European Union Agency for Network and Information Security

National coordinators meet to prepare for ECSM launch

Mon, 05/23/2016 - 11:35

The meeting focused on finalizing this year’s weekly cyber security themes and the corresponding activities that will be taking place during the European Cyber Security Month (ECSM) running through the four weeks of October.

Coordinators also worked on the organization the kick-off event that will be taking place in Brussels on the 30th of September at the premises of the European Banking Federation (EBF).

For more information and updates on the ECSM, visit the official website.


About ECSM
: ECSM is the annual EU advocacy campaign which takes place in October and aims to promote cyber security among citizens, to change their perception of cyber-threats and provide up to date security information, through education and sharing good practices.

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

ENISA- Europol issue joint statement

Mon, 05/23/2016 - 08:43

This joint statement is presented as a contribution from ENISA and Europol to the on-going debate on privacy and encryption.

Read the complete statement here

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

Udo Helmbrecht speech at Europol-EIPA event

Fri, 05/20/2016 - 13:05

Read the Executive Director’s speech.

See also statement by Prof. Dr Udo Helmbrecht on Lawful Access and Security: A Transatlantic Perspective – EastWest Institute

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

ENISA recommendations for qualified website authentication certificates

Mon, 05/16/2016 - 15:25

The report targets all participants in the European trust service markets. Both regulators and supervisors from Member States, as well as Trust Service Providers, can find useful recommendations on how to promote the deployment of this new type of qualified trust service.

The report is divided in several sections. In its introductory chapters, the study describes the main concepts around qualified website authentication certificates, both in the context of existing commercial certificates and the eIDAS Regulation. The next sections present an analysis of the electronic certificates market and a SWOT analysis for the introduction of qualified website authentication certificates. The objective is to identify internal and external factors that can impact positively and negatively the growth of the adoption of this new kind of trust services in Europe and the development of the related market.

As of 1st July 2016, European Trust Services Providers will be able to provide this new type of qualified trust service. With this report, ENISA aims to support a smooth and rapid deployment. During 2016 ENISA will be following up on this topic by undertaking more activities in the area of trust services, some of them which build upon the recommendations proposed in the report.

Full report available online

For technical information please contact Clara Galan Manso at isdp@enisa.europa.eu

For press enquiries please contact press@enisa.europa.eu Tel.+30 2814 409576

 

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

SecureCloud 2016 count down - Latest updates

Fri, 05/13/2016 - 08:00

Updates in the agenda:

  • Pearse O’Donahue, European Commission
  • Charles Schulz, ANSSI
  • Martin Mckeay, Akamai
  • Olivier Perrault, Orange

 

Stay tuned for more news!

Be part of the great cloud community event and join us: https://csacongress.org/event/securecloud-2016

Follow us  #SecureCloudEU

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

From the Netherlands Presidency of the EU Council: Coordinated vulnerability disclosure Manifesto signed

Thu, 05/12/2016 - 15:49

Approximately 30 organisations have signed the Coordinated Vulnerability Disclosure Manifesto today, in which they declare to support the principle of having a point of contact to report IT vulnerabilities to and already have this set up in their own organisations, or they plan to do so soon. By signing the manifesto, the participating organisations acknowledge the importance of efforts of the research and the white-hats communities to make the internet and our society safer. The manifesto is an initiative of Rabobank and CIO Platform Nederland. The signing took place during the High Level Meeting Cyber Security in Amsterdam, organised by the Ministry of Security and Justice during the Netherlands’ Presidency of the EU Council.

For more information: CIO Platform Nederland, Lydia Kampman, lydia.kampman@cio-platform.nl, 0614031732 Rabobank, Kees Nanninga, kees.nanninga@rabobank.nl, 0302161740

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

2nd informal meeting of CSIRT Network organised by ENISA

Wed, 05/11/2016 - 13:12

The meeting was organised adjacent to ENISA’s annual workshop for national and governmental CSIRTs, in collaboration with the Dutch Presidency of the Council of the EU. CERT.LV kindly hosted the meeting at their premises, with ENISA moderating and facilitating the meeting.

In his opening statement, Dr Steve Purser, Head of ENISA Core Operations highlighted the importance of the meeting, as it marked the beginning of a key process with the implementation of the NIS Directive, the first EU legislation related to cyber security.

The group held discussions on various topics related to the governance and the activities of the CSIRTs Network. The upcoming NIS Directive creates a Network of CSIRTs “in order to contribute to the development of confidence and trust between the Member States and to promote swift and effective operational cooperation”. The discussions proved very fruitful, thanks to concrete proposals from the Dutch Presidency and the Polish delegation, and the active participation of attendees.

Next steps

The first formal meeting of the CSIRTs Network will be organised six months after the entry into force of the NIS Directive. In the meantime, participants will finalise the set-up of the group, with ENISA’s support. A further meeting is expected in late Q3 or early Q4.

 

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

The Netherlands: Advice and measures against DDoS attacks

Wed, 05/11/2016 - 06:00

During a Distributed Denial-of-Service ((D)DoS) attack, online services or the supporting infrastructure is overburdened or overloaded with network traffic. These attacks can disrupt your organisation's ICT and, in turn, any dependent business activities. This can lead to (reputation) damage.

(D)DoS attacks constitute a real threat to organisations that provide online services, such as websites.

The NCSC advises to take both technical and organisational measures to protect your organisation against the various forms of (D)DoS attack. Make an overview of your ICT infrastructure. Take technical measures to protect in-house components. For external components, make arrangements with the relevant supplier. Prepare your organisation for an attack by creating a clear response and communication strategy.

The NCSC has created two factsheets to assist your organization in this endeavor:

Continuity of online services (update) and Technical measures for the continuity of online services (new).

https://www.ncsc.nl/english/current-topics/news/advice-and-measures-against-ddos-attacks.html

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

Technical phase of Cyber Europe 2016 launched by ENISA

Wed, 04/27/2016 - 10:40

Participating cybersecurity professionals from all over Europe will be able to test and improve their technical skills on various challenging cases, inspired by real-life incidents, on topics such as mobile malware analysis, system forensics, steganography or network forensics.

ENISA has been working hands-on with public authorities from European Member States since 2015 to plan this exercise. 

For more information: ENISA Cyber Exercises

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

EGFI Members visit ENISA

Wed, 04/27/2016 - 09:15

Furthermore the meeting was attended remotely by a representative of the EC and an expert in block chain technology.

The meeting aimed to provide valuable insights into the current status and potential ways to address concerns and risks in the finance sector regarding emerging topics such as block chain, mobile payments etc. A series of topics was presented and an open discussion was held on the following:

  • NIS directive
  • Third party payments as stated in Payment Services Directive 2 (PSD2)
  • Block chain technology for Financial Institutions
  • Mobile payments
  • Cyber Insurance
  • Cloud developments

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

Latest update on Secure Cloud 2016

Tue, 04/26/2016 - 12:30

Update on the confirmed speakers:

  • Richard Morrell, Red Hat
  • Ina Schieferdecker, Director, Fraunhofer FOKUS
  • Laura Koetzle, Vice President and Group Director, Forrester
  • Raj Samani, VP, CTO, Intel
  • Michaela Iorga /NIST
  • Kuan Hon, Queen Mary University of London
  • Pearse O’Donahue, EC
  • Jim Reavis, Chief Executive Officer, Cloud Security Alliance

                 

More to follow the coming weeks, stay tuned!

Be part of the great cloud community event and join us: https://csacongress.org/event/securecloud-2016

Follow us  #SecureCloudEU

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

Join the ENISA Trust Services Forum 2016

Mon, 04/25/2016 - 13:55

The event - in collaboration with the European Commission eIDAS Task Force - takes place on May 24th at the EC premises, Madou building in Brussels.

The forum will focus on emerging issues related to trust services across Europe, as the date for entry in force of the provisions related to trust services of the eIDAS Regulation, July 1st 2016, approaches.

For more information on details concerning the agenda and to register visit the dedicated link: ENISA Trust Services Forum 2016


For more information please contact us at: isdp@enisa.europa.eu 

For press enquiries: press@enisa.europa.eu

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

The Netherlands: Cabinet launched position on encryption

Wed, 04/20/2016 - 22:00

Please find below an annex with the English translation of the letter that was sent to parliament by the cabinet. The main conclusion is as follows:

  • "The cabinet endorses the importance of strong encryption for internet security to support the protection of personal privacy of citizens, for confidential communication of the government and companies and for the Dutch economy.
  • The cabinet is therefore of the opinion that at this point in time it is not desirable to take restrictive legal measures as regards the development, availability and use of encryption in the Netherlands."

For more information: Position of the NL cabinet on encryption

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

Secure Cloud 2016 - Draft Agenda announced

Mon, 04/18/2016 - 09:40

This year's confirmed speakers include:

  • John Frank, Microsoft
  • Jacqueline Johnson, Nordea Bank
  • Raj Samani, Intel
  • Michaela Iorga, NIST

More to follow the coming weeks, stay tuned!

Be part of the great cloud community event: Join us!

Follow us  #SecureCloudEU

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

ENISA launches new enhanced website

Fri, 04/15/2016 - 14:40

With its new design the ENISA web site aims to improve the user experience in terms of exploring the Agency activities and publications.

Some of the website’s new features include:

  • An enhanced homepage with more interactive and contemporary layout and improved structure, giving a clear overview of the Agency’s work and mission, and easy access to news and available material.
  • Improved navigation and content organisation for a smoother and quicker browsing experience
  • ENISA’s work cutting across sixteen (16) topics – including cloud, big data, critical infrastructures and services, CSIRT network, services, communities, and trainings cybersecurity education, data protection, incident reporting, IoT and smart infrastructures, national cyber security strategies, standards and certification, threat and risk management, trust services - giving visitors a better overview of the agency activities and work areas in the cybersecurity domain and the chance to ‘jump into’ the theme of interest
  • An improved publications section that directs visitors to ENISA reports, corporate documents, info notes and opinion papers, leveraging on a search function
  • A redesigned events section with calendar view, featuring past, current and future events and search options and filters
  • Updated careers and procurement sections to allow job seekers and prospective business partners to explore what’s on offer
  • A revamped news section with the latest news from ENISA, the Member States, the Executive Director and the embedded ENISA twitter feed
  • Introducing a dedicated press and media centre for journalists and visitors, providing quick access to press material, integrated share and subscription options, and a new audio-visual gallery displaying videos, posters, images and infographics.

The new website is also optimised for a range of web browsers and it is responsive to mobile devices and tablets providing visitors with a better reading and viewing experience. Do visit www.enisa.europa.eu

Please email us at webmaster@enisa.europa.eu to report a broken link, feedback or comments.

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

Countdown to launch: new ENISA web site is due in the following days

Mon, 04/11/2016 - 15:37

While a new ENISA web site is due for launch in the following days we are excited to announce some of the new features that are on the way. Coming soon on a URL near you:

  • New look and feel. A website that is interactive, responsive with a contemporary layout and a user friendly structure; optimised for use across multiple platforms.
  • New design. The Agency’s website has been redesigned to further improve ease of navigation, usability and user experience.
  • A dynamic architecture providing easy access to ENISA’s work programme, publications, careers, news, events and audio-visual material.
  • ENISA’s policy work on network and information security has been organised across a set of 16 re-aligned topics to reflect the way we work.

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

ENISA proposes PETs maturity assessment methodology

Fri, 04/01/2016 - 17:35

About the Report. ENISA has produced a report on maturity (i.e. quality and technology readiness) assessment of Privacy Enhancing Technologies (PETs). The report firstly, sketches a methodology for gathering expert opinions and measurable indicators as evidence for a two dimensional rating scale. Secondly, the report reviews two pilots to test the proposed scales and methodology.

The results of these pilots are presented in this study. In addition, a list of necessary steps towards a PET maturity repository is made available.

For Whom. This report is meant for Data Protection Authorities (DPAs), groups such as the Internet Privacy Engineering Network (IPEN), data controllers, data processors, developers of IT products, researchers, educators and their funding agencies, standardisation bodies, and policy makers.

What is next. In 2016 ENISA will further detail out this structured assessment process for PETs. ENISA will concentrate efforts on turning the methodology into a tool that supports a standardised step-by-step walk-through for the assessment of both readiness and quality of a PET.


Full report
available online

For technical information: Dr Stefan Schiffner, NIS Expert Stefan.Schiffner@enisa.europa.eu

For press and media enquiries please contact: press@enisa.europa.eu Tel +30 2814 409576

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

ENISA strategies for efficient incident response and coordination towards cyber threats

Fri, 04/01/2016 - 17:25
Working Group (WG2) 2 of the NIS Platform is tasked to address the sharing of cyber threat information and incident coordination in both the public and private segments of the EU. The aim of this document is to support and stimulate discussion between WG2 members on the topic of incident response and cyber crisis coordination.

This document introduces the basics of incident response on a high level. Key challenges are identified on the typical issues that slow incident response mechanisms, and proposes ways to address these challenges, and enhance incident handling cooperation while taking into consideration the overview of cyber threats and emerging trends.

Among its objectives of incident response is to identify the requirements and issue recommendations on sharing cyber threat information which are appropriate for incident management processes to prevent and best respond to cyber incidents. The work builds on previous work undertaken by ENISA in the field of CSIRT and CIIP.

For the full document: Strategies for incident response and cyber crisis cooperation

About NIS platform: The Network and Information Security (NIS) Platform was created in 2013 as part of the Cybersecurity Strategy of the European Union and aims to help EU stakeholders carry out appropriate risk management, establish good cyber security policies and processes and further adopt standards and solutions that will improve the ability to create safer market conditions for the EU. The expert work of the NIS Platform was divided into Working Groups (WGs), all dealing with a specific field of expertise in cyber security establishing three WGs: (1) WG1 on risk management; (2) WG2 on information exchange and incident coordination; (3) WG3 on secure ICT research and innovation. For more information on the NIS platform, please visit: https://resilience.enisa.europa.eu/nis-platform 

ENISA’s Cyber-Threat overview 2015

Increasing the resilience of Europe’s telecommunication infrastructures through Incident Reporting


For technical information
on the subject please contact

For press and media enquiries please contact press@enisa.europa.eu

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

ENISA proposes PETs maturity assessment methodology

Thu, 03/31/2016 - 15:04

About the Report. ENISA has produced a report on maturity (i.e. quality and technology readiness) assessment of Privacy Enhancing Technologies (PETs). The report firstly, sketches a methodology for gathering expert opinions and measurable indicators as evidence for a two dimensional rating scale. Secondly, the report reviews two pilots to test the proposed scales and methodology.

The results of these pilots are presented in this study. In addition, a list of necessary steps towards a PET maturity repository is made available.

For Whom. This report is meant for Data Protection Authorities (DPAs), groups such as the Internet Privacy Engineering Network (IPEN), data controllers, data processors, developers of IT products, researchers, educators and their funding agencies, standardisation bodies, and policy makers.

What is next. In 2016 ENISA will further detail out this structured assessment process for PETs. ENISA will concentrate efforts on turning the methodology into a tool that supports a standardised step-by-step walk-through for the assessment of both readiness and quality of a PET.


Full report
available online

For technical information: Dr Stefan Schiffner, NIS Expert Stefan.Schiffner@enisa.europa.eu

For press and media enquiries please contact: press@enisa.europa.eu Tel +30 2814 409576

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

ENISA strategies for efficient incident response and coordination towards cyber threats

Thu, 03/24/2016 - 16:43

Working Group (WG2) 2 of the NIS Platform is tasked to address the sharing of cyber threat information and incident coordination in both the public and private segments of the EU. The aim of this document is to support and stimulate discussion between WG2 members on the topic of incident response and cyber crisis coordination.

This document introduces the basics of incident response on a high level. Key challenges are identified on the typical issues that slow incident response mechanisms, and proposes ways to address these challenges, and enhance incident handling cooperation while taking into consideration the overview of cyber threats and emerging trends.

Among its objectives of incident response is to identify the requirements and issue recommendations on sharing cyber threat information which are appropriate for incident management processes to prevent and best respond to cyber incidents. The work builds on previous work undertaken by ENISA in the field of CSIRT and CIIP.

For the full document: Strategies for incident response and cyber crisis cooperation

About NIS platform: The Network and Information Security (NIS) Platform was created in 2013 as part of the Cybersecurity Strategy of the European Union and aims to help EU stakeholders carry out appropriate risk management, establish good cyber security policies and processes and further adopt standards and solutions that will improve the ability to create safer market conditions for the EU. The expert work of the NIS Platform was divided into Working Groups (WGs), all dealing with a specific field of expertise in cyber security establishing three WGs: (1) WG1 on risk management; (2) WG2 on information exchange and incident coordination; (3) WG3 on secure ICT research and innovation. For more information on the NIS platform, please visit: https://resilience.enisa.europa.eu/nis-platform 

ENISA’s Cyber-Threat overview 2015

Increasing the resilience of Europe’s telecommunication infrastructures through Incident Reporting


For technical information
on the subject please contact cert-relations@enisa.europa.eu

For press and media enquiries please contact press@enisa.europa.eu

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

 

Pages