ENISA
https://www.enisa.europa.eu
Cyber Security Aspects in the Maritime Sector
https://www.enisa.europa.eu/publications/cyber-security-aspects-in-the-maritime-sector-1
This report is the first EU report ever on cyber security challenges in the Maritime Sector. This principal analysis highlights essential key insights, as well as existing initiatives, as a baseline for cyber security. Finally, high-level recommendations are given for addressing these risks, Cyber threats are a growing menace, spreading to all industry sectors that relying on ICT systems. Recent deliberate disruptions of critical automation systems, such as Stuxnet, prove that cyber-attacks have a significant impact on critical infrastructures. Disruption of these ICT capabilities may have disastrous consequences for the EU Member States’ governments and social wellbeing. The need to ensure ICT robustness against cyber-attacks is thus a key challenge at national and pan-European level.No publisherCritical Information Infrastructure Protection (CIIP)2011/12/16 16:30:00 GMT+2Report/StudyMutual Aid Agreements
https://www.enisa.europa.eu/publications/mutual-aid-agreements
This Mutual Aid for Resilient Infrastructure in Europe (MARIE) Phase 1 Report presents twelve Key Observations about MAAs and in so doing lays the foundation for a number of recommendations, which are planned for the MARIE Phase 2 Report (in 2012). As one of the most prominent obstacles to further utilization of MAAs is organizations embracing emergency preparedness responsibilities that extend all the way out through to low probability and high impact events, many of the observations offered here are tightly coupled with emergency preparedness motivation. Phases 3 and 4 are designed to serve as implementation and monitoring periods, which will be essential to the full benefit realization of this mutual aid initiative. No publisherCritical Information Infrastructure Protection (CIIP)2011/12/16 16:25:00 GMT+2Report/StudyMutual Aid for Resilient Infrastructure in Europe (M.A.R.I.E.) - Phase II: Recommendations Report
https://www.enisa.europa.eu/publications/m-a-r-i-e-phase-ii-recommendations-report
This report presents 5 main recommendations which will –if implemented- improve emergency preparedness for ICT Stakeholders. The results of the preliminary study performed in 2011 showed that the preparedness for Black Swan events (low probability / high impact) cannot be handled in isolation, and that one of the possible responses to this issue could be the use of Mutual Aid Agreements. The recommendations intend to provide a high level coverage to raise awareness and encourage their development.No publisherCritical Information Infrastructure Protection (CIIP)2013/12/19 17:50:00 GMT+2Report/StudyMethodologies for the identification of Critical Information Infrastructure assets and services
https://www.enisa.europa.eu/publications/methodologies-for-the-identification-of-ciis
This study aims to tackle the problem of identification of Critical Information Infrastructures in communication networks. The goal is to provide an overview of the current state of play in Europe and depict possible improvements in order to be ready for future threat landscapes and challenges.No publisherCritical Information Infrastructure Protection (CIIP)2015/02/23 12:00:00 GMT+2Report/StudySecurity and Resilience in eHealth Infrastructures and Services
https://www.enisa.europa.eu/publications/security-and-resilience-in-ehealth-infrastructures-and-services
The aim of this study is to investigate the approaches and measures MS take to protect critical healthcare systems, having as a main goal improved healthcare and patient safety. In that respect this study analyses: - The policy context in Europe and the legislation of the Member States - The perception of the Member States on critical assets in eHealth infrastructures - The most important security challenges - The most common security requirements - Relevant good practices that have been deployed in the MS for eHealth securityNo publisherCritical Information Infrastructure Protection (CIIP)HealthResilience2015/12/15 02:05:00 GMT+2Report/StudyStocktaking, Analysis and Recommendations on the protection of CIIs
https://www.enisa.europa.eu/publications/stocktaking-analysis-and-recommendations-on-the-protection-of-ciis
This study takes stock of and analyses the different approaches the EU Member States take to protect their critical information infrastructures by presenting key findings, the different CIIP governance structures and by emphasizing on good practices. The study also makes general recommendations to EU Member States and the European Commission on how to improve CIIP in the European Union. No publisherCritical Information Infrastructure Protection (CIIP)2016/01/21 00:00:00 GMT+2Report/StudyIncentives and barriers of the cyber insurance market in Europe
https://www.enisa.europa.eu/publications/incentives-and-barriers-of-the-cyber-insurance-market-in-europe
ENISA conducted a study identifying possible causes inhibiting the cyber-insurance market in Europe and investigating incentives to kick –start its development. The Study analyses the structure and the characteristics of the cyber insurance market and includes a set of recommendations for good practices for stakeholders that need to be familiar with this topic.No publisherCritical Information Infrastructure Protection (CIIP)2012/06/28 12:55:00 GMT+2Report/StudyEP3R 2013 – Task Forces on Terminology Definitions and Categorisation of Assets (TF-TDCA)
https://www.enisa.europa.eu/publications/tf-tdca
This Position Paper intends to establish the foundations of a commonly accepted and adopted methodology to define proper Terminology within EP3R, and later allow a concise Key Assets Categorisation.No publisherCritical Information Infrastructure Protection (CIIP)2014/01/30 09:55:00 GMT+2Report/StudyPosition Paper of the EP3R Task Forces on Incident Management and Mutual Aid Strategies (TF-MASIM)
https://www.enisa.europa.eu/publications/tf-masim
This document summarises the discussions that happened between April and September 2013 in the EP3R Task Force on Incident Management and Mutual Aid Strategies. The task assigned to this Task Force was to reflect on the potential issues found when a large scale incident (Cyber, Natural Disasters, etc.) affects the Critical Information Infrastructures in a region across one or several borders.No publisherCritical Information Infrastructure Protection (CIIP)2014/01/30 00:00:00 GMT+2Report/StudyPosition Paper of the EP3R Task Forces on Trusted Information Sharing (TF-TIS)
https://www.enisa.europa.eu/publications/tf-tis
The key recommendations of this report are: - To establish a pilot based on the Management and Functional Requirements listed in this document which usage will allow a more structured Information Sharing mechanism; - To designate a neutral party who will host and operate this platform. The Task Force estimated that ENISA could be an option to investigate; - To encourage the use of these requirements in other projects and communities.No publisherCritical Information Infrastructure Protection (CIIP)2014/01/30 00:00:00 GMT+2Report/StudyCyber Security and Resilience of Intelligent Public Transport. Good practices and recommendations
https://www.enisa.europa.eu/publications/good-practices-recommendations
This study proposes a pragmatic approach that will highlight the critical assets of Intelligent Public Transport systems. It gives an overview of the existing security measures (good practices) that could be deployed to protect these critical assets and ensure security of the IPT system, based on a survey and interviews of experts from the sector, municipalities, operators, manufacturers and policy makers.No publisherCritical Information Infrastructure Protection (CIIP)Internet of things2016/01/12 00:00:00 GMT+2Report/StudyArchitecture model of the transport sector in Smart Cities
https://www.enisa.europa.eu/publications/smart-cities-architecture-model
The main objective of this study is to model the architecture of the transport sector in SCs and to describe good cyber security practices of IPT operators. The good practices are put into a relationship with different city maturity levels. This allows representatives of operators and municipalities to quickly assess whether or not they lag behind other cities with the same maturity level in terms of cyber security and, if so, to take appropriate actions. The study is primarily focused on the provision of practical, hands-on guidance.No publisherCritical Information Infrastructure Protection (CIIP)Internet of things2016/01/12 00:00:00 GMT+2Report/StudyInter-X Study
https://www.enisa.europa.eu/topics/critical-information-infrastructures-and-services/internet-infrastructure/inter-x/interx
No publisherResilienceInternet of thingsResilienceCritical Information Infrastructure Protection (CIIP)2012/03/21 15:23:59 GMT+2FolderInternet Interconnections
https://www.enisa.europa.eu/topics/critical-information-infrastructures-and-services/internet-infrastructure/inter-x
The Internet is often called ‘the network of networks’ because it is the result of interconnection of different networks, also known as Autonomous Systems (AS). The interconnection ecosystem consists of a variety of different types of interconnections, which can be largely categorised as private and public, between networks of different sizes.No publisherCritical Information Infrastructure Protection (CIIP)2012/03/21 15:25:00 GMT+2Pageinterx form
https://www.enisa.europa.eu/topics/critical-information-infrastructures-and-services/internet-infrastructure/inter-x/registration
No publisherCritical Information Infrastructure Protection (CIIP)2013/12/12 16:25:00 GMT+2EasyForm