News Item

Udo Helmbrecht at Munich Security Conference on connectivity and security in critical infrastructures

Published on September 20, 2016

Cyber Security Summit Stanford. Image source: MSC/Kuhlmann

Udo Helmbrecht participates at the fourth Cyber Security Summit hosted by the Munich Security Conference in Silicon Valley, where on the 19th and 20th September he joins around a hundred key representatives from both the EU and the US scene, from diverse fields of the public and private sphere to debate on trending cyber challenges.

Among the speakers at the MSC panel on "Connectivity vs. Security? Critical Infrastructure under Cyber Attack", ENISA’s Executive Director, Udo Helmbrecht said that while modern economies rely on the newly developed cyber infrastructures assuring their security has become the main priority of many actors such as governments and companies, as this may have implications on the economies and business. “Dependencies of critical infrastructure across the EU increase the attack surface and the potential impact of cyber incidents”. Furthermore, critical infrastructures - such as electricity generation plants, transportation systems, manufacturing facilities – are controlled and monitored by Industrial Control Systems (ICS), including SCADA systems. The importance of continuous improvement of ICS-SCADA[1] security for critical service providers is increasingly recognized as a high priority area among European critical infrastructure operators due to its strategic impact on processes essential for uninterrupted functioning of the EU industries and economy.

It is noted that the most expensive attacks are considered to be insider threats, while DoS/DDoS and malicious insiders attack, are the two types which collectively constitute approximately half the annualized cost of all cybercrime. In terms of country loss, the costs can reach up to 1.6% of GDP in some EU countries[2] while for the global economy, loss is estimated between 330 to 506 billion euros.[3] Finance, ICT and energy sectors display the highest incident costs.

In this context it was explained how mandatory incident reporting from the telecom sector (Art. 13a of the Telecom Package) and trust service providers (Art. 19 of the eIDAS Regulation) provides an aggregated overview of incidents of significant impact. “National cyber security strategies and the recent NIS Directive help enhance cyber security from a policy perspective, setting the foundations for increased EU-level cooperation, risk management and incident reporting obligations, for operators of essential services and digital service providers. Government and the private sector can cooperate more proactively in order to not just respond, but also better deter and defend against potential cyberattacks”.

Video of the Cyber Security Summit in Stanford

Panel Discussion "Connectivity vs. Security? Critical Infrastructures under Cyber Attack"

 Cyber Security Summit Stanford - Day 1 Recap

For more info visit:


For interviews and  more on the subject please contact Tel. +30 2814 409 576

[1] ICS-SCADA: Industrial Control and Supervisory Control and Data Acquisition Systems

[2] Cost of Cyber Crime Study: France, Ponemon Institute, 2014

[3] Net Losses: Estimating the Global Cost of Cybercrime, McAfee, 2014



Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


We use cookies on our website to support technical features that enhance your user experience.
We also use analytics. To opt-out from analytics, click for more information.

I've read it More information