European Cybersecurity cPPP and ECSO

Gabriele Rizzo ECSO WG3 Chairman

Lead Scientist, Strategic Innovation, Leonardo CHARIOT Workshop 1, Vatican City, October 10th, 2018

Evolution of the European political agenda

• 2011: Initial discussions with the EC for a European PPP on cybersecurity

• 2013: EU Cybersecurity Strategy

• 2014: Digital Single Market / Digitalisation EC communication

• 2016: cPPP on Cybersecurity (This is us!)

• 2017: Joint Communication on EU strategy (establishment of A Network of Competence Centre (calls for pilot projects ended); EU Cybersecurity Research and Competence Centre) Review and Cybersecurity Act (“New” EU Cyber Security Agency: ENISA + EU Certification Framework)

• 2018: Transposition of the NIS Directive & application of the GDPR

2

And beyond

• European Commission proposal for the next MFF (2021 – 2027): May 2018 expected approval in May 2019

• Digital Europe Programme (capacity building projects from 2021) approval end 2018 / 2019

• HorizonEurope (R&D from 2021)

• Expected evolution of the cPPP (after 2020) towards a more ambitious governance (EU Competence Centre) and wider objectives, beyond R&D (including capacity building)

A EUROPEAN PPP ON CYBER SECURITY The European Commission has signed on July 2016 a PPP with the private sector for the development of a common approach and market on cyber security. AIM 1. Foster cooperation between public and private actors at early stages of the research and innovation process in order to allow

people in Europe to access innovative and trustworthy European solutions (ICT products, services and software). These solutions take into consideration fundamental rights, such as the right for privacy.

2. Stimulate cyber security industry, by helping align the demand and supply sectors to allow industry to elicit future requirements from end-users, as well as sectors that are important customers of cyber security solutions (e.g. energy, health, transport, finance).

3. Coordinate digital security industrial resources in Europe.

BUDGET The EC will invest up to €450 million in this partnership, under its research and innovation programme Horizon 2020 for the 2017-2020 calls (4 years). Cyber security market players are expected to invest three times more (€ 1350 mln: leverage factor = 3) to a total up to €1800 mln. UPDATE: EC will invest more than €500 mln. Private sector investments for the first year had a leverage factor 5 SUPPORT European Cyber Security Organisation – ECSO Association has been created to engage with the EC in this PPP. ECSO is open to any stakeholder (public / private; user / supplier) allowed to participated in H2020 projects.

3

About the European Cyber Security PPP

PAN EUROPEAN – MULTI-STAKEHOLDER – CROSS SECTORAL PARNTERSHIP FOR CYBERSECURITY The ECSO approach is going beyond the work of a typical Association supporting a cPPP, as it tackles, on top of Research & Innovation issues, all those topics that are linked to the market development and the protection of the development of the Digital Single Market, in the frame of the European Cybersecurity Strategy.

A peculiarity of ECSO is to include among its members (also at Board of Directors level and within the working groups*)

high representatives and experts from national and regional public administrations. This approach is fundamental

• in a sector dealing with “security” as application of cybersecurity is and will remain a sovereign issue.

• to increase the quality of the ECSO recommendations to the European and national institutions allowing a faster

decision making by public bodies and a viable implementation by the private sector of the decisions taken

(regulations, standards etc.).

For this reason ECSO itself is a public – private body, creating a new and dynamic multi-stakeholder dialogue, preparing for the future evolutions and needs in this sector, as envisaged in the EU cybersecurity strategy.

4

*ECSO working groups are dealing with the different aspects of what we call “cybersecurity industrial policy”

ECSO: a unique and successful cPPP approach

Industrial cybersecurity challenges in Europe

Global cybersecurity and ICT market dominated by global suppliers from outside Europe

Innovation led by imported ICT products

Strategic supply chain dependency

Mature commodity market; professional applications under development / evolution full Digitalisation of the society and of the EU Industry

Market fragmentation

Innovation: strong in Europe but not always properly funded due to a lack of a consistent transnational approach and global EU strategy. Results of Research and Innovation are hardly reaching the market

Weak entrepreneurial culture, lack of venture capital

European industrial policies not yet addressing specific cybersecurity issues

Human factor

Sovereignty

Industrial operational and strategic objectives

1. Protecting infrastructures from cyber threats

2. Use of massive data collection (c.f. AI) to increase overall security

3. Increased European digital autonomy

4. Security and trust of the whole supply chain

5. Increase competitiveness

6. Investments in areas where Europe has a clear leadership

7. Develop market enablers / incentives in public – private cooperation (e.g. legislation, standards, certification – when / where needed)

8. Leveraging upon the potential of SMEs

9. Support local / regional / national competence and development

10.Develop education (/skills) / training and awareness (citizens and decision makers)

Where we started - 2016: Cybersecurity challenges for the EU Industry

2018: Cybersecurity has become a major global issue

• Cybersecurity is a growing issue at political (elections), societal (social media / privacy) and economic (digitalisation of the industry – Industry 4.0) level

• Cybersecurity is a global issue: cyber threats hit at local / regional / local / international level. We are all (almost) on the same footing

• Digitalisation (including the massive introduction of IoT and IIoT, and autonomous decisions) is still a phenomenon not well understood by the industrial sector (and in particular by SMEs): security of a digitalised society will be a challenge!

• IT (Information Technology – i.e., data management) and OT (Operational Technology – i.e., control of operations) are increasingly closer and interacting (cyber-physical systems) higher cyber resilience should be provided: optimisation needed, both to avoid vulnerabilities (lack of security of data for control of manufacturing operation can have disruptive impacts) and for reducing costs

• Current situation sees the use (when possible) of solutions / patches validated / certified wrt the present understanding of threats, but threats are continuously evolving: we need flexibility and scalability of systems

• Risk management is still a challenge to be correctly implemented in an industrial cycle, while considering potential disruptions and impact of cyber attacks

• Awareness is still limited in all kind of stakeholders

• The figure of CISO (Chief Information Security Officers) is increasing in companies, but CISOs still don’t get sufficient attention from companies’ Management Board and get adequate risk management measures implemented

ECSO membership overview (situation 20 June 2018 – after

Board and GA)

• Associations : 22

• Large companies and users: 70

• Public Administrations: 20 (+1)

AT, BE, CY, CZ, DE, EE, ES, FI, FR, IT, SK, FI, NL, NO, PL, UK, BG, SE, GR (+TR)

observers at NAPAC (DK, HU, IE, LT, LU, LV, PT, RO, SI, MT, …)

• Regional clusters: 6

• RTO/Universities: 65 (+1)

• SMEs: 50 (+4)

AUSTRIA 7 ITALY 26

BELGIUM 13 LATVIA 1

BE - EU ASSOCIATIONS 9 LITHUANIA 1 BULGARIA 2 LUXEMBOURG 4

CYPRUS 5 (+1) NORWAY 4 CZECH REP. 3 POLAND 5 DENMARK 5 PORTUGAL 2 ESTONIA 7 ROMANIA 1 FINLAND 8 SLOVAKIA 2

SLOVENIA 1 FRANCE 24 (+1) SPAIN 32

GERMANY 22 (+2) SWEDEN 3 GREECE 5 SWITZERLAND 6

HUNGARY 3 THE NETHERLANDS 17 IRELAND 3 TURKEY 3 (+2) ISRAEL 2 UNITED KINGDOM 8

132 founding members: now we are 233 organisations from 28 countries and counting (included 6 other

membership requests – in brackets – to be confirmed)

4

We are representative of all kind of stakeholders WG1

Standardisation, certification, labelling and supply chain management

135 members 27 countries 289 experts

WG2 Market deployment, investments and

international collaboration 86 members 20 countries 159 experts

WG3 Sectoral applications

Industry 4.0; Energy; Transport; Finance / Bank; Public Admin / eGov; Health; Smart

Cities; Telecom/Content/Media 128 members 27 countries 289 experts

WG4 Support to SMEs and collaboration with Regions including East & Central Europe

76 members 22 countries 134 experts

WG5 Education, training, raising awareness and

cyber ranges 112 members 28 countries 225 experts

WG6 Strategic Research, Innovation and

Technologies 157 members 28 countries 351 experts

About 240

Members 28

countries

ECS - cPPP Partnership Board (monitoring of the ECS cPPP - R&I priorities)

EUROPEAN COMMISSION

ECSO –Board of Directors (Management of the ECSO Association: policy/market actions)

R&I

ECSO General Assembly

INDUSTRIAL POLICY

Coordination / Strategy Committee

WG 1 Standardisation /

certification / labelling / supply

chain management

WG 2 Market deployment

/ investments / international collaboration

WG 3

Sectoral Demand (Industry 4.0; Energy; Transport; Finance; eGov; Health; Smart

Cities; Telecom/media )

WG 4 Support to SMEs

and REGIONS (in particular

East EU)

WG 5 Education,

training, cyber ranges, awareness

WG 6 Strategic Research & Innovation Agenda New Technologies,

Products & Services; Cyber Defence

SME solutions / services providers;

local / regional SME clusters and

associations Startups, Incubators / Accelerators

Large companies Solutions / Services Providers; National

or European Organisation / Associations

Regional / Local administrations (with economic

interests); Regional / Local Clusters of Solution / Services providers or users

Public or private users /

operators: large

companies and SMEs

National Public Authority

Representatives Committee R&I Group /

Policy Advisory Group (GAG)

Others (financing

bodies, insurance,

etc.)

Research Centers (large and

medium / small), Academies /

Universities and their Associations

Governance

Elected ECSO Board Directors at the 2018 GA (June 20th)

Member / External name Country Functional status First Director (3y) or Director (1y) Permanent Representative

AEI CIBERSEGURIDAD Spain Associations Director Carlos Prieto-Saiz

EUROSMART Belgium Associations Director Stéfane Mouille Finnish Information Security Cluster FISC ry Finland Associations Director Juha Remes ACN - Alliance pour la confiance numérique France Associations First Director Alexis Caurette

EOS Belgium Associations First Director Paolo Venturoni ETNO - European Telecommunication Network Operator's Association Belgium Associations First Director Lise Fuhr

TeleTrusT - IT Security Association Germany Germany Associations First Director Gerd Müller SIEMENS Germany Large Company Director Eva Schulz-Kamm

F-Secure Corporation Finland Large Company Director Samu Konttinen Vitrociset Italy Large Company Director Walter Matta

NXP The Netherlands Large Company Director Wolfgang Steinbauer SECOND BALLOT ONGOING (INDRA / ROHDE&SCHWARZ/ SGS) TBD Large Company Director TBD

AIRBUS Defence & Space - CyberSecurity (Airbus DS CyberSecurity) France Large Company First Director François Lavaste

ATOS Spain S.A. Spain Large Company First Director Philippe Vannier Infineon Technologies AG Germany Large Company First Director Thomas Fitzek

Leonardo S.p.a. - Leonardo-Finmeccanica-Società per azioni Italy Large Company First Director Andrea Campora THALES Communications & Security SAS France Large Company First Director Yves Lagoude

BKA - Federal Chancellery of Austria Austria Public Administration Director Katharina-Irene Bointner

Ministry of Digital Affairs, Poland Poland Public Administration Director Karol Okonski MiSE - Ministry of Economic Development, Italy Italy Public Administration Director Rita Forsi

ANSSI - Agence Nationale de la Securité des Systèmes d'Information France Public Administration First Director Guillaume Poupard Ministry of Defence of the Republic of Estonia Estonia Public Administration First Director Kusti Salm

SETSI - INCIBE - CDTI Spain Public Administration First Director Felix Barrio Conseil Régional de Bretagne France Regions / Cluster Director Annie Audic

Goethe University Germany RTO / University Director Kai Rannenberg CEA France RTO / University Director Géraud Canet

CNR - Consiglio Nazionale delle Ricerche Italy RTO / University First Director Fabio Martinelli TECNALIA - Fundación Tecnalia Research & Innovation Spain RTO / University First Director Ana Ayerbe Fernandez-Cuesta

S2GRUPO Spain SME Director Miguel Angel Juan CONCEPTIVITY sàrl Switzerland SME Director Mark Miller

DIGITAL SME - European DIGITAL SME Alliance Belgium SME First Director Sebastiano Toffaletti GUARDTIME Estonia SME First Director Martin Ruubel

EDF - Electricité de France France User / Operator Director Olivier Ligneul RIA - Information System Authority , Republic of Estonia Estonia User / Operator First Director Silja-Madli Ossip

INCERT GIE Luxembourg User / Operator Director Benoit Poletti INTESA SAN PAOLO Italy User / Operator Director Giorgio Cusmà Lorenzo

Elected ECSO Representatives at the Partnership Board (GA June 20th 2018)

Member / External name Country Functional status ECSO Representative AEI CIBERSEGURIDAD Spain Associations Carlos Prieto-Saiz

EOS Belgium Associations Emmanuel Dotaro EUROSMART Belgium Associations Stéfane Mouille

FISC Finland Associations Timo Kotilainen Infineon Technologies AG Germany Large Company Emmanuel Ventadour

SECOND BALLOT (LEONARDO / VITROCISET) Italy Large Company TBD NXP The Netherlands Large Company Jacques Olaf Kruse Brandao

F-Secure Corporation Finland Large Company Samu Konttinen ATOS Spain Large Company Padro Soria

Ericsson Sweden Large Company Mats Nillson SPRI S.A. - SOCIEDAD PARA LA TRANSFORMACIÓN

COMPETITIVA-ERALDAKETA LEHIAKORRERAKO SOZIETATEA, S.A.r

Spain Regions / Cluster Francisco Javier Diéguez Barriocanal

VTT Finland RTO / University Kimmo Halunen CNR Italy RTO / University Fabio Martinelli

FORTH Greece RTO / University Evangelos Markatos Goethe-Universität Frankfurt Germany RTO / University Kai Rannenberg IMT - Institut Mines-Télécom France RTO / University Hervé Debar

TECNALIA Spain RTO / University Ana Ayerbe Fernandez-Cuesta

CONCEPTIVITY Switzerland SME Mark Miller

ASPISEC SRL Italy SME Andrea Chiappetta RadarServices Smart IT-Security Austria SME Thomas Stubbings

S2 Grupo Spain SME Miguel A. Juan AIRBUS Group Germany User / Operator Simon Bradley

EDF - Electricité de France France User / Operator Sylvain Langlois ISGS - INTESA SANPAOLO Italy User / Operator Giorgio Cusmà Lorenzo

SUMMARY of WORKING GROUPS ACTIVITIES

WORKING GROUPS & TASK FORCES

WG 1 Standardisation Certification /

Labelling / Supply Chain Management

WG 2 Market deployment /

investments / international collaboration

WG 3 Sectoral demand

(vertical market applications: Industry 4.0; Energy;

Transport; Finance; eGov; Health; Smart Cities;

Telecom/media )

WG 4

Support SME, REGIONS and coordination with local

bodies (in particular East EU)

WG 5 Education, training,

awareness, cyber ranges

WG 6

Strategic Research & Innovation Agenda (SRIA);

New Technologies, Products & Services; Cyber Defence

WG3 activities: achieving wider objectives in a wider dialogue with users and operators

WG3 - verticals: Industry 4.0; Energy; Transport; Finance / Bank; Public Admin / eGov; Health; Smart Cities; Telecom/Content/Media (128 members from 27 countries with 289 experts): Contact: nina.olesen@ecs-org.eu

STATUS & OBJECTIVES 2018:

• Sector specific reports on users’ needs (SOTA):

o Four sector reports finalised and approved (Industry 4.0, Finance, Healthcare, and Smart Cities);

o One under finalisation (energy): others (eGov, Transport/road; Telecom) to come

• Mapping (from SOTAs and discussions with users) needs from all the verticals vs WG activities

• Operational EU platform for users: harmonisation of incident reporting (NIS implementation) towards sectoral operational platforms at EU level also for information sharing and fast reaction to threats (starting with banks and energy, looking for application sin other sectors for interdependencies);

• Creation of a Users’ Committee for trusted information sharing (URC – Users Representatives Committee, similar to NAPAC);

• Report on ISAC’s needs and their implementation;

WG6 activities: achieving wider objectives in a wider dialogue for R&I and new technologies / services WG6 - Strategic Research and Innovation Agenda, new Technologies, Cyber Defence (157 members from 28 countries with 351 experts): Contact: roberto.cascella@ecs-org.eu

STATUS & OBJECTIVES 2018:

• Identification of research priorities for EC programmes: SRIA (Strategic Research & Innovation Agenda) priorities already incorporated in the 2018-2020 work programme of H2020. Update of R&I priorities for the 2020 call

• Identification (supported also by the new Scientific & Tech. Committee) of the key drivers for the future (beyond 2020) and analysis to review technology and needs evolution, global trends, and key implications on strategy up to 2027 in a commonly agreed taxonomy: 4 mainstreams:

o Society and Citizens (Social Good) Bring trust into the technology and in the Machine Economy

o Data and Economy Data as main ICT value and/or target and main driver for decision making

o Disruptive Technologies (e.g. AI, blockchain, quantum computing) M2M and M2H interaction and autonomous systems as technical, ethical, safety issues

o Digital Transformation in Verticals Continuous evolving systems and integration of legacy systems with new technology, threat intelligence and information sharing, and ICT infrastructure protection

• Initial priorities for Horizon Europe (SRIA 2.0): Identification of R&I needs to sustain and build a trustworthy European cyber secure ecosystem, also on specific verticals in cooperation with WG3

• Study on impact of new technologies (IoT security, AI and Blockchain) on the different WG aspects and verticals (link with WG3)

• Link with other PPPs to coordinate objectives and strategy for future EU cybersecurity R&I (BDVA, EFFRA, euRobotics, 5G – MoU, AIOTI)

• Support to Members for the creation of the EU Network of Cybersecurity Competence Centres; Link with the EC for the EU Cybersecurity Competence Centre

• Cyberdefence Task Force starting soon activity under WG6

DETAILS on WORKING GROUPS ACTIVITIES

WG3: Cybersecurity sectoral applications

WG3 ECSO’s purpose and approach

Identification of user/market needs

Assess vertical sectors challenges and impact

• Understand market needs and support user driven values through a cPPP approach

• Feed in user needs to EU instruments on research and/or policy issues via input to other ECSO WG’s and other means as appropriate in the scope/constitution of ECSO

128 members with 289 experts

Where we started and how we collaborate

Where we started:

- Segmentation into 8 sub-sectors based on members’ needs (in line with WG6 SRIA segmentation)

- SOTA (State Of The Art) analysis starting with sector reports establishing needs and sector specificities, followed by user requirements on certification/standardisation, education/training, and R&I priorities beyond 2020 (input to other ECSO WG’s)

→ 4 sector reports finalised - Industry 4.0, Financial Services, Health, Smart Cities

→ Identification of key issues in need of more collaboration and / or harmonisation (regulations, incident reporting, and information sharing) and transversal needs (cyber risk management, education & training, privacy & data protection)

External engagement:

- Validation of needs & requirements via sector specific workshops (energy, transport, finance, health) with users and external sectoral associations

- Discussions with ENISA and established ISAC’s (i.e. EE-ISAC) on ISAC developments and information sharing

→ Position Paper on sector-based ISAC’s ongoing (Sept 2018)

Mapping exercise of needs

Identified common needs:

– Cyber risk management

– Cyber security along the supply/value chain

– Education & training

– Privacy, data protection, & data integrity

– Real-time sharing of threats, vulnerabilities & incident reporting

WGs Industry 4.0 Financial Services Health Smart Cities

Standardisation, certification, labelling, supply chain management

Harmonisation of access rights and security policies

Secure components, processes and procedures along the supply chain

Secure components, processes and procedures along the supply chain

Harmonised procedures for incident reporting

Secure components, processes and procedures along the supply chain

Secure components, processes and procedures along the supply chain

Market deployment and investments

IoT / IIoT security

IT vs OT

Harmonised incident reporting

Fast reaction vs threats

Planning of procurement, outsourcing and maintenance

Rapid components replacement

Sectoral application

Cyber Risk management

Design fail-safe, fail-secure and self healing mechanisms

Data security and integrity

Joint safety & security response teams

Intrusion detection

Real time sharing of threats, vulnerabilities & incident reporting

Cyber Risk management

Crisis management

Data protection, data integrity and privacy

Real time sharing of threats, vulnerabilities & incident reporting

Cyber Risk management

Resilience of systems

Data security and integrity

Real time sharing of threats, vulnerabilities & incident reporting

Cyber Risk management

Real time sharing of threats, vulnerabilities & incident reporting

Data protection, data integrity and privacy

Education, training, awareness

Training to ensure good collaboration between automation and IT vendor against cyber physical threats

C-Level Management awareness

Training of staff and general awareness of customer

Improving skills (technical and behavioural)

Knowledge of cybersecurity issues

R&I SRIA: ICT-01-2019: Computing technologies and engineering methods for cyber-physical systems of systems (new one) (RIA)

ICT-08-2019 Security and resilience for collaborative manufacturing (RIA)

SRIA: SU-DS05-2018-2019: Digital security, privacy and accountability in critical domains/sectors

Sub-topic 3 (2018): Digital security and privacy in finance (IA)

SRIA: SU-DS05-2018-2019: Digital security, privacy and accountability in critical domains/sectors

Sub-topic 2 (2019): Digital security and privacy in healthcare ecosystem (RIA)

SRIA: SU-INFRA02-2019: Security for Smart Cities and "soft" targets in Smart Cities

Where we are going and how we implement it

Future objectives:

- Analysis of impact of legislations and regulations (NIS Directive, GDPR, eIDAS,…) on sectors and how to support members on their implementation

- Needs for standardisation/certification/labelling (cooperation with WG1 on selected verticals), education & training, R&I priorities for “Horizon Europe”

- Support to WG6 on IoT security non-paper (application in the different verticals)

→ Users want operationally-driven actions aimed at supporting implementation of legislation & regulation (NIS Directive, GDPR, eIDAS,…) and responding in real-time to threats through trusted information sharing platforms

Establishing operational needs – short term concrete actions

- Creation of a Users’ Committee restricted to users / operators, reporting (non confidential information) to WG3 Chairs and the Board.

- Proposal for the creation of an operational EU platform for OES, starting from the banking sector (incident reporting, exchange of information, link with national (/EU) CERTs and ISACs - when needed – fast operationalisation of possible responses to crisis / link to EU Blueprint)

Operational EU Platform: Need and objectives

3

The EU cyber resilience relies upon the three pillars: Info-sharing, Incident Reporting and Crisis Management. NIS Directive shall foster the development of the Digital Single Market enabling the coordinated deployment of these tools across sectors and across Member States. Some questions arise from this Directive, namely:

CRISIS MANAGEMENT INFOSHARING INCIDENT REPORTING

Sectorial vs

Cross Industries

National vs European

vs International

Time constraints and time based cyber fight VS

Reporting and escalation multi-layers hierarchy

Thanks to a collaborative approach, involving private and public institutions, harmonising information exchange, incident reporting and crisis management procedures, ECSO and the public-private cooperation will be beneficial to the proper implementation of cross-sectorial

regulatory requirements and increasing cyber resilience.

Developing common application for incident reporting and information sharing (led by banks but applicable other sectors); Governance and functional specifications being defined; Funding needed (CEF, investment from members)

WG3 user-driven actions: Users’ Operational Platform

Ongoing project:

• Developing common application for incident reporting and information sharing (led by banks but applicable other sectors); Governance and functional specifications being defined; Funding needed (CEF, investment from members)

– Phase 1: Incident reporting;

– Phase 2: Infosharing (ISAC);

– Phase 3: Crisis management

The financial sector and especially banks (Intesa SanPaolo, BBVA, CITIGroup, Rabobank) are leading the way on concrete projects, moving ECSO WG3 towards operational tasks and motivating other user-operators to join ECSO.

NOTE: The energy sector is also interested in the development of a similar platform.

ECSO could provide independent services to its members or some of its members investing in specific resources. E.g. upon request of its members, ECSO could support the development with its members of independent private sectoral European “operational” platforms for secure information sharing and vulnerability / threat intelligence sharing among users in a cross-sector environment that could foster cyber security against supply chain compromise.

ECSO (WG3) could support the creation of platforms and tools to support members in the implementation of the NIS Directive. ECSO could help its OES (Operators of Essential Services) members to use relevant funds to improve their capabilities and create / operationalise platforms and their link with ISACs and CSIRTs for trusted exchange of information and incident reporting.

• Users / Operators request for a TRUSTED environment at EU level to share information and threats among them (it exists in some countries with different level of efficiency, but not at EU level).

• This approach will better enlighten the Board about sectoral issues and needed actions, increase trust, attract new users as member of ECSO, better define users’ needs, etc.

• Creation of a unique Users’ Committee for all sectors gathering pure users/operators according agreed rules. Start in September 2018

Take away: Build a TRUSTED environment to foster collaboration among users and share information.

ECSO will concretely help operators to create a trusted environment

to exchange “sensitive” information (beyond ISACs)

Creation of an ECSO Users’ Committee

WG6: SRIA - Technical areas, Products, Services areas

Link to EU policies Activities should be coordinated with the future activities envisaged by the E. Commission as announced in its Communication “Strengthening Europe's Cyber Resilience System and Fostering a Competitive and Innovative Cybersecurity Industry”

Objectives

• Coordination of results and expectations from EC R&I projects

• Coordination of cybersecurity activities across cPPPs and EIT

• Support cPPP implementation and H2020 cybersecurity projects

• Detailed suggestions for the WorkProgramme 2018 - 2020 using an updated and focussed SRIA

ECSO STRATEGIC RESEARCH & INNOVATION AGENDA v1.2 cPPP SRIA v1.0 and industry

proposal as initial guidelines Available on ECSO website:

https://www.ecs-org.eu/documents/publications/59e615c9dd8f1.pdf

WG6 organisation

SWG6.1 “Ecosystem”

SWG6.2 “Application domains”

SWG6.3 “Transversal infrastructures”

SWG6.4 “Basic technologies”

Lesson learnt • Coordination with cPPPs (on specific transversal technologies & verticals) is

important to ensure the SRIA presenting coordinated cyber security strategy in EU • Coordination with the EC Programme Committee and NAPAC R&I Group wrt

internal deadlines is key to guarantee high quality delivered when expected • Development of innovative cybersecurity technologies and validation of the

solutions in key infrastructures and applications

SRIA to identify the research priorities for 2018-2020 A strategic vision is needed to demonstrate how industrial priorities contribute to the implementation of the strategy

Analysis of the Work Programme 2018-2020 and continuous advocacy of priorities good match and public & private priorities well aligned

EU Cybersecurity R&I Strategy to build a trustworthy ecosystem

1 European Ecosystem for the Cybersecurity 2 Demonstrations for the society, economy, industry and vital services 3 Collaborative intelligence to manage cyber threats and risks 4 Remove trust barriers for data-driven applications and services 5 Maintain a secure and trusted infrastructure in the long-term 6 Intelligent approaches to eliminate security vulnerabilities in systems, services and applications 7 From security components to security services

Continuous support cPPP implementation and H2020 cybersecurity projects

Update of 2020 priorities

Where we started: Strategic Research and Innovation Agenda

157 members with 351 experts

26

Coordination of R&I cybersecurity activities in Europe

... EURobotics: cybersecurity for Digitisation of the Industry (e.g., eHealth)

5G IA: Common interest to work on cybersecurity aspects for 5G

EFFRA: Analysis of requirements and cyber security challenges for digitisation of industry

BDVA: updated list of shared topics and areas of collaboration on AI

Federating discussions on cybersecurity challenges with other PPPs under ECSO

Other external collaborations – EDA: Understand EDA research priorities. EDA has join the ECSO Strategic Technical Committee

– ENISA: Contribute to the research priorities identified (crystal ball). Continuous interaction

– JRC: Work on the cybersecurity taxonomy

– DG-ENER and ENTSOE: Contribute with specific cybersecurity challenges and priorities for the energy sector (with WG3)

– IoTForum and AIOTI: Focus on cybersecurity for IoT technology to update the research priorities and impact for vertical sectors

Continuous monitor of the European cybersecure ecosystem, including technology and needs evolution to build, maintain, and provide innovative trustworthy solutions to protect European citizens and industry

Objectives 2018

Identification of R&I needs on specific verticals to address new disruptive technologies – Working papers on new technology drivers: Artificial Intelligence, Internet of Things and Blockchain (impact on the different WG aspects and

verticals to sustain the industrial policy)

Identification of global trends, and key implications on strategy through 2027 (SRIA 2.0)

Initial priorities and challenges for HorizonEurope (2021)

– Society and Citizens (Social Good) Bring trust into the technology and in the Machine Economy – Data and Economy Data as main ICT value and/or target and main driver for decision making – Disruptive Technologies (e.g AI, blockchain, quantum computing) M2M and M2H interaction and autonomous systems as

technical, ethical, safety issues – Digital Transformation in Verticals Continuous evolving systems and integration of legacy systems with new technology,

threat intelligence and information sharing, and ICT infrastructure protection

Support to creation of the EU Network of Cybersecurity Competence Centres Define Strategic Research and Innovation Agenda (v2.0) Start working on Cyber Defence

Link with relevant cPPPs to coordinate strategy for future EU cybersecurity R&I Continuous monitoring of H2020 project results

Where we are heading

ECSO Task Force on the future of the European Cybersecurity Definition and Vision

ECSO definition of EU Cybersecurity

European Cybersecurity is our common science, knowledge, trustworthy processes, products, services and infrastructures to protect (in a sustainable way) our nations, industries / economies, citizens and institutions against damaging cyber-attacks while respecting our European Values.

ECSO Vision for EU Cybersecurity in 2027

- Europe as global leader in cybersecurity, having developed a comprehensive EU cybersecurity strategy built upon a “predict-prevention, protection, detection, respond” approach.

- Strong, resilient and competitive European industrial (SMEs and European champions) and academic ecosystem.

- Cybersecurity recognized as an industrial sector, sustained by an industrial policy for Europe, supported by adequate investments for increased EU competitiveness and digital autonomy.

- Cybersecurity solutions effectively deployed at national, regional / local (city) level (driven by smart specialisation).

- Well informed European citizens and decision makers and highly trained cybersecurity professional workforce.

Objectives of the Vision

1. Dialogue and Cooperation between Public and Private stakeholders for the definition of needs / solutions and the development of the European Cybersecurity Ecosystem: next step of the cPPP (“enhanced PPP”) taking stock of the ECSO public – private governance

2. Define and implement measures (supported by adequate resources) for a comprehensive EU strategy based upon a identify / protect / detect / respond / recover approach at EU level

3. Develop and implement a comprehensive EU Cybersecurity Industrial Policy for increased EU competitiveness

4. Increase investments in cybersecurity to 1% of GDP (or turnover for companies) and target them to strategic security, economic and societal relevant sectors

5. Foster and support the Public and Private Development of trusted European strategic solutions and emerging technologies (in particular IoT security), their validation and their procurement for increased Digital Autonomy

6. Increase Research & Innovation with wide participation of key stakeholders bringing innovation to market

7. Improve visibility, rating and competitiveness of European cybersecurity industry / solutions to increase market presence

8. Support growth of Start-ups and SMEs, also with dedicated financing tools and consolidation of the EU industry

9. Develop Regional / Local (including smart cities) approaches (ecosystems) and cybersecurity smart specialisation to coordinate local activities in line with national strategies and organisations.

10.Increase Education, Training to better respond to job needs and gender issues; develop Awareness (for citizens and decision makers)

11.Increased understanding of threats in the different market verticals via improved Risk Management and Threat Intelligence (increased use of A.I.)

12.Provide operational support to face cyber threats at EU level for operators and users (e.g. EU Sectoral CERTs / SOCs with rapid reaction capabilities to threats, cooperating with ENISA, the EU CSIRTs Network and sectoral platforms).

European Cybersecurity

Industrial Policy for increased EU competitiveness

The Cybersecurity Building Blocks recommended by ECSO

Enhanced Public Private

Partnership for definition of needs

and solutions

Innovation closing the gap between R&I

and Market

Comprehensive EU strategy (identify / protect / detect /

respond / recover)

Leverage upon start-ups, SMEs

and regional approaches

Targeted investments in Cybersecurity

Trusted cybersecurity solutions for

increased digital autonomy and higher market

visibility

Education / Training /

Awareness

Risk Management, Threat Intelligence

and Fast Operational

response to crisis

To summarize …

ECSO is a unique PPP (beyond R&I and includes National Public Administrations PPP within a PPP).

ECSO is a key instrument by essence and nature: Pan-European; Cross-sectoral; Multi-Stakeholder Partnership with a holistic approach to cybersecurity.

EU Cybersecurity stakeholders cooperate in ECSO to develop the European cyber security market for the benefit of end-users and suppliers in respect of European and national political objectives.

ECSO is a privileged partner of the European Commission and recognised stakeholder by the Council, EU Presidencies, EU Agencies, other European and International bodies:

Contributed to many European legislative documents and proposals that will shape the future of cybersecurity in Europe (wrt institutional landscape, R&I, market deployment, certification, SME support, regional development, investments, etc)

Collaborates officially at operational and strategic level with key institutional, political and market stakeholders to build the future of cybersecurity in Europe and ensure a strong functioning ecosystem

ECSO is the pioneer of a European Cyber Security Vision and is the platform where we can develop and present this Vision, supporting also the dialogue and cooperation between supplier and users.

What next?

ECSO should “drive” the development of the European Cyberspace, a place of European values, peace, freedom, respect of EU Fundamental rights and liberty of expression.

ECSO should be a strong partner of the future EC/EU mechanism based upon Competence Centres to build a strong European Cybersecurity ecosystem (including industries, SMEs and academies) with its necessary tools, ensuring a stable and sustainable cooperation between all the Community of cybersecurity stakeholders (constructive & creative dialogue between political decision makers – business and academia). In this frame, ECSO would define and implement common objectives, being the platform where we can bridge / share private and public concerns and interests, sharing best practices and use cases.

A main ECSO mission is to define and support implementation of an EU cybersecurity industrial policy but also demonstrating that cybersecurity is a strong industry by itself supported by a strong EU cybersecurity industrial policy.

ECSO should be an independent and non-lobby public-private partnership focussed on concrete activities on industrial policy issues, to be carried on with adequate resources.

ECSO could have a stronger “operational role” to support its members in concrete initiatives – not only policy. This could improve in the future its image and membership, better representing market needs and complement with real added value for its members, the activities envisaged by the future EU bodies.

And the future: ECSO requested to go operational by its members

ECSO is continuing to grow but at the same time it should evolve.

From the initial support to the cPPP (R&I priorities) we have tackled approaches to develop the full European cybersecurity ecosystem with increasingly concrete actions

The E.Commission is now envisaging to invest a larger budget (under the next MFF) in cybersecurity / cyberdefence, developing local / regional competence and supporting the increase of MS capacities, under a new governance based upon the EU Competence Centre also with the support of a stronger ENISA.

ECSO is cooperating with the EC to define such vision and its objectives, under an enhanced PPP, going beyond R&I, representing the whole European Cybersecurity Community

At the same time, ECSO members are identifying short term operational needs (job creation; support to info sharing/ incident reporting / fast crisis responses; support to SMEs; etc.) that the envisaged EC measures could not satisfy.

ECSO could support the creation of platforms and operational tools to support its members (and the EU ecosystem at large) providing independent services and other concrete initiatives demonstrating its added value at European level as a complement to the envisaged EC initiatives.

THANK YOU Dr Gabriele Rizzo

gabriele.rizzo@leonardocompany.com

European Cyber Security Organisation 10,

Rue Montoyer

1000 – Brussels – BELGIUM

E-mail:

Ms. Eda Aygen

Head of Communications &

Advisor to the SecGen

eda.aygen@ecs-org.eu Follow us

Twitter: @ecso_eu

Phone:

+32 (0) 27770256

www.ecs-org.eu

Further contacts, information and membership: