Defending Europe against cyber attack

How ENISA helps EU member states with national cyber defences, as well as securing European-wide business networks.

One of the European Commission's jobs for ENISA was to see whether it was feasible to collect data from all around Europe in a consistent way. After almost 100 different data collection initiatives using more than a dozen different indicators, ENISA said that it could not be done unless there was coordination between existing data collection initiatives.

"You have to agree about certain terminologies and indicators for the different sectors to explore," De Bruin said. "This is not a trivial exercise."

ENISA concluded that a consistent European-wide data collection was possible in theory, but in practice would be extremely difficult. It decided that making Europe more aware of the problems, risks, vulnerabilities and coming trends was more important.

"Rather than having to keep looking at the rear view mirror, we need to have a forward looking and prospective orientation," said De Bruin.

Advertisement - Article continues below

ENISA's three year programme

ENISA created a three year programme to develop trust and confidence with decision makers - who were not necessarily that well informed about risks and vulnerabilities - and provide them with a better insight which would allow them to make better decisions.

De Bruin said: "The goal of the programme is that after three years we have at least fifteen of the member states that refer to ENISA as their point of reference."

To do this, ENISA started rolling a programme of producing risk assessment papers on different security topics. It isn't just ENISA employees who work on the research - experts were employed to explore the risks.

Protecting European small businesses

Another of ENISA's jobs was to look after European business IT supporting small and medium businesses in coping with information security risks and therefore become more competitive

"I believe this is an important task," said Andrea Pirotti, executive director of ENISA, at its network and information security summer school held in Greece. "Small and medium enterprises have don't have resources, financial personnel or culture to manage these issues.

He added: "Almost 90 per cent of our commercial activities in Europe are based on small and medium enterprises."

ENISA has worked particularly with small micro-businesses consisting of one to nine employees. Many of these SMEs were aware of the security problems from news sources, but there wasn't any means for them to solve them - as well as a lack of resources to invest.

De Bruin said: "Those SMEs should be actively offered ready to use solutions to help them forward, and we believe that an EU wide network to deliver such tools should be developed."

Advertisement - Article continues below

"We're working together with industry associations and working groups to define what the actual needs are and what initiatives they can benefit from."

Featured Resources

Application security fallacies and realities

Web application attacks are the most common vulnerability, so what is the truth about application security?

Download now

Your first step researching Managed File Transfer

Advice and expertise on researching the right MFT solution for your business

Download now

The KPIs you should be measuring

How MSPs can measure performance and evaluate their relationships with clients

Download now

Life in the digital workspace

A guide to technology and the changing concept of workspace

Download now

Most Popular

operating systems

17 Windows 10 problems - and how to fix them

4 Nov 2019
Business strategy

The pros and cons of net neutrality

4 Nov 2019
Domain Name System (DNS)

Microsoft embraces DNS over HTTPS to secure the web

19 Nov 2019
social media

Can Wikipedia founder's social network really challenge Facebook?

19 Nov 2019