Tag: cyberattacks

How to map the Cybersecurity Threat Landscape? Follow the ENISA 6-step Methodology

Agency News, Cyber Security CII sector, Industry News

The cybersecurity threat landscape methodology developed by the European Union Agency for Cybersecurity (ENISA) aims at promoting consistent and transparent threat intelligence sharing across the European Union.

With a cyber threat landscape in constant evolution, the need for updated and accurate information on the current situation is growing and this a key element for assessing relevant risks.

This is why ENISA releases today an open and transparent framework to support the development of threat landscapes.

The ENISA methodology aims to provide a baseline for the transparent and systematic delivery of horizontal, thematic and sectorial cybersecurity threat landscapes (CTL) thanks to a systematic and transparent process for data collection and analysis.

Who can benefit from this new methodology?

This new methodology is made available to ENISA’s stakeholders and to other interested parties who wish to generate their own cyber threat landscapes. Adopting and/or adapting the proposed new CTL framework will enhance their ability to build situational awareness, to monitor and to tackle existing and potential threats.

ENISA will also be using this new methodology to deliver an enhanced annual ENISA Threat Landscape (ETL). It will also be used to generate technical or sectorial threat landscapes.

How does the methodology work?

The framework is based on the different elements considered in the performance of the cybersecurity threat landscape analysis. It therefore includes the identification and definition of the process, methods and tools used as well as the stakeholders involved.

Building on the existing modus operandi, this methodology provides directions on the following:

- defining components and contents of each of the different types of CTL;
- assessing the target audience for each type of CTL to be performed;
- how data sources are collected;
- how data is analysed;
- how data is to be disseminated;
- how feedback is to be collected and analysed.

The ENISA methodology consists of six main steps with feedback foreseen and associated to each of these steps:

1. Direction;
2. Collection;
3. Processing;
4. Analysis and production;
5. Dissemination;
6. Feedback

This CTL methodology has been validated by the ENISA ad-hoc working group on the Cybersecurity Threat Landscape (CTL WG). The group consists of European and international experts from both public and private sector entities.

Leave a comment , , , ,

NCSC joins industry to offer unprecedented protection for public from scams

Agency News, Cyber Security CII sector, Industry News

CITIZENS across the UK are set to benefit from a landmark partnership between government and industry which will see access to scam websites instantly blocked.

A new data sharing capability developed by the National Cyber Security Centre (NCSC) – a part of GCHQ – in collaboration with industry partners will present Internet Service Providers (ISPs) with real-time threat data that enables them to instantly block access to known fraudulent sites.

The new capability is being made available to all ISPs operating in the UK and will significantly bolster the nation’s ability to protect citizens from cyber criminals. In due course, even more defenders will be invited to join, including browser and manager service providers.

The NCSC has previously highlighted the problem of scam websites, including fake news pages where celebrities such as Ed Sheeran and Sir Richard Branson appear to be endorsing investment schemes that seek to trick people into parting with their money.

Leave a comment , , ,