ENISA EUROPEAN NIS AGENDA AND THE PERSPECTIVE Prof. Dr. Reinhard Posch Chairperson ENISA Management Board THE GENERAL GOAL The general goal of ENISA and of any subsequent situation is to strengthen Euorpe with NIS and to enable NIS competitiveness for all Member States. The goal is to be reached by enhancing the NIS agenda within the Member States with the help of ENISA and by providing a European NIS HUB. The general goal has not changed with the experience gathered in the first phase, the need is highly recognized and any continuation must focus in an even better t h ith th l l
THE WP PROCESS JAN FEB MAR APR MAY JUN Guidance and orientations for the refinement phase MB meeting PSG meeting Preliminary Draft WP08 PSG meeting Collection of proposals for multi-annual thematic programmes (Agency, MB & PSG) Informal MB/PSG Collection of work Workshop to Package proposals • Discuss (Agency, MB & PSG) • Prioritise 3 MTP1: Resilience Collectively evaluate and improve resilience in European e-Communication networks Stock taking Develop Promotion • Regulation Gap analysis • Best practices • Best practices • Market/operators • Recommendations • Recommendations • Technology By 2010, the Commission and at least 50% of the Member States have made use of ENISA recommendations in their policy making process
MTP2: Cooperation models Achieving synergy and efficiency by learning from each other Aware- ness CERTs eID Raising European NIS good practice Brokerage By 2010, at least 10 Member States have participated in at least 3 different cooperation models Cooperation The ENISA team The PSG members at your service are willing to share Member States working together Online Platform Existing supporting tools as supporting tool 6
MTP3: Emerging risks Creating trust and confidence with decision makers through better insight on emerging risks Capacity to identify Emerging Risks Stakeholder Position papers Forum By 2010, at least 30 stakeholder (organisations) from at least 15 Member States refer to ENISA as point of reference 7 emerging risks PA1: Micro enterprises Investigate the feasibility for developing an MTP on micro enterprises Ad-hoc Working Group Pilots
WP OVERVIEW MTPs WPKs Supporting high-level strategic goals Building Internal MS co- Stakeh. Request (2008 – 2010) (2008) confid. Market - operation Dialogue regulation MTP1: Improving resilience of • Legal analysis √ √ √ √ European e-Communication • Market analysis (operators) networks • Technology analysis MTP2: Developing and • Awareness raising community √ √ √ maintaining cooperation models • CERT competence circle • eID interoperability • European NIS good practice Brokerage MTP3: Identifying emerging risks • Assessing and discussing √ √ √ for creating trust and confidence emerging risks • Position papers PA (2008) WPKs (2008) Supporting high-level strategic goals Building Internal MS co- Stakeh. Request confid. Market - operation Dialogue regulation PA1: Building information • ad-hoc Working Group √ √ √ √ confidence with micro enterprises • Risk management pilots WHERE STANDS ENISA ENISA despite facing always the challenge of being temporarily installed was swiftly put into operation. ENISA also steadily improved its work program. Still the evaluation did show justified critisism both on the framework and the implementation. All voices exhibited a paralellism of incremental and short term changes and some general mid and long term adjustments. THROUGH THESE SUGGESTIONS A NEED FOR CONTINUITY NOT FOR A STOP AND RETRY IS HIGHLY EMPHASISZED
THE RECOMMENDATIONS o Extension o Revision of regulation (less detailed!) o Increase size o Improve governance (MB) o High-profile figure o Location The order of the recommendations have a clear voice which was heard by the Commission yielding to the „extention à l‘identique“. Any other approach would damage the image, the expertise and the investment with respect to ENISA THE 2007 PROPOSAL 2008 2009 2010 2011 20.12.2007 1.1.2010 1.10.2009 15.3.2011 13.11.2007 FALL 2008 13.11.2007 Commission Decision: Regulation establishing the European Electronic Communications Market Authority EECMA 20.12.2007 Commission Decision: Extension of the present ENISA regulation „à l’identique“ until 2011 (7 years)
REASONING • ENISA: the policy was valid. • ENISA: the organisational structure and impact can be improved. • ENISA: the mix of skills, the percentage of administrative overhead and the size needs adjustment. • The regulation established ENISA for 5 years (Art 27) with a review clause (Art 25). THE STATE OF THE PLAY • The 2007 proposal by the Commission was not taken up as is by Member States (Council) and Parliament • A compromise was found that is likely to succeed and that that is now in the avenue of positive decision. • TO EXTNED ENISA AS IS UNTIL 2012 (i.e. 3YRS) • TO START AN INTENSIVE DISCUSSION ON THE HOW THE FUTURE SHOULD LOOK LIKE.
SOME LIKELY ASPECTS • It is largely undoubted that there should be a continuation • there seems to be quite a consensus that the integration with the regulators should not happen • it seems very necessary that NIS skills need a clear improvement • the PSG model is well accepted • the discussion will focus on the scope and on the size but also governance will be at stake OPPORTUNITIES ENISA AGENDA FUTURE NIS AGENDA FOCUS ON THE FUTURE: STRENGTH AND OPPORTUN
OPPORTUNITIES • Observe expected common areas between now and the future – strengthen activities in the common area – look for flexible interpretation of regulations • Further create competence – future oriented staff policy • Focus on targets and impact – advice – research – best practice • Enhance cooperation and work relation – with national competent bodies and all stakeholders OPPORTUNITIES (POSSIBLE ACTIVITIES) ASPECTS TOUCHING ECRYPT • more intensive link up with academia and research • develop maintain crypto capacity – this needs backup by the Member States and the Commission • observing - advising – monitoring the algorithms scenario – could also be beneficial for eSignature interoperability – a clear guidance by the Member States and the Commission would be needed • best practice pool for crypto applications
THE TRANSIT PERIOD THE TRANSIT PERIOD UNTIL 15.3.2012 WILL BE A MAJOR CHALLENGE. VISIBILITY, IMPACT AND SUCCESS HAS TO INCREASE TO BETTER POSITION THE AGENCY AND TO BOOST THE NEW SETUP.
Recommend
More recommend
