cyber security in europe - faculteit rechtsgeleerdheid · steve purser head of core operations...

www.enisa.europa.eu

Cyber Security in Europe

Steve PurserHead of Core Operations Dept. - ENISA

www.enisa.europa.eu 2

Agenda

• About ENISA

• The ENISA Threat Landscape

• National Cyber Security Strategies

• Supporting the CERT Community

• Pan European Exercises

• Protecting EU Critical Information Infrastructure

2


Hands on

Policy ImplementationRecommendations

MobilisingCommunities

ENISA Activities


Agenda

• About ENISA






4


The ENISA Threat Landscape

• The ENISA Threat Landscape provides an overview of threats and current and emerging trends.

• It is based on publicly available data and provides an independent view on observed threats, threat agents and threat trends.

• Over 250 recent reports from a variety of resources have been analysed.


Developed

Overview


Agenda

• About ENISA






7


National Cyber Security Strategies in the EU

Source: http://www.enisa.europa.eu/activities/Resilience-and-CIIP/national-cyber-security-strategies-ncsss/national-cyber-security-strategies-in-the-world

19 EU MS have a strategy

http://www.enisa.europa.eu/activities/Resilience-and-CIIP/national-cyber-security-strategies-ncsss/national-cyber-security-strategies-in-the-world


High level goals


Long term impact


ENISA doctrine: NCSS Lifecycle

Design

Implement

Evaluate

Adjust2012 Good

practice

Guide

2014

Evaluation

framework

2012 Good

practice

Guide


Agenda

• About ENISA






12


CERT Community building


CERT Training material available

https://www.enisa.europa.eu/activities/cert/support/exercise

https://www.enisa.europa.eu/activities/cert/support/exercise


Agenda

• About ENISA






15


• Cyber Europe 2010– Europe’s first multinational cybersecurity exercise between

public sector agencies

• Joint EU-US Cybersecurity Exercise 2011 – First transatlantic cooperation exercise

– Table-top exercise - ‘what-if’ scenarios

• Cyber Europe 2012 – Large scale realistic cyber-crisis exercise

– Public and private sectors involved

• Cyber Europe 2014– In the strategic phase

• Joint EU-US Cybersecurity Exercise 2014/2015- In preparation phase

Cybersecurity Exercises Supported by ENISA


Agenda

• About ENISA






17


Methodologies for the Identification of Critical Information Infrastructure Assets and Services

Help MS to

• Develop methodologies for identification of CIIs assets and services

• Assess internal and external interdependencies

• Collaborate with all stakeholders

• Prepare to face future challenges


Critical Information Infrastructures Protection

• Energy: ICS SCADA and Smart Grids

• Finance Sector

• eHealth

• Smart Transport

• Maritime

• Telecommunications


Example: EU wide Security Breach Notifications

• Annual reports about large outages in EU’s telecoms

More information on http://www.enisa.europa.eu/activities/Resilience-and-CIIP/Incidents-reporting

http://www.enisa.europa.eu/activities/Resilience-and-CIIP/Incidents-reporting


2nd ENISA National Cyber Security Conference

13th of May in Riga

Save the date!!


Conclusions

• ENISA works together with operational communities to identify pragmatic solutions to current security issues.

• We issue concrete advice on how to improve system security and which implementations to favour.

• The solutions we propose are based on industry best practice and are therefore known to work.

• By working in this way, we put security to the service of EU industry and improve the competitiveness of our industries.

www.enisa.europa.euEuropean Union Agency for Network and Information Security

Follow ENISA:

Thank you for your attention

For more information visit: http://www.enisa.europa.eu

https://www.enisa.europa.eu/

cyber security in europe - faculteit rechtsgeleerdheid · steve purser head of core operations...

Documents