Ad-Hoc Working Group on Enterprise Security

The call for applications for the selection of members for ENISA's Ad-Hoc Working group on "Enterprise Security" is ongoing.

Accounting for more than half of Europe’s GDP, SMEs are a key driver of innovation and growth across the Union. Their well-being is vital to both the economy and society. The pandemic has put an incredible stress on these businesses. SMEs are not only navigating a new digital realm where employees work from home and business is increasingly conducted online, but they are also facing more advanced and targeted cyber threats.

Small and medium-sized enterprises (SMEs) are the backbone of EU's economy. They represent 99% of all businesses in the EU and employ around 100 million people. There were slightly more than 25 million SMEs in the EU-28 in 2018. Thus they play significant role in society and business and every National Cybersecurity Strategy (NCSS) should aim at creating cyber-literate SMEs.

As part of its mission to achieve a high common level of cybersecurity across the Union and be a centre of expertise on cybersecurity, the EU Agency for Cybersecurity – ENISA intends to increase SMEs cybersecurity capacity by performing capacity building activities such as developing and maintaining cybersecurity good practices, tools, and guidelines for SMEs, as well as raise their cybersecurity awareness on common threats and risks to help them increase their cybersecurity posture in the online environment and conduct business online safely.

Along these lines, ENISA seeks to interact with a stakeholders representing the EU MS for the purpose of collecting input on a number of relevant aspects regarding SMEs including but not limited to:

  • Cybersecurity policy;
  • Technical and organisational security measures;
  •  Market aspects of cybersecurity (e.g. standards, best practices, security-by-design, standards, etc.),
  • Capacity building, awareness raising, risk management,
  • Cybersecurity threats and risk and their mitigation measures

Terms of Reference

Full Terms of Reference can be downloaded through this link: Terms of Reference.

Selection Criteria

ENISA will take the following criteria into account when assessing applications for two types of candidates:

For EU MSs’ public authority representatives:

  • Relevant competence (e.g. professional experience) or/and academic background in the field of cybersecurity in particular technical, legal, organisational or a combination thereof and experience in the area of capacity building in cybersecurity, and/or in other areas of relevance for the purpose of performing the tasks of the ENSEC working group, and of developing cybersecurity guidelines for SMEs.
  • Ability to deliver advice at the technical, operational and policy level, including issues relevant to cybersecurity best practises and building capacity building material related to those.
  • Relevant knowledge of EU directives, EU national laws, and international laws concerning cybersecurity and more specifically laws and secondary laws, policy initiatives and communications on cybersecurity strategies, capacity building, knowledge management and raising awareness in cybersecurity.
  • Good knowledge of English allowing active participation in the discussions and good EN writing skills.

For industry (SMEs) representatives:

  • Relevant competence (e.g. professional experience) or/and academic background on the field of cybersecurity in particular technical, legal, organisational or a combination thereof and experience in the area of capacity building in cybersecurity, and/or in other areas of relevance for the purpose of performing the tasks of the ENSEC working group, and of developing cybersecurity guidelines for SMEs.
  • Ability to deliver advice at the technical, operational and policy level, including issues relevant to cybersecurity best practises and building capacity building material related to those.
  • Able to identify what are the needs of SMEs and raise awareness on cybersecurity best practices.
  • Good knowledge of English allowing active participation in the discussions and good EN writing skills.
  • Being a representative of an SME on the role of a CEO or the company’s responsible for dealing with cybersecurity person or a representative that meets all above requirements (proof must be provided that the enterprise is  either micro: 1-10 employees, small: 10-50 employees or medium size: 50-250 employees.

Applications

Individuals interested are invited to submit their application to ENISA via the dedicated form.

The duly completed applications must be submitted by 12h00 EET (Athens time) on 20th April 2021

We use cookies on our website to support technical features that enhance your user experience.
We also use analytics. To opt-out from analytics, click for more information.

I've read it More information