enisa.europa.eu/news/enisa-news/discovering-the-top-young-european-master-hackers


 

For press and media enquiries pleace contact press@enisa.europa.eu

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

Register for workshop on cybersecurity in eHealth

Wed, 11/09/2016 - 09:35

ENISA together with the Austria/Vienna Hospital Association is organising the second ENISA eHealth workshop to support the Member States and raise awareness and on the topic.

The event takes place in Vienna on the 23rd of November. Topics to be discussed span from policy and regulation, to the important technological advancements ICT brings in healthcare.

Some of the designated speakers include:

  • Dr Ben Kokx, Phillips, presenting standardisation activities for medical devices and IoT
  • Dr Dimitris Glynos, explaining how easy it is to actually hack a smart medical device
  • Dr Korpelainen Juha, explaining how a smart hospital is built from scratch
  • Mr Roger Lim, EC DG SANTE, giving an overview of the policy activities for eHealth in the European Commission and the eHealth Network.

Guest speakers will be sharing views during the eHealth security workshop.

To register please visit the link

Workshop agenda

For more information:  https://www.enisa.europa.eu/events/enisa-validation-workshop-good-practices-for-security-and-resilience-of-smart-hospitals

 

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

Cyber Insurance: A look at recent advances, good practices and challenges by ENISA

Mon, 11/07/2016 - 08:51

The aim of the report is to raise awareness for the most impactful market advances, by shortly identifying the most significant cyber insurance developments for the past four years – during 2012 to 2016 – and to capture the good practices and challenges during the early stages of the cyber insurance lifecycle, i.e. before an actual policy is signed, laying the ground for future work in the area.

Member States understanding the importance of addressing cyber-risk, have taken relevant action by publishing guides of good cyber-hygiene[1] [2]. Insurance federations have also shown a great interest in cyber-insurance, with actions taking place both at the European and national level.

A rising concern among a number of insurers is found to be the uncertainty around accumulating risk[3]. A subset of key recommendations, for the betterment of the cyber insurance constituency, to policy makers, insurance companies, and future customers include:

  • To policy makers: avoid the introduction of mandatory requirements that might undermine the cyber-insurance market adoption rate
  • To insurance companies: a) consider adopting common standards and methodologies, b) introduce explanatory sessions, and provide customer scenarios and generic examples of policy coverage and c) clarify the policy language and offer a transparent underwriting process
  • To cyber insurance customers: get informed, prepare and document the environment before requesting a cyber-insurance policy.

The report is targeted primarily at insurance companies, to either benchmark themselves against the market trends, or evaluate good practices before entering the market. Additional beneficiaries are customers interested to adopt a cyber insurance policy. Founded to address residual risk, the cyber insurance market is anticipating a growth in both technological and sales volume terms; a growth that is expected to be further accelerated by the legislative additions of the GDPR and NIS Directive.

 

Full report is available here


For interviews and press enquiries please contact press@enisa.europa.eu  

[1] France, ANSSI “40 essential measures for a healthy network” http://bit.ly/2dr6nbA

[2] United Kingdom, Department for Business, Energy & Industrial Strategy “Cyber essentials scheme: overview” http://bit.ly/1hkkmdz

[3] For example, in the event that an incident would occur an insurer cannot be certain about the number of customers that would be affected.


 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

Cyber Security Assesment Netherlands 2016 published

Thu, 11/03/2016 - 16:50

The Cyber Security Assessment Netherlands (CSAN) is published annually by the Dutch National Cyber Security Centre and drawn up in close collaboration between public and private parties. The aim is to offer insight into developments, interests, threats and resilience in the field of cyber security over the period from May 2015 to April 2016. Every edition is translated in English, in order to facilitate knowledge transfer to our partners

In the context of the growing threats in the digital domain, there are four notable developments in the CSAN 2016:

  • Professional criminals carry out long-lasting and high-quality operations
  • Digital economic espionage by foreign intelligence services puts a strain on the competitiveness of the Netherlands
  • Ransomware is commonplace and has become even more advanced
  • Advertising networks have not yet shown the ability to cope with malvertising Last year there was an increase in actual cyber threats.


According to State Secretary Dijkhoff, the findings from the CSAN 2016 are worrisome: "These developments have implications for the whole of the Netherlands and lead to direct action. Through the National Detection Network, the government and the business community keep each other informed about current threats. In the coming period, I am going to put extra effort into this digital dike monitoring. We have to be realistic: no one person can oversee everything all the time. Therefore, the government and society must work together to keep our online world safe. The basis is knowing where vulnerabilities are, sharing that information and then 'closing down the gaps.' "

You can now download the English translation of the Cyber Security Assessment Netherlands 2016 at our website.

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

ENISA’s support to EU and National strategies for information security presented at IT workshop

Fri, 10/28/2016 - 15:45

ENISA’s efforts focus on supporting Member States in the area of National Cyber Security Strategies, CIIP, capacity building and the security of emerging technologies. Furthermore an insight was offered on the NIS Directive and how this is translated for industry - for Digital Services Providers (DSPs) and Essential Service Operators (ESOs) – in the relevant sectors energy, banking, healthcare, and transport sector - on incident reporting.

In addition ENISA supports capacity building in the EU, through the cyber exercises and trainings, such as the recently implemented Cyber Europe 2016.

In his presentation Paulo Empadinhas stressed “within this evolving environment collaboration is everything. Failure to detect threats is often more costly than false alarms, while cyber-attacks have become a norm. Member States with the support from ENISA should cooperate to protect critical information infrastructures through sharing of information, developing and deploying good practices and cooperate with National Regulatory Authorities to achieve EU wide harmonisation”.

 

For more information on the event: http://www.scholze-simmel.at/starbus/ws10/

 

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

DSiN ten-year congress: “Security derives from responsibility”

Thu, 10/27/2016 - 15:09

Prof. Udo Helmbrecht, Executive Director of the European Union Agency for Network and Information Security (ENISA) and member of DSiN’s advisory board participated at the ten year anniversary conference of  ‘Deutschland sicher im Netz e.V.’(DSiN). Dr Thomas Kremer (DSiN Chairman) delivered the welcome speech and Dr Thomas de Maizière, (Federal Minister of the Interior) spoke on the principle of "Security derives from responsibility".

Helmbrecht together with representatives from government and industry were among the panel speakers on the “Triangle for IT security - regulation, technology, education”. Panellists discussed the increasing digitisation which is transforming into a core foundation for business, society and government, while looking into the challenges this brings to the legal framework, the security of services and devices (PbD), and citizens’ e-skills and awareness of the digital environment. The underlying notion of the associated responsibility and the importance of trust and safety, was key part of the discussion. 

Udo Helmbrecht highlighted “the latest initiatives of the European Commission, notably the NIS Directive and the GDPR,  can contribute towards addressing key technical challenges and act as a tool to build trust and a more resilient environment for businesses and citizens”. His recommendations for the future include: standardisation of IT security, ‘friendly’ and ‘neutral’ technological legislative initiatives, and a secure network structure using strong encryption.

ENISA reiterated its commitment and support to DSiN and public-private partnerships (PPPs) which help address business and consumer/citizens needs at a regional, national and EU level and the advancement of the DSM objectives.

The event is live streamed. For more information visit http://dsin-jahreskongress.de/

Background: DsiN strengthens the security awareness of consumers as well as small and medium-sized enterprises on the Internet and provides concrete support. DsiN was founded in the National IT Summit of the Federal Government and has been under the patronage of the Federal Ministry of the Interior since 2007 (source: DSiN).

Related item here

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

4th Week ECSM: Mobile Malware

Mon, 10/24/2016 - 09:35

About Mobile Malware

Mobile malware is malicious software which targets mobile devices.

We increasingly depend on mobile devices. Cybercriminals use this to their advantage, to get access to information and money, or to just do harm, while also developing a number of threats which are particularly designed to operate on mobile platforms.

The main threats include: use and download of apps, mobile banking malware, mobile ransomware, web-based threats, and unsecure Wi-Fi connections.

How to protect yourself

  • Install apps from trusted sources only
  • Don’t click on links or attachments in unsolicited emails or text messages
  • Log out of sites after you have made a payment
  • Keep your operating system and apps updated
  • Turn off Wi-Fi, location services and Bluetooth when not in use
  • Avoid giving out personal information
  • Don’t jailbreak your device
  • Back up your data
  • Install a mobile security app

Material on Mobile Malware

Detailed material on mobile malware in over twenty (20) languages, including infographics, info-sheets with tips to businesses and users, and videos, are available on Europol EC3 website and take a look at the Mobile malware video.


Follow #MobileMalware

Workshop on Mobile Malware

As part of the Cyber Security Month, a course has been organized in collaboration with the Cyber Crime Unit of Greece and ENISA. The topic of the session, coincides with the Mobile Malware theme of the week promoted by Europol.

This is a closed event for members of Greek law enforcement.

 

Follow #CyberSecMonth, #OctoberNIS, #CyberAware

Cyber security is a shared responsibility! STOP.THINK.CONNECT

European Cyber Security Month: get in the driving seat of your own online security

2nd Week ECSM: Cyber Safety

3rd Week ECSM: Cyber  Training

 

Full list of partners at https://cybersecuritymonth.eu/ 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

Regional Cybersecurity Forum for Europe

Fri, 10/21/2016 - 16:39

The Telecommunication Development Bureau (BDT) of the International Telecommunication Union (ITU) and the European Union Agency for Network and Information Security (ENISA), together with the Ministry of Transport, Information Technology and Communications of the Republic of Bulgaria are organising the Regional Cybersecurity Forum for Europe.

When: 29-30 November, 2016
Where: Grand Hotel Sofia, Bulgaria

This event will focus mostly on the specific topics as National Cybersecurity Strategies, CIIP and National CSIRTs in terms of development approaches, good practices, challenges and opportunities. It is targeted to national policy and decision makers, legislators, regulators, service providers, academia and civil society who are involved in the process of strengthening regional cooperation, information sharing, and discussion on cybersecurity.

More information and details about the event and registration is available here.

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

Industry collaboration event: Matching supply and demand in EU cybersecurity

Fri, 10/21/2016 - 14:20

The workshop, which took place in Brussels, looks at matching supply and demand in EU cybersecurity. The focus is two-fold: to identify cybersecurity challenges and requirements in two key sectors, electronic payments and eHealth, and to explore to what extent suppliers of cybersecurity products and services are able to respond in a commercially neutral environment.

In particular, objectives of the workshop include to:

  • understand the challenges and cyber security requirements of the eHealth and ePayments industries
  • showcase state-of-the-art approaches in the two topics
  • match EU cybersecurity challenges and requirements with opportunities and capabilities
  • explore what industry can offer (without discussing individual products)
  • draft a list of concrete actions - after a ‘matching exercise’ - and communicate these to the relevant authorities

The industry group was created by ENISA in an effort to compliment with discussions on implementation strategies and methods related to the current active policy debate on NIS themes. The particular event, brings together representatives from the European Commission, public and private entities, health, banking and IT sectors.  The aim is to generate a better understanding of challenges and requirements in these industries for potential suppliers, and to inform the consumer industries on potential solutions to respective issues.

The overall goal is to ensure that policy makers are aware of the degree of effort and cost necessary to implement policy ideas, and conversely that the EU industry, whether acting as consumers or suppliers of cybersecurity products and services, are able to get optimal benefit from these policies.

ENISA takes a closer look in these two fields as the health sector, and in particular innovations related to e/m- Health, is increasingly considered as a critical infrastructure while the Payment Services Directive 2 (PSD2) is expected to  impact the security of payment services.

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

Incident handling training workshop by ENISA

Thu, 10/20/2016 - 13:40

The three-day training focuses on mobile threats and incident handling, memory forensics, and malware analysis. ENISA’s trainers cover the concepts of memory forensics, such as acquisition of memory and its analysis, and additionally give attendants an overview of the tools and methodologies used to perform malware analysis.

During the training, participants from CSIRT.sk, the Slovak Ministry of Defence and other governmental entities, follow hands-on tutorials to solve various cyber security incidents. The courses are based on the ENISA training material developed for operational communities such as CSIRTs. The material is also available online.

The memory forensics training looks at identification and handling of electronic evidence, artifact analysis, and artifact handling and analysis. The event is also hosted and supported by the Slovak Armed Forces.

For technical information please contact us at cert-relations (at) enisa.europa.eu

More ENISA training material and to meet the ENISA trainers take a look at the video.

3rd Week ECSM: Cyber Training

Mon, 10/17/2016 - 11:57

In the context of this year’s October themes for ECSM, ENISA together with the University of Piraeus, organise an event to raise awareness on the various domains in cyber security. The event takes place at the University premises.

ENISA joins efforts together with partners, including the Hellenic Police Cybercrime Division, the Hellenic Authority for Communication Security and Privacy (ADAE), the department of Digital Systems and Systems Security lab of University of Piraeus, and the Networks, Multimedia and Security Systems laboratory of Ionian university, to present activities in cyber security. Topics include:

  • trends in cyber threats for 2016
  • informing users and subscribers on the protection of communication privacy
  • actions and awareness raising in relation to cybercrimes, with a focus on “money mules”
  • password-less authentication


Presentations will be held in Greek.

When: Friday, 21st October 2016, 9:00am - 14:30pm  
Where: University of Piraeus.

For more information: https://cybersecuritymonth.eu/ecsm-countries/greece/cyber-security-and-privacy-awareness-raising

 

Visit the dedicated ECSM website: https://cybersecuritymonth.eu/ 

Follow the campaign on Twitter #CyberSecMonth, #OctoberNIS, #CyberAware

"Cyber security is a shared responsibility – Stop. Think. Connect."

European Cyber Security Month: get in the driving seat of your own online security

 

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

Cyber Europe 2016 - We are stronger together

Thu, 10/13/2016 - 07:50

The scenario of Cyber Europe 2016 evolves around the IT, telecommunication and cybersecurity industries. The exercise includes technical incidents for the participants to analyse, ranging from forensic and malware analysis, mobile infection, malvertisement campaigns, open source intelligence, drones, etc. The technical incidents are used to build up the situation into a crisis at different levels: local, organization, national, European. Business continuity plans are expected to be put into test.


See also: Cyber Europe 2016 video: Are you ready for the next cyber crisis?

Cyber Europe 2016: https://www.cyber-europe.eu

Background:

To gain some insight into the Cyber Europe exercises have a look at the After Action Report of the previous pan-European cybersecurity exercise Cyber Europe 2014 .

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

ENISA’s Head of Core Operations today at the final of the Austrian Cybersecurity Challenge

Wed, 10/12/2016 - 13:05

ENISA’s Head of Core Operations, Steve Purser, visits the final of the Austrian Cybersecurity Challenge, which is being held in St. Johann, Austria today.

This competition started with an online qualifying round held from, 9th May - 31st August, resulting in the twenty finalists, ten school students, ten undergraduate students, that compete at the final this week. The five best from each group will form the team that will represent Austria at the European Cyber Security Challenge 2016 final that will take place in  Dusseldorf between 7th -10th November 2016.

The European Cyber Security Challenge leverages on competitions from Member States, like the one currently taking place at Austria, adding a pan-European layer to them.

Top cyber talents from each Member State collaborate and compete against each other to win the ECSC prize. Contestants solve security related challenges from domains such as web security, mobile security, crypto puzzles, reverse engineering and forensics and collect points for solving them.

 

Website of the Austrian Cybersecurity Challenge http://www.verbotengut.at/ 

Website of the European Cybersecurity Challenge

 

Follow on Twitter: @enisa_eu,  #EUCSC2016

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

Pages