Cybersecurity Special Public Meeting/Commission Workshop ...
EU Cybersecurity Strategy and Commission Proposal for a … · 2014. 12. 17. · EU Cybersecurity...
Transcript of EU Cybersecurity Strategy and Commission Proposal for a … · 2014. 12. 17. · EU Cybersecurity...
![Page 1: EU Cybersecurity Strategy and Commission Proposal for a … · 2014. 12. 17. · EU Cybersecurity Strategy and Commission Proposal for a Directive on Network and Information Security](https://reader034.fdocuments.net/reader034/viewer/2022052002/60159fddf90148192740c3c3/html5/thumbnails/1.jpg)
EU Cybersecurity Strategy and Commission Proposal for a Directive on
Network and Information Security
LIBE, EP
Brussels, 20 February 2013
Paul Timmers,Director for Sustainable & Secure Society DG Communications Networks, Content and Technology
![Page 2: EU Cybersecurity Strategy and Commission Proposal for a … · 2014. 12. 17. · EU Cybersecurity Strategy and Commission Proposal for a Directive on Network and Information Security](https://reader034.fdocuments.net/reader034/viewer/2022052002/60159fddf90148192740c3c3/html5/thumbnails/2.jpg)
Cybersecurity The need for further EU action
• Economic and social benefits of the digital world and open Internet
• Risks, incidents and cybercrime on the rise
• Cross-border/global issue
• Insufficient preparedness and cooperation across the EU
• Previous initiatives: DAE, CIIP policy, EFMS, EP3R, Internal Security Strategy,European Security Strategy, EP resolutions and reports, FoP on cyber comprehensive vision needed
![Page 3: EU Cybersecurity Strategy and Commission Proposal for a … · 2014. 12. 17. · EU Cybersecurity Strategy and Commission Proposal for a Directive on Network and Information Security](https://reader034.fdocuments.net/reader034/viewer/2022052002/60159fddf90148192740c3c3/html5/thumbnails/3.jpg)
•Principles and values guiding EU activities
•Strengthen security and resilience of network and information systems
•Step up fight against cybercrime
•Address cyber defence and develop an EU international cyberspace policy
•Roles and responsibilities
EU Cybersecurity Strategy
![Page 4: EU Cybersecurity Strategy and Commission Proposal for a … · 2014. 12. 17. · EU Cybersecurity Strategy and Commission Proposal for a Directive on Network and Information Security](https://reader034.fdocuments.net/reader034/viewer/2022052002/60159fddf90148192740c3c3/html5/thumbnails/4.jpg)
EU Cybersecurity StrategyStrengthen security and resilience of network and
information systems
Security of the supply chain; integrated market for security solutions
Foster R&D
PPPs
Fighting botnets, security of ICS and Smart grids
Awareness raising
![Page 5: EU Cybersecurity Strategy and Commission Proposal for a … · 2014. 12. 17. · EU Cybersecurity Strategy and Commission Proposal for a Directive on Network and Information Security](https://reader034.fdocuments.net/reader034/viewer/2022052002/60159fddf90148192740c3c3/html5/thumbnails/5.jpg)
• European Cybercrime Centre Programme Board (ENISA, EUROJUST, etc)
• Support to enhance national capabilities to investigate and combat cybercrime
• Encourage swift implementation of Cybercrime directives (including current proposal)
EU Cybersecurity strategyStep up fight against cybercrime
![Page 6: EU Cybersecurity Strategy and Commission Proposal for a … · 2014. 12. 17. · EU Cybersecurity Strategy and Commission Proposal for a Directive on Network and Information Security](https://reader034.fdocuments.net/reader034/viewer/2022052002/60159fddf90148192740c3c3/html5/thumbnails/6.jpg)
• Capability development (detection, response, recovery)
• Synergies and dialogue between civilian and military players
• Member States, EEAS, EDA to cooperate
EU Cybersecurity strategyAddress cyberdefence
![Page 7: EU Cybersecurity Strategy and Commission Proposal for a … · 2014. 12. 17. · EU Cybersecurity Strategy and Commission Proposal for a Directive on Network and Information Security](https://reader034.fdocuments.net/reader034/viewer/2022052002/60159fddf90148192740c3c3/html5/thumbnails/7.jpg)
Strengthen international cooperation Promote human rights and free trade
Global norms of behaviour in cyberspace Capacity building in third countries
EU Cybersecurity Strategy Develop EU International cyberspace policy
![Page 8: EU Cybersecurity Strategy and Commission Proposal for a … · 2014. 12. 17. · EU Cybersecurity Strategy and Commission Proposal for a Directive on Network and Information Security](https://reader034.fdocuments.net/reader034/viewer/2022052002/60159fddf90148192740c3c3/html5/thumbnails/8.jpg)
Proposal for a Directive on Network and Information Security (NIS) – Article 114 TFEU
PREPAREDNESSNational capabilities
A high level of NIS and smooth functioning of the internal market
A CULTURE OF NIS ACROSS SECTORS NIS risk management and Public-Private cooperation
EU-LEVEL COOPERATIONcomparable capabilities and mutual trust
![Page 9: EU Cybersecurity Strategy and Commission Proposal for a … · 2014. 12. 17. · EU Cybersecurity Strategy and Commission Proposal for a Directive on Network and Information Security](https://reader034.fdocuments.net/reader034/viewer/2022052002/60159fddf90148192740c3c3/html5/thumbnails/9.jpg)
Common NIS requirements at national level
National NIS strategy and cooperation plan
National competent authority
Computer Emergency Response Team (CERT)
Proposal for a Directive on Network and Information Security (NIS)
Key elements (1/5)
![Page 10: EU Cybersecurity Strategy and Commission Proposal for a … · 2014. 12. 17. · EU Cybersecurity Strategy and Commission Proposal for a Directive on Network and Information Security](https://reader034.fdocuments.net/reader034/viewer/2022052002/60159fddf90148192740c3c3/html5/thumbnails/10.jpg)
Network of NIS competent authorities at EU level
Early warnings and coordinated response (via secureinfrastructure)
Capacity building and peer reviews
NIS exercises at EU level
ENISA to assist
Proposal for a Directive on Network and Information Security (NIS) – Article 114 TFEU
Key elements (2/5)
![Page 11: EU Cybersecurity Strategy and Commission Proposal for a … · 2014. 12. 17. · EU Cybersecurity Strategy and Commission Proposal for a Directive on Network and Information Security](https://reader034.fdocuments.net/reader034/viewer/2022052002/60159fddf90148192740c3c3/html5/thumbnails/11.jpg)
Early warnings on risks and incidents:(a) grow rapidly or may grow rapidly in scale;(b) exceed or may exceed national response capacity;(c) affect or may affect more than one Member State.
When relevant, also to inform the European Cybercrime Centre
Coordinated response – on the basis of the European NIS cooperation plan
Proposal for a Directive on Network and Information Security (NIS) – Article 114 TFEU
Key elements (3/5)
![Page 12: EU Cybersecurity Strategy and Commission Proposal for a … · 2014. 12. 17. · EU Cybersecurity Strategy and Commission Proposal for a Directive on Network and Information Security](https://reader034.fdocuments.net/reader034/viewer/2022052002/60159fddf90148192740c3c3/html5/thumbnails/12.jpg)
• Extension of telecom framework directive scheme - Risk management and incident reporting to competent authorities for: Energy – electricity and gas Credit institutions and stock exchanges Transport – air, maritime, rail Healthcare Enablers of key Internet services Public administrations
Complementarity with Directive on European Critical Infrastructure – 2008/114/EC
Proposal for a Directive on Network and Information Security (NIS) – Article 114 TFEU
Key elements (4/5)
![Page 13: EU Cybersecurity Strategy and Commission Proposal for a … · 2014. 12. 17. · EU Cybersecurity Strategy and Commission Proposal for a Directive on Network and Information Security](https://reader034.fdocuments.net/reader034/viewer/2022052002/60159fddf90148192740c3c3/html5/thumbnails/13.jpg)
• Risk management Dynamic process No mandated standards Only proportionate measures
• Incident reporting Only incidents with significant impact on core services Guarantees for business (confidentiality rules and recital on vulnerabilities)
Proposal for a Directive on Network and Information Security (NIS) – Article 114 TFEU
Key elements (5/5)
![Page 14: EU Cybersecurity Strategy and Commission Proposal for a … · 2014. 12. 17. · EU Cybersecurity Strategy and Commission Proposal for a Directive on Network and Information Security](https://reader034.fdocuments.net/reader034/viewer/2022052002/60159fddf90148192740c3c3/html5/thumbnails/14.jpg)
EU Cybersecurity StrategyFostering R&D
![Page 15: EU Cybersecurity Strategy and Commission Proposal for a … · 2014. 12. 17. · EU Cybersecurity Strategy and Commission Proposal for a Directive on Network and Information Security](https://reader034.fdocuments.net/reader034/viewer/2022052002/60159fddf90148192740c3c3/html5/thumbnails/15.jpg)
•Follow-up in Council (respective configurations; TTE CWG for NIS Directive; FoP to steer) and in the European Parliament
•Implementation report of the Strategy (early 2014) + Annual Conference on Cybersecurity
EU Cybersecurity Strategy Roadmap
![Page 16: EU Cybersecurity Strategy and Commission Proposal for a … · 2014. 12. 17. · EU Cybersecurity Strategy and Commission Proposal for a Directive on Network and Information Security](https://reader034.fdocuments.net/reader034/viewer/2022052002/60159fddf90148192740c3c3/html5/thumbnails/16.jpg)
Thanks!
![Page 17: EU Cybersecurity Strategy and Commission Proposal for a … · 2014. 12. 17. · EU Cybersecurity Strategy and Commission Proposal for a Directive on Network and Information Security](https://reader034.fdocuments.net/reader034/viewer/2022052002/60159fddf90148192740c3c3/html5/thumbnails/17.jpg)
• Digital Agenda for Europe: http://ec.europa.eu/digital-agenda/
• Trust and Security: http://ec.europa.eu/digital-agenda/en/our-goals/pillar-iii-trust-security
• Cybersecurity: http://ec.europa.eu/digital-agenda/en/cybersecurity
• Digital Futures: https://ec.europa.eu/digital-agenda/en/digital-futures-objectives-and-scope
• Help up improve our analysis and measurement: http://ec.europa.eu/digital-agenda/en/help-us-improve-our-analysis-measurement
Useful links
![Page 18: EU Cybersecurity Strategy and Commission Proposal for a … · 2014. 12. 17. · EU Cybersecurity Strategy and Commission Proposal for a Directive on Network and Information Security](https://reader034.fdocuments.net/reader034/viewer/2022052002/60159fddf90148192740c3c3/html5/thumbnails/18.jpg)
• Commission proposal for a Directive on Network and Information Security: http://ec.europa.eu/information_society/newsroom/cf/dae/document.cfm?doc_id=1666
• Impact Assessment: http://ec.europa.eu/information_society/newsroom/cf/dae/document.cfm?doc_id=1669
• Cybersecurity Strategy of the European Union: http://ec.europa.eu/information_society/newsroom/cf/dae/document.cfm?doc_id=1667
• Press release: http://europa.eu/rapid/press-release_IP-13-94_en.htm
• MEMO: http://europa.eu/rapid/press-release_MEMO-13-71_en.htm
Useful links