EC Proposes Pan-European Cyber-Agency

The European Commission has issued a new set of cybersecurity policy proposals, including the designation of a pan-European agency with a mandate to address cyberthreats and attacks. 
The proposal comes hot on the heels of European Commission president Jean-Claude Juncker's State of the European Union speech, where he backed the idea of setting up a “European cybersecurity agency.”  Juncker noted that Europe needed defense in a world where the EU faced 4,000 ransomware attacks per day last year.
"Cyberattacks know no borders and no one is immune,” he said. “This is why, today, the commission is proposing new tools, including a European cybersecurity agency, to help defend us against such attacks.  Cyber-attacks are sometimes more dangerous for the stability of democracies and economies than guns and tanks.”
He did not mention the European Union Agency for Network and Information Security (ENISA), an EU agency based in Greece that was set up in 2004, but a Commission official later confirmed that he meant an expansion of its role to become the focal point for cyber-activities for the 28-country bloc.
The official told the EU Observer that ENISA "will be reinforced so that it can assist EU countries which face cyberattacks and prepare them with annual cyber-exercises,” dovetailing with the EU proposal.
As it stands, ENISA is a small agency with a low budget and number of staff compared to other EU agencies. It also has a fixed-term mandate, the EU noted. Under the proposal, ENISA would be granted a permanent mandate and thus be put on a stable footing for the future (but still subject to regular review). ENISA’s role would be greatly expanded, clarified and specifically designated as the EU agency for cybersecurity and as the central reference point in the EU cybersecurity ecosystem.
This would also acknowledge ENISA’s recently delineated responsibilities under the NIS Directive, which establishes security requirements as legal obligations for the key economic actors, notably operators providing essential services and suppliers of some digital services.
ENISA’s role would also be expanded to include oversight over security certification for ICT and internet of things (IoT) products and services.
“ICT cybersecurity certification becomes particularly relevant in view of the increased use of technologies which require a high level of cybersecurity, such as connected and automated cars, electronic health or industrial automation control systems (IACS),” the EU noted in the lengthy proposal. It added, “The establishment of a certification system would require the setting-up of an appropriate governance system at EU level, including thorough expertise provided by an independent EU agency. In this respect, the present proposal identifies ENISA as the natural EU-level body competent on cybersecurity matters which should take up such role to bring together, and coordinate the work of, national competent bodies in the field of certification.”
The security community welcomed the news.
"Recent incidents have confirmed that not only do we have an increasing dependency on digital alternatives of physical processes to access a service or buy goods, but there is a significant impact that can occur when these virtual digital processes fail,” said Greg Day, vice president and chief security officer for EMEA at Palo Alto Networks, in a media statement. “Recent ransomware attacks have highlighted many unintended consequences when the technologies underpinning our digital existence fail or are suddenly inaccessible. As our society and economy digitizes more ways of life more pervasively, cybersecurity must continue to adapt and evolve at the same pace to embrace the opportunities that technology enables.”
He added, “In recent years, the EU has undertaken several substantive cybersecurity-related activities, including finalizing the NIS Directive and GDPR. Initial review of the documents uncover a clear intent to build upon those efforts. Some plans in the strategy, such as increasing cybersecurity-related training, stepping up law enforcement activities, and accelerating cyberthreat information sharing, are essential steps. We look forward to reviewing the strategy and other documents in detail and determining how we can support and contribute to Europe’s digital innovation plans and cybersecurity goals.”

Views: 38

©ictnews.az. All rights reserved.

Facebook Google Favorites.Live BobrDobr Delicious Twitter Propeller Diigo Yahoo Memori MoeMesto

12 December 2017

11 12 2017

LG develops LTE-based safety technology for self-driving cars

LG Electronics said Sunday it recently succeeded in developing its own technologies that could greatly reduce traffic 

“Shebeke” service center began operating in Zagatala

As part of the modernization of the telecommunications infrastructure in Azerbaijan, the administrative 

OnePlus 5T charges faster than Google Pixel 2, iPhone X and Samsung Galaxy Note 8

OnePlus's Dash Charge promises enough power to last the day in just 30 minutes. In our tests, we have seen the OnePlus 

Scientists Have Created Plastic Objects That Can Connect to Wi-Fi Without Any Electronics

Scientists have developed new 3D-printed plastic objects that can hook up to Wi-Fi without the aid of any electronics 

Fynoti offers home security on a budget

Home security systems can be expensive, what with hardware costs, installation and subscription fees. The no-frills 

Japanese firm to send overworking employees home by nagging them with music-blaring office drones

Since World War II, Japan has struggled with a work culture that consists of excessive overtime. To curb that behavior, 

2018 OLED Apple iPhone models to feature single-cell “L” shaped battery

Next year's version of the iPhone X could feature up to 10 percent more battery power if Apple and LG Chem are able 

enSilo Reveals Evasive Attack Technique Bypassing Antivirus (AV) and Next Generation Antivirus (NGAV) Prevention Defenses at Black Hat Europe

enSilo, the company that protects endpoints pre- and post-infection and stops data breaches in real time, today