eu in action about cybersecurity
play

EU in action about cybersecurity NIS Directive 5G Cybersecurity - PowerPoint PPT Presentation

Jul 20, 2023 •40 likes •320 views

EU Cybersecurity European policy overview e-IRG e-IRG 4 December 2019 Brussels Anni Hellman, Senior Expert, Permanent Representation of Finland to the European Union Seconded for the Finnish Presidency from the Directorate General

  1. EU Cybersecurity European policy overview e-IRG e-IRG 4 December 2019 Brussels Anni Hellman, Senior Expert, Permanent Representation of Finland to the European Union Seconded for the Finnish Presidency from the Directorate General Communications Networks, Content and Technology (CONNECT) of EUROPEAN COMMISSION

  2. EU in action about cybersecurity NIS Directive 5G Cybersecurity Act GDPR Contractual ISACs PPP PPP ENISA CEF Cybersecurity Blueprint Certification International EU pilots cyber crisis

  3. Cybersecurity A strategic priority for the EU Continuous policy response to the evolving threat landscape:  2013 EU Cybersecurity Strategy: 'An Open, Safe and Secure Cyberspace'  2016 Communication on Strengthening Europe's Cyber Resilience System and Fostering a Competitive and Innovative Cybersecurity Industry  2017 Cybersecurity package  2018 Proposal for the European competence centre and network  2019 Cybersecurity Act entered into force Building EU Resilience to cyber attacks Building EU Resilience to cyber attacks Prevention & Response Prevention & Response Capacity Building Capacity Building Coordination Coordination ENISA operational Coordinated Enhanced national Single Market for support & response to large- capabilities & Risk Financial Support Industrial certified ICT Cooperation scale cybersecurity management from the EU capabilities products and between national incidents and crises requirements services CSIRTs & exercises Cybersecurity Act: 3 https://ec.europa.eu/digital-single-market/en/eu-cybersecurity-act

  4. NIS Directive

  5. NIS Directive: Main Features 5

  6. NIS implementation one year later Cooperation Group •11 Work Streams (15 •11 Work Streams (15 Work Programme tasks) Work Programme tasks) •12 Plenary meetings CSIRTs Network •10 Reference documents Full transposition •8 meetings (continuous delivered (on the exchange through common •5 Member States did not implementation of the facilities) submit information about Directive as well as wider Operators of Essential cybersecurity issues) •2 exercises testing Service identified Standard Operating •2 table-top exercise. One Procedures. already performed (on EU elections) and one which took take place in July (blueprint operational layer).

  7. EU Cybersecurity Act Towards a reformed EU Cybersecurity Agency and reinforcing the cybersecurity single market in the EU 7

  8. What's new with the new proposal? Focused Mandate Adequate Resources Adequate Resources Permanent Status Permanent Status

  9. Cybersecurity Certification A voluntary European cybersecurity certification framework…. …to enable the creation of tailored EU cybersecurity certification schemes for ICT products and schemes for ICT products and services… …that are valid across the EU

  10. The EU Cybersecurity Certification Framework The EU Cybersecurity Certification Framework Cybersecurity Certification Schemes  Security Objectives  Assurance levels: Basic, Substantial, High  Elements of a cybersecurity certification scheme include:  Scope - product/service or category(ies) thereof  references to the international, European or national standards and to technical specifications  one or more assurance levels  conditions for the mutual recognition of certification schemes with third countries;

  11. European Cybersecurity Certification Scheme (Basic, Substantial) European Cybersecurity Certification Scheme (Basic, Substantial) Elements of the Scheme (incl. prod category, assurance level) Product Evaluation Requirements By reference process International, Specifies to an EU EU, national Certification Standards/ Scheme tech specs Applies Assess conformity to National National Conformity Conformity Accredits Accredits Authorises & Notifies Authorises & Notifies National Cybersecurity Assessment Accreditation Certification Body Body Authority (Eval. Facility) 1. Evaluates (applies evaluation process to assess product's conformity with requirements) 2. Certifies conformity 4. Certificate is recognised in the EU Product EU Scheme Governance Member State Certification Procedure

  12. European Cybersecurity Certification Scheme (High) European Cybersecurity Certification Scheme (High) Elements of the Scheme (incl. prod category, assurance level) Product Evaluation Requirements By reference process International, Specifies to an EU EU, national Certification Standards/ Scheme tech specs Applies Assess conformity to National National Accredits Accredits National Cybersecurity Accreditation Certification Body Authority 1. Evaluates (applies evaluation process to assess product's conformity with requirements) 2. Certifies conformity 4. Certificate is recognised in the EU Product EU Scheme Governance Member State Certification Procedure

  13. Conformity self Conformity self- -assessment (AL Basic only) assessment (AL Basic only) Elements of the Scheme (incl. prod category, assurance level) Product Evaluation Requirements By reference process International, Specifies to an EU EU, national Certification Standards/ Scheme tech specs Applies Assess conformity to Manufacturer 1. Evaluates (applies evaluation process to assess product's conformity with requirements) 2. Attests conformity 4. Statement of Conformity is recognised in the EU Product EU Scheme Governance Member State Attestation Procedure

  14. The EU Cybersecurity Certification Framework The EU Cybersecurity Certification Framework The lifecycle of a European Cybersecurity Certification Scheme Stakeholder Cybersecurity Certification ENISA Group Ad hoc Working Advises Commission on strategic priorities Group for each and Union Rolling Work Programme on scheme Certification European ENISA European Union Rolling Commission ENISA Consults Industry, Commission Work Programme Requests ENISA to Prepares candidate Standardisation on Cybersecurity Adopts* Candidate prepare Candidate scheme Bodies, other Certification Scheme Scheme stakeholders European Cybersecurity Certification Group (MSs) Advises ENISA and may propose the preparation of a candidate scheme to ENISA

  15. Blueprint - coordinated response to large-scale response to large-scale cybersecurity incidents and crises Resilience through crisis management and rapid emergency response

  16. Blueprint - Response

  17. Definition: large-scale cybersecurity incidents and crises • incidents which cause disruption too extensive for a concerned Member State to handle on its own or which affect two or more Member States or EU institutions with such a wide-ranging and Member States or EU institutions with such a wide-ranging and significant impact of technical or political significance that they require timely policy coordination and response at Union political level

  18. Blueprint – Core objectives

  19. Blueprint – Cooperation at all levels Technical Incident handling during a cybersecurity crisis.  Monitoring and surveillance of incident including continuous analysis of threats  and risk. Operational Operational Preparing decision-making at the political level.  Coordinate the management of the cybersecurity crisis (as appropriate).  Assess the consequences and impact at EU level and propose possible mitigating  actions. Political / Strategic Strategic and political management of both cyber and non-cyber aspects of the  crisis including measures under the Framework for a Joint EU Diplomatic Response to Malicious Cyber Activities

  20. Blueprint – key mechanisms

  21. Commission Recommendation on Cybersecurity of 5G networks on Cybersecurity of 5G networks

  22. Commission Recommendation on Cybersecurity of 5G networks – 26.03.2019 A Union A Union approach to Action at national level ensure cybersecurity Action at Union level of 5G networks

  23. Actions – short term By 31 December , Member Sates to agree on a toolbox of mitigating measures. Toolbox By 1 October , MSs to agree on By 1 October , MSs to agree on EU risk assessment also based on ENISA’s 5G threat landscape . EU risk Assessment By 15 July to be sent to ENISA&EC By 30 June – MSs to complete National risk assessment National Risk Assessment By 30 April 2019 Cooperation Group workstream

  24. Next steps – medium/longer term 2019 Risk Assessment At entry into force of Cybersecurity Act, start work on relevant 5G cybersecurity schemes By 1 October 2020 , MS to assess whether further Certification action is needed Schemes Review Recommendation

  25. A cybersecurity competence network with a European Cybersecurity Research and Cybersecurity Research and Competence Centre Reinforcing EU's cybersecurity technologic capabilities and skills

  26. European Cybersecurity Industrial Technology and Research Competence Centre Centres Centre's Role: of expertise Centres Centres of Network coordination and support Network coordination and support of experti experti expertise expertise se Research programming and European implementation Cybersecurit y Research & Competence Centres Centres Centre of of Procurement expertise expertise Ensuring synergies between civilian and defence spheres Centres Centres of of expertise expertise 26

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity

U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity

U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity cybersecurity? William J. Perry Martin Casado Keith Coleman Dan Wendlandt MS&E 91SI Spring 2004 Stanford University U.S. National Cybersecurity

79 views • 7 slides
Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives:

Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives:

Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives: Define Cybersecurity & why its important Provide information about Dept. Homeland Security Cybersecurity Campaigns: National

328 views • 22 slides
Cybersecurity A presentation to the National Association of Black Accountants Cleveland

Cybersecurity A presentation to the National Association of Black Accountants Cleveland

Cybersecurity A presentation to the National Association of Black Accountants Cleveland Chapter Contents Cybersecurity and risk management 1 Cybersecurity and the regulatory 2 environment Cybersecurity and the audit 3 4 Appendix

685 views • 37 slides
KACo Cybersecurity Training KACo Cybersecurity Training Cybersecurity Threats Phishing

KACo Cybersecurity Training KACo Cybersecurity Training Cybersecurity Threats Phishing

7/17/2020 KACo Cybersecurity Training KACo Cybersecurity Training Cybersecurity Threats Phishing Attacks Malware/Ransomware Hacking Imposter Scams 1 7/17/2020 KACo Cybersecurity Training BEWARE OF Phishing Phishing attacks

248 views • 6 slides
Formal Methods and CyberSecurity James Davenport University of Bath Former Fulbright

Formal Methods and CyberSecurity James Davenport University of Bath Former Fulbright

Formal Methods and CyberSecurity James Davenport University of Bath Former Fulbright CyberSecurity Scholar 4 September 2018 James Davenport Formal Methods and CyberSecurity CyberSecurity CyberSecurity failures abound: tens daily in the

325 views • 18 slides
Formal Methods and CyberSecurity James Davenport University of Bath Former Fulbright

Formal Methods and CyberSecurity James Davenport University of Bath Former Fulbright

Formal Methods and CyberSecurity James Davenport University of Bath Former Fulbright CyberSecurity Scholar 4 September 2019 James Davenport Formal Methods and CyberSecurity CyberSecurity CyberSecurity failures abound: tens daily in the

212 views • 19 slides
ITU Mandate and Activities ITU Mandate and Activities Related to Cybersecurity Cybersecurity

ITU Mandate and Activities ITU Mandate and Activities Related to Cybersecurity Cybersecurity

ITU Mandate and Activities ITU Mandate and Activities Related to Cybersecurity Cybersecurity Related to Subregional Seminar on Cybersecurity for Information and Communication Networks 21 June 2005 Lima, Peru Christine Sund Christine Sund

921 views • 48 slides
Being Strategic about Cybersecurity Regional Cybersecurity Forum, 29-30 Nov 2016, Grand Hotel

Being Strategic about Cybersecurity Regional Cybersecurity Forum, 29-30 Nov 2016, Grand Hotel

Being Strategic about Cybersecurity Regional Cybersecurity Forum, 29-30 Nov 2016, Grand Hotel Sofia, Bulgaria Mr. Joaqun Castelln , Operational Director Spanish National Security Department Ms. Anita TIKOS , Desk Officer for International

197 views • 15 slides
Cybersecurity Today CYBERSECURITY IN TODAYS WORLD Cyberattacks in Wyoming Medical

Cybersecurity Today CYBERSECURITY IN TODAYS WORLD Cyberattacks in Wyoming Medical

Cybersecurity Today CYBERSECURITY IN TODAYS WORLD Cyberattacks in Wyoming Medical Facilities Local Government Schools Law Enforcement Media Outlets The threat and how to think about it Ransomware has rapidly emerged as the most

398 views • 15 slides
MAYASEVENs Hacking Diary Who are we? Nop Phoomthaisong MAYASEVEN Team Cybersecurity

MAYASEVENs Hacking Diary Who are we? Nop Phoomthaisong MAYASEVEN Team Cybersecurity

MAYASEVENs Hacking Diary Who are we? Nop Phoomthaisong MAYASEVEN Team Cybersecurity Consultants, The Cybersecurity Expert Guys Cybersecurity Researcher 2 Agenda 1. Account Takeover via Forgot Password Function 2. Amazon S3

2.36k views • 75 slides
INTRODUCTION Institute 12/10/2018 1 OBJECTIVES Current cybersecurity statistics and

INTRODUCTION Institute 12/10/2018 1 OBJECTIVES Current cybersecurity statistics and

Section 1 Dr. Bruce Burton California Cybersecurity INTRODUCTION Institute 12/10/2018 1 OBJECTIVES Current cybersecurity statistics and implications Learn from past attacks Understand the NIST Cybersecurity Framework (CSF) &

368 views • 33 slides
Cybersecurity and the AICPA Cybersecurity Attestation Project Chris Halterman Executive

Cybersecurity and the AICPA Cybersecurity Attestation Project Chris Halterman Executive

Cybersecurity and the AICPA Cybersecurity Attestation Project Chris Halterman Executive Director EY Chair AICPA Trust Information Integrity Task Force Agenda Item 8-D IAASB Meeting, September 21-25, 2015 New York, USA Page 1 Increasing

444 views • 17 slides
CYBERSECURITY Situational awareness Franois Thill, Director Cybersecurity, Ministry of the

CYBERSECURITY Situational awareness Franois Thill, Director Cybersecurity, Ministry of the

CYBERSECURITY Situational awareness Franois Thill, Director Cybersecurity, Ministry of the economy Agenda The actual situation Strategy of the ministry Risk management a common language Some good practice examples 2 The

427 views • 21 slides
Internet and CyberSecurity 101 U.S. National Cybersecurity, 10/5/06 presented by: Martin Casado

Internet and CyberSecurity 101 U.S. National Cybersecurity, 10/5/06 presented by: Martin Casado

Internet and CyberSecurity 101 U.S. National Cybersecurity, 10/5/06 presented by: Martin Casado Network vs. Internet a network is a system of computers that talk over some communication medium: phone line (analogue modem, DSL), cable,

957 views • 47 slides
CYBERSECURITY @ STEVENS CYBERSECURITY@STEVENS THE WORLD IS A DANGEROUS AND COSTLY PLACE

CYBERSECURITY @ STEVENS CYBERSECURITY@STEVENS THE WORLD IS A DANGEROUS AND COSTLY PLACE

GIUSEPPE ATENIESE FARBER CHAIR AND CS DEPT CHAIR CYBERSECURITY @ STEVENS CYBERSECURITY@STEVENS THE WORLD IS A DANGEROUS AND COSTLY PLACE According to insurance company Lloyds, cyberattacks cost businesses $400 billion a year A

123 views • 9 slides
Managing Cybersecurity & Safety Risk CTO, Industrial Cybersecurity CRO, TV Rheinland 2mc

Managing Cybersecurity & Safety Risk CTO, Industrial Cybersecurity CRO, TV Rheinland 2mc

Nigel Stanley MSc CEng FIET MIEEE Anthony Dickinson BSc MBA Managing Cybersecurity & Safety Risk CTO, Industrial Cybersecurity CRO, TV Rheinland 2mc In the Aluminium Industry nigel.stanley@us.tuv.com adickinson@2mc.co Building Cyber

405 views • 12 slides
Click to add +tle EU policy horizon considerations Click to add subtitle Jeremy Rollison

Click to add +tle EU policy horizon considerations Click to add subtitle Jeremy Rollison

Session 19: Data overload? Data protection - GDPR and beyond Click to add +tle EU policy horizon considerations Click to add subtitle Jeremy Rollison Director, EU Government Affairs Microsoft CELA Our technology and policies evolve

232 views • 9 slides
SUMMARY OF FINANCIAL RESULTS F O R T H E P E R I O D 2 0 1 7 DISCLAIMER This document has

SUMMARY OF FINANCIAL RESULTS F O R T H E P E R I O D 2 0 1 7 DISCLAIMER This document has

SUMMARY OF FINANCIAL RESULTS F O R T H E P E R I O D 2 0 1 7 DISCLAIMER This document has been prepared by Harel Insurance Investments and Financial Services Ltd. (hereinafter: the Company) solely for the purpose of presenting the Company's

303 views • 17 slides
Risk assessment and environmental monitoring in port areas - general overview - Rodrigo

Risk assessment and environmental monitoring in port areas - general overview - Rodrigo

Risk assessment and environmental monitoring in port areas - general overview - Rodrigo Fernandes 1 The environmental problem 2 The environmental problem Ballast water exchange: new populations of non-indigenous species (NIS) can

732 views • 46 slides
In Inves vestor tor Pr Presentati esentation on June Ju e 2015 1 Forwar Fo

In Inves vestor tor Pr Presentati esentation on June Ju e 2015 1 Forwar Fo

Adg dgar ar In Inve vest stmen ents ts an and Dev d Devel elopmen opment In Inves vestor tor Pr Presentati esentation on June Ju e 2015 1 Forwar Fo rward-Looking Looking Info nformation rmation The information

430 views • 32 slides
Santa Barbara City College Chemical Engineering Mentor: Lindsay Smith

Santa Barbara City College Chemical Engineering Mentor: Lindsay Smith

Developing Methods for Regioselective Iodination of Heterocycles in Mild Conditions Christopher Bilham Santa Barbara City College Chemical Engineering Mentor: Lindsay Smith Faculty Advisor:

300 views • 19 slides
THE EU NIS DIRECTIVE Jim Reid, RTFM llp jim@rfc1035.com OH DEAR - ANOTHER ONE! What is NIS?

THE EU NIS DIRECTIVE Jim Reid, RTFM llp jim@rfc1035.com OH DEAR - ANOTHER ONE! What is NIS?

THE EU NIS DIRECTIVE Jim Reid, RTFM llp jim@rfc1035.com OH DEAR - ANOTHER ONE! What is NIS? Why? What does NIS mean? Whos affected and how? DIRECTIVE ON SECURITY OF NETWORK AND INFORMATION SYSTEMS EU Directive 2016/1148

457 views • 14 slides
Comissioning NIS Commissioning Facilitators Meeting Tuesday 13 September 2016 Meeting agenda

Comissioning NIS Commissioning Facilitators Meeting Tuesday 13 September 2016 Meeting agenda

Comissioning NIS Commissioning Facilitators Meeting Tuesday 13 September 2016 Meeting agenda Agenda item Lead Chairs welcome, introductions and aim of the meeting Shah Overview of the Acute Transformation programme & the Cheryl purpose

236 views • 10 slides
Strengthening Co-operation between European Research Area and NIS FUNDED BY THE EUROPEAN

Strengthening Co-operation between European Research Area and NIS FUNDED BY THE EUROPEAN

Strengthening Co-operation between European Research Area and NIS FUNDED BY THE EUROPEAN COMMISSION DIRECTORATE GENERAL FOR RESEARCH 6TH FRAMEWORK PROGRAMME INTERNATIONAL COOPERATION Overview SSA Specific Support Action Start date of

246 views • 11 slides

More recommend