On July 28, the European Union Agency for Network and Information Security (ENISA) published its Annual Activity Report 2014. The report summarises its operations and programs from the previous year, and highlights the areas in which it feels it has contributed the most to Europe's data protection and cybersecurity environment.
The ENISA prides itself on being a centre of expertise for cybersecurity, and works closely with members of the public and private sector by delivering advice and tailor-made cybersecurity solutions. The ENISA's activities are divided into three keys areas: (i) recommendations to its stakeholders; (ii) support for policy development and implementation; and (iii) 'hands on' work with operational communities. With regard to recommendations, it published 37 reports last year ranging from national issues such as protections of critical infrastructure, to issues affecting individuals such as data protection and privacy.
The report emphasised some of the ENISA's previous achievements and programs, which included:
- Creating the Threat Landscape which summarises the top cyber threats and the way in which they are evolving in distinct business areas
- Assisting Computer Emergency Response Teams that provide guidance to private and public sector organisations within the EU, on responding to cyber threats and managing incidents effectively
- Supporting and/or organising cyber exercises for private and public sector organisations across the EU
Organisations are becoming increasingly digital in nature; however, the speed of such changes will force them to adapt their security measures quicker than ever before, and many have insufficient systems in place to deal with their increasing vulnerability to cyber-attacks. While the use of digital software and advanced technologies clearly provides advantages, organisations often find themselves in uncharted territory, with need for additional guidance.
Highlighting the above issues, Udo Helmbrecht, ENISA Executive Director, agreed that "we face a new type of asymmetric warfare," and confirmed that the "ENISA will continue to deliver its programme to reinforce and promote trust and security in digital services in the EU." As greater guidance is clearly still required, organisations may take some relief in the knowledge that the ENISA is aiming to assist.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.