Achieving Global Cyber Security Through Collaboration IIEA Cybersecurity Conference...European Union...
Transcript of Achieving Global Cyber Security Through Collaboration IIEA Cybersecurity Conference...European Union...
European Union Agency for Network and Information Security www.enisa.europa.eu
Achieving Global Cyber Security Through Collaboration
Steve Purser Head of Core Operations Department November 2013
European Union Agency for Network and Information Security www.enisa.europa.eu 2
Agenda
• About ENISA
• The EU Cyber Security Strategy • Protec7ng Cri7cal Informa7on Infrastructure • Input to EU & MS Cyber Security Strategies
• Assis7ng Opera7onal Communi7es • Security & Data Breach No7fica7on
2
European Union Agency for Network and Information Security www.enisa.europa.eu 3
ENISA
• The European Network & Informa7on Security Agency (ENISA) was formed in 2004.
• The Agency is a Centre of Exper7se that supports the Commission and the EU Member States in the area of informa7on security.
• We facilitate the exchange of informa7on between EU ins7tu7ons, the public sector and the private sector.
European Union Agency for Network and Information Security www.enisa.europa.eu 4
Ac-vi-es
• The Agency’s principal ac7vi7es are as follows: • Advising and assis7ng the Commission
and the Member States on informa7on security.
• Collec7ng and analysing data on security prac7ces in Europe and emerging risks.
• Promo7ng risk assessment and risk management methods.
• Awareness-‐raising and co-‐opera7on between different actors in the informa7on security field.
European Union Agency for Network and Information Security www.enisa.europa.eu 5
Agenda
• About ENISA
• The EU Cyber Security Strategy • Protec7ng Cri7cal Informa7on Infrastructure • Input to EU & MS Cyber Security Strategies
• Assis7ng Opera7onal Communi7es • Security & Data Breach No7fica7on
5
European Union Agency for Network and Information Security www.enisa.europa.eu 6
EU Cyber Security Strategy
• The Five strategic objec7ves of the strategy: • Achieving cyber resilience
• Dras7cally reducing cybercrime
• Developing cyberdefence policy and capabili7es related to the Common Security and Defence Policy (CSDP)
• Developing the industrial and technological resources for cybersecurity
• Establishing a coherent interna7onal cyberspace policy for the European Union and promote core EU values.
ENISA explicitly called upon.
European Union Agency for Network and Information Security www.enisa.europa.eu 7
EU Cybersecurity Strategy
• The Commission asks ENISA to: • Assist the Member States in developing strong na7onal cyber
resilience capabili7es.
• Examine in 2013 the feasibility of Computer Security Incident Response Team(s) for Industrial Control Systems (ICS-‐CSIRTs) for the EU.
• Con7nue suppor7ng the Member States and the EU ins7tu7ons in carrying out regular pan-‐European cyber incident exercises.
• Propose in 2013 a roadmap for a "Network and Informa7on Security driving licence".
• Support a cybersecurity championship in 2014, where university students will compete in proposing NIS solu7ons.
European Union Agency for Network and Information Security www.enisa.europa.eu 8
EU Cybersecurity Strategy
• The Commission asks ENISA to: • Support the organisa7on of a yearly cybersecurity month. • Develop, in coopera7on with relevant stakeholders,
technical guidelines and recommenda7ons for the adop7on of NIS standards and good prac7ces in the public and private sectors.
• Collaborate with Europol to iden7fy emerging trends and needs in view of evolving cybercrime and cybersecurity pa[erns so as to develop adequate digital forensic tools and technologies.
European Union Agency for Network and Information Security www.enisa.europa.eu 9
Agenda
• About ENISA
• The EU Cyber Security Strategy • Protec7ng Cri7cal Informa7on Infrastructure • Input to EU & MS Cyber Security Strategies
• Assis7ng Opera7onal Communi7es • Security & Data Breach No7fica7on
9
European Union Agency for Network and Information Security www.enisa.europa.eu 10
The ENISA Threat Landscape
• The ENISA Threat Landscape provides an overview of threats and current and emerging trends.
• It is based on publicly available data and provides an independent view on observed threats, threat agents and threat trends.
• Over 120 recent reports from a variety of resources have been analysed.
European Union Agency for Network and Information Security www.enisa.europa.eu 11
Developed overview
European Union Agency for Network and Information Security www.enisa.europa.eu 12
Cyber Exercises
• Cyber Europe 2010. • Europe’s first ever interna7onal cyber security
exercise
• EU-‐US exercise, 2011. • Also a first : work with COM & MS to build
transatlan7c coopera7on
• Cyber Europe 2012. • Developed from 2010 & 2011 exercises.
• Involves MS, private sector and EU ins7tu7ons. • Highly realis7c exercise, Oct 2012
European Union Agency for Network and Information Security www.enisa.europa.eu 13
Securing New Technologies
European Union Agency for Network and Information Security www.enisa.europa.eu 14
Agenda
• About ENISA
• The EU Cyber Security Strategy • Protec7ng Cri7cal Informa7on Infrastructure • Input to EU & MS Cyber Security Strategies
• Assis7ng Opera7onal Communi7es • Security & Data Breach No7fica7on
14
European Union Agency for Network and Information Security www.enisa.europa.eu 15
Member States with NCSS Austria Czech Republic Estonia Finland France Germany
Hungary Lithuania Luxemburg Netherlands Poland Romania
Slovakia United Kingdom
European Union Agency for Network and Information Security www.enisa.europa.eu 16
• ENISA deliverable of 2012
• Describes: • Known good prac7ces, standards and policies
• The elements of a good Cyber Security Strategy
• Ins7tu7ons and roles iden7fied in a Strategy • Par7es involved in the development lifecycle
• Challenges in developing and maintaining a Strategy
Good Prac-ce Guide
16
European Union Agency for Network and Information Security www.enisa.europa.eu 17
Agenda
• About ENISA
• The EU Cyber Security Strategy • Protec7ng Cri7cal Informa7on Infrastructure • Input to EU & MS Cyber Security Strategies
• Assis7ng Opera7onal Communi7es • Security & Data Breach No7fica7on
17
European Union Agency for Network and Information Security www.enisa.europa.eu 18
Suppor-ng Opera-onal Communi-es -‐ Overview
18
European Union Agency for Network and Information Security www.enisa.europa.eu 19
Na-onal/governmental CERTs the situa-on has changed…
in 2005 in 2013
ESTABLISHED IN 2005: Finland France Germany Hungary The Netherlands Norway Sweden UK
Baseline capabilities of n/g CERTs • Initially defined in 2009 (operational aspects) • In 2010 Policy recommendations drafted • In 2012 ENISA continues to work on a harmonisation together with MS • Status Report 2012 • National/governmental CERT capabilities – updated recommendations 2012
European Union Agency for Network and Information Security www.enisa.europa.eu 20
CERT Exercises and training material
• ENISA CERT training/exercise material, used since 2009, was extended to host 23 different topics and training exercises including: • Technical aspects
• Organisa7onal aspects
• Opera7onal aspects
• Addi7onally a Roadmap was created to answer the ques7on ‘How could ENISA provide more proac7ve and efficient CERT training?
European Union Agency for Network and Information Security www.enisa.europa.eu 21
• Main goals: • Define key concepts
• Describe the technical and legal/regulatory aspects of the fight against cybercrime
• Compile an inventory of opera7onal, legal/regulatory and procedural barriers and challenges and possible ways to overcome these challenges
• Collect exis7ng good and best prac7ces
• Develop recommenda7ons
• Focus on CERT-‐LEA coopera7on
Fostering CERT-‐LEA Collabora-on
21
European Union Agency for Network and Information Security www.enisa.europa.eu 22
Agenda
• About ENISA
• The EU Cyber Security Strategy • Protec7ng Cri7cal Informa7on Infrastructure • Input to EU & MS Cyber Security Strategies
• Assis7ng Opera7onal Communi7es • Security & Data Breach No7fica7on
22
European Union Agency for Network and Information Security www.enisa.europa.eu 23
Security & Data Breach No-fica-on
• Suppor7ng MS in implemen7ng Ar7cle 13a of the Telecommunica7ons Framework Direc7ve • Supported NRA’s in implemen7ng the provisions under ar7cle 13a • Developed and implemented the process for collec7ng annual na7onal
reports of security breaches
• Developed minimum security requirements and propose associated metrics and thresholds
• Suppor7ng COM and MS in defining technical implementa7on measures for Ar7cle 4 of the ePrivacy Direc7ve. • Recommenda7ons for the implementa7on of Ar7cle 4.
• Collabora7on with Art.29 TS in producing a severity methodology for the assessment of breaches by DPAs
23
European Union Agency for Network and Information Security www.enisa.europa.eu 24
• 51 incidents from 11 countries, 9 countries without significant incidents, 9 countries with incomplete implementa7on
• Most incidents • Affect mobile comms (60%)
• Are caused by • hardware/sokware failures (47%) • third party failures (33%), • natural disasters (12%)
• Many involve power cuts (20%)
• Natural disasters (storm, floods, et cetera) • oken cause power cuts, which cause outages
Ar-cle 13a -‐ Incidents 2011
European Union Agency for Network and Information Security www.enisa.europa.eu 25
• 79 incidents from 18 countries, 9 countries without significant incidents, 1 country with incomplete implementa7on
• Most incidents • Are caused by
• System failures (76%) , third party failures (13%), Malicious ac7ons (8%)
• natural disasters (6%)
Ar-cle 13a -‐ Incidents 2012
www.enisa.europa.eu
Follow ENISA:
European Union Agency for Network and Information Security
Ques-ons?