Tightening cybersecurity for critical European infrastructure and networks

Share this post:

With cyber attacks on the increase around the world, the need for greater cybersecurity resilience is crucial. It is of the utmost importance when it comes to vital infrastructures and networks such as power grids, financial and transportation systems. 

Digital technologies are the backbone of our society and economy. The consequences of critical infrastructure outages due to a cybersecurity incident – be it from a cyber attack or from human error, a catastrophic weather event or technical failure – are becoming bigger and more complex to deal with.

As we have gone digital so have the criminals. Governments and the private sector rightly have identified the need to continue to focus and grow capabilities.

With the European Union’s (EU) soon to be approved Network and Information Security (NIS) Directive, Europe has taken a step in the right direction. For the first time, network and information systems throughout the EU will benefit from a graded and harmonised approach to cybersecurity.

The directive provides a solid basis for better collaboration between governments; it concentrates on highly critical infrastructures and networks such as power grids, financial and transportation systems and it allows for continued investment in private-sector R&D.

The directive’s risk-based approach makes a clear distinction between digital services and critical infrastructures, thus allowing national authorities and critical infrastructure operators to better prioritise their efforts. This means that Europe can focus efforts on those infrastructures which carry the most socio-economic risk.

The directive establishes a series of graded thresholds for reporting cyber incidents. Such an approach is appropriate and will improve responses to genuine cyber threats.

However, cybersecurity requirements continuously evolve over time. All organisations – not just critical infrastructure operators – need to be vigilant and plan for cybesecurity resilience.

IBM is taking concrete steps to help our clients, governments and partners address such evolving cyber threats. Our X-Force Exchange platform allows cybersecurity experts to access a vast database of cyber threat data and share insight into the latest attacks.

According to the latest IBM X-Force Threat Intelligence Quarterly report, 2015 has been a challenging year for cybersecurity as insider threats, malware and stealth attacks affected enterprises. The top four cyber threat trends of 2015 and a lot more besides are highlighted in the report: http://ibm.co/1OJkd8

According to the United Nations, 80% of cyber threats involve highly-organised criminal networks that actively share tools and information. This underscores the need for better sharing and coordination between the cybersecurity professionals working to defeat them.

Sharing technical information such as malware code, malicious IP addresses and information about product vulnerabilities and the techniques used to exploit them can boost cybersecurity resilience.

Initiatives like the NIS Directive are a good start, but around the world more legal clarity is necessary to scale cyber threat information sharing to the levels required.

###

More stories

A New Public-Private Partnership to Advance Cybersecurity in France

IBM today opened its new Security Operations Center (SOC) in Lille, France. The SOC offers security incident and response services to organisations that are at the heart of the French society and economy. Operating 24 hours a day, seven days a week, the security center team will monitor the latest security events, assess their potential impact […]

Continue reading

IBM Statement on Filing an Amicus Curiae Brief in the United States Supreme Court

IBM issued the following statement on filing an amicus curiae brief in the United States Supreme Court: “Changes in technology move faster than changes in the law, and when the law addresses new technology it must consider not only the immediate facts of the case at bar, but also the potential implications that a legal […]

Continue reading

IBM Letter to House Judiciary Committee on Anti-Sex Trafficking Bill

IBM today urged leadership of the House Judiciary Committee to align its anti-sex trafficking legislation with a parallel Senate bill.

Continue reading