Dr. Marnix Dekker

NIS Directive coordinator

Cybersecurity breach reporting team lead

NIS DIRECTIVE,

THE EU PERSPECTIVE

2

Positioning ENISA activities

POLICY✓ Support MS & COM in

Policy implementation✓ Harmonisation across EU

CAPACITY ✓ Hands on activities

EXPERTISE✓ Recommendations✓ Independent Advice

3

4

General overview and timeline:Security breach reporting in the EU

May 2011: Telecom security breach reporting started (Article 13a Framework directive)

July 2016: Trust services security breach reporting started (Article 19 EIDAS)

May 2018: NISD breach reporting started (Article 14/16 NISD)

Electronic Communications Code* (Article 40)

*) under discussion/trialogue – brings telecom breach reporting in line with NIS directive

5

General model for security supervision in EU cybersecurity legislation

*) Market operators/providers assess security risks (1), take appropriate measures (2), and notify if things go wrong (3). This triangle is supervised nationally by competent authorities and is present in Article 13a (telecoms), Article 19 (eIDAS), and Article 14 and 16 (NISD).

NISD IN A NUTSHELL

6

• Chapter I: General provisions

• Boost overall level of cybersecurity

• Minimum harmonization approach (go beyond)

• Chapter II: National cybersecurity capabilities

• Designate national competent authorities and SPOC

• Establish a national CSIRT

• Adopt a national cybersecurity strategy

• Chapter III: Cooperation

• EU-wide NIS Cooperation group

• EU-wide CSIRT Network

• Chapter IV: Security of essential services

• Includes IXPs, DNS, TLDs

• National approach, ex-ante supervision

• Chapter V: Security of digital services

• Includes cloud services, marketplaces, search engines

• EU approach, light touch, ex-post supervisionICT infra

7

NIS Cooperation group(chair: rotating with EU presidencySecretariat: European Commision)

NIS Cooperation group work

WS1: OES Identification

criteria(led by DE)

WS2: OES Security

measures (led by FR)

WS3: Incident reporting

(led by RO)(previously NL/PL)

WS4: Crossborder

dependencies (EE)

WS5: Digital service providers (NL previously IE)

WS7: Large scale incidents

(blueprint)(led by FR/ES)

(previously BG)

WS6: Cybersecurity of

EP elections (led by EE/CZ)

WS8: Energy sector

(led by AT)

WS9: National Cyber

capabilities(led by AT/UK)

WS10: Digital infrastructure

(led by PL)

WS x: 5G cybersecurity

(led by EC, NL, FR, RO, EE, CZ)

Biannual Work programme2018-2020

ENISASupports, by drafting papers, doing

research, analysis, surveys, exercises, etc

Article 13a EGeComms security(chaired by NL)

Article 19 EGeTrust security(chaired by AT)

8Presentation Title | Speaker Name ( To edit click Insert/ Header & footer)

Cyber security incident taxonomy

THANK YOU FOR YOUR ATTENTION