Protecting European Critical Information Infrastructures...
Transcript of Protecting European Critical Information Infrastructures...
European Union Agency for Network and Information Security
Protecting European Critical Information Infrastructures – ENISA’s ApproachDr. Evangelos OuzounisHead of Secure Infrastructures and Services
2
Securing Europe’s Information society
Positioning ENISA activities
significant physical disasters affecting CIIs
complex networks and services
low quality of software and hardware
asymmetric threats allowing remote attacks to CII
increasing organised cybercrime and industrial espionage
lack of international agreements and regimes,
lack of well functioning, international operational mechanism
Dr. Evangelos Ouzounis, Head of Secure Infrastructures and Services, ENISA
Emerging Threat Environment
EU Policy Context
EU Cyber Security Strategy (COM)
eIDAs Directive – article 19
EU Cloud Computing Strategy
and Partnership (COM)
Telecom Package – article 13 a, art. 4
ENISA II – new mandate
The NIS Directive
EU’s CIIP action plan
Dr. Evangelos Ouzounis, Head of Secure Infrastructures and Services, ENISA
The NIS Directive
Operators of Essential Services
Digital Service Providers
StrategicCooperation Network
Cloud Computing Services
Online Marketplaces
Incident Reporting
Security Requirements
NationalCyberSecurityStrategies
Tactical/OperationalCSIRT Network
Transport
Energy
Banking and Financialmarket infrastructures
Search Engines
Digital Infrastructure
Healthcare
National Cyber Security Strategies
Dr. Evangelos Ouzounis, Head of Secure Infrastructures and Services, ENISA
24 NCSS in EU; a few under development
Different maturity levels
CIIP - key subject in NCSS
PPPs - limited success so far
SMEs not properly covered
Overlaps in mandates
Assessment of NCSS is an issue
https://www.enisa.europa.eu/activities/Resilience-and-CIIP/national-cyber-security-strategies-ncsss/national-cyber-security-strategies-in-the-world
Sectors Energy ICT Water Food Health Financial
Public &
Legal
Order
Civil
Admin.Transport
Chemical &
Nuclear
Industry
Space &
Research
AU
BE
CZ
DK
EE
FI
FR
DE
EL
HU
IT
MT
NL
PL
SK
ES
UK
CH
Critical Sectors in EU MS
Today’s challenges
Increasing reliance on communication networks
Emerging threat environment hampering the availability, integrity and confidentiality of networks based on:
• Infrastructure vulnerabilities
• Interdependencies
• Privacy concerns
http://www.enisa.europa.eu/internetcii
Current Internet infrastructure threats
Incident Reporting for the Telecom Sector
CIIP in Europe| Evangelos Ouzounis, HoU Secure Infrastructure and Services, ENISA
• Article 13a of the Framework Directive (2009/140/EC), is introduced in the 2009 reform of the EU regulatory framework for electronic communications.
• Art. 13a addresses security and integrity of public electronic communications networks and services (availability of the service).
• Art. 13a of Telecom Package: • Expert Group with all NRAs (EU and EFTA) & EC • Non-binding technical guidelines (strong adoption
among MS)• 4 years of success annual reporting from Telecoms
to NRAs and then to ENISA and EC• Impact evaluation available March 2016.
• More incident reporting schemes: • Article 4 on data breaches - Telecom Package• Article 19 on breaches of trust services - eIDAS• NIS Directive (affecting many sectors)
Total reported incidents (numeric)
51
79
90
137
Incidents reported
2011 2012 2013 2014
CIIP in Europe| Evangelos Ouzounis, HoU Secure Infrastructure and Services, ENISA
22
37
29
47
33
25
19
34
61
48 48
39
59
49
53
35
2011 2012 2013 2014
Fixed telephony Fixed internet Mobile telephony Mobile internet
Impact on services (percentage)
Emergency Communications
• Some emergency services do use data services, often on commercial networks, but data is not used between the emergency services and the public
• Inter-agency communication problems are a common issue identified in post-crisis reviews of major incidents
http://www.eurescom.eu/news-and-events/eurescommessage/eurescom-message-1-2014/celtic-project-macico.html
Good Practices for Communications during a Crisis
• National roaming could be used to improve resilience of mobile communication networks and services in case of large outages:
• Prioritize voice and SMS
• Favor open Wi-Fi as alternative solution for data connectivity
• Be prepared for an eventual mobile network outage
• Identify key people within CI services
• Use of Internet services such as social media have a part to play in crisis management, both as
• situational awareness tool
• responsive, direct communication channel between crisis managers on the ground and the public.
Conclusions
CIIP in Europe| Evangelos Ouzounis, HoU Secure Infrastructure and Services, ENISA
1Cyber attacks on and failures of CIIs now becomes quite common
2Well functioning telecommunications are necessary for the handling of such crisis
3
MS and private sector, with the assistance of ENISA, should co-operate to protect CIIs
sharing experiences and information developing and deploying good practices co-operate with NRAs to achieve EU wide
harmonization of EU regulations
4 “Collaboration is Everything”.
www.enisa.europa.eu/internetcii
Thank you