Table 8.1 below highlights some of the key organisations involved in cyber security policy making at EU and global levels, indicating a complex assortment of national, international and private organisations. A broad range of inter-governmental organisations have units that support consensus, building, legislation development, and awareness building among other activities. ENISA, Europol (EC3), and the new NIS Public-Private platform are core elements of European policy making initiatives, working closely with the EU and Council of Europe in particular; in the US, the White House co-ordinates and collaborate on policy activities across several agencies such as the Department of Home Security (DoHS), CIA, NSA, US DoD among others.
At the international level, a number of support initiatives for national agencies exist – for example the OECD has invested in cyber security activities over the past decade via its Working Party on Information Security and Privacy (WSISP), developing public policy analysis and high-level recommendations to help governments and other stakeholders ensure that security and privacy protection foster development of the internet economy. The International Telecommunications Union (ITU) is another prominent player, co-ordinating implementation of the OECD WSISP action plan, thereby providing resources to national level groups to support implementation of national level strategy. There are also several key Computer Emergency Response Teams (CERTs) that coordinate responses to security incidents, emergencies, promote valid use of security technology, and aim to support information sharing and network continuity.
Table 8.1 – Summary of key PACs entities influencing policy making
| Key Agencies – Europe |
| CERT-EU |
Permanent Computer Emergency Response Team (CERT-EU) for the EU institutions, agencies and bodies set up in September 2012.
http://cert.europa.eu/
|
|
Council of Europe
|
Focus on delivering pan-European and international-level legislation
http://hub.coe.int/
|
|
European Union (EU)
|
Sponsors working parties, action plans, guidelines
http://europa.eu/index_en.htm
|
|
EC3/Europol
|
New agency tasked with collective EU response to cyber crime
www.europol.europa.eu/ec3
|
| ENISA |
European Network and Information Security Agency – support awareness raising, cooperation between the public and private sectors, advising the EU on cyber security issues, data collection
www.enisa.europa.eu
|
| EUROJUST |
Stimulates and improves the coordination of investigations and prosecutions between the competent authorities in the Member States and improves the cooperation between the competent authorities of the Member States, in particular by facilitating the execution of international mutual legal assistance and the implementation of extradition requests.
www.eurojust.europa.eu
|
|
NIS Public-Private Platform
|
Focus on implementing measures of NIS Directive, focus on improving resilience of networks and information systems that underpin European market operators and public institutions
resilience.enisa.europa.eu/nis-platform
|
| Key Agencies – US |
|
CIA
|
Central Intelligence Agency - defence of intelligence networks, information gathering
www.cia.gov
|
|
DoHS
|
Department of Homeland Security, Protection of federal civil networks & critical infrastructure; information sharing and awareness; coordinating federal response and alerts.
www.dhs.gov
|
|
DoD
|
Department of Defence - Defence of military networks, counterattack capability
www.defense.gov
|
| DOJ |
US Department of Justice – focused on PACs agendas from federal prosecution perspective
www.justice.gov
|
|
FBI
|
Federal Bureau of Investigation – focused on PACs agendas from federal Investigation perspective
www.fbi.gov
|
|
US‐CERT
|
United States Computer Emergency Response Team - Defence of federal civil networks (.gov), information sharing and collaboration with private sector.
www.us-cert.gov
|
| Other Key International Bodies Influencing PACs Policies |
|
CCDCOE
|
Cooperative Cyber Defence Centre of Excellence, focus on enhancing NATO’s cyber defence capability
www.ccdcoe.org
|
| G8: Subgroup on High Tech Crime |
Provide sponsored 24/7 INTERPOL hotline, various policy guidelines |
|
IMPACT:
|
International Multilateral Partnership Against Cyber Threats, global threat response centre, data analysis, real-time early warning system
www.impact-alliance.org
|
|
INTERPOL:
|
International Criminal Police Organisation, manage 24/7 hotline, trains law enforcement agencies, participates in investigations.
www.interpol.int
|
|
ITU
|
International Telecommunications Union, sponsors IMPACT association above, organizes conferences, releases guidelines and toolkits, facilitates
information exchange and cooperation, supports rollout of new national security strategies, particularly in emerging nations
www.itu.int
|
|
NATO
|
North Atlantic Treaty Organisation, responds to military attacks on NATO
member states
www.nato.int
|
|
OECD
|
Organisation for Economic Cooperation and Development, develops policy options, organizes conferences, publishes guidelines and best practices.
www.oecd.org
|
|
UNODC
|
United Nations Office on Drugs & Crime, promote legislation, training programs, awareness, enforcement
www.unodc.org
|
| Key CERT Organisations |
| CERT-CC |
Computer Emergency Response Team - Coordination Centre, manage co-ordination of global certs, especially national CERTs.
www.cert.org/
|
| FIRST |
Forum for Incident Response and Security Teams, support forum and information sharing for CERTs
www.first.org
|
| TF-CSIRT |
Supports collaboration of security incident response teams. Over 150+ national CERT agencies exist, providing national co-ordination, defence and response
www.terena.org/activities/tf-csirt/
|
Key Policy Organisations in the EU PACs Context
The EU Cyber Security strategy document provides a schematic of the structure and interrelationships of key influencers of EU PACS policy (Figure 8.2). A triad emphasis on Network and Information Security (NIS), Law Enforcement, and Defence exists – with each tranche having differing yet overlapping scopes of focus. A range of agencies exist at the Pan-EU levels, overseeing individual institutes at national levels across member states. Stakeholders in industry and academia also interact with these three areas depending on specific commercial and research interests.
Figure 8.2 - Structure of the EU PACS Domain (source: EU Cyber Security Strategy)
Within the Network and Information Security (NIS) tranche, the two key agents are the EU Commission (through DG Connect) and ENISA (European Union Agency for Network and Information Security). The European Commission Directorate General for Communications Networks, Content & Technology (DG Connect), is responsible for managing the Digital Agenda for Europe, their mission aiming to ensure that information technology is utilised to drive economic growth and job creation .
ENISA represents Europe’s primary cyber security agency. It is the principle agency responsible for supporting the European Commission, the Member States and the private sector to address, respond and ultimately prevent cyber security problems. ENISA assists the European Commission in preparing, updating and drafting legislation related to NIS. It also acts as a ‘hub’ for exchange of information, best practices and knowledge in the field of Information Security . As the central agency dealing with cyber security, ENISA acts as a facilitator and information exchange for Computer Emergency Response Team (CERTs) both within and outside EU boundaries. For PACS innovators, the ENISA website contains documentation, reports, strategies and guides to help understand EU policy and strategy in the cyber security domain.
The central CERT-EU (http://cert.europa.eu) for the EU institutions, agencies and bodies is another unit within the NIS arm of EU policy, and was formed in September 2012 following a successful pilot programme. The CERT-EU team is composed of IT security experts from the main EU Institutions and cooperates closely with other CERTs based both within and outside EU member states, as well as with specialised IT security companies. Besides incident response, CERTs will also provide other security services for customers, such as alerts and warnings, consulting and advisory services and security training. As of January 2014, there were 42 countries included in the ENISA CERT inventory with over 200 CERTs currently active [ENI14].
The NIS Public-Private Platform was announced in the Cybersecurity Strategy of the European Union. It shares the same objective as the Cybersecurity Strategy and the NIS Directive, building on the work of its predecessor, the European Public-Private Partnership for Resilience (EP3R); namely to foster the resilience of the networks and information systems which deliver the services provided by private organisations and public administrations in Europe. The NIS Platform will help implement the measures set out in the NIS Directive and ensure a harmonised application across the EU. The work of the Platform will draw from international standards and best practices.
Return to Policy Framework and Legislation or continue to Initiatives
[ENI14] ENISA – CERT Inventory - Inventory of CERT teams and activites in Europe, June 2014 https://www.enisa.europa.eu/activities/cert/background/inv/files/inventory-of-cert-activities-in-europe/at_download/fullReport
