Strengthening Europes Cyber Resilience System a nd Fostering a - - PowerPoint PPT Presentation

strengthening europe s cyber resilience system
SMART_READER_LITE
LIVE PREVIEW

Strengthening Europes Cyber Resilience System a nd Fostering a - - PowerPoint PPT Presentation

Sep 23, 2023 418 likes •705 views

& National Emergency Coordination MEUSAC Consultation Session Strengthening Europes Cyber Resilience System a nd Fostering a Competitive & Innovative Cybersecurity Industry (13 March 2017 ) Venue: Fortress Builders

slide-1
SLIDE 1

MEUSAC

Consultation Session

“Strengthening Europe’s Cyber Resilience System and Fostering a Competitive & Innovative Cybersecurity Industry”

(13 March 2017) Venue: Fortress Builders Fortifications Interpretation Centre, Valletta

John Agius

Director (Critical Infrastructure Protection) CIP Directorate, Cabinet Office, OPM

& National Emergency Coordination

slide-2
SLIDE 2

http://maltacip.gov.mt

Outline

 Terminology  The CIP Directorate (CIPD)  CSIRTMalta  ENISA  The NIS Directive

2

slide-3
SLIDE 3

http://maltacip.gov.mt

 CIP: Critical Infrastructure Protection  CII: Critical Information Infrastructure  CIIP: Critical Information Infrastructure Protection  CSIRT: Computer Security & Incident Response Team  CSIRTMalta: The National CSIRT in Malta  ENISA: European Union Agency for Network & Information Security  The NIS Directive: EU Directive 1148 of 2016  SPOC: Single Point of Contact

Terminology

3

slide-4
SLIDE 4

http://maltacip.gov.mt

Mission Statement ‘To strengthen and secure the functioning and resilience

  • f Malta’s Critical Infrastructure

and National Emergency Services’

Cyber

4

slide-5
SLIDE 5

http://maltacip.gov.mt

CIIP

5

(Established September 2014)

slide-6
SLIDE 6

http://maltacip.gov.mt

 CSIRTMalta is the National CSIRT for Malta  Focus

 Critical Infrastructures (CI’s)  Critical Information Infrastructure (CII’s)  Other sensitive Infrastructures

 Public and Private sectors  National Single Point of Contact (SPOC)

6

slide-7
SLIDE 7

http://maltacip.gov.mt

Mission statement Supporting CI’s, CII’s and

  • ther

sensitive infrastructures in Malta on how to protect their information infrastructure assets and systems from cyber threats and incidents.

CSIRTMalta was established as the National CSIRT for Malta on 14th November 2011

7

slide-8
SLIDE 8

http://maltacip.gov.mt

Public Sector-CSIRTs (MT-CSIRT & CSIRPs) Private sector (CSIRTs & CSIRPs)

National CSIRT

Stakeholders

8

slide-9
SLIDE 9

http://maltacip.gov.mt

Services

  • Announcements

– Dissemination of information about known threats, incidents and countermeasures needed to protect assets and systems –

  • pm.gov.mt/en/mcip

– csirtmalta@gov.mt – @CSIRTMalta

  • Alerts and warnings

– Dissemination of incident reports related to cyber infections and potential breaches targeting CSIRTMalta constituents, recommending solutions to counter such infections/breaches;

  • Incident Response Coordination

– Supporting constituents by coordinating response to information security incidents, occasionally in collaboration with European and international communities of CSIRTs and other public and private bodies, as appropriate.

  • CSIRTMalta Incident Response: +356 - 21221334

9

slide-10
SLIDE 10

http://maltacip.gov.mt

  • The European Union Agency for Network and Information Security
  • Established in 2004 by EU Regulation No 460 of 2004
  • A centre of expertise for cyber security in Europe
  • Located in Greece with its seat in Heraklion Crete and an
  • perational office in Athens
  • Actively contributing to a high level of network and information

security (NIS) within the European Union

  • Developing a culture of NIS in society
  • Raising awareness of NIS within European Member States

ENISA

10

slide-11
SLIDE 11

http://maltacip.gov.mt

Mission statement ENISA contributes to securing Europe’s information society by raising awareness and by developing and promoting a culture of network and information security (NIS) in society thus contributing to the proper functioning of the internal market.

ENISA Strategy 2016 - 2020

11

slide-12
SLIDE 12

http://maltacip.gov.mt

ENISA Players & Stakeholders

12

slide-13
SLIDE 13

http://maltacip.gov.mt

ENISA – Areas of activities

  • Recommendations
  • Activities that support policy making and implementation
  • ‘Hands On’ work, where ENISA collaborates directly with operational teams

throughout the EU

13

slide-14
SLIDE 14

http://maltacip.gov.mt

  • The Pan-European Cyber Security Exercises
  • The development of National Cyber Security Strategies
  • CSIRTs cooperation and capacity building
  • Cyber related specialists training
  • Studies on secure Cloud adoption
  • Addressing data protection issues, privacy enhancing

technologies and privacy on emerging technologies

  • eIDs and trust services
  • Identifying the cyber threat landscape
  • ENISA also supports the development and implementation of

the European Union's policy and law on matters relating to NIS.

ENISA – Activities

14

slide-15
SLIDE 15

http://maltacip.gov.mt

Pan-European Cyber Exercises

CE2016: The largest Cybersecurity exercise in the World with 948 Participants

15

slide-16
SLIDE 16

http://maltacip.gov.mt

Cyber Europe 2016 (CE2016)

Safeguarding Europe’s Digital Market through cyber security

Cyber Europe 2016: The pan-European exercise to protect EU Infrastructures against coordinated cyber-attack

  • 13-14 October 2016
  • Simulation of an EU-wide crisis triggered by cyber

attacks (involving 948 participants)

  • Goals: [1] test EU and national-level cooperation

[2] improve technical and operational capabilities

16

slide-17
SLIDE 17

http://maltacip.gov.mt

Specialist Training Workshops by the Malta-CIPD & EU-ENISA to local CYBER Specialists from the Public and Private sectors

17

slide-18
SLIDE 18

http://maltacip.gov.mt

Examples of training resources

18

slide-19
SLIDE 19

http://maltacip.gov.mt

19

Training Workshops by the Malta-CIPD & EU-JRC to local stakeholders from the Public and Private sectors

slide-20
SLIDE 20

http://maltacip.gov.mt

The (EU Directive 1148 of 2016)

20

NIS Directive

slide-21
SLIDE 21

http://maltacip.gov.mt

The first EU-wide rules on cybersecurity, establishing measures to ensure a high common level of network and information security across the European Union. Laying down obligations on MS’s to adopt national strategies securing NIS. Creating the Cooperation Group at the strategic level and the CSIRT Network, to build trust and confidence, at the operational level.

Article 1 – Directive (EU) 1148 of 2016

  • f The European Parliament and The Council of 6 July 2016

21

NIS Directive

slide-22
SLIDE 22

http://maltacip.gov.mt

  • The objectives of the Directive (i.e. that of achieving a high

common level of security of network and information systems within the EU), will be achieved, by means of: – Improved cybersecurity capabilities at national level – Increased EU-level cooperation – Risk management and incident reporting obligations for

  • perators of essential services and digital service providers

22

NIS Directive

slide-23
SLIDE 23

http://maltacip.gov.mt

About: NIS Directive

23

NIS Coop Group 9-10 February 2017 MT-Pres Brussels meeting Chaired by CSIRTMalta CSIRT Network Group Established 22-23 February 2017 MT-Pres Malta meeting Hosted & Chaired by CSIRTMalta

slide-24
SLIDE 24

http://maltacip.gov.mt

CSIRT Network (Article 12, NIS Directive)

The 1st Formal CSIRT Network Meeting (as defined by the NIS Directive) was held in Malta between the 22nd and 23rd February 2017. The meeting was organised and chaired by CSIRTMalta, in collaboration with the European Network and Information Security Agency ENISA. The event was organised as part of the Maltese Presidency of the Council of the European Union (Jan – June 2017).

24

slide-25
SLIDE 25

http://maltacip.gov.mt

25

NIS Directive Timeline

Date entry into force + … Milestone August 2016

  • Entry into force

February 2017 6 months Cooperation Group begins tasks (MT-Presidency) February 2017 6 months CSIRT Network Group formally established (MT-Presidency). Adopted TORs, ROPs, the short term goals (covering the first 18 months of Work-Plan) and formed the WGs for the execution of the short-term goals. August 2017 12 months Adoption of implementing on security and notification requirements for DSPs February 2018 18 months Cooperation Group establishes work programme May 2018 21 months Transposition into national law November 2018 27 months Member States to identify operators of essential services May 2019 33 months (i.e. 1 year after transposition) Commission report assessing the consistency of Member States' identification of operators of essential services May 2021 57 months (i.e. 3 years after transposition) Commission review of the functioning of the Directive, with a particular focus on strategic and operational cooperation, as well as the scope in relation to operators of essential services and digital service providers

slide-26
SLIDE 26

http://maltacip.gov.mt Recruitment 24*7 Program testing

2016

Cabinet Office

Q3 Q4 Q1 2017 Q2 Q3 Q4 2017 Q1 2018

2018

6th July 2016

2017

Today Justice Unit for Review TRIS

(TBD)

Admin/Technical/Financial Resources Review by Attorney General 31st March Launch Drafting of LN for Directive (EU) 1148 of 2016

NIS Directive Transposition Timeline

26

slide-27
SLIDE 27

http://maltacip.gov.mt

+356-22002000 maltacip@gov.mt http://maltacip.gov.mt

Contact Details:

27