EUIST

EUIST

Just another ComMetrics – social media monitoring, best metrics, marketing metrics weblog

ENISA – improving resilience in European e-communciation networks

November 15th, 2008 · No Comments ·

Information exchange, good practices and approaches that reflect the institutional and cultural realities can help Member States improve network dependability and realiability.

ENISA’s recent workshop on network resilience brought forard a nice set of effective approaches for strengthening national and international efforts across Europe in this domain.

The post provides some links for you to download material that might support you in your own work in this area.

We all know that in today’s world, public e-communication networks are becoming ever more important.

Recently (Nov. 12-13) ENISA held a workshop in Brussels. Amongst various sessions, there were also Member States reporting about various activities that one might consider good practice helping improve resilience of public e-com networks in Europe.

We – CyTRAP Labs – did a presentation about a stock taking exercise investigating what countries had achieved so far.

You can download this presentation right here:

ENISA workshop – Improving Resilience in European e-Communication Networks

The slideshow, amongst other things, discusses how an individual state or government agency might be able to use ideas, approaches from other Member States to improve their own situation (see below for download link of the full study). We used a cube that can be used by anybody helping in structing findings while allowing comparisons across national borders. The cube looks as follows:

cube - structure, implementation steps, impact and KPIs

Resilience and the CyTRAP Cube – Information Exchange in Practice

The above cube illustrates that a county will have to structure its resilience and information security efforts including regulatory provisions. On a continuum, a country or regulator must make things work in such a way that they fit in a more federalistic (or de-centralized) or else centralized system of governance. The outcomes may be similar but how we got there will be quite different.

As well, better information security and network resilience is a never ending journey that will require many small steps to find approaches that can be considered good practice.

One of the outcomes should be developing a framework for effective information sharing and, as importantly, good practices. Even imperfect Key Performance Indicator(s) are better than not having any. Focusing on what one intends to achieve (i.e. objectives) and measuring the results using some metric will facilitate continous improvement on the road to better network resilience.

So what do you get?

You can download the complete report about how 22 EU Member States and 2 EFTA countries implemented various regulations, good practices and so forth in order to strengthen the resilience of public e-communication networks. What is different to some other work in this area is that telephone interviews were used for cost and time considerations in contrast to having respondents just fill in a paper-and-pencil survey.

The advantage of doing phone interviews are several including but not limited to:

- participants can be asked to clarify their more general responses — ‘what does it mean in practice;’

- respondents can be asked to provide examples that illustrate what kind of incident requires what type of response and reporting (be concrete, specify);

- responses obtained indicate that whilst European Union directives have been put in place across Europe, how these are implemented, administered and used to strengthen network dependability and reliability is vastly different across Member States; and
– finally, what is most encouraging is that how Member States master some great challenges in unique ways to move foward and, thereby, improve network resilience – can be very creative in order to get where the nation needs to get with its e-communication infrastructure.

So if you can spare the time, have a look at the summary here where you can also download the final report for free:

ENISA study – what EU Member States do to improve resilience of e-communication networks

Regarding the ENISA workshop from Nov. 12-13 this week in Brussels, you can download what you would like to study more close using this link:

Download various presentations from the ENISA workshop – click on the title of the presentation – get the pdf file

Please keep updated about security, risk and resilience events, subscribe here (get about 1 e-mail a week with a blog post, no more – no less):

Check also

Just recently, ENISA published report regarding data and privacy protection challenges.

Tax break incentives as well as a comprehensive security breach notification law are just two of the 13 recommendations proposed in this report on privacy & technology launched by the EU Agency ENISA.

Press release – where you can find link to download full report for free


|

→ No CommentsTags: average · blogspot · bugs · horning · lifespan · live · squashed · thriving