1 / 20

ENISA efforts for securing European Internet Infrastructure

ENISA efforts for securing European Internet Infrastructure. Rossella Mattioli Security and Resilience of Communication Networks Officer. Securing Europe’s Information Society. Operational Office in Athens. Positioning ENISA activities. POLICY IMPLEMENTATION. HANDS ON.

jenningsr
Télécharger la présentation

ENISA efforts for securing European Internet Infrastructure

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ENISA efforts for securing European Internet Infrastructure Rossella Mattioli Security and Resilience of Communication Networks Officer

  2. Securing Europe’s Information Society Operational Office in Athens

  3. Positioning ENISA activities POLICYIMPLEMENTATION HANDS ON MOBILISING COMMUNITIES RECOMMENDATIONS

  4. Today’s challenges • Emerging threat environment hampering the availability, integrity and confidentiality of networks based on: • Infrastructure vulnerabilities • Interdependencies • Privacy concerns http://www.enisa.europa.eu/internetcii Increasing reliance on communication networks

  5. Internet Infrastructure assets

  6. ENISA Threat Landscape Report http://www.enisa.europa.eu/internetcii

  7. Current Internet infrastructure threats

  8. Routing threats - good practices

  9. DNS threats - good practices

  10. DDoS - good practices

  11. Internet Threat Landscape - recommendations • Evaluate your current level of security by understanding the assets covered (and not covered) by existing security measures • Evaluate the application of adapted good practices in a focused manner • Cooperate with the community to exchange on threats and promote the application of good practices as mitigation measures • For users deploying good practices guides: report on their implementations, assets covered and gaps found • Words matter: Ensure the right use of terms and definitions

  12. Internet Threat Landscape - recommendations • Use proper risk assessment methods to understand vulnerable assets in your infrastructure and prioritise your protection actions • Build an information and communication technology security awareness and training program • Infrastructure owners shall commit third-party vendors to apply security measures • Infrastructure owners should stay current on any updates

  13. Latest ENISA activities regarding electronic communications “Protection of Underground Electronic Communications Infrastructure” to prevent damages caused by civil work to buried cables “Secure ICT Procurement in Electronic Communications” regarding risks associated with 3rd party ICT products and outsourced services “Methodologies for identification of Critical Information Infrastructures assets and services“to identify which specific assets and services in communication networks are critical for a a particular Member State Annual report regarding the most severe outages of electronic communication networks or services that are reported to the communication authorities of each Member State every year.  

  14. Participate in our activities

  15. Studies and community engagement • Ideas for upcoming studies/papers • Surveys • Interviews • Previews of our studies • Feedback • Validation sessions

  16. Workshops 2013 - Before RIPE 67 in Athens 2014 - After Internet Security Days in Cologne 2015 - Q4 TBD - focus on connectivity interdependencies for smart grids

  17. INFRASEC - Internet infrastructure security and resilience reference group • Gathering of technical experts • Discuss the progress of ENISA projects • Info exchange on latest threats • Periodic conf-calls • Dedicate webpage • 1st physical meeting @RIPE69 • Validation of ENISA studies • List of good practices

  18. Protect • Cooperate • Exchange

  19. Thank youRossella Mattioli

More Related