A cyber security framework for Europe
With ICT systems across the world facing ever more sophisticated attacks, cyber security becomes an increasingly important economic and security challenge. The transnational nature of cyber attacks means that it is vital for the EU to develop a global European regulatory and technological roadmap to implement a cyber-security strategy. The EU-funded CIPHER project was established with these ambitions in mind. CIPHER seeks to conduct an in-depth analysis of the reality of security in privately held information systems (PHIS) in Europe, and subsequently develop a methodological framework to help prevent cybercrime. Furthermore, the project team will draft a global European regulatory and technological roadmap, containing recommendations for policy-makers. The partners are already moving steadily towards their second objective – they recently presented the first draft of the Cyber security framework at the CIPHER International Workshop. The framework offers a set of guidelines and recommendations to improve cyber security in systems that store or process the personal information of users. At the CIPHER workshop in Madrid in July, it was evaluated by 20 experts from 10 countries working in various fields of cyber security and defence including experts in security engineering, experts in European regulations on data protection and experts in critical infrastructure protection. Following this round of expert input, the CIPHER team has now opened the framework up to the public. At the end of July, the CIPHER team presented a new interactive application for the framework. It includes a general review of the project and the structure of the framework, as well as an interactive test which allows the user to track their status in relation with their level of compliance with the CIPHER recommendations. The aim is to provide to those managing the security issues in PHIS the option to control their security in a more accurate way. The app actually allows users to see visually the progress made through the implementation of the protection measures proposed by the framework. The CIPHER team has also published an open framework survey to help evaluate the main characteristics and objectives of the framework and analyse each guideline of the framework. Interested members of the public and stakeholders are called upon to read the framework and offer their comments. According to the project team, the overall focus of CIPHER is not only on the technological aspects of the actual systems that handle personal information, but also on the social concerns and ethics related to information systems as well as on the policies and regulations affecting the matter nationally. The project, which runs over two years, involves everis consulting firm and Technalia research and technology organisation in Spain, as well as TU Delft technical university in Netherlands and ITTI consultants in the area of telecommunications, IT and business, in Poland.CIPHER http://cipherproject.eu/
Countries
Spain