This Tender is divided into two LOTS. You may bid for one or both LOTS.
LOT 1 – Incident reporting for Cloud computing
In preliminary briefings about the EU’s cyber security strategy, which is being prepared now by the EC, the EC indicated that part of this strategy will extend Article 13a to a number of critical services and sectors. Article 13a mandates telecom providers in the EU to: 1) do a risk assessment, 2) take appropriate security measures, and 3) report about incidents. In the European electronic communications sector this triangle is supervised by a national regulator. This lot concerns a study on such frameworks for incident reporting, risk assessment and security measures, for cloud service providers.
LOT 2 – Securing Governmental Cloud Computing Infrastructures across the EU
Several government cloud initiatives are trying to leverage the benefits of cloud computing. Governmental clouds, procured by the public sector, can play an important role in speeding up adoption of cloud computing across EU. In fact, the European Commission, in its 2012 Cloud Strategy, stressed this role for public procurement. ENISA works to support the Commission’s cloud computing strategy and as part of these efforts, in this study ENISA will develop a set of guidelines for securing governmental Cloud Computing infrastructures across the EU, in order to facilitate the take-up of cloud services by public sector organisations in the EU.