achieving global cyber security through collaboration iiea cybersecurity conference...european union...

European Union Agency for Network and Information Security www.enisa.europa.eu

Achieving Global Cyber Security Through Collaboration

Steve Purser Head of Core Operations Department November 2013

European Union Agency for Network and Information Security www.enisa.europa.eu 2

Agenda

• About ENISA

• The EU Cyber Security Strategy • Protec7ng Cri7cal Informa7on Infrastructure • Input to EU & MS Cyber Security Strategies

• Assis7ng Opera7onal Communi7es • Security & Data Breach No7fica7on

2


ENISA

• The European Network & Informa7on Security Agency (ENISA) was formed in 2004.

• The Agency is a Centre of Exper7se that supports the Commission and the EU Member States in the area of informa7on security.

• We facilitate the exchange of informa7on between EU ins7tu7ons, the public sector and the private sector.


Ac-vi-es

• The Agency’s principal ac7vi7es are as follows: • Advising and assis7ng the Commission

and the Member States on informa7on security.

• Collec7ng and analysing data on security prac7ces in Europe and emerging risks.

• Promo7ng risk assessment and risk management methods.

• Awareness-‐raising and co-‐opera7on between different actors in the informa7on security field.


Agenda

• About ENISA



5


EU Cyber Security Strategy

• The Five strategic objec7ves of the strategy: • Achieving cyber resilience

• Dras7cally reducing cybercrime

• Developing cyberdefence policy and capabili7es related to the Common Security and Defence Policy (CSDP)

• Developing the industrial and technological resources for cybersecurity

• Establishing a coherent interna7onal cyberspace policy for the European Union and promote core EU values.

ENISA explicitly called upon.


EU Cybersecurity Strategy

• The Commission asks ENISA to: • Assist the Member States in developing strong na7onal cyber

resilience capabili7es.

• Examine in 2013 the feasibility of Computer Security Incident Response Team(s) for Industrial Control Systems (ICS-‐CSIRTs) for the EU.

• Con7nue suppor7ng the Member States and the EU ins7tu7ons in carrying out regular pan-‐European cyber incident exercises.

• Propose in 2013 a roadmap for a "Network and Informa7on Security driving licence".

• Support a cybersecurity championship in 2014, where university students will compete in proposing NIS solu7ons.


EU Cybersecurity Strategy

• The Commission asks ENISA to: • Support the organisa7on of a yearly cybersecurity month. • Develop, in coopera7on with relevant stakeholders,

technical guidelines and recommenda7ons for the adop7on of NIS standards and good prac7ces in the public and private sectors.

• Collaborate with Europol to iden7fy emerging trends and needs in view of evolving cybercrime and cybersecurity pa[erns so as to develop adequate digital forensic tools and technologies.


Agenda

• About ENISA



9


The ENISA Threat Landscape

• The ENISA Threat Landscape provides an overview of threats and current and emerging trends.

• It is based on publicly available data and provides an independent view on observed threats, threat agents and threat trends.

• Over 120 recent reports from a variety of resources have been analysed.


Developed overview


Cyber Exercises

• Cyber Europe 2010. • Europe’s first ever interna7onal cyber security

exercise

• EU-‐US exercise, 2011. • Also a first : work with COM & MS to build

transatlan7c coopera7on

• Cyber Europe 2012. • Developed from 2010 & 2011 exercises.

• Involves MS, private sector and EU ins7tu7ons. • Highly realis7c exercise, Oct 2012


Securing New Technologies


Agenda

• About ENISA



14


Member States with NCSS Austria Czech Republic Estonia Finland France Germany

Hungary Lithuania Luxemburg Netherlands Poland Romania

Slovakia United Kingdom


• ENISA deliverable of 2012

• Describes: • Known good prac7ces, standards and policies

• The elements of a good Cyber Security Strategy

• Ins7tu7ons and roles iden7fied in a Strategy • Par7es involved in the development lifecycle

• Challenges in developing and maintaining a Strategy

Good Prac-ce Guide

16


Agenda

• About ENISA



17


Suppor-ng Opera-onal Communi-es -‐ Overview

18


Na-onal/governmental CERTs the situa-on has changed…

in 2005 in 2013

ESTABLISHED IN 2005: Finland France Germany Hungary The Netherlands Norway Sweden UK

Baseline capabilities of n/g CERTs • Initially defined in 2009 (operational aspects) • In 2010 Policy recommendations drafted • In 2012 ENISA continues to work on a harmonisation together with MS • Status Report 2012 • National/governmental CERT capabilities – updated recommendations 2012


CERT Exercises and training material

• ENISA CERT training/exercise material, used since 2009, was extended to host 23 different topics and training exercises including: • Technical aspects

• Organisa7onal aspects

• Opera7onal aspects

• Addi7onally a Roadmap was created to answer the ques7on ‘How could ENISA provide more proac7ve and efficient CERT training?


• Main goals: • Define key concepts

• Describe the technical and legal/regulatory aspects of the fight against cybercrime

• Compile an inventory of opera7onal, legal/regulatory and procedural barriers and challenges and possible ways to overcome these challenges

• Collect exis7ng good and best prac7ces

• Develop recommenda7ons

• Focus on CERT-‐LEA coopera7on

Fostering CERT-‐LEA Collabora-on

21


Agenda

• About ENISA



22


Security & Data Breach No-fica-on

• Suppor7ng MS in implemen7ng Ar7cle 13a of the Telecommunica7ons Framework Direc7ve • Supported NRA’s in implemen7ng the provisions under ar7cle 13a • Developed and implemented the process for collec7ng annual na7onal

reports of security breaches

• Developed minimum security requirements and propose associated metrics and thresholds

• Suppor7ng COM and MS in defining technical implementa7on measures for Ar7cle 4 of the ePrivacy Direc7ve. • Recommenda7ons for the implementa7on of Ar7cle 4.

• Collabora7on with Art.29 TS in producing a severity methodology for the assessment of breaches by DPAs

23


• 51 incidents from 11 countries, 9 countries without significant incidents, 9 countries with incomplete implementa7on

• Most incidents • Affect mobile comms (60%)

• Are caused by • hardware/sokware failures (47%) • third party failures (33%), • natural disasters (12%)

• Many involve power cuts (20%)

• Natural disasters (storm, floods, et cetera) • oken cause power cuts, which cause outages

Ar-cle 13a -‐ Incidents 2011


• 79 incidents from 18 countries, 9 countries without significant incidents, 1 country with incomplete implementa7on

• Most incidents • Are caused by

• System failures (76%) , third party failures (13%), Malicious ac7ons (8%)

• natural disasters (6%)

Ar-cle 13a -‐ Incidents 2012

www.enisa.europa.eu

Follow ENISA:

European Union Agency for Network and Information Security

Ques-ons?

achieving global cyber security through collaboration iiea cybersecurity conference...european union...

Documents