-
International Perspectives on Cybersecurity
-
Speech by ENISA’s Executive Director, Prof. Dr. Udo
Helmbrecht - 2018 Potsdam conference for national cybersecurity
Located in
Publications
/
ED's speeches
-
Consumerization of IT: Final report on Risk Mitigation Strategies and Good Practices
-
This report presents security policies that can be deployed to mitigate risks that are related with the trend of Consumerization of IT (COIT) and Bring Your Own Device (BYOD). The aim of this document is to identify mitigation strategies, policies and controls for the risks identified in this area.
Located in
Publications
-
Cybersecurity competitions — the status in Europe
-
This report focuses on analysing the current situation concerning cybersecurity challenge competitions in Europe. The experience gathered will be the basis to develop a pan-European competition on cybersecurity.
Located in
Publications
-
Secure ICT Procurement in Electronic Communications
-
The report, “Secure ICT Procurement in Electronic Communications”, focuses on the growing dependency of electronic communications service providers on ICT products and outsourced services, it analyses security risks associated with third party ICT products and outsourced services used for core operations, it provides practices used in the sector and it gives general recommendations to the sector.
Located in
Publications
-
Security Guide for ICT Procurement
-
The “Security Guide for ICT Procurement” aims to be a practical tool for electronic communications service providers to better manage security risks when dealing with vendors of ICT products and outsourced services. The Guide maps security risks which could lead to a disruption of electronic communications services for users, to a full framework of security requirements, which can be applied to vendors of ICT products and outsourced services used for the core operations of electronic communications networks and services.
Located in
Publications
-
Protection of Underground Electronic Communications Infrastructure
-
This document aims to provide recommendations to Member States (MS) that wish to protect their underground electronic communications infrastructure against disruption due to civil works. This document shall help MS to assess their need to deploy an automated information system for damage prevention, and eventually assist them in the development of such tool through a number of recommendations.
Located in
Publications
-
Smart Grid Security Certification in Europe
-
The report describes the need for harmonised European smart grid certification practices which cover the complete smart grid supply chain, and are supported by a European platform based on M/490 SGAM1 (Smart Grid Architecture Model) and the concept of smart grid chain of trust.
Located in
Publications
-
National Exercise - Good Practice Guide
-
ENISA prepared a good practice guide to assist authorities in Member States to better understand the complexities of exercises and help them prepare local and national ones. This guide was prepared by interviewing experts on exercises throughout the EU and beyond with the aim to identify good practices that were already applied and proved to be effective.
This guide examines these practices by first giving an introduction to the subject of exercises, then reviewing the life-cycle of an exercise (identifying, planning, conducting, and evaluating) systematically. Also, the roles of the involved stakeholders are presented. Throughout the guide, good practices are highlighted for easy identification.
Still, this guide is but an introduction to many of these issues. To help take readers further, this guide also includes references to some additional materials that can help authorities to organize exercises to help take you further.
Beyond the materials, the interviews with experts revealed that there is an enormous wealth of knowledge and experience with exercises from which others can learn. Just as one major benefit of exercises is to build cooperation across the sector, the interviewed experts expressed much interest in cooperation themselves. And for those new to exercises, one of the most effective steps you can take will be to participate with these experts in cooperative efforts across the EU, developing contacts, and asking further questions.
Located in
Publications
-
An evaluation framework for Cyber Security Strategies
-
ENISA work on the evaluation of National Cyber Security Strategies (NCSS) addressing to policy experts and government officials who design, implement and evaluate an NCSS policy. It aims to be a flexible and pragmatic tool based on principles rather than prescriptive checklists, in alignment with the provisions of the EU Cyber Security Strategy.
The evaluation framework developed by ENISA, consists of a logic model presenting a set of steps and a list of possible key performance indicators (KPIs); illustrating the underlying logic of recurring components of NCSS. The suggested KPIs are mapped to the objectives of the evaluation model, making it easier for stakeholders to choose the most useful according to their priorities.
Located in
Publications
-
Network and Information Security in the Finance Sector
-
Securing cyberspace and e-communications has become both a governmental and an Industry priority worldwide. The growing relevance of information and communication technologies in the essential functions of the economy has reinforced the necessity of prevention and protection measures in all sectors, naturally including the finance sector.
This research aimed at understanding and comparing the obligations relevant to Information Security within the finance sector in most of the EU28 Member States, to compare them with the Industry’s prospects, and to draw a clear vision of important priorities for the future.
Located in
Publications