ENISA Newsletter - head background
editorial

I am pleased to present ENISA’s latest newsletter. The last three months have been very challenging for the Agency, culminating with the proposal of the European Commission to strengthen and expand the mandate.

This proposal will not only enable the Agency to better support the Member States in implementing the NIS Directive, but it will also allow us to address certification and standardisation of ICT products.

In this context, EU Commissioner for Digital Economy and Society Mariya Gabriel visited ENISA’s premises in Athens and had a fruitful discussion with the staff on our current and future role in EU cybersecurity.

Another milestone in the Agency’s existence was the recruitment of 33 leading experts from the EU Member States and the EFTA countries, who will be part of ENISA’s Permanent Stakeholders Group (PSG) and advise the Agency and its Executive Director for the next two and a half years.

Also, continuing the great work done in the past four years, ENISA was fully involved in the European Cyber Security Month, the EU’s annual awareness raising campaign, during which some 530 activities such as conferences, workshops, seminars and online courses took place across Europe.

As keeping up the good work is an important part of our culture, ENISA fully supported the European Cybersecurity Challenge for the fourth time since 2014. Over 200 of the best cybersecurity talents and hundreds of visitors from across Europe attended this event organised by the Spanish National Cybersecurity Institute INCIBE in Malaga.

Looking into the future, we are getting ready for some very important events, such as our new PSG’s first meeting late November, the first ENISA training on cybersecurity in aviation in partnership with EASA and the National Liaison Officers’ meeting.

I hope you will enjoy reading our newsletter. Follow us on our social media channels and stay up to date on ENISA’s latest news!

Udo Helmbrecht,
ENISA’s Executive Director

Udo Helmbrecht
Udo Helmbrecht Executive Director
featured topics

European Commission proposal on a Regulation of the European Parliament and of the Council on the future of ENISA

Jean-Claude Juncker in his State of the Union Speech has confirmed a European Commission proposal for a Regulation on the future of ENISA called the “Cybersecurity Act”.

In this context, the new proposed mandate reinforces ENISA role and enables the Agency to better support the Member States in implementing the NIS Directive and to counter particular threats more actively by becoming a centre of expertise on cybersecurity certification.

It is proposed that the current role of ENISA should be strengthened in the many areas where the Agency is already providing added value, and new areas where support is needed will be added, in particular the NIS Directive, the review of the EU Cybersecurity Strategy, the upcoming EU Cybersecurity Blueprint for cyber crisis cooperation and ICT security certification.

read more

ENISA graphic
line

Commissioner Mariya Gabriel meets ENISA Executive Director and staff for a discussion on Cyber Security in Europe

ENISA welcomed, for the first time, the visit of the Commissioner for Digital Economy and Society, Ms. Mariya Gabriel, in the Agency’s premises in Athens.

The timing of the visit was particularly opportune in that the Commission had recently published a new proposed Draft EU Cybersecurity Act for a permanent and stronger mandate for ENISA as well as a new EU cybersecurity strategy.

The meeting provided an opportunity to meet the staff of ENISA and to discuss how the European Commission sees the future role of ENISA and the cybersecurity landscape in Europe.

read more

Commissioner Gabriel
line

European Cyber Security Month: United against Cyber Security Threats

During the month of October, some 530 activities such as conferences, workshops, seminars and online courses took place across Europe, an increase of over 15% from the previous year, to help make the internet a safer place for us all.

The ECSM keystone event was held under the Estonian Presidency at Tallinn University of Technology, at the end of September. The event was co-organized by ENISA and the Estonian Information System Authority.

This year’s campaign highlighted the following themes:

  • Week 1: Cybersecurity in the workplace – cyber-hygiene practices for SMEs
  • Week 2: Governance, Privacy and Data Protection – preparation for EU’s General Data Protection Regulation
  • Week 3: Cybersecurity in the home – threats related to Internet of Things
  • Week 4: Skills in cybersecurity – educating and growing the cybersecurity workforce

read more

European Cyber security Month 2017
news

The Internet of Things: when your washing machine and blood pressure monitor become a target for cyberattacks

ENISA and Europol joined forces to tackle these security challenges by organising a dedicated two-day conference on 18 and 19 October 2017, which was attended by more than 250 participants from the private sector, security community, law enforcement, the European Computer Security Incident Response Teams (CSIRT) community and academia./p>

This joint Europol-ENISA conference, the first one on the topic, provided the opportunity for all the relevant stakeholders to come together, discuss the challenges faced and identify possible solutions, building on existing initiatives and frameworks. A specific focus was on the role of law enforcement in responding to the criminal abuse of the IoT

read more

Europol-ENISA IoT Security conference

A triumphant European Cybersecurity Challenge 2017. See you in 2018!

Young talents from 15 competing national teams proved their technical and teamwork skills in the most exciting and complex cyber competition of the year.

The event was organised by the Spanish National Cybersecurity Institute INCIBE with direct involvement and support from ENISA.

The challenge, expert talks and job fair attracted a lot of interest, including from over 200 of the best Cybersecurity talents and hundreds of visitors from across Europe, who came to network and to compete for the European crown.

read more

European Cyber Security Challenge 2017

I say ransomware, you say crypto virus: the cyber-insurance language problem

ENISA published ‘Recommendations on cyber-insurance’, a study on the commonality of risk assessment language in cyber-insurance, which proposes recommendations for achieving a higher level of language harmonisation.

The study provides a comprehensive analysis of the factors that influence the harmonization, or lack thereof, of risk assessment language in cyber-insurance, its practical impact on the growth prospects of the cyber-insurance market and forthcoming trends.

read more

3rd eHealth security conference

On 15 November 2017, the third eHealth Security Conference on ‘Protecting the Hospital of Tomorrow’ was held at the Faculty of Dental Medicine of the University of Lisbon. The event was co-organized by the EU Cybersecurity ENISA and the Portuguese Ministry of Health – Shared Services Directorate.

The conference saw the participation of over 600 people and had 30 speakers from all over the European Union. The main topics approached were policy compliance in healthcare, Cloud and cybersecurity, and smart healthcare.

read more

Web Summit 2017

ENISA at Web Summit 2017

ENISA had a representation at Web Summit on the 6th to the 9th November in Lisbon, the largest tech conference in the world. Paulo Empadinhas, Head of SRAD moderated a roundtable discussion “New defences: preventing cyberattacks” in the Forum. It was the first time ENISA participated in this event and it resulted in a positive attended event with good networking opportunities and media attention. Moreover, ENISA engaged with the European Commission Portuguese representation and DG Grow, DG Communications, DG Connect, DG ECFIN.

Web Summit 2017

ENISA at IT-SA exhibition congress

ENISA was present at the IT-Sa exhibition congress in Nuremberg. Its heads of Departments Steve Purser and Paulo Empadinhas shared their valuable knowledge and expertise with the audience.

Steve Purser, participated in a press conference together with BSI, BITKOM and NuernbergMesse, and gave a keynote presentation on the ‘Security landscape in Europe’.

Paulo Empadinhas’ intervention focused on the interesting times we’re living in from a cybersecurity perspective, and emphasized the new challenging role that awaits ENISA in the years to come, after the EU Commission put forward a ground-breaking proposal.

News on PSG

The Permanent Stakeholders' Group (PSG) advises the Executive Director on the development of the Agency’s work program, and on ensuring the communication with the relevant stakeholders on all related issues.

The Group is composed of “nominated members” from three organizations namely Europol, BEREC and Art.29 Working Party and members appointed “ad personam”, all in total 33 members from all over Europe. The selection process for the election of the new group of experts appointed ’ad personam’ ended in October, 2017. The first meeting of the new PSG group will take place in Athens on 29 and 30 November, 2017 during which topics of the forthcoming work programmes will be discussed. For more information on the group and the list of its members please visit the related ENISA page.

read more

Vulnerability of Wi-Fi WPA2 networks

A serious vulnerability affecting the Wi-Fi Protected Access II – WPA2 protocol was discovered. A potential attack would work against most Wi-Fi network setups e.g. the original WPA, WPA2, and even against networks that only use the Advanced Encryption Standard (AES) technique.

The EU Cybersecurity Agency ENISA collected and analysed information on this situation and issued a cybersecurity info note. This provides a comprehensive overview of the event and key recommendations on how to proceed in case people and organizations are affected.

read more

ENISA hosts third CSIRTs Network meeting under Estonian presidency

On 25 and 26 October, under the Estonian EU Presidency Chairmanship, ENISA hosted the third formal Computer Security and Incident Response Teams (CSIRTs) Network meeting this year.

The meeting took place at ENISA's headquarters campus in Crete, Greece, and saw the participation of CSIRT representatives from all EU Member States, CERT-EU, and the European Commission.

The participants gathered to continue developing the operational-cooperation capability in the EU, as defined by the Network and Information Security Directive.

read more

CSIRTs Network

Cyber Europe preparatory meeting

ENISA hosted the main planning conference for Cyber Europe 2018, the most important cybersecurity exercise in the European Union.

Some 40 experts from national cybersecurity authorities met on 17 and 18 October at ENISA’s premises in Athens to discuss about and agree upon the core plan and scenario of next year’s Cyber Europe exercise.

read more
Cyber Europe 2018

Sixth ENISA-EC3 Workshop on CSIRT and international law enforcement cooperation for a safer Europe

On 16 and 17 October 2017, ENISA and Europol organised the sixth edition of their annual workshop. This year’s headline was cooperation between European Computer Security Incident Response Teams (CSIRTs) and law enforcement.

read more

ENISA’s fifth Industry Event allowed a fruitful discussion with the NIS industry community

ENISA’s fifth Industry Event engaged EU based small and medium-sized enterprises (SMEs), mid-cap companies and start-ups, and focused on business opportunities in cybersecurity and EU financial mechanisms.

The event that took place on the 3rd of October is the fifth since its inception in 2015. The scope was stimulating the development of the EU network and information security (NIS) industry.

read more

European defence ministers meet for cyber exercise supported by ENISA

ENISA participated at the EU MoD Ministerial conference held in Tallinn, Estonia in 6th and 7th September 2017.

One of the main events of this Ministerial conference has been EUCybrid 2017, a high level table top cyber exercise for the EU Ministers of Defence and senior EU representatives organized by the Estonian Presidency of the EU.

read more
events
20 November Brussels, Belgium ENISA Training on aviation cybersecurity
29 November Athens, Greece ENISA PSG meeting
5 December Brussels, Belgium Using cybersecurity to deliver industry transformation (Industry 4.0) event – Brussels
22 January 2018 Berlin, Germany Omnisecure
January 2018 Athens, Greece ENISA NLO meeting
contacts

Newsletter

ENISA newsletter for the period between August - November 2017.

Forward this issue

You may wish to distribute ENISA's newsletter to your networks.


Contact us

PO Box 1309
71001 Heraklion / Greece
T+30 2814 409710
info@enisa.europa.eu
enisa.europa.eu

linkedin youtube
europe footer