ENISA Releases Reports On EU Cyber Security Measures

Author:Ms Cynthia O'Donoghue
Profession:Reed Smith

ENISA, the European Union Agency for Network and Information Security, has released a series of reports and guidance tackling the topic of cyber security.

ENISA Threat Landscape (ETL) Report 2013 The report reviews more than 250 incidents of cyber attacks that took place in 2013. A table in the report analyses fluctuations in the top 10 threat trends, including trojans, code injection, exploit kits, botnets, identity fraud, phishing, spam, data breaches, to name a few. The findings show that threat agents have increased the sophistication of their attacks with migration to the mobile eco system and the emergence of a digital battlefield relating to big data and the Internet. To counter these threats, ENISA highlights the successes achieved by cyber security officials and law enforcement authorities in 2013, as well as increases in reports of attacks facilitating greater threat analysis. The report ultimately calls for greater sharing of security intelligence, speed in threat assessment, and elasticity in IT architectures to ensure they remain robust against innovative cyber tactics. Updates to Cyber Security Strategies Map ENISA lists the countries that have adopted the National Cyber Security Strategies (NCSS) across the world. The latest countries to adopt NCSS include Belgium, the Netherlands, Poland, Slovenia and Spain, with updates that Montenegro, Ghana and Thailand are planning to develop NCSS soon. Feasibility Study on European Information Sharing and Alerting System (EISAS) EISAS is meant to increase awareness about IT security issues among citizens and SMEs, and foster a collaborative information-sharing network to improve capability to respond to network security threats. In 2009, ENISA published the EISAS RoadMap with a deployment plan to implement this concept. In 2012, ENISA also published a Basic Toolset for the large-scale deployment of EISAS across Europe by 2013. The feasibility study is the last stage in the implementation of EISAS. The study includes a three-year action plan for deployment, and examines which entities could commit to leading EISAS network, as well as what operational measures would need to be implemented, and the funding required to ensure sustainable success of the infrastructure. Good Practice Guide for CERTS complying with the Directive on attacks against information systems In July 2013, the EU Directive on attacks against information systems (the Directive) was adopted and must be...

To continue reading