Confronted with an increasing number of cyberattacks targeting industries around the world, the European Union has decided to strengthen the powers of ENISA (European Union Agency for Network and Information Security). As such, Sentryo would like to take the opportunity to put a spotlight on the European cybersecurity agency whose main objective is to ensure the security of IT networks in Europe.

ENISA’s actions

Created in 2004, ENISA is a center of expertise dedicated to helping public authorities identify the cybersecurity problems in the European Union and to offering technical solutions to fight these threats.

As an expert in cybersecurity, ENISA interacts with public and private organizations on various levels by:

  • monitoring the changes in the digital environment and informing national authorities and European institutions of the emerging risks.
  • advising EU member states and institutions on how to implement measures to fight the risks of cyberattacks in accordance with legal and regulatory requirements.
  • promoting the exchange of best practices in IT network security.
  • facilitating cooperation between institutions (national and European) and companies.

Although its actions mainly benefit EU institutions and governments of EU member states, ENISA also works with IT and ICT service providers (telecommunications, internet service providers and information and communication companies, network security specialists), companies (mainly SMEs), universities and the general public.

More resources to better fight cybercrime in Europe

In a speech delivered in Brussels on September 13, 2017, President of the European Commission Jean-Claude Juncker reasserted the importance of the fight against cyberattacks in Europe. He affirmed, “Just last year, we recorded over 4,000 ransomware attacks and 80% of European companies experienced at least one incident related to cybersecurity”.

With the new proposed mandate of ENISA, the European Commission aims to strengthen the powers of the agency so it can better support the Member States in implementing the NIS Directive (Network and Information Security).

In the words of Jean-Claude Juncker
“Cyberattacks can be more dangerous to the stability of democracies and economies than guns and tanks”.

As a reminder, the directive adopted by the European Parliament on July 6, 2016 aims to:

  • Reinforce national cybersecurity capacities. In France, the organizations that address digital security concerns are the ANSSI (French National Cybersecurity Agency), CERT-FR and CYBERCOM for the army.
  • Establish a framework of voluntary cooperation among EU Member States.
  • Reinforce cybersecurity in the networks of operators of essential services working for the economy and society: define cyber protection rules to be adhered to at a national level and enforce an obligation on operators to notify of incidents.
  • Establish common EU cybersecurity rules for digital service providers in the areas of cloud technology, search engines and online marketplaces.

With the prospects of a stronger ANSSI, we are pleased to see that the European Union has consolidated resources to fight against rising cybercrime all around the world. Implementing common policies in cybersecurity at a European level will enhance the cybersecurity of IT networks, especially in strategic industrial sectors.

Consult ENISA’s recommendations for IoT security: