Review of the Telecom Framework – Security rules Security rules in the proposed European Electronic Communications Code (EECC) Lisbon, 8 March 2017.

Slides:

Advertisements

Similar presentations

PRESENTATION ON MONDAY 7 TH AUGUST, 2006 BY SUDHIR VARMA FCA; CIA(USA) FOR THE INSTITUTE OF INTERNAL AUDITORS – INDIA, DELHI CHAPTER.

Advertisements

1 The Data Protection Officer at work Experience, good practices and lessons learnt Pierre Vernhes – former DPO at the Council of the EU Workshop on Data.

National implementation of REMIT Henrik Nygaard, Wholesale and transmission (DERA)

Data Breach Risks Overview Heather Pixton www2.idexpertscorp.com

1 Reform of the EU regulatory framework for electronic communications What it means for Access to Emergency Services Reform of the EU regulatory framework.

EU Third Package: background and recent developments 15 th April 2010 UNC Panel European Strategy team.

LEFIS W2 Posgraduate Workshop 1 LEFIS, WG 2 Postgraduate studies Meeting, Rotterdam.

ICPHSO Conference Michiko Jo 18 February 2010 Enforcement Update: Recent developments in the EU.

WORKSHOP, Nicosia 2-3rd July 2008 “Extension of SAFETY & QUALITY Common Requirements to the EMAC States” Item 3 : Regulatory Context Peter Stastny EUROCONTROL.

The 3rd package for the internal energy market Key proposals EUROPEAN COMMISSION Heinz Hilbrecht Directorate C - Security of supply and energy markets.

The New EU Directives Oftel Forum 25/04/02 Heather Clayton.

European Data Protection Supervisor Pharmaceutical Regulatory & Compliance Congress, Brussels, 7 June 2007 European Privacy and Data Protection Policy.

2011 East African Internet Governance Forum (EA – IGF) Rwanda Cyber briefing: Positive steps and challenges Didier Nkurikiyimfura IT Security Division.

The Notification Procedure of national telecoms markets Pál Belényesi 27 October 2006.

2002 Symantec Corporation, All Rights Reserved The EU Regulations and IT security An industry perspective Ilias Chantzos, Government Relations EMEA Terena.

New Rail Market Access Rules Directive 2012/34/EU (recast) EUROPEAN COMMISSION.

Directive on the Authorisation of electronic communications networks & Services Directive (2002/20/EC) Authorisation Directive Presented by: Nelisa Gwele.

Directorate General for Enterprise and Industry European Commission The New Legislative Framework - Market Surveillance UNECE “MARS” Group meeting Bratislava,

1 The Future Role of the Food and Veterinary Office M.C. Gaynor, Director, FVO EUROPEAN COMMISSION HEALTH & CONSUMER PROTECTION DIRECTORATE-GENERAL Directorate.

Independence and powers of regulators: legal and institutional requirements Heinz Hilbrecht, Director, European Commission World Forum on Energy Regulation.

The New Legislative Framework

ISACA Ireland Cyber Security Policy 9 February 2016.

1 TAIEX JHA Workshop on data protection and cloud computing Data transfers to third countries and standard contractual clauses Skopje, 29 May 2014.

The Commonwealth Cybercrime Initiative David Tait, Cybercrime Policy Analyst.

Information day on EUROCONTROL Guidance Material on the application of Common Requirements for Service Provision SAFETY ASPECTS SAFETY ASPECTS  Juan Vázquez,

Module 02 Essential Requirements for ATCOs. Training Objectives  Appreciate the content of the essential requirements for ATCOs as described within EASA.

Regulation models addressing data protection issues in the EU concerning RFID technology Ioannis Iglezakis Assistant Professor in Computers & Law Faculty.

©Ofcom REGULATING THE MEDIA: WHAT ROLE FOR THE EU? European Parliament 17 October 2006 Chris Banatvala Director of Standards Ofcom.

Accountability & Structured Privacy Management

EU Law Law 326.

GDPR (General Data Protection Regulation)

The 3rd package for the internal energy market

Nuclear and Treaty Law Section Office of Legal Affairs

PRESENTATION OF MONTENEGRO

French Port Cybersecurity Initiative

Data protection headaches: GDPR, brexit AND perimeter risk

WORLD OF CLOUD COMPUTING AFTER GDPR challenges, opportunities and the unknown Matjaž Drev, MA. National Supervisor for Personal Data Protection, Information.

Exchange of information between Member States

The New Legislative Framework Miniseminar New Legal Framework Reykjavík, 10 December 2008 Doris Gradenegger Unit C1: Regulatory Approach for the Free.

About the NIS directive

PRESENTATION OF MONTENEGRO

GDPR Awareness and Training Workshop

ERGEG GRI South South East – , Maribor

General Data Protection Regulation

European Union Law Week 6.

Bob Siegel President Privacy Ref, Inc.

GDPR - Individual’s Rights

Telco related activities in ENISA

Presentation to TRAN Committee

Dan Tofan | Expert in NIS 21st Art. 13a WG| LISBON |

State of the privacy union

GDPR – Practical Implementation Managing contracts, procurement and relationships with suppliers Terry Brewer Chief Executive.

Revision of the Internal Control Framework in the European Commission PEMPAL Internal Audit Community of Practice (IACOP) Brussels, 27th February 2017.

Signalling System No 7 (SS7) Introduction and state of play

Data Protection What’s new about The General Data Protection Regulation (GDPR) May 2018? Call Kerry on Or .

Trust and Security Unit

By The Data Protection Commissioner

The European Union response to cyber threats

Community of Users.

Mr Mirco Barbero European Commission, IAS.C1

PROPORTIONALITY PRINCIPLE in EU LEGISLATION

Data Protection in Law Enforcement Area Chapter 9a of the draft law

Overview of the recommendations regarding approximation of the Law on personal data protection to the new EU General data protection regulation Valerija.

PRESENTATION OF MONTENEGRO

Data Protection What can I do? GDPR Principles General Data Protection

LO1 - Know about aspects of cyber security

THE IMPACT OF DATA PROTECTION RULES ON CORPORATE INFO SECURITY AND INCIDENT RESPONSE MANAGEMENT – The Energy sector CEER Cybersecurity Workshop Massimo.

OVERVIEW ON STATISTICAL DATA CONFIDENTIALITY AND ACCES TO MICRODATA

Presentation transcript:

Review of the Telecom Framework – Security rules Security rules in the proposed European Electronic Communications Code (EECC) Lisbon, 8 March 2017

EECC – Security of Networks and Services Security rules in the Framework Directive 2002/21 Article 13a – Security and integrity Appropriate organisational measures to manage risks to security of networks and services Appropriate steps to guarantee integrity of networks and thus continuity of the services Notification of significant security breaches Commission implementing measures

EECC – Security of Networks and Services Security rules in the Framework Directive 2002/21 Article 13b – Implementation and Enforcement Powers of National Regulatory Authorities (NRAs) Binding instructions Request for information Security audits Powers of investigation

EECC – Security of Networks and Services Relationship with other laws Data Protection Directive 95/46 ePrivacy Directive 2002/58 General Data Protection Regulation 679/2016 NIS Directive 2016/1148

EECC – Security of Networks and Services EECC new proposed rules – Artt. 40 and 41 EECC General objectives Ensure high-level of security of networks and services Adapt to technological changes Clarify terms and critical aspects External consistency with NIS, GDPR and ePD Improve cooperation and enforcement

EECC – Security of Networks and Services Article 40 EECC – Security of Networks and Services Wider scope: Number-independent (Ni) interpersonal communications services (ICS) Proportionality based approach for Ni ICS Notion of security Comprehensive definition Alignment with the NIS Directive Incident notification rules Criteria for notifying breaches Timing of notifications

EECC – Security of Networks and Services Article 41 EECC – Implementation and Enforcement Competent authorities Cooperation with Computer Security Incident Response Teams (CSIRTs) Cooperation with NIS, Data Protection and Law Enforcement authorities Relationship with other laws NIS Directive GDPR ePrivacy

EECC – Security of Networks and Services Thank you!