Presentation is loading. Please wait.

Presentation is loading. Please wait.

ENISA efforts for securing European Internet Infrastructure

Published byPercival Burns Modified over 9 years ago

Similar presentations

Presentation on theme: "ENISA efforts for securing European Internet Infrastructure"— Presentation transcript:

1 ENISA efforts for securing European Internet Infrastructure
Rossella Mattioli Security and Resilience of Communication Networks Officer

2 Securing Europe’s Information Society
Operational Office in Athens The European Union Agency for Network & Information Security (ENISA) was formed in 2004. The Agency is a Centre of Expertise that supports the Commission and the EU Member States in the area of information security. We facilitate the exchange of information between EU institutions, the public sector and the private sector ENISA is as a body of expertise, set up by the EU to carry out very specific technical, scientific tasks in the field of Information Security, working as a "European Agency". EU agencies are distinct bodies from the EU institutions – separate legal entities set up to perform specific tasks under EU law The Agency also assists the European Commission in the technical preparatory work for updating and developing Community legislation in the field of Network and Information Security.

3 Positioning ENISA activities
POLICY IMPLEMENTATION HANDS ON MOBILISING COMMUNITIES RECOMMENDATIONS

4 Increasing reliance on communication networks
Today’s challenges Increasing reliance on communication networks Emerging threat environment hampering the availability, integrity and confidentiality of networks based on: Infrastructure vulnerabilities Interdependencies Privacy concerns The Internet infrastructure is the backbone of the information society but as it has become clear in the recent news, different threats, both technical and geopolitical, can hamper its availability. Citizens expect national authorities to be fully aware of the possible interdependencies and put in place all possible measures to ensure the security and resilience of their communications. 11

5

6 Internet Infrastructure assets

7 ENISA Threat Landscape Report

8 Current Internet infrastructure threats

9 Routing threats - good practices

10 DNS threats - good practices

11 DDoS - good practices

12 Internet Threat Landscape - recommendations
Evaluate your current level of security by understanding the assets covered (and not covered) by existing security measures Evaluate the application of adapted good practices in a focused manner Cooperate with the community to exchange on threats and promote the application of good practices as mitigation measures For users deploying good practices guides: report on their implementations, assets covered and gaps found Words matter: Ensure the right use of terms and definitions

13 Internet Threat Landscape - recommendations
Use proper risk assessment methods to understand vulnerable assets in your infrastructure and prioritise your protection actions Build an information and communication technology security awareness and training program Infrastructure owners shall commit third-party vendors to apply security measures Infrastructure owners should stay current on any updates

14 Latest ENISA activities regarding electronic communications
“Protection of Underground Electronic Communications Infrastructure” to prevent damages caused by civil work to buried cables “Secure ICT Procurement in Electronic Communications” regarding risks associated with 3rd party ICT products and outsourced services “Methodologies for identification of Critical Information Infrastructures assets and services “to identify which specific assets and services in communication networks are critical for a a particular Member State Annual report regarding the most severe outages of electronic communication networks or services that are reported to the communication authorities of each Member State every year.

15 Participate in our activities

16 Studies and community engagement
Ideas for upcoming studies/papers Surveys Interviews Previews of our studies Feedback Validation sessions

17 Workshops Before RIPE 67 in Athens After Internet Security Days in Cologne Q4 TBD - focus on connectivity interdependencies for smart grids

18 INFRASEC - Internet infrastructure security and resilience reference group
Gathering of technical experts Discuss the progress of ENISA projects Info exchange on latest threats Periodic conf-calls Dedicate webpage 1st physical Validation of ENISA studies List of good practices

19 Protect Cooperate Exchange

20 Thank you Rossella Mattioli

Download ppt "ENISA efforts for securing European Internet Infrastructure"

Similar presentations

Session 3: Safer Services in a Digital Society Security with RFID Gérald Santucci European Commission Head of Unit DG INFSO/D4.

Session 3: Safer Services in a Digital Society Security with RFID Gérald Santucci European Commission Head of Unit DG INFSO/D4.
Critical Infrastructure Protection Policy Priorities Sara Pinheiro European Commission DG Home Affairs.

Critical Infrastructure Protection Policy Priorities Sara Pinheiro European Commission DG Home Affairs.
From e-Government to e-Governance: The OECD Experience Elizabeth Muller E-Government Project OECD SitExpo2004 18-21 February 1004, Casablanca - Morocco.

From e-Government to e-Governance: The OECD Experience Elizabeth Muller E-Government Project OECD SitExpo February 1004, Casablanca - Morocco.
S3-1 © 2001 Carnegie Mellon University OCTAVE SM Process 3 Identify Staff Knowledge Software Engineering Institute Carnegie Mellon University Pittsburgh,

S3-1 © 2001 Carnegie Mellon University OCTAVE SM Process 3 Identify Staff Knowledge Software Engineering Institute Carnegie Mellon University Pittsburgh,
HIPAA Security Rule Overview and Compliance Program Presented by: Lennox Ramkissoon, CISSP The People’s Hospital HIPAA Security Manager The Hospital June.

HIPAA Security Rule Overview and Compliance Program Presented by: Lennox Ramkissoon, CISSP The People’s Hospital HIPAA Security Manager The Hospital June.
National Infrastructure Protection Plan

National Infrastructure Protection Plan
S2-1 © 2001 Carnegie Mellon University OCTAVE SM Process 2 Identify Operational Area Management Knowledge Software Engineering Institute Carnegie Mellon.

S2-1 © 2001 Carnegie Mellon University OCTAVE SM Process 2 Identify Operational Area Management Knowledge Software Engineering Institute Carnegie Mellon.
DHS, National Cyber Security Division Overview

DHS, National Cyber Security Division Overview
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
International Telecommunication Union Committed to connecting the world 4 th ITU Green Standards Week Mike Wood & Jack Rowley EMF Technical Group Leaders,

International Telecommunication Union Committed to connecting the world 4 th ITU Green Standards Week Mike Wood & Jack Rowley EMF Technical Group Leaders,
(Geneva, Switzerland, September 2014)

(Geneva, Switzerland, September 2014)
Strategy and Policy Unit: Current Activities and Future Tasks

Strategy and Policy Unit: Current Activities and Future Tasks
Geneva, Switzerland, 15-16 September 2014 ENISA role in ICT standardization Sławomir Górniak, ENISA ITU Workshop on “ICT.

Geneva, Switzerland, September 2014 ENISA role in ICT standardization Sławomir Górniak, ENISA ITU Workshop on “ICT.
Networks ∙ Services ∙ People www.geant.org John DYER TF-MSP Video Conference Community Procurement Support Building on the SPOT-ON Proposal Smart Procurement,

Networks ∙ Services ∙ People John DYER TF-MSP Video Conference Community Procurement Support Building on the SPOT-ON Proposal Smart Procurement,
Building Public Health / Clinical Health Information Exchanges: The Minnesota Experience Marty LaVenture, MPH, PhD Director, Center for Health Informatics.

Building Public Health / Clinical Health Information Exchanges: The Minnesota Experience Marty LaVenture, MPH, PhD Director, Center for Health Informatics.
Overview of ITU-T Study Group 5 “Environment and Climate Change” Cristina Bueti, Adviser, ITU.

Overview of ITU-T Study Group 5 “Environment and Climate Change” Cristina Bueti, Adviser, ITU.
1 May 2006 … Identity management - Internet - Data controller - PKI - Vulnerabilities - Fingerprint - Critical Information Infrastructure - Privacy and.

1 May 2006 … Identity management - Internet - Data controller - PKI - Vulnerabilities - Fingerprint - Critical Information Infrastructure - Privacy and.
Resiliency Rules: 7 Steps for Critical Infrastructure Protection.

Resiliency Rules: 7 Steps for Critical Infrastructure Protection.
Information Asset Classification

Information Asset Classification
Adaptive Processes Simpler, Faster, Better 1 Adaptive Processes Understanding Information Security ISO 17799 / BS7799.

Adaptive Processes Simpler, Faster, Better 1 Adaptive Processes Understanding Information Security ISO / BS7799.

Similar presentations

Ads by Google