WISTP ENISA: challenge and opportunities 11 May 2007
description
Transcript of WISTP ENISA: challenge and opportunities 11 May 2007
WISTP
ENISA: challenge and opportunities
11 May 2007
2
• Network and information security in Europe
• ENISA’s role
• ENISA today and tomorrow
• ENISA and FP7
ContentContent
3
Network and information security in Europe - 1
dTowards the information society
• more employment• more growth• more inclusiveness
• privacy challenge• ID theft• Attacks against CII• digital divide
LisbonLisbon StrategyStrategyeEurope programmeseEurope programmes
i2010 initiativei2010 initiative
GRIDsGRIDsNGNNGN
ICT development
Mobile systemsMobile systemsWiFiWiFi
Sensor networksSensor networks
RFIDRFID Ambient intelligenceAmbient intelligence
4
III. Law enforcement
II. Legal requirements
I. Protection measures
DATA PROTECTION &TELECOM FRAMEWORK
NETWORK &INFORMATION SECURITY CYBER CRIME
DataRetention
Intrusion
Hacking
ID Theft
Network and information security in Europe - 2
5
TRUSTWORTHY, SECURE & RELIABLE ICT
TECHNICAL dimension
LEGAL dimension
SOCIAL dimension
ECONOMIC dimension
Network and information securityin Europe - 3
- diversity,
- openness,
- interoperability
- NIS as a virtue and an opportunity - fundamental right on-linefundamental right on-line- privacy & security as prerequisiteprivacy & security as prerequisite
- overall security chain
- home systems criticality
- shared responsibilityshared responsibility
6
• Network and information security in Europe
• ENISA’s role
• ENISA today and tomorrow
• ENISA and FP7
ContentContent
7
European CommissionEuropean Commission
R&DR&DLegal FrameworkLegal Framework eApplications
eApplications
Member StatesMember StatesNRANRA
DPADPA GovernmentGovernmentNSANSA
NBANBA
European CouncilEuropean Council European Parliament
European Parliament
National security policiesNational security policies eAdministation
eAdministationIncentivesIncentives
StakeholderStakeholder-academia-academia
-associationsassociations-providersproviders-vendorsvendors
-end usersend users
• lack of coherence lack of coherence • lack of dialoguelack of dialogue• lack of cooperationlack of cooperation
ENISAENISA
ENISA’s Role - 1
StandardsStandards
Certif
icat
es
Certif
icat
es
8
ENISA’s tasks
Giving advice and assistance to
Commission andMember States
Risk assessment
and riskmanagement
Promote CERTs
Information exchange
and cooperation
Trackstandardisation
Promote best practices
Awareness raising
Becoming a centre of expertise
ENISA’s Role - 2
9
Catalyst
StimulatorAdviser
Promoter
To be …
Scientificlab
Evaluationbody
CSIRT
Analystservice
but not no be …
ENISA scope of activity
ENISA’s Role - 3
Networking …Networking …
……without duplicatingwithout duplicating
10
• Network and information security in Europe
• ENISA’s role
• ENISA today and tomorrow
• ENISA and FP7
ContentContent
11
Management BoardManagement Board
Executive Director (and staff)
Executive Director (and staff)
Permanent Stakeholders Group
Permanent Stakeholders Group
Ad hoc Working GroupsAd hoc Working Groups
ENISA
• 1 seat per MS, 3 EC, 3 observers• Approves the Working Programme• Approves the budget
• “Run the Agency”• Reports to Management Board
• Industry, academia, users (30 seats) • Advice to Executive Director
• Technical advice on specific matters• Report to ED• 3 WG in 2005, 4 in 2006
ENISA today and tomorrow - 1
National Liaison OfficerNational Liaison Officer• Contact point in each Member State• Facilitate exchange of information
12
- - Assistant/controllerAssistant/controller- Policy adviserPolicy adviser- Accounting officeAccounting office- Security officeSecurity office- Press and ComPress and Com..
AdministrationAdministration: :
- FinanceFinance- Human resourcesHuman resources- Legal serviceLegal service- It infrastructureIt infrastructure
TechnicalTechnical::
- Risks managementRisks management- Security policySecurity policy- Security toolsSecurity tools- Technology cabinetTechnology cabinet
Cooperation & supportCooperation & support::
- Awareness raisingAwareness raising- Incident responseIncident response- Coordination MS & ECCoordination MS & EC- Relations with industryRelations with industry
Executive directorExecutive director
Around 50 staffAround 50 staffAbout 7 Meuros/yearAbout 7 Meuros/year
ENISA today and tomorrow - 2
13
• Awareness raising– Overview of awareness raising programmes in EU
– Users’ guide on how to raise information security awareness
• Risk assessment and risk management– Inventory of methods and tools
– Method adapted to SMEs context
• Security policy – Study on Security & anti-spam measures in eComunication
– Inventory of NIS certification and accreditation schemes
– Roadmap on electronic authentication interoperability
• CERT capacity development:– Inventory of CERT activities in Europe
– How to set-up a CERT
• Security tools and architecture– Current developments in NIS technologies
Deliverables (2006 Work Programme)Deliverables (2006 Work Programme)
ENISA today and tomorrow - 3
14
ENISA today and tomorrow – 4
RequestsRequests from the EC and MS (2006) from the EC and MS (2006)
15
http://www.enisa.europa.eu
Go to our website: Subscribe to the ENISA Quarterly:
To subscribe to the ENISA Quarterly, please mail to [email protected] and clearly state “SUBSCRIBE” (!) as subject
ENISA today and tomorrow – 5
16
• Mid term evaluation in 2007
• Good quality of ENISA output
• Impact difficult to assess
• Need to focus more on strategic goals
ENISA ENISA today and tomorrow – 6
17
An impact oriented process…
• Dialogue with and between stakeholders…
PSG Commission Agency OthersMS
Collection of expectations and needs
Agency to suggest resources neededand showing the competence to perform
Thematic multi annual Programmes Annual Work Programmes
ENISA ENISA today and tomorrow – 7
MB and PSG to indicate priorities
• Guided by strategic goals…
18
Strategic goals adopted by the MB last March:
1. Building confidence in the information age through increasing the level of NIS in the EU
2. Facilitating the Internal Market for e-Communication by assisting the institutions to decide the appropriate mix of regulation and other measures (notably about Telecom Framework)
3. Increasing co-operation between MS in order to reduce the difference in the capability of MS in this area
4. Increasing the dialogue between the various stakeholders in the EU on NIS
5. Assisting and responding to requests for assistance from the MS
ENISA ENISA today and tomorrow – 7
19
• Network and information security in Europe
• ENISA’s role
• ENISA today and tomorrow
• ENISA and FP7
ContentContent
20
ENISA and FP7 - 1
• ENISA must not duplicate any capacity currently existing in Europe
• ENISA does not perform research
• ENISA cannot be member of any consortium submitting a response to FP7 calls
• ENISA must not interfere with the EC selection procedure
21
ENISA and FP7 - 2
• ENISA must advice the EC on research in NIS
• ENISA staff may be evaluator of FP7 calls (any EC call)
• ENISA staff may be reviewer of FP7 project
• ENISA can join the Advisory Board or Strategy Committee of a Consortium after selection for FP7 funding
22
QUESTIONS?