1 / 15

Andrea SERVIDA DG INFSO A3 – Internet; network and information security

Andrea SERVIDA DG INFSO A3 – Internet; network and information security. A strategy for a Secure Information Society – “Dialogue, partnership & empowerment” COM(2006) 251 & SEC(2006) 656. EU NIS Policy – the history.

amccarthy
Télécharger la présentation

Andrea SERVIDA DG INFSO A3 – Internet; network and information security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Andrea SERVIDA DG INFSO A3 – Internet; network and information security A strategy for a Secure Information Society – “Dialogue, partnership & empowerment” COM(2006) 251 & SEC(2006) 656

  2. EU NIS Policy – the history • 1997: COM(97) 503 on ensuring security & trust in electronic communications • 1999: Electronic Signature Directive (1999/93/EC) • 1999: eEurope 2002 Action Plan – smart card & secure access • 2001: COM(2001) 298 a EU policy on NIS • 2002 & 2003: Council Resolutions • 2002: eEurope 2005 Action Plan – a task force proposed • 2004: ENISA is established • 2005: the i2010 initiative – a security strategy is announced • 31 May 2006: COM(2006) 251 is adopted JB/050103/VR

  3. NIS in the Information Society SOCIAL dimension TECHNICAL dimension TRUSTWORTHY, SECURE & RELIABLE ICT LEGAL dimension ECONOMIC dimension JB/050103/VR

  4. The technical dimension & challenges • Threat landscape changes • Convergence of digital services • COTS products and systems • Interdependent devices and applications • Pervasiveness of ICT JB/050103/VR

  5. The economic dimension & challenges • Lack of user confidence • Make the EU ICT industry a competitive supplier • Private and public sectors as demanding users • NIS industry to become a strategic sector for EU • Financial loss due to poor risk preparedness JB/050103/VR

  6. The social dimension & challenges • Citizens & consumers may become “vehicles” of attacks • Societal dependence on ICT • Protection of fundamental rights as a prerequisite for democracy • Balance between NIS policies and civil liberties JB/050103/VR

  7. The legal dimension & challenges • A substantial body of legislation relevant to NIS exists • Need for new legal and/or regulatory measures • New regulatory measures, if needed, as result of the 2006 Review of the Regulatory Framework for eCommunications • Proportionality & enforceability of laws JB/050103/VR

  8. The key principles … … to improve and develop a culture of NIS • Technical • Promote diversity, openness and interoperability as integral components of security • Economic • Present NIS as a virtue and an opportunity • Social • Individual users need to understand that their home systems are critical for the overall security chain • Legal • Privacy and security are a prerequisite for guaranteeing fundamental rights on-line JB/050103/VR

  9. The challenges for stakeholders • Public Administrations • Private sector enterprises • Individual users JB/050103/VR

  10. Towards a secure Information Society PARTNERSHIPgreater awareness &better understandingof the challenges DIALOGUEstructured and multi-stakeholder Open & inclusivemulti-stakeholderdebate EMPOWERMENTcommitment to responsibilitiesof all actors involved JB/050103/VR

  11. Dialogue • Benchmark national NIS-related policies • Address SMEs as well as individual users • Structured multi-stakeholder dialogue • A Business Summit & a Seminar • A Seminar for end-users JB/050103/VR

  12. Partnership • Improve knowledge of the problem • Establish strategic platform • Support response capability JB/050103/VR

  13. Empowerment • Invite Member States to: • Participate in the benchmarking exercise • Promote awareness campaigns on virtues and benefits of NIS • Promote good security practices to other sectors • Reinforce higher education curricula in NIS JB/050103/VR 13

  14. Empowerment (2) • Invite private sector stakeholders to take initiatives to: • Tackle the issue of responsibilities for software producers and Internet service providers • Promote diversity, openness, interoperability, usability and competition • Disseminate good security practices • Promote training programmes in the business sector • Work towards affordable security certification schemes • Involve the insurance sector in risk management tools and methods JB/050103/VR 14

  15. Conclusions • Meeting future NIS challenges requires the full commitment and contribution of all stakeholders. • The proposed policy strategy seeks to achieve this by reinforcing the multi-stakeholders approach. • This will build on mutual interests, identify respective roles and develop a dynamic framework for public-policy making and private sector initiatives. • The strategy is not in the vacuum as it set the framework for future European initiatives on NIS. • The commission will report to Council and Parliament in 2007. JB/050103/VR 15

More Related