![Page 1: European Union Agency for Network and Information Security ENISA efforts for securing European Internet Infrastructure Rossella Mattioli Security and Resilience](https://reader035.vdocuments.mx/reader035/viewer/2022062721/56649f205503460f94c38c91/html5/thumbnails/1.jpg)
European Union Agency for Network and Information Security
ENISA efforts for securing European Internet InfrastructureRossella Mattioli Security and Resilience of Communication Networks Officer
![Page 2: European Union Agency for Network and Information Security ENISA efforts for securing European Internet Infrastructure Rossella Mattioli Security and Resilience](https://reader035.vdocuments.mx/reader035/viewer/2022062721/56649f205503460f94c38c91/html5/thumbnails/2.jpg)
2
Securing Europe’s Information Society
Operational Office in Athens
![Page 3: European Union Agency for Network and Information Security ENISA efforts for securing European Internet Infrastructure Rossella Mattioli Security and Resilience](https://reader035.vdocuments.mx/reader035/viewer/2022062721/56649f205503460f94c38c91/html5/thumbnails/3.jpg)
3
Positioning ENISA activities
![Page 4: European Union Agency for Network and Information Security ENISA efforts for securing European Internet Infrastructure Rossella Mattioli Security and Resilience](https://reader035.vdocuments.mx/reader035/viewer/2022062721/56649f205503460f94c38c91/html5/thumbnails/4.jpg)
4
Today’s challenges
Increasing reliance on communication networks
Emerging threat environment hampering the availability, integrity and confidentiality of networks based on: •Infrastructure vulnerabilities•Interdependencies•Privacy concerns
http://www.enisa.europa.eu/internetcii
![Page 5: European Union Agency for Network and Information Security ENISA efforts for securing European Internet Infrastructure Rossella Mattioli Security and Resilience](https://reader035.vdocuments.mx/reader035/viewer/2022062721/56649f205503460f94c38c91/html5/thumbnails/5.jpg)
![Page 6: European Union Agency for Network and Information Security ENISA efforts for securing European Internet Infrastructure Rossella Mattioli Security and Resilience](https://reader035.vdocuments.mx/reader035/viewer/2022062721/56649f205503460f94c38c91/html5/thumbnails/6.jpg)
6
Internet Infrastructure assets
![Page 7: European Union Agency for Network and Information Security ENISA efforts for securing European Internet Infrastructure Rossella Mattioli Security and Resilience](https://reader035.vdocuments.mx/reader035/viewer/2022062721/56649f205503460f94c38c91/html5/thumbnails/7.jpg)
7
ENISA Threat Landscape Report
http://www.enisa.europa.eu/internetcii
![Page 8: European Union Agency for Network and Information Security ENISA efforts for securing European Internet Infrastructure Rossella Mattioli Security and Resilience](https://reader035.vdocuments.mx/reader035/viewer/2022062721/56649f205503460f94c38c91/html5/thumbnails/8.jpg)
8
Current Internet infrastructure threats
![Page 9: European Union Agency for Network and Information Security ENISA efforts for securing European Internet Infrastructure Rossella Mattioli Security and Resilience](https://reader035.vdocuments.mx/reader035/viewer/2022062721/56649f205503460f94c38c91/html5/thumbnails/9.jpg)
9
Routing threats - good practices
![Page 10: European Union Agency for Network and Information Security ENISA efforts for securing European Internet Infrastructure Rossella Mattioli Security and Resilience](https://reader035.vdocuments.mx/reader035/viewer/2022062721/56649f205503460f94c38c91/html5/thumbnails/10.jpg)
10
DNS threats - good practices
![Page 11: European Union Agency for Network and Information Security ENISA efforts for securing European Internet Infrastructure Rossella Mattioli Security and Resilience](https://reader035.vdocuments.mx/reader035/viewer/2022062721/56649f205503460f94c38c91/html5/thumbnails/11.jpg)
11
DDoS - good practices
![Page 12: European Union Agency for Network and Information Security ENISA efforts for securing European Internet Infrastructure Rossella Mattioli Security and Resilience](https://reader035.vdocuments.mx/reader035/viewer/2022062721/56649f205503460f94c38c91/html5/thumbnails/12.jpg)
12
Internet Threat Landscape - recommendations
• Evaluate your current level of security by understanding the assets covered (and not covered) by existing security measures
• Evaluate the application of adapted good practices in a focused manner
• Cooperate with the community to exchange on threats and promote the application of good practices as mitigation measures
• For users deploying good practices guides: report on their implementations, assets covered and gaps found
• Words matter: Ensure the right use of terms and definitions
![Page 13: European Union Agency for Network and Information Security ENISA efforts for securing European Internet Infrastructure Rossella Mattioli Security and Resilience](https://reader035.vdocuments.mx/reader035/viewer/2022062721/56649f205503460f94c38c91/html5/thumbnails/13.jpg)
13
Internet Threat Landscape - recommendations
• Use proper risk assessment methods to understand vulnerable assets in your infrastructure and prioritise your protection actions
• Build an information and communication technology security awareness and training program
• Infrastructure owners shall commit third-party vendors to apply security measures
• Infrastructure owners should stay current on any updates
![Page 14: European Union Agency for Network and Information Security ENISA efforts for securing European Internet Infrastructure Rossella Mattioli Security and Resilience](https://reader035.vdocuments.mx/reader035/viewer/2022062721/56649f205503460f94c38c91/html5/thumbnails/14.jpg)
14
Latest ENISA activities regarding electronic communications
“Protection of Underground Electronic Communications Infrastructure” to prevent damages caused by civil work to buried cables
“Secure ICT Procurement in Electronic Communications” regarding risks associated with 3rd party ICT products and outsourced services
“Methodologies for identification of Critical Information Infrastructures assets and services “to identify which specific assets and services in communication networks are critical for a a particular Member State
Annual report regarding the most severe outages of electronic communication networks or services that are reported to the communication authorities of each Member State every year.
![Page 15: European Union Agency for Network and Information Security ENISA efforts for securing European Internet Infrastructure Rossella Mattioli Security and Resilience](https://reader035.vdocuments.mx/reader035/viewer/2022062721/56649f205503460f94c38c91/html5/thumbnails/15.jpg)
Participate in our activities
![Page 16: European Union Agency for Network and Information Security ENISA efforts for securing European Internet Infrastructure Rossella Mattioli Security and Resilience](https://reader035.vdocuments.mx/reader035/viewer/2022062721/56649f205503460f94c38c91/html5/thumbnails/16.jpg)
16
Studies and community engagement
• Ideas for upcoming studies/papers
• Surveys
• Interviews
• Previews of our studies
• Feedback
• Validation sessions
![Page 17: European Union Agency for Network and Information Security ENISA efforts for securing European Internet Infrastructure Rossella Mattioli Security and Resilience](https://reader035.vdocuments.mx/reader035/viewer/2022062721/56649f205503460f94c38c91/html5/thumbnails/17.jpg)
17
Workshops2013 - Before RIPE 67 in Athens
2014 - After Internet Security Days in Cologne
2015 - Q4 TBD - focus on connectivity interdependencies for smart grids
![Page 18: European Union Agency for Network and Information Security ENISA efforts for securing European Internet Infrastructure Rossella Mattioli Security and Resilience](https://reader035.vdocuments.mx/reader035/viewer/2022062721/56649f205503460f94c38c91/html5/thumbnails/18.jpg)
18
INFRASEC - Internet infrastructure security and resilience reference group
• Gathering of technical experts
• Discuss the progress of ENISA projects
• Info exchange on latest threats
• Periodic conf-calls
• Dedicate webpage
• 1st physical meeting @RIPE69
• Validation of ENISA studies
• List of good practices
![Page 19: European Union Agency for Network and Information Security ENISA efforts for securing European Internet Infrastructure Rossella Mattioli Security and Resilience](https://reader035.vdocuments.mx/reader035/viewer/2022062721/56649f205503460f94c38c91/html5/thumbnails/19.jpg)
19
“
”
“
”19
ProtectCooperateExchange