1 / 9

Network and Information Security Report – ICTSB/NISSG

Network and Information Security Report – ICTSB/NISSG. Dr. Angelika Plate. Background. Existing NIS-Report from 2003 The new EU Report

arlenegibson
Download Presentation

Network and Information Security Report – ICTSB/NISSG

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Network and Information Security Report –ICTSB/NISSG Dr. Angelika Plate

  2. Background • Existing NIS-Report from 2003 • The new EU Report • Communication form the Commission to the Council, the European Parliament, the European Economic and Social Committee and the Committee of the Regions: A strategy for a Secure Information Society – “Dialog, partnership and empowerment” • A lot of new developments in Network and Information Security

  3. Work Areas • Co-editorship for the new NIS-Report • The Editing Team has partitioned the work (as highlighted in the agenda), based on the expertise of the members • My responsibilities: • Critical infrastructures • Information security management • Industrial environment and manufacturing • Healthcare

  4. Critical Infrastructure • Critical infrastructure includes • Physical facilities, supply chains, information technologies and communication networks that could cause severe problems • Plan for the NIS-Report • Identification of European issues for network and Information Security, including • Security requirements • Threats/vulnerabilities • Identification of security measures • Existing standards that support critical infrastructure • No input received yet

  5. Information Security Management (1) • More emphasis on risk-based information security management in the new report • Sections 8 – 10 concentrate on specific topics - these security measures need a supporting environment to achieve best effects • Merging and extension of previous sections 11 and 12 • Business services • Network defence services

  6. Information Security Management - Standardisation • ISO/IEC 27000 Family of standards • ISO/IEC 27001 – ISMS • ISO/IEC 27002 – previous ISO/IEC 17799 • ISO/IEC 27003 – ISMS Implementation guidance • ISO/IEC 27004 – ISMS measurements • ISO/IEC 27005 – IS risk assessment • Corresponding changes to Section 12 – Assurance • ISMS • Product assurance

  7. Industrial Environment • Inclusion of the developments in industrial environment, including aerospace, car manufacturing,… • Special consideration of SMEs • Input from European Office of Crafts Trades and SMEs for Standardisation • Feedback from IFAN (International Federation of Standards Users) – currently nothing planned • Further input will be sought

  8. Healthcare • Following the new EU report, e-health applications were included in the scope of the new NIS-Report • See Section 3 • Consideration of e-health applications in the following sections • Threats • Security solutions

  9. Thank you for listening!Any questions?

More Related