News Item

ENISA publishes a Tool for the Mapping of Dependencies to International Standards

The EU Agency for Cybersecurity publishes a tool to map international security standards to interdependencies’ indicators.

Published on April 06, 2020

Objective

The web tool presents the mapping of the indicators demonstrated in the report Good practices on interdependencies between OES and DSPs to international information security standards.

This report analysed the dependencies and interdependencies between Operators of Essential Services (OES) and Digital Service Providers (DSPs) and identified a number of indicators to assess them.

These indicators are mapped to international standards and frameworks, namely ISO IEC 27002, COBIT5, the NIS Cooperation Group security measures and NIST Cybersecurity Framework.

Context

Due to the digitalisation of services, all major sectors have an increasing level of cyber (inter)dependencies on digital infrastructures and DSPs. Integrating the assessment of (inter)dependencies in an overall risk management process is a complex process, particularly in the case of cross-sector or cross-border dependencies and interdependencies.

The following framework was used to identify, analyse these interdependencies and then define the (inter)dependencies’ indicators.

interd dep pic

 

Tool

The tool contributes to the NIS Directive (Article 3) objective for a common and converged level of security in network and information systems at EU level. It does not intend to replace existing standards, frameworks or good-practices in use by OESs.

By using this tool, security experts may:

  1. Describe the interdependencies among OES and DSP in a straightforward  and comprehensive manner;
  2. Easily identify risk assessment practices for the evaluation of the potential impact of interdependencies;
  3. Define good practices for assessing interdependencies stemming from international standards and frameworks.

Click here to access the Interdependencies between OES and DSPs - Tool

Target Audience

  • Operators of Essential Services (OES)
  • Digital Service Providers (DSPs);
  • National Competent Authorities (NCAs).
 For intrerviews and questions
      
      

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

We use cookies on our website to support technical features that enhance your user experience.
We also use analytics. To opt-out from analytics, click for more information.

I've read it More information