European Cybersecurity cPPP and ECSO
Gabriele Rizzo ECSO WG3 Chairman
Lead Scientist, Strategic Innovation, Leonardo CHARIOT Workshop 1, Vatican City, October 10th, 2018
Evolution of the European political agenda
• 2011: Initial discussions with the EC for a European PPP on cybersecurity
• 2013: EU Cybersecurity Strategy
• 2014: Digital Single Market / Digitalisation EC communication
• 2016: cPPP on Cybersecurity (This is us!)
• 2017: Joint Communication on EU strategy (establishment of A Network of Competence Centre (calls for pilot projects ended); EU Cybersecurity Research and Competence Centre) Review and Cybersecurity Act (“New” EU Cyber Security Agency: ENISA + EU Certification Framework)
• 2018: Transposition of the NIS Directive & application of the GDPR
2
And beyond
• European Commission proposal for the next MFF (2021 – 2027): May 2018 expected approval in May 2019
• Digital Europe Programme (capacity building projects from 2021) approval end 2018 / 2019
• HorizonEurope (R&D from 2021)
• Expected evolution of the cPPP (after 2020) towards a more ambitious governance (EU Competence Centre) and wider objectives, beyond R&D (including capacity building)
A EUROPEAN PPP ON CYBER SECURITY The European Commission has signed on July 2016 a PPP with the private sector for the development of a common approach and market on cyber security. AIM 1. Foster cooperation between public and private actors at early stages of the research and innovation process in order to allow
people in Europe to access innovative and trustworthy European solutions (ICT products, services and software). These solutions take into consideration fundamental rights, such as the right for privacy.
2. Stimulate cyber security industry, by helping align the demand and supply sectors to allow industry to elicit future requirements from end-users, as well as sectors that are important customers of cyber security solutions (e.g. energy, health, transport, finance).
3. Coordinate digital security industrial resources in Europe.
BUDGET The EC will invest up to €450 million in this partnership, under its research and innovation programme Horizon 2020 for the 2017-2020 calls (4 years). Cyber security market players are expected to invest three times more (€ 1350 mln: leverage factor = 3) to a total up to €1800 mln. UPDATE: EC will invest more than €500 mln. Private sector investments for the first year had a leverage factor 5 SUPPORT European Cyber Security Organisation – ECSO Association has been created to engage with the EC in this PPP. ECSO is open to any stakeholder (public / private; user / supplier) allowed to participated in H2020 projects.
3
About the European Cyber Security PPP
PAN EUROPEAN – MULTI-STAKEHOLDER – CROSS SECTORAL PARNTERSHIP FOR CYBERSECURITY The ECSO approach is going beyond the work of a typical Association supporting a cPPP, as it tackles, on top of Research & Innovation issues, all those topics that are linked to the market development and the protection of the development of the Digital Single Market, in the frame of the European Cybersecurity Strategy.
A peculiarity of ECSO is to include among its members (also at Board of Directors level and within the working groups*)
high representatives and experts from national and regional public administrations. This approach is fundamental
• in a sector dealing with “security” as application of cybersecurity is and will remain a sovereign issue.
• to increase the quality of the ECSO recommendations to the European and national institutions allowing a faster
decision making by public bodies and a viable implementation by the private sector of the decisions taken
(regulations, standards etc.).
For this reason ECSO itself is a public – private body, creating a new and dynamic multi-stakeholder dialogue, preparing for the future evolutions and needs in this sector, as envisaged in the EU cybersecurity strategy.
4
*ECSO working groups are dealing with the different aspects of what we call “cybersecurity industrial policy”
ECSO: a unique and successful cPPP approach
Industrial cybersecurity challenges in Europe
Global cybersecurity and ICT market dominated by global suppliers from outside Europe
Innovation led by imported ICT products
Strategic supply chain dependency
Mature commodity market; professional applications under development / evolution full Digitalisation of the society and of the EU Industry
Market fragmentation
Innovation: strong in Europe but not always properly funded due to a lack of a consistent transnational approach and global EU strategy. Results of Research and Innovation are hardly reaching the market
Weak entrepreneurial culture, lack of venture capital
European industrial policies not yet addressing specific cybersecurity issues
Human factor
Sovereignty
Industrial operational and strategic objectives
1. Protecting infrastructures from cyber threats
2. Use of massive data collection (c.f. AI) to increase overall security
3. Increased European digital autonomy
4. Security and trust of the whole supply chain
5. Increase competitiveness
6. Investments in areas where Europe has a clear leadership
7. Develop market enablers / incentives in public – private cooperation (e.g. legislation, standards, certification – when / where needed)
8. Leveraging upon the potential of SMEs
9. Support local / regional / national competence and development
10.Develop education (/skills) / training and awareness (citizens and decision makers)
Where we started - 2016: Cybersecurity challenges for the EU Industry
2018: Cybersecurity has become a major global issue
• Cybersecurity is a growing issue at political (elections), societal (social media / privacy) and economic (digitalisation of the industry – Industry 4.0) level
• Cybersecurity is a global issue: cyber threats hit at local / regional / local / international level. We are all (almost) on the same footing
• Digitalisation (including the massive introduction of IoT and IIoT, and autonomous decisions) is still a phenomenon not well understood by the industrial sector (and in particular by SMEs): security of a digitalised society will be a challenge!
• IT (Information Technology – i.e., data management) and OT (Operational Technology – i.e., control of operations) are increasingly closer and interacting (cyber-physical systems) higher cyber resilience should be provided: optimisation needed, both to avoid vulnerabilities (lack of security of data for control of manufacturing operation can have disruptive impacts) and for reducing costs
• Current situation sees the use (when possible) of solutions / patches validated / certified wrt the present understanding of threats, but threats are continuously evolving: we need flexibility and scalability of systems
• Risk management is still a challenge to be correctly implemented in an industrial cycle, while considering potential disruptions and impact of cyber attacks
• Awareness is still limited in all kind of stakeholders
• The figure of CISO (Chief Information Security Officers) is increasing in companies, but CISOs still don’t get sufficient attention from companies’ Management Board and get adequate risk management measures implemented
ECSO membership overview (situation 20 June 2018 – after
Board and GA)
• Associations : 22
• Large companies and users: 70
• Public Administrations: 20 (+1)
AT, BE, CY, CZ, DE, EE, ES, FI, FR, IT, SK, FI, NL, NO, PL, UK, BG, SE, GR (+TR)
observers at NAPAC (DK, HU, IE, LT, LU, LV, PT, RO, SI, MT, …)
• Regional clusters: 6
• RTO/Universities: 65 (+1)
• SMEs: 50 (+4)
AUSTRIA 7 ITALY 26
BELGIUM 13 LATVIA 1
BE - EU ASSOCIATIONS 9 LITHUANIA 1 BULGARIA 2 LUXEMBOURG 4
CYPRUS 5 (+1) NORWAY 4 CZECH REP. 3 POLAND 5 DENMARK 5 PORTUGAL 2 ESTONIA 7 ROMANIA 1 FINLAND 8 SLOVAKIA 2
SLOVENIA 1 FRANCE 24 (+1) SPAIN 32
GERMANY 22 (+2) SWEDEN 3 GREECE 5 SWITZERLAND 6
HUNGARY 3 THE NETHERLANDS 17 IRELAND 3 TURKEY 3 (+2) ISRAEL 2 UNITED KINGDOM 8
132 founding members: now we are 233 organisations from 28 countries and counting (included 6 other
membership requests – in brackets – to be confirmed)
4
We are representative of all kind of stakeholders WG1
Standardisation, certification, labelling and supply chain management
135 members 27 countries 289 experts
WG2 Market deployment, investments and
international collaboration 86 members 20 countries 159 experts
WG3 Sectoral applications
Industry 4.0; Energy; Transport; Finance / Bank; Public Admin / eGov; Health; Smart
Cities; Telecom/Content/Media 128 members 27 countries 289 experts
WG4 Support to SMEs and collaboration with Regions including East & Central Europe
76 members 22 countries 134 experts
WG5 Education, training, raising awareness and
cyber ranges 112 members 28 countries 225 experts
WG6 Strategic Research, Innovation and
Technologies 157 members 28 countries 351 experts
About 240
Members 28
countries
ECS - cPPP Partnership Board (monitoring of the ECS cPPP - R&I priorities)
EUROPEAN COMMISSION
ECSO –Board of Directors (Management of the ECSO Association: policy/market actions)
R&I
ECSO General Assembly
INDUSTRIAL POLICY
Coordination / Strategy Committee
WG 1 Standardisation /
certification / labelling / supply
chain management
WG 2 Market deployment
/ investments / international collaboration
WG 3
Sectoral Demand (Industry 4.0; Energy; Transport; Finance; eGov; Health; Smart
Cities; Telecom/media )
WG 4 Support to SMEs
and REGIONS (in particular
East EU)
WG 5 Education,
training, cyber ranges, awareness
WG 6 Strategic Research & Innovation Agenda New Technologies,
Products & Services; Cyber Defence
SME solutions / services providers;
local / regional SME clusters and
associations Startups, Incubators / Accelerators
Large companies Solutions / Services Providers; National
or European Organisation / Associations
Regional / Local administrations (with economic
interests); Regional / Local Clusters of Solution / Services providers or users
Public or private users /
operators: large
companies and SMEs
National Public Authority
Representatives Committee R&I Group /
Policy Advisory Group (GAG)
Others (financing
bodies, insurance,
etc.)
Research Centers (large and
medium / small), Academies /
Universities and their Associations
Governance
Elected ECSO Board Directors at the 2018 GA (June 20th)
Member / External name Country Functional status First Director (3y) or Director (1y) Permanent Representative
AEI CIBERSEGURIDAD Spain Associations Director Carlos Prieto-Saiz
EUROSMART Belgium Associations Director Stéfane Mouille Finnish Information Security Cluster FISC ry Finland Associations Director Juha Remes ACN - Alliance pour la confiance numérique France Associations First Director Alexis Caurette
EOS Belgium Associations First Director Paolo Venturoni ETNO - European Telecommunication Network Operator's Association Belgium Associations First Director Lise Fuhr
TeleTrusT - IT Security Association Germany Germany Associations First Director Gerd Müller SIEMENS Germany Large Company Director Eva Schulz-Kamm
F-Secure Corporation Finland Large Company Director Samu Konttinen Vitrociset Italy Large Company Director Walter Matta
NXP The Netherlands Large Company Director Wolfgang Steinbauer SECOND BALLOT ONGOING (INDRA / ROHDE&SCHWARZ/ SGS) TBD Large Company Director TBD
AIRBUS Defence & Space - CyberSecurity (Airbus DS CyberSecurity) France Large Company First Director François Lavaste
ATOS Spain S.A. Spain Large Company First Director Philippe Vannier Infineon Technologies AG Germany Large Company First Director Thomas Fitzek
Leonardo S.p.a. - Leonardo-Finmeccanica-Società per azioni Italy Large Company First Director Andrea Campora THALES Communications & Security SAS France Large Company First Director Yves Lagoude
BKA - Federal Chancellery of Austria Austria Public Administration Director Katharina-Irene Bointner
Ministry of Digital Affairs, Poland Poland Public Administration Director Karol Okonski MiSE - Ministry of Economic Development, Italy Italy Public Administration Director Rita Forsi
ANSSI - Agence Nationale de la Securité des Systèmes d'Information France Public Administration First Director Guillaume Poupard Ministry of Defence of the Republic of Estonia Estonia Public Administration First Director Kusti Salm
SETSI - INCIBE - CDTI Spain Public Administration First Director Felix Barrio Conseil Régional de Bretagne France Regions / Cluster Director Annie Audic
Goethe University Germany RTO / University Director Kai Rannenberg CEA France RTO / University Director Géraud Canet
CNR - Consiglio Nazionale delle Ricerche Italy RTO / University First Director Fabio Martinelli TECNALIA - Fundación Tecnalia Research & Innovation Spain RTO / University First Director Ana Ayerbe Fernandez-Cuesta
S2GRUPO Spain SME Director Miguel Angel Juan CONCEPTIVITY sàrl Switzerland SME Director Mark Miller
DIGITAL SME - European DIGITAL SME Alliance Belgium SME First Director Sebastiano Toffaletti GUARDTIME Estonia SME First Director Martin Ruubel
EDF - Electricité de France France User / Operator Director Olivier Ligneul RIA - Information System Authority , Republic of Estonia Estonia User / Operator First Director Silja-Madli Ossip
INCERT GIE Luxembourg User / Operator Director Benoit Poletti INTESA SAN PAOLO Italy User / Operator Director Giorgio Cusmà Lorenzo
Elected ECSO Representatives at the Partnership Board (GA June 20th 2018)
Member / External name Country Functional status ECSO Representative AEI CIBERSEGURIDAD Spain Associations Carlos Prieto-Saiz
EOS Belgium Associations Emmanuel Dotaro EUROSMART Belgium Associations Stéfane Mouille
FISC Finland Associations Timo Kotilainen Infineon Technologies AG Germany Large Company Emmanuel Ventadour
SECOND BALLOT (LEONARDO / VITROCISET) Italy Large Company TBD NXP The Netherlands Large Company Jacques Olaf Kruse Brandao
F-Secure Corporation Finland Large Company Samu Konttinen ATOS Spain Large Company Padro Soria
Ericsson Sweden Large Company Mats Nillson SPRI S.A. - SOCIEDAD PARA LA TRANSFORMACIÓN
COMPETITIVA-ERALDAKETA LEHIAKORRERAKO SOZIETATEA, S.A.r
Spain Regions / Cluster Francisco Javier Diéguez Barriocanal
VTT Finland RTO / University Kimmo Halunen CNR Italy RTO / University Fabio Martinelli
FORTH Greece RTO / University Evangelos Markatos Goethe-Universität Frankfurt Germany RTO / University Kai Rannenberg IMT - Institut Mines-Télécom France RTO / University Hervé Debar
TECNALIA Spain RTO / University Ana Ayerbe Fernandez-Cuesta
CONCEPTIVITY Switzerland SME Mark Miller
ASPISEC SRL Italy SME Andrea Chiappetta RadarServices Smart IT-Security Austria SME Thomas Stubbings
S2 Grupo Spain SME Miguel A. Juan AIRBUS Group Germany User / Operator Simon Bradley
EDF - Electricité de France France User / Operator Sylvain Langlois ISGS - INTESA SANPAOLO Italy User / Operator Giorgio Cusmà Lorenzo
SUMMARY of WORKING GROUPS ACTIVITIES
WORKING GROUPS & TASK FORCES
WG 1 Standardisation Certification /
Labelling / Supply Chain Management
WG 2 Market deployment /
investments / international collaboration
WG 3 Sectoral demand
(vertical market applications: Industry 4.0; Energy;
Transport; Finance; eGov; Health; Smart Cities;
Telecom/media )
WG 4
Support SME, REGIONS and coordination with local
bodies (in particular East EU)
WG 5 Education, training,
awareness, cyber ranges
WG 6
Strategic Research & Innovation Agenda (SRIA);
New Technologies, Products & Services; Cyber Defence
WG3 activities: achieving wider objectives in a wider dialogue with users and operators
WG3 - verticals: Industry 4.0; Energy; Transport; Finance / Bank; Public Admin / eGov; Health; Smart Cities; Telecom/Content/Media (128 members from 27 countries with 289 experts): Contact: [email protected]
STATUS & OBJECTIVES 2018:
• Sector specific reports on users’ needs (SOTA):
o Four sector reports finalised and approved (Industry 4.0, Finance, Healthcare, and Smart Cities);
o One under finalisation (energy): others (eGov, Transport/road; Telecom) to come
• Mapping (from SOTAs and discussions with users) needs from all the verticals vs WG activities
• Operational EU platform for users: harmonisation of incident reporting (NIS implementation) towards sectoral operational platforms at EU level also for information sharing and fast reaction to threats (starting with banks and energy, looking for application sin other sectors for interdependencies);
• Creation of a Users’ Committee for trusted information sharing (URC – Users Representatives Committee, similar to NAPAC);
• Report on ISAC’s needs and their implementation;
WG6 activities: achieving wider objectives in a wider dialogue for R&I and new technologies / services WG6 - Strategic Research and Innovation Agenda, new Technologies, Cyber Defence (157 members from 28 countries with 351 experts): Contact: [email protected]
STATUS & OBJECTIVES 2018:
• Identification of research priorities for EC programmes: SRIA (Strategic Research & Innovation Agenda) priorities already incorporated in the 2018-2020 work programme of H2020. Update of R&I priorities for the 2020 call
• Identification (supported also by the new Scientific & Tech. Committee) of the key drivers for the future (beyond 2020) and analysis to review technology and needs evolution, global trends, and key implications on strategy up to 2027 in a commonly agreed taxonomy: 4 mainstreams:
o Society and Citizens (Social Good) Bring trust into the technology and in the Machine Economy
o Data and Economy Data as main ICT value and/or target and main driver for decision making
o Disruptive Technologies (e.g. AI, blockchain, quantum computing) M2M and M2H interaction and autonomous systems as technical, ethical, safety issues
o Digital Transformation in Verticals Continuous evolving systems and integration of legacy systems with new technology, threat intelligence and information sharing, and ICT infrastructure protection
• Initial priorities for Horizon Europe (SRIA 2.0): Identification of R&I needs to sustain and build a trustworthy European cyber secure ecosystem, also on specific verticals in cooperation with WG3
• Study on impact of new technologies (IoT security, AI and Blockchain) on the different WG aspects and verticals (link with WG3)
• Link with other PPPs to coordinate objectives and strategy for future EU cybersecurity R&I (BDVA, EFFRA, euRobotics, 5G – MoU, AIOTI)
• Support to Members for the creation of the EU Network of Cybersecurity Competence Centres; Link with the EC for the EU Cybersecurity Competence Centre
• Cyberdefence Task Force starting soon activity under WG6
DETAILS on WORKING GROUPS ACTIVITIES
WG3: Cybersecurity sectoral applications
WG3 ECSO’s purpose and approach
Identification of user/market needs
Assess vertical sectors challenges and impact
• Understand market needs and support user driven values through a cPPP approach
• Feed in user needs to EU instruments on research and/or policy issues via input to other ECSO WG’s and other means as appropriate in the scope/constitution of ECSO
128 members with 289 experts
Where we started and how we collaborate
Where we started:
- Segmentation into 8 sub-sectors based on members’ needs (in line with WG6 SRIA segmentation)
- SOTA (State Of The Art) analysis starting with sector reports establishing needs and sector specificities, followed by user requirements on certification/standardisation, education/training, and R&I priorities beyond 2020 (input to other ECSO WG’s)
→ 4 sector reports finalised - Industry 4.0, Financial Services, Health, Smart Cities
→ Identification of key issues in need of more collaboration and / or harmonisation (regulations, incident reporting, and information sharing) and transversal needs (cyber risk management, education & training, privacy & data protection)
External engagement:
- Validation of needs & requirements via sector specific workshops (energy, transport, finance, health) with users and external sectoral associations
- Discussions with ENISA and established ISAC’s (i.e. EE-ISAC) on ISAC developments and information sharing
→ Position Paper on sector-based ISAC’s ongoing (Sept 2018)
Mapping exercise of needs
Identified common needs:
– Cyber risk management
– Cyber security along the supply/value chain
– Education & training
– Privacy, data protection, & data integrity
– Real-time sharing of threats, vulnerabilities & incident reporting
WGs Industry 4.0 Financial Services Health Smart Cities
Standardisation, certification, labelling, supply chain management
Harmonisation of access rights and security policies
Secure components, processes and procedures along the supply chain
Secure components, processes and procedures along the supply chain
Harmonised procedures for incident reporting
Secure components, processes and procedures along the supply chain
Secure components, processes and procedures along the supply chain
Market deployment and investments
IoT / IIoT security
IT vs OT
Harmonised incident reporting
Fast reaction vs threats
Planning of procurement, outsourcing and maintenance
Rapid components replacement
Sectoral application
Cyber Risk management
Design fail-safe, fail-secure and self healing mechanisms
Data security and integrity
Joint safety & security response teams
Intrusion detection
Real time sharing of threats, vulnerabilities & incident reporting
Cyber Risk management
Crisis management
Data protection, data integrity and privacy
Real time sharing of threats, vulnerabilities & incident reporting
Cyber Risk management
Resilience of systems
Data security and integrity
Real time sharing of threats, vulnerabilities & incident reporting
Cyber Risk management
Real time sharing of threats, vulnerabilities & incident reporting
Data protection, data integrity and privacy
Education, training, awareness
Training to ensure good collaboration between automation and IT vendor against cyber physical threats
C-Level Management awareness
Training of staff and general awareness of customer
Improving skills (technical and behavioural)
Knowledge of cybersecurity issues
R&I SRIA: ICT-01-2019: Computing technologies and engineering methods for cyber-physical systems of systems (new one) (RIA)
ICT-08-2019 Security and resilience for collaborative manufacturing (RIA)
SRIA: SU-DS05-2018-2019: Digital security, privacy and accountability in critical domains/sectors
Sub-topic 3 (2018): Digital security and privacy in finance (IA)
SRIA: SU-DS05-2018-2019: Digital security, privacy and accountability in critical domains/sectors
Sub-topic 2 (2019): Digital security and privacy in healthcare ecosystem (RIA)
SRIA: SU-INFRA02-2019: Security for Smart Cities and "soft" targets in Smart Cities
Where we are going and how we implement it
Future objectives:
- Analysis of impact of legislations and regulations (NIS Directive, GDPR, eIDAS,…) on sectors and how to support members on their implementation
- Needs for standardisation/certification/labelling (cooperation with WG1 on selected verticals), education & training, R&I priorities for “Horizon Europe”
- Support to WG6 on IoT security non-paper (application in the different verticals)
→ Users want operationally-driven actions aimed at supporting implementation of legislation & regulation (NIS Directive, GDPR, eIDAS,…) and responding in real-time to threats through trusted information sharing platforms
Establishing operational needs – short term concrete actions
- Creation of a Users’ Committee restricted to users / operators, reporting (non confidential information) to WG3 Chairs and the Board.
- Proposal for the creation of an operational EU platform for OES, starting from the banking sector (incident reporting, exchange of information, link with national (/EU) CERTs and ISACs - when needed – fast operationalisation of possible responses to crisis / link to EU Blueprint)
Operational EU Platform: Need and objectives
3
The EU cyber resilience relies upon the three pillars: Info-sharing, Incident Reporting and Crisis Management. NIS Directive shall foster the development of the Digital Single Market enabling the coordinated deployment of these tools across sectors and across Member States. Some questions arise from this Directive, namely:
CRISIS MANAGEMENT INFOSHARING INCIDENT REPORTING
Sectorial vs
Cross Industries
National vs European
vs International
Time constraints and time based cyber fight VS
Reporting and escalation multi-layers hierarchy
Thanks to a collaborative approach, involving private and public institutions, harmonising information exchange, incident reporting and crisis management procedures, ECSO and the public-private cooperation will be beneficial to the proper implementation of cross-sectorial
regulatory requirements and increasing cyber resilience.
Developing common application for incident reporting and information sharing (led by banks but applicable other sectors); Governance and functional specifications being defined; Funding needed (CEF, investment from members)
WG3 user-driven actions: Users’ Operational Platform
Ongoing project:
• Developing common application for incident reporting and information sharing (led by banks but applicable other sectors); Governance and functional specifications being defined; Funding needed (CEF, investment from members)
– Phase 1: Incident reporting;
– Phase 2: Infosharing (ISAC);
– Phase 3: Crisis management
The financial sector and especially banks (Intesa SanPaolo, BBVA, CITIGroup, Rabobank) are leading the way on concrete projects, moving ECSO WG3 towards operational tasks and motivating other user-operators to join ECSO.
NOTE: The energy sector is also interested in the development of a similar platform.
ECSO could provide independent services to its members or some of its members investing in specific resources. E.g. upon request of its members, ECSO could support the development with its members of independent private sectoral European “operational” platforms for secure information sharing and vulnerability / threat intelligence sharing among users in a cross-sector environment that could foster cyber security against supply chain compromise.
ECSO (WG3) could support the creation of platforms and tools to support members in the implementation of the NIS Directive. ECSO could help its OES (Operators of Essential Services) members to use relevant funds to improve their capabilities and create / operationalise platforms and their link with ISACs and CSIRTs for trusted exchange of information and incident reporting.
• Users / Operators request for a TRUSTED environment at EU level to share information and threats among them (it exists in some countries with different level of efficiency, but not at EU level).
• This approach will better enlighten the Board about sectoral issues and needed actions, increase trust, attract new users as member of ECSO, better define users’ needs, etc.
• Creation of a unique Users’ Committee for all sectors gathering pure users/operators according agreed rules. Start in September 2018
Take away: Build a TRUSTED environment to foster collaboration among users and share information.
ECSO will concretely help operators to create a trusted environment
to exchange “sensitive” information (beyond ISACs)
Creation of an ECSO Users’ Committee
WG6: SRIA - Technical areas, Products, Services areas
Link to EU policies Activities should be coordinated with the future activities envisaged by the E. Commission as announced in its Communication “Strengthening Europe's Cyber Resilience System and Fostering a Competitive and Innovative Cybersecurity Industry”
Objectives
• Coordination of results and expectations from EC R&I projects
• Coordination of cybersecurity activities across cPPPs and EIT
• Support cPPP implementation and H2020 cybersecurity projects
• Detailed suggestions for the WorkProgramme 2018 - 2020 using an updated and focussed SRIA
ECSO STRATEGIC RESEARCH & INNOVATION AGENDA v1.2 cPPP SRIA v1.0 and industry
proposal as initial guidelines Available on ECSO website:
https://www.ecs-org.eu/documents/publications/59e615c9dd8f1.pdf
WG6 organisation
SWG6.1 “Ecosystem”
SWG6.2 “Application domains”
SWG6.3 “Transversal infrastructures”
SWG6.4 “Basic technologies”
Lesson learnt • Coordination with cPPPs (on specific transversal technologies & verticals) is
important to ensure the SRIA presenting coordinated cyber security strategy in EU • Coordination with the EC Programme Committee and NAPAC R&I Group wrt
internal deadlines is key to guarantee high quality delivered when expected • Development of innovative cybersecurity technologies and validation of the
solutions in key infrastructures and applications
SRIA to identify the research priorities for 2018-2020 A strategic vision is needed to demonstrate how industrial priorities contribute to the implementation of the strategy
Analysis of the Work Programme 2018-2020 and continuous advocacy of priorities good match and public & private priorities well aligned
EU Cybersecurity R&I Strategy to build a trustworthy ecosystem
1 European Ecosystem for the Cybersecurity 2 Demonstrations for the society, economy, industry and vital services 3 Collaborative intelligence to manage cyber threats and risks 4 Remove trust barriers for data-driven applications and services 5 Maintain a secure and trusted infrastructure in the long-term 6 Intelligent approaches to eliminate security vulnerabilities in systems, services and applications 7 From security components to security services
Continuous support cPPP implementation and H2020 cybersecurity projects
Update of 2020 priorities
Where we started: Strategic Research and Innovation Agenda
157 members with 351 experts
26
Coordination of R&I cybersecurity activities in Europe
... EURobotics: cybersecurity for Digitisation of the Industry (e.g., eHealth)
5G IA: Common interest to work on cybersecurity aspects for 5G
EFFRA: Analysis of requirements and cyber security challenges for digitisation of industry
BDVA: updated list of shared topics and areas of collaboration on AI
Federating discussions on cybersecurity challenges with other PPPs under ECSO
Other external collaborations – EDA: Understand EDA research priorities. EDA has join the ECSO Strategic Technical Committee
– ENISA: Contribute to the research priorities identified (crystal ball). Continuous interaction
– JRC: Work on the cybersecurity taxonomy
– DG-ENER and ENTSOE: Contribute with specific cybersecurity challenges and priorities for the energy sector (with WG3)
– IoTForum and AIOTI: Focus on cybersecurity for IoT technology to update the research priorities and impact for vertical sectors
Continuous monitor of the European cybersecure ecosystem, including technology and needs evolution to build, maintain, and provide innovative trustworthy solutions to protect European citizens and industry
Objectives 2018
Identification of R&I needs on specific verticals to address new disruptive technologies – Working papers on new technology drivers: Artificial Intelligence, Internet of Things and Blockchain (impact on the different WG aspects and
verticals to sustain the industrial policy)
Identification of global trends, and key implications on strategy through 2027 (SRIA 2.0)
Initial priorities and challenges for HorizonEurope (2021)
– Society and Citizens (Social Good) Bring trust into the technology and in the Machine Economy – Data and Economy Data as main ICT value and/or target and main driver for decision making – Disruptive Technologies (e.g AI, blockchain, quantum computing) M2M and M2H interaction and autonomous systems as
technical, ethical, safety issues – Digital Transformation in Verticals Continuous evolving systems and integration of legacy systems with new technology,
threat intelligence and information sharing, and ICT infrastructure protection
Support to creation of the EU Network of Cybersecurity Competence Centres Define Strategic Research and Innovation Agenda (v2.0) Start working on Cyber Defence
Link with relevant cPPPs to coordinate strategy for future EU cybersecurity R&I Continuous monitoring of H2020 project results
Where we are heading
ECSO Task Force on the future of the European Cybersecurity Definition and Vision
ECSO definition of EU Cybersecurity
European Cybersecurity is our common science, knowledge, trustworthy processes, products, services and infrastructures to protect (in a sustainable way) our nations, industries / economies, citizens and institutions against damaging cyber-attacks while respecting our European Values.
ECSO Vision for EU Cybersecurity in 2027
- Europe as global leader in cybersecurity, having developed a comprehensive EU cybersecurity strategy built upon a “predict-prevention, protection, detection, respond” approach.
- Strong, resilient and competitive European industrial (SMEs and European champions) and academic ecosystem.
- Cybersecurity recognized as an industrial sector, sustained by an industrial policy for Europe, supported by adequate investments for increased EU competitiveness and digital autonomy.
- Cybersecurity solutions effectively deployed at national, regional / local (city) level (driven by smart specialisation).
- Well informed European citizens and decision makers and highly trained cybersecurity professional workforce.
Objectives of the Vision
1. Dialogue and Cooperation between Public and Private stakeholders for the definition of needs / solutions and the development of the European Cybersecurity Ecosystem: next step of the cPPP (“enhanced PPP”) taking stock of the ECSO public – private governance
2. Define and implement measures (supported by adequate resources) for a comprehensive EU strategy based upon a identify / protect / detect / respond / recover approach at EU level
3. Develop and implement a comprehensive EU Cybersecurity Industrial Policy for increased EU competitiveness
4. Increase investments in cybersecurity to 1% of GDP (or turnover for companies) and target them to strategic security, economic and societal relevant sectors
5. Foster and support the Public and Private Development of trusted European strategic solutions and emerging technologies (in particular IoT security), their validation and their procurement for increased Digital Autonomy
6. Increase Research & Innovation with wide participation of key stakeholders bringing innovation to market
7. Improve visibility, rating and competitiveness of European cybersecurity industry / solutions to increase market presence
8. Support growth of Start-ups and SMEs, also with dedicated financing tools and consolidation of the EU industry
9. Develop Regional / Local (including smart cities) approaches (ecosystems) and cybersecurity smart specialisation to coordinate local activities in line with national strategies and organisations.
10.Increase Education, Training to better respond to job needs and gender issues; develop Awareness (for citizens and decision makers)
11.Increased understanding of threats in the different market verticals via improved Risk Management and Threat Intelligence (increased use of A.I.)
12.Provide operational support to face cyber threats at EU level for operators and users (e.g. EU Sectoral CERTs / SOCs with rapid reaction capabilities to threats, cooperating with ENISA, the EU CSIRTs Network and sectoral platforms).
European Cybersecurity
Industrial Policy for increased EU competitiveness
The Cybersecurity Building Blocks recommended by ECSO
Enhanced Public Private
Partnership for definition of needs
and solutions
Innovation closing the gap between R&I
and Market
Comprehensive EU strategy (identify / protect / detect /
respond / recover)
Leverage upon start-ups, SMEs
and regional approaches
Targeted investments in Cybersecurity
Trusted cybersecurity solutions for
increased digital autonomy and higher market
visibility
Education / Training /
Awareness
Risk Management, Threat Intelligence
and Fast Operational
response to crisis
To summarize …
ECSO is a unique PPP (beyond R&I and includes National Public Administrations PPP within a PPP).
ECSO is a key instrument by essence and nature: Pan-European; Cross-sectoral; Multi-Stakeholder Partnership with a holistic approach to cybersecurity.
EU Cybersecurity stakeholders cooperate in ECSO to develop the European cyber security market for the benefit of end-users and suppliers in respect of European and national political objectives.
ECSO is a privileged partner of the European Commission and recognised stakeholder by the Council, EU Presidencies, EU Agencies, other European and International bodies:
Contributed to many European legislative documents and proposals that will shape the future of cybersecurity in Europe (wrt institutional landscape, R&I, market deployment, certification, SME support, regional development, investments, etc)
Collaborates officially at operational and strategic level with key institutional, political and market stakeholders to build the future of cybersecurity in Europe and ensure a strong functioning ecosystem
ECSO is the pioneer of a European Cyber Security Vision and is the platform where we can develop and present this Vision, supporting also the dialogue and cooperation between supplier and users.
What next?
ECSO should “drive” the development of the European Cyberspace, a place of European values, peace, freedom, respect of EU Fundamental rights and liberty of expression.
ECSO should be a strong partner of the future EC/EU mechanism based upon Competence Centres to build a strong European Cybersecurity ecosystem (including industries, SMEs and academies) with its necessary tools, ensuring a stable and sustainable cooperation between all the Community of cybersecurity stakeholders (constructive & creative dialogue between political decision makers – business and academia). In this frame, ECSO would define and implement common objectives, being the platform where we can bridge / share private and public concerns and interests, sharing best practices and use cases.
A main ECSO mission is to define and support implementation of an EU cybersecurity industrial policy but also demonstrating that cybersecurity is a strong industry by itself supported by a strong EU cybersecurity industrial policy.
ECSO should be an independent and non-lobby public-private partnership focussed on concrete activities on industrial policy issues, to be carried on with adequate resources.
ECSO could have a stronger “operational role” to support its members in concrete initiatives – not only policy. This could improve in the future its image and membership, better representing market needs and complement with real added value for its members, the activities envisaged by the future EU bodies.
And the future: ECSO requested to go operational by its members
ECSO is continuing to grow but at the same time it should evolve.
From the initial support to the cPPP (R&I priorities) we have tackled approaches to develop the full European cybersecurity ecosystem with increasingly concrete actions
The E.Commission is now envisaging to invest a larger budget (under the next MFF) in cybersecurity / cyberdefence, developing local / regional competence and supporting the increase of MS capacities, under a new governance based upon the EU Competence Centre also with the support of a stronger ENISA.
ECSO is cooperating with the EC to define such vision and its objectives, under an enhanced PPP, going beyond R&I, representing the whole European Cybersecurity Community
At the same time, ECSO members are identifying short term operational needs (job creation; support to info sharing/ incident reporting / fast crisis responses; support to SMEs; etc.) that the envisaged EC measures could not satisfy.
ECSO could support the creation of platforms and operational tools to support its members (and the EU ecosystem at large) providing independent services and other concrete initiatives demonstrating its added value at European level as a complement to the envisaged EC initiatives.
THANK YOU Dr Gabriele Rizzo
European Cyber Security Organisation 10,
Rue Montoyer
1000 – Brussels – BELGIUM
E-mail:
Ms. Eda Aygen
Head of Communications &
Advisor to the SecGen
[email protected] Follow us
Twitter: @ecso_eu
Phone:
+32 (0) 27770256
www.ecs-org.eu
Further contacts, information and membership: