The European Commission’s Cyber Security Strategy aims to ensure that Europe benefits from a “robust and innovative Internet”. The Strategy has five priorities:
At last week’s TF-CSIRT meeting, Gavin Reid from Cisco suggested that we may have been over-optimistic about how much technology can do to detect and prevent incidents. Automated incident prevention systems can be effective at detecting and preventing automated attacks but are less effective against targeted attacks that use human intelligence rather than brute force. In the worst case an organisation that relies too much on automation may end up designing its security stance to suit the available automation systems, rather than the other way around.
An interesting paper from ENISA and the NATO Cyberdefence Centre illustrates the narrow space that the law allows for incident response, and the importance of ensuring that new laws don’t prevent incident response teams from protecting networks, systems, their users and information against attack.
The European Commission have recently published a more detailed action plan to support their draft Internal Security Strategy from earlier this year (that's "internal" as in "within the continent", by the way!).
I've had three discussions in two days about whether Government CERTs are different from others, which makes it a FAQ! It seems to me that legislation may be heading that way, and that that could create a potential problem for sharing information.
At a meeting of TERENA's CSIRT Task Force last week, I presented an updated version of my paper on Privacy and Incident Response.
An interesting presentation by Michael Brophy of Certification Europe at TERENA's CSIRT Task Force meeting last week drew attention to three standards likely to be relevant to Incident Response Teams: ISO20000, ISO27001 and BS25999. Unfortunately getting copies of these standards involves payment, but the highlighted content suggested this may be worthwhile.
The House of Lords has now published its report on the EC Communication on Protecting Europe Against Large Scale Cyber-Attacks.
On Tuesday I was invited with Chris Gibson of FIRST to give evidence to the Home Affairs Sub-Committee of the European Affairs Committee of the House of Lords. They are currently looking at the European Commission's proposals to protect Europe from large-scale Cyberattacks.