ENISA publishes a joint framework to supervise the security of services and personal data processing by telecom providers in the EU. The single framework addressing the security measures covering technical and organizational measures applicable by the EU regulation on electronic communications, namely Article 13a of the Telecom Framework Directive and Article 4 of the ePrivacy Directive. The legislation requires Member States to ensure that telecom providers protect the security of their networks and services (Article 13a and Article 4), and the security of personal data processing (Article 4).
ENISA’s Threat Landscape 2014 (ETL 2014) published recently is the third yearly report in sequence, consolidating and analysing the top cyber threats and the evolution, encountered in 2014. ENISA Threat Landscape 2014, an activity contributing towards achieving the objectives formulated in the Cyber Security Strategy for the EU, stresses the importance of threat analysis and the identification of emerging trends in cyber security.
Novelties of the 2014 ETL include:
- information on attack vectors, giving initial information on the “how” of a cyber- attack
- the elaboration of use-cases of threat intelligence, showing how threat analysis can be used in phases of security management, and
- the involvement of stakeholders, consisting of 13 experts from CERTs, vendors, Member States and users.