ENISA has published a new study that aims at providing guidelines to national regulatory authorities (NRAs) and telecommunications providers within EU Member States, for measuring the impact of security incidents affecting electronic communication services.
Economic development is strongly related to the well-functioning of telecommunication networks which have become the backbone of modern economies. Disruptions due to incidents in these networks, can truly impact the business, the overall wealth of the economy, other providers and possibly affect other nations.
Measuring the impact of incidents has become one of the toughest challenges nowadays, given the multitude of factors and indicators that must be taken into consideration. To address this issue, indicators are used, accompanied by thresholds, to assess the impact of incidents. This approach allows the evaluation of incidents from various perspectives, such as the business perspective, compliance with regulations, root causes, impact on customers and others.
Measuring the impact of incidents has become a necessity nowadays due to legal and business requirements. ENISA's new report provides a useful list of common indicators for measuring the impact of incidents. The report was compiled by collecting ideas from both NRAs and providers. Indicators are provided for the following areas:
- User/connection related indicators
- Time/duration related indicators
- Geographic area related indicators
- infrastructure and services affected related indicators
- Root cause dependent indicators
- Economic impact related indicators
- Cyberattacks related indicators
Full report is available here
For technical information: Dan Tofan, NIS Expert, email: Dan.Tofan@enisa.europa.eu
For media and press enquiries please contact press@enisa.europa.eu, Tel: +30 2814 409576