Fabio Di Franco, Ph.D.

ETSI Cyber Security: Landscape

17 06 2019

CYBERSECURITY CHALLENGES TO EUROPE: RESEARCH, POLICY AND STANDARDIZATION EFFORT

2

SECURING EUROPE’S INFORMATION SOCIETY

3

POSITIONING ENISA ACTIVITIES

POLICY Support MS & COM in 

Policy implementation Harmonisation across EU

CAPACITY     Hands on activities  

EXPERTISE Recommendations Independent Advice

Cybersecurity challenges –Fabio Di Franco

4

EU Challenges

Education

Complexity & Supply Chain

Cyber Crime

Awareness

Privacy & Digital Identities

Crypto

Big Data, AI

Cybersecurity challenges –Fabio Di Franco - ENISA

5

Cybersecurity in computingCybersecurity in computing

Multidisciplinary Approach

Multidisciplinary Approach

Simulation and visualization

Education

• Software security is not included in the standard educational programs

• Security and privacy by design are often taught only in specialized courses

Technical, Human, Organizational and Regulatory have different incentives, views, knowledge bases, languages

More exercises and cyber range for testing operational and technical skills

Capacity Building

Cybersecurity challenges –Fabio Di Franco

6

S EB A Adaptability

How to manage risks and opportunities for a secure

and inclusive digital Europe?

SpeedThe digital world is moving too fast for

social norms to develop

Awareness Building -Digital Transformation

EverywhereDigital connected

devices are everywhere

Cybersecurity challenges –Fabio Di Franco

Boring• “I know but I don’t care”

• “It’s too boring”• “I did not know”

7

Complexity and Supply chain

Cloud Service Provider

Online Marketplace

3rd Parties

Complexity of Service Supply Chains (sometimes second dependencies)

8

Post Quantum

Crypto

Quantum Key

Distribution

Resilient Computer

Architecture

Crypto System in Era of Quantum Computing

9

Privacy in Big Data & Digital Identities

Privacy-By-Design challenges:• Efficient Privacy-Preserving

Analytics (better if decentralized)

• Support and automation of policy enforcement

• PET in big data

RISK : electronic surveillance, profiling and disclosure of private data Volume

Velocity

Variety

BIG DATA Characteristics

10

M AA Threat Analytics

• Anomaly detection might provide useful indications.

• Distinguish information from noise is still a challenge

Analysts• Limited resources• More automation,

situation awareness and threat intelligence

MotivationWhat an attacker is

looking for?

Attack SurfaceMore services are

exposed to Internet

Cybersecurity challenges –Fabio Di Franco

Detection, Mitigation against Cyber Attacks

T

11

Automated intelligence:Automation of manual/cognitive and

routine/non-routine tasks.

Assisted intelligence:Helping people to perform tasks faster

and better.

Augmented intelligence:Helping people to make better

decisions.

Autonomous intelligence:Automating decision making

processes without human intervention

AI capabilities & maturity level

AI Capabilities

INTELLIGENCE

THANK YOU FOR YOUR ATTENTION

Vasilissis Sofias Str 1, Maroussi 151 24Attiki, Greece

fabio.difranco@enisa.europa.eu

www.enisa.Europa.eu

+30 281 440 9665