What is Computer Emergency Response Team - CERT-EU’s mission?
CERT-EU’s mission is to enhance the security of the information and communications technology (ICT) infrastructure of all EU institutions, bodies and agencies (hereinafter referred to as its ‘constituents’). It supports incident prevention, detection, mitigation and response by acting as the cyber-security information exchange and incident response coordination hub for its constituents.
Our goal is to help our constituents to avoid being breached by cyber-attacks and in case they would be compromised nevertheless to detect and remediate incidents as quickly as possible.
Our work in prevention consists in drawing lessons from relevant past incidents in the constituency or the broader community into best practices in hardening, configuration management and awareness raising to mitigate the risk of cyber-attacks. Prevention advice is made available through white papers, advisories and reports. Many of these can be found on our website www.cert.europa.eu.
In terms of detection and response, we try to keep abreast of the most relevant and recent threats to our constituents, convert this knowledge into technical detection rules and share these with our constituents. We also report on important trends in threats, techniques and adversaries to inform technical and senior management, and help them to take precautionary measures.
Even though CERT-EU has 30 highly trained staff at its disposal, its work would not be possible without having a strong cooperation with similar teams in the Member States and with the best experts in the commercial world.
On 10 February 2017 CERT-EU signed a Memorandum of cooperation with EASA, what does this partnership imply?
Under the agreement, CERT-EU will provide to EASA expertise and tools to help setting up threat information sharing systems for EASA's stakeholders. Both organisations will also share with each other threat information of a general nature or specific sector allowing them to alert their respective communities on new risks, issuing advice on prevention or providing overviews of important trends in the cyber-threat landscape.
This newly forged cooperation allows the two organisations to join forces and build on each other's strengths. With the help of CERT-EU, EASA will be able to concentrate on specialized aviation cybersecurity components and services while benefitting from CERT-EU's insights and products in terms of general threats.
Together, this collaborative effort will result in improved protection against intentional and malicious cyber-attacks on the critical infrastructure of air transport, creating a more secure Europe.
The cooperation directly benefits the EU citizen: now, the added value for the traveler will be a more robust security infrastructure. It directly supports the European Programme for Critical Infrastructure Protection, as reducing the vulnerabilities of critical infrastructure and increasing their resilience is one of the major objectives of the EU. In addition, this cooperative agreement will facilitate the work undertaken by the Directive on security of Network and Information Systems (the NIS Directive), which scope is to ensure a high common level of network and information security across the Union.
What do you expect from this cooperation with EASA?
I expect this cooperation to help boosting the collaboration and information sharing in the aviation sector to help mitigating the cyber risks in this critical infrastructure. In my view, it will provide added value to the aviation industry and also foster the voluntary cooperation between peers in a trusted environment.
I also hope that this cooperation will provide CERT-EU with new insights on new threats, techniques and vulnerabilities which could help us to provide a better service to our constituents.
What are the next steps?
The technical work to design and implement tools and infrastructure for EASA has already started. EASA will also make available one of its staff members to work within CERT-EU's team to foster a seamless interface between the general threat intelligence work done at CERT-EU and the more specialised and sector-specific work at EASA.
Information products like advisories, newsletters and threat landscape reports on cyber-security will also be designed, produced and disseminated to EASA's stakeholders in the coming months.
Rest assured that the signature of the agreement will not be just another piece of paper!
Freddy Dezeure graduated as Master of Science in Engineering in 1982. He was CIO of a private company from 1982 until 1987. After joining the European Commission, he has held a variety of management functions in administrative, financial and operational areas, in particular in information technology. He has set up the CERT for the EU institutions, agencies and bodies in 2011 and he has been Head of CERT-EU since then. He is a frequent keynote speaker at international conferences.