ENISA, the European Union Agency for Network & Information Security, is an independent body of expertise, set up by the European Union, to secure Europe’s information society. It was founded in 2004 to facilitate the exchange of information between EU institutions, the public and the private sector. The goal is to work together with operational communities to identify pragmatic solutions to current security issues. In this first article, we have asked ENISA to introduce themselves and highlight some of their activities that could be of interest to the RIPE community.
The Internet infrastructure is the backbone of the information society. This is why ENISA has been working on the resilience of the Internet infrastructure since 2010. Our efforts to foster security and resilience of the European networks comprise of a variety of activities and outputs. With the objective of making networks more secure, ENISA develops information exchange among communities, organises annual studies and workshops, and continuously engages the operational community through the INFRASEC - ENISA’s Internet infrastructure security and resilience reference group.
One of the main outputs of ENISA is our studies, guided by input from a diverse group of stakeholders and reviewed by our reference groups. These documents provide a basis for further discussion and recommendations to improve the security and resilience of digital infrastructure.
In 2013, we released " Understanding the importance of the Internet Infrastructure in Europe “ to help Member States to understand the importance of the infrastructure within their borders. The study drew particular attention to critical assets and cross-border (inter)dependencies. It also encouraged Member States to work together with Internet operational actors to maintain the Internet's globally coherent, secure and resilient network.
In 2014, we focused on the definition of Critical Information Infrastructure and identification of the latest threats and good practices for securing the physical and logical layers of the Internet. This resulted in the publication of two studies: “ Threat Landscape of Internet Infrastructure ” and “ Methodologies for the identification of Critical Information Infrastructure assets and services .”
When large-scale incidents affect the Internet infrastructure, we give timely advice and highlight known countermeasures in case of particular attacks like the DNS amplification attacks in 2013 or the 2014 NTP attacks . These notes foster the adoption of known good practices such as BCP 84 and BCP 38 to encourage the use of network ingress filtering, which can help to prevent such attacks.
As of 2011, we publish the annual summary report regarding the most severe outages of electronic communication networks or services that are reported to ENISA by the national telecom regulators. Based on the reports' findings, we develop specific solutions to overcome the most reported incidents (power, cables, ICT procurement, etc.). In this respect we recently released “ Protection of Underground Electronic Communications Infrastructure ” to prevent damages caused by civil work to buried cables and “ Secure ICT Procurement in Electronic Communications ” regarding risks associated with 3rd party ICT products and outsourced services.
We organise a yearly workshop to validate our findings with subject matter experts and to discuss the latest trends in network security. The 2014 workshop was organised in Cologne, Germany and had presentations regarding DDoS and routing best practices, for instance a presentation about Mutually Agreed Norms for Routing Security (MANRS ).
Our relationship with the operational community is very important to us. Working closely with all the actors involved in the operation of networks allows us to understand what the current threats and biggest challenges are in securing the infrastructure. We present our work at conferences to receive feedback and to facilitate the communications between the EU institutions, the public sector and the private sector.
INFRASEC - ENISA Internet infrastructure security and resilience reference group
The INFRASEC Reference Group brings together technical experts in network operations, cyber security and contingency, with representatives from Internet organisations, ISPs, IXPs, academia and governments. This group provides us with the opportunity to listen to suggestions and ideas. The group constitutes an exchange platform for the participants to address important issues relating to the security and resilience of the European Internet infrastructure. We also consult this group to enhance our understanding of the topics and to collect feedback on our studies.
For more info on ENISA activities related to the security and resilience of Internet infrastructure and critical information infrastructure you can visit ENISA website or contact us via firstname.lastname@example.org .