ENISA’s Udo Helmbrecht at EPP Hearing on cybersecurity

Back to News

ENISA’s Udo Helmbrecht participated at the EPP Hearing on data driven security, which took place today 1st July 2015, at the European Parliament in Brussels.

Topics discussed included:

Session I: New trends in digital technology developments and cyber threats to security  

Session II: Fighting crime: use of new technologies and use of data

Session III: Cyber Security: ensuring security and safety on state and individual levels

The Executive Director participated (sessions I and III) providing insight into the trending developments and the major changes observed in cyber threats. It was noted that the development of the Internet of Things (IoT) doesn’t offer yet a commonly accepted security model, while new concepts may introduce new vulnerabilities into the core functionality of the internet. On the other hand, the development of digital solutions, whether in the area of smart homes and cities, mobile and wearable devices, smart infrastructure and big data, are affected by the need for increased efficiency, which results to a more data driven approach, increasing vulnerability (and interest) to cyberattacks. Furthermore, applications of new technologies highlight unchartered territories, and whether society can tolerate the consequences resulting from their use.

Udo Helmbrecht looked into the impact of the trending cyber environment on personal and national security, and the antagonistic goals of these to privacy and data protection, as the line separating national security from commercial security is also increasingly blurred. Within this framework minimum standards and security by design were identified as key parameters of the development cycle. Furthermore, the Executive Director showcased the pan-European Cyber Exercises and the Agency’s contribution in facilitating cooperation between the different communities.

Within this Udo Helmbrecht identified the need for:

(1)    Understanding the risk: ENISA's threat landscape provides a comprehensive analysis

(2)    EU Governance: There are dedicated agencies and established Governmental CERTs (Computer Emergency Response Teams) in the Member States and CERT EU. But, what is needed is a Member State and EU governance. Bearing this in mind, ENISA appreciates the NIS Directive approach

(3)    Cooperation: between the private sector and the NGOs with initiatives such as, the

(4)    European Cyber Security Month (ECSM): as an example of raising EU citizen’s awareness on cyber issues 

(5)    IT security by design: developing secure devices and establishing IT security as a competitive advantage

(6)    Building EU global champions: Europe has strong SMEs but when it comes to growth the limitations are 28 Member States, 19 Eurozone Member States, and 24 languages.

ENISA brings together the majority of the stakeholders in the EU to mitigate the risks associated with cyber security. Effective assessment of the threat landscape, policy development, cooperation and capacity building are necessary in order to effectively secure the critical sectors in society, ensuring the cyber frontier for citizens and Europe. To this end we need: (1) awareness, (2) EU cooperation, (3) standards, certification and audits, (4) supply chain integrity and liability, and (5) usage of cryptographic techniquessaid Udo Helmbrecht.