pane l session on cyber security standardisation
play

Pane l session on Cyber Security Standardisation - PDF document

Feb 21, 2023 •149 likes •214 views

09/04/2014 Pane l session on Cyber Security Standardisation Demosthenes.Ikonomou@enisa.europa.eu ENISA Vienna, April 7, 2014 (13.45 - 15:45) European Union Agency for Network and Information Security

  1. 09/04/2014 Pane l session on ‘ Cyber Security Standardisation ’ Demosthenes.Ikonomou@enisa.europa.eu ENISA Vienna, April 7, 2014 (13.45 - 15:45) European Union Agency for Network and Information Security www.enisa.europa.eu 1 ENISA and International Standardisation Organisations (ISO) • Part of ENISA’s mandate (Article 3.g) – To ‘track the development of standards’ ; • Part of the EC Cyber Security Strategy: – To ‘Develop , in cooperation with relevant national competent authorities, relevant stakeholders, International and European standardisation bodies and the European Commission Joint Research Centre, technical guidelines and recommendations for the adoption of NIS standards and good practices in the public and private sectors.’ . European Union Agency for Network and Information Security www.enisa.europa.eu 2 1

  2. 09/04/2014 ENISA and ISO – so far • Established collaboration agreements with: – ISO SC27 – ETSI (MoU) – CEN CENELEC (MoU); • ENISA aligns key activities with the work of ISO – ETSI TISPAN on CIIP – ETSI LI on DRD – CEN CENELEC on smart grids; – ETSI on Cloud certification; – ISO SC 27 in the area of privacy; • Also a member of the ETSI CEN-CENELEC Cyber Security Coordination Group; European Union Agency for Network and Information Security www.enisa.europa.eu 3 ETSI, CEN, CENELEC Cyber Security Coordination Group (CSCG) • Co-ordination Group of the three European Standards Organizations (ESOs) CEN, CENELEC and ETSI – Since December 2011 • Experts from ESOs of 14 EU MS • Together with European Institutions (ENISA, EC/JRC) • Chaired by Dr. Christian Ehler, German MEP • Supported/Secretariat by DIN, Germany European Union Agency for Network and Information Security www.enisa.europa.eu 4 2

  3. 09/04/2014 CSCG Terms of Reference (ToR) • To act as contact point for all questions of EU institutions relating to standardization of cyber security • To provide strategic advice on Cyber Security to ESOs – Analyze and provide joint guidance on Cyber Security Standards – develop a gap analysis of European and International Standards on cyber security – define of joint European requirements for European and International Standards on cyber security • establish a European roadmap on standardization of cyber security • Co-ordinate Standards with others (including NIST and USA) European Union Agency for Network and Information Security www.enisa.europa.eu 5 CSCG deliverables • Security white paper – Recommendations for a Strategy on European Cyber Security Standardisation – Started in December 2012 – Approved by ESOs (Q4/2013) • Provides input to European Commission activities, includes ESOs proposed roles • Mentions proposed method of working, activities European Union Agency for Network and Information Security www.enisa.europa.eu 6 3

  4. 09/04/2014 CSCG White Paper (1 of 2) • Propose the creation of a governance framework for the coordination of Cyber Security standardisation • launch an initiative to re-establish the trust • European Public Key Infrastructure and strong cryptographic capabilities • establish a clear and common understanding of the scope of Cyber Security European Union Agency for Network and Information Security www.enisa.europa.eu 7 CSCG White Paper (2 of 2) • high-level European Cyber Security Label • extend existing European Cyber Security requirements and evaluation frameworks • create a high-level interface between the CSCG and the European research community • launch a targeted global initiative to promote standards appropriate to European requirements • Next steps? – Industry involvement. European Union Agency for Network and Information Security www.enisa.europa.eu 8 4

  5. 09/04/2014 Challenges (from an EU perspective)… • Need establishing a small number of key initiatives at EU level (‘Airbus’ -like projects) – Multi-disciplinary projects with industrial participation; – Necessary contributions by DPAs, apps developers; – H2020; • Improve coordination between EU funded R&D and ISO; • Possible ‘vehicles’ for such a coordination – ETSI CEN CENELEC CSCG; – H2020 (industrial platforms); European Union Agency for Network and Information Security www.enisa.europa.eu 9 Open questions… • Are current initiatives adequate to address the issues? – If not, what other is needed? • How to transpose the high level objectives of the CSCG and relevant policy documents (e.g. NIS CSS) into projects and to the market (regulatory initiatives)? • Industrial involvement?? – Research (e.g. H2020), regulation, etc.? – Are standardisation mandates the best (or an appropriate tool)? • Are current practices sufficient/working? – If not, what needs to be done differently? • Is there a role for the public sector (e.g. procurement, certification, etc.)? European Union Agency for Network and Information Security www.enisa.europa.eu 10 5

  6. 09/04/2014 Panel Session • Prof. Reinhard Posch, Head of the Institute für Angewandte Informationsverarbeitung und Kommunikationstechnologie (federal CIO for the Austrian government ); • Prof. Bart Preneel, Katholieke Universiteit Leuven. • Ilias Chantzos , Symantec, Senior Director, Government Affairs EMEA, Global CIP and Privacy Advisor European Union Agency for Network and Information Security www.enisa.europa.eu 11 6

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework

Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework

Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework Reporting Objectives Executive Summary Information Assess Current Cyber Security Posture Measure Progress Toward Improvement Assess

634 views • 5 slides
Cyber Security in Mining Automation Ragnar Schierholz, Head of Cyber Security, Industrial

Cyber Security in Mining Automation Ragnar Schierholz, Head of Cyber Security, Industrial

ABB MINING USER CONFERENCE, MAY 02-05, 2017 Cyber Security in Mining Automation Ragnar Schierholz, Head of Cyber Security, Industrial Automation Division Agenda Why worry about cyber security? ABBs approach to cyber security Cyber security

1.07k views • 39 slides
Web Security Cyber Security Lab Spring '10 04/15/10 Cyber Security Lab 1 Outline Web

Web Security Cyber Security Lab Spring '10 04/15/10 Cyber Security Lab 1 Outline Web

Web Security Cyber Security Lab Spring '10 04/15/10 Cyber Security Lab 1 Outline Web application weaknesses XSS AJAX weaknesses SQL Injection Attacks (Slides from Lars Olson)

588 views • 41 slides
Cyber Security Maintaining Your Identity on the Net Why Cyber Security? There are three

Cyber Security Maintaining Your Identity on the Net Why Cyber Security? There are three

Cyber Security Maintaining Your Identity on the Net Why Cyber Security? There are three points of failure in any secure network: Technology (hardware and software) Technology Support (ITS) End Users (USD students and employees)

359 views • 23 slides
CYBER SECURITY PROTECTING AGAINST CYBER FRAUD IN SCALEUP COMPANIES AND WHAT TO DO SHOULD THEY

CYBER SECURITY PROTECTING AGAINST CYBER FRAUD IN SCALEUP COMPANIES AND WHAT TO DO SHOULD THEY

CYBER SECURITY PROTECTING AGAINST CYBER FRAUD IN SCALEUP COMPANIES AND WHAT TO DO SHOULD THEY HAPPEN London June 2019 INTRODUCTION Cyber Security The activity or process, ability or capability, or state whereby information and

735 views • 24 slides
ICSS2015: International Cyber Security Strategy Congress: Cyber Security and Forensic Readiness* *

ICSS2015: International Cyber Security Strategy Congress: Cyber Security and Forensic Readiness* *

ICSS2015: International Cyber Security Strategy Congress: Cyber Security and Forensic Readiness* * Preliminary programme, subject to revision/update status 16 December 2014 4 February 2015 Day 1: Cyber Security Readiness Registration KU

306 views • 4 slides
Homeland Security Perspectives: Cyber Security Partnerships and Measurement Activities Bradford

Homeland Security Perspectives: Cyber Security Partnerships and Measurement Activities Bradford

16 Oct 2012 Homeland Security Perspectives: Cyber Security Partnerships and Measurement Activities Bradford Willke Cyber Security Advisor, MidAtlantic Region National Cyber Security Division (NCSD) Office of Cybersecurity and Communications

443 views • 20 slides
Cyber security Current challenges Ludovic M, septembre 2019 Cyber security ? Three triptychs !

Cyber security Current challenges Ludovic M, septembre 2019 Cyber security ? Three triptychs !

Cyber security Current challenges Ludovic M, septembre 2019 Cyber security ? Three triptychs ! 3 properties ... Confidentiality (including personal data) Integrity Availability 2 -Sminaire LIRIMA: Cyber security: current

876 views • 64 slides
2018 Legislative Ag Chairs Summit Cyber Security Geoff Jenista, CISSP Cyber Security Advisor,

2018 Legislative Ag Chairs Summit Cyber Security Geoff Jenista, CISSP Cyber Security Advisor,

2018 Legislative Ag Chairs Summit Cyber Security Geoff Jenista, CISSP Cyber Security Advisor, Region VII Office of Cybersecurity and Communications (CS&C) National Protection and Programs Directorate (NPPD) FOUO / UNCLASS Cyber Security

333 views • 12 slides
European Multi-Stakeholder Platform (MSP) on ICT Standardisation AGENDA I European

European Multi-Stakeholder Platform (MSP) on ICT Standardisation AGENDA I European

Bienvenue European Multi-Stakeholder Platform (MSP) on ICT Standardisation AGENDA I European Multi-Stakeholder Platfom (MSP) on ICT Standardisation II Rolling Plan for ICT Standardisation A Key enablers and security B Societal

796 views • 56 slides
CIP 101 Training CIP-007-3a Cyber Security System Security Management Overview September

CIP 101 Training CIP-007-3a Cyber Security System Security Management Overview September

Eric Weston Wally Magda, CISSP, PSP, CISA Compliance Auditor, Cyber Compliance Auditor, Cyber Security Security CIP 101 Training CIP-007-3a Cyber Security System Security Management Overview September 24-25, 2013 Salt Lake City, UT No

2.02k views • 198 slides
SECURITY STANDARDISATION SECURITY STANDARDISATION PROGRAMMING MANDATE TO THE PROGRAMMING MANDATE

SECURITY STANDARDISATION SECURITY STANDARDISATION PROGRAMMING MANDATE TO THE PROGRAMMING MANDATE

ANSI Homeland Security Standards Panel ANSI Homeland Security Standards Panel Ninth Annual Plenary Meeting Ninth Annual Plenary Meeting SECURITY STANDARDISATION SECURITY STANDARDISATION PROGRAMMING MANDATE TO THE PROGRAMMING MANDATE TO THE

750 views • 21 slides
CYBER SECURITY Nick Kervin Partner, IT Advisory August 2017 Page 1 CYBER SECURITY Overview

CYBER SECURITY Nick Kervin Partner, IT Advisory August 2017 Page 1 CYBER SECURITY Overview

CYBER SECURITY Nick Kervin Partner, IT Advisory August 2017 Page 1 CYBER SECURITY Overview 1. What is at risk? 2. Global industry trends 3. BDO/AusCERT survey 4. Recent cyber case studies 5. Cyber risk mitigation strategies Page

481 views • 35 slides
Healthy Approach to Cyber Security : For data-intensive healthcare, cyber security is integral to

Healthy Approach to Cyber Security : For data-intensive healthcare, cyber security is integral to

1 Healthy Approach to Cyber Security : For data-intensive healthcare, cyber security is integral to innovation Sallie Sweeney KPMG The healthcare industrys evolution toward a true value based system, assuming responsibility for complex

797 views • 10 slides
Reactive and Proactive Standardisation of TLS Kenny Paterson and Thyla van der Merwe Royal

Reactive and Proactive Standardisation of TLS Kenny Paterson and Thyla van der Merwe Royal

Reactive and Proactive Standardisation of TLS Kenny Paterson and Thyla van der Merwe Royal Holloway, University of London Security Standardisation Research (SSR) 5 December 2016 1 Motivation TLS is the de facto standard for securing

524 views • 26 slides
Centre for Cyber Security Thomas Kristmar Centre for Cyber Security Danish Defence Intelligence

Centre for Cyber Security Thomas Kristmar Centre for Cyber Security Danish Defence Intelligence

Centre for Cyber Security Thomas Kristmar Centre for Cyber Security Danish Defence Intelligence Service 05-10-2015 05-10-2015 Who are we? Centre for Cyber Security In respect of the Rule of Law and Privacy Cyber is a priority (Gov.

455 views • 18 slides
NORMAPME: Making standards better for SMEs European Office of Crafts, Trades and Small and

NORMAPME: Making standards better for SMEs European Office of Crafts, Trades and Small and

NORMAPME: Making standards better for SMEs European Office of Crafts, Trades and Small and Medium-sized Enterprises for Standardisation Bureau Europen de l Artisanat et des Petites et Moyennes Entreprises pour la Normalisation Europisches

370 views • 6 slides
J-PARC

J-PARC

J-PARC for the E50 collaboration Research Center for Nuclear Physics (RCNP) @ RCNP 2015 7/24 2 Contents

663 views • 43 slides
Road Network Simulation using FLAME GPU . Peter Heywood, Paul Richmond & Steve Maddock

Road Network Simulation using FLAME GPU . Peter Heywood, Paul Richmond & Steve Maddock

Road Network Simulation using FLAME GPU . Peter Heywood, Paul Richmond & Steve Maddock Department of Computer Science, The University of Sheffield Overview . Introduction Gipps Car Following Model Implementation Experiments &

781 views • 33 slides
THE NEW CEN W ORKI NG GROUP ON SOURCE APPORTI ONMENT w w w .jrc.ec.europa.eu Serving society

THE NEW CEN W ORKI NG GROUP ON SOURCE APPORTI ONMENT w w w .jrc.ec.europa.eu Serving society

THE NEW CEN W ORKI NG GROUP ON SOURCE APPORTI ONMENT w w w .jrc.ec.europa.eu Serving society Stimulating innovation Supporting legislation Outline of the presentation Structure of CEN TC 264 New working items Call for

413 views • 15 slides
Euro Spec Next step in harmonisation of passenger rolling stock General overview of initiative

Euro Spec Next step in harmonisation of passenger rolling stock General overview of initiative

Euro Spec Next step in harmonisation of passenger rolling stock General overview of initiative of Europen railway operators december 2018 EuroSpec 1 Starting point EuroSpec This initiative is fulfilling the next step in harmonisation Rolling

199 views • 15 slides
Smart Secure ICT Luxembourg Mr. Nicolas Domenjoud Responsable secteur TIC & Normalisation

Smart Secure ICT Luxembourg Mr. Nicolas Domenjoud Responsable secteur TIC & Normalisation

Bienvenue Presentation of the Standards Analysis Smart Secure ICT Luxembourg Mr. Nicolas Domenjoud Responsable secteur TIC & Normalisation - ILNAS 13.11.2018 CONTENT I - Context and objectives of the Smart ICT Standards Analysis

819 views • 27 slides
EXCHANGE of FREIGHT WAGONS in EUROPE regarding AVV/CUU/GCU (former RIV) Jozef Fazik, UIC, Senior

EXCHANGE of FREIGHT WAGONS in EUROPE regarding AVV/CUU/GCU (former RIV) Jozef Fazik, UIC, Senior

UNESCAP EXPERT GROUP MEETING ON HARMONIZATION OF THE RULES AND REGULATIONS FOR FACILITATION OF INTERNATIONAL RAILWAY TRANSPORT EXCHANGE of FREIGHT WAGONS in EUROPE regarding AVV/CUU/GCU (former RIV) Jozef Fazik, UIC, Senior Advisor Milko P.

574 views • 24 slides
Micro-CHP Vision Working Group Agenda 07/10/2013 Topic Time Speaker Welcome and introduction

Micro-CHP Vision Working Group Agenda 07/10/2013 Topic Time Speaker Welcome and introduction

Micro-CHP Vision Working Group Agenda 07/10/2013 Topic Time Speaker Welcome and introduction to the meeting; FR 13.30 EU rules on non competitive behaviour; Tour de table Update and next steps on EU legislation 13.40- Eco Product

260 views • 23 slides

More recommend