Recommendations from ENISA not to dismantle networks such as 2013


Ο ENISA, the European Network and Information Security Agency based in Crete publishes its recommendations on secure procurement to secure electronic communication as well as electronic communications services. It thus seeks to reduce the risks posed by 2013 to European fixed and mobile telephony networks, since it also finds that providers are increasingly reliant on third-party services.Recommendations by ENISA

The European Network and Information Security Agency (ENISA) today publishes two reports:

(a) the report "Safe signing of secure electronic communications contracts", highlighting the increasing dependence of providers on ICT products and outsourced services, and it also analyzes the associated security risks involved in this process.

b) the "Guide to safe procurement of ICT for providers of electronic communications services", which aims to be a practical tool for providers to better address security risks when dealing with sellers and suppliers of products and outsourced ICT services.

The report entitled "Secure conclusion of ICT contracts for secure electronic communications" follows the latest edition of the Annual Incident Report, which provides a comprehensive analysis of security incidents leading to serious outages, primarily due to products and outsourced services. Third-party ICT, especially in the field of hardware failures and software code errors.

This year's report is the result of ENISA's cooperation with providers and vendors in an effort to address these issues.
The main issues posed by electronic communications providers are, among other things:

  •     The lack of security controls on the part of the seller
  •     Software vulnerabilities in ICT products or services
  •     Non-compliance with contract security requirements
  •     Lack of support from sellers in case of incidents
  •     The small bargaining power of the providers
  •     The lack of framework or guidance for providers in contracting and outsourcing

In this context, ENISA provides general recommendations and includes the results of research conducted on electronic communications providers and ICT vendors. Recommendations to Member States include raising awareness of the security risks associated with contracting ICT products and services. In addition, vendors and providers are encouraged to develop a collaborative approach to setting security requirements, sharing information on security vulnerabilities and threats, and mitigating incidents.

Guide to safe procurement of ICT for providers of electronic communications services

The Guide assigns security risks to the full framework of security requirements that vendors can use as a procurement tool while examining security risks for core services in communications networks and services.

Professor Udo Helmbrecht, Executive Director of ENISA, commented: "Every year we see from the annual incident report that third-party ICT products and services are a major cause of downtime. A simple software code error can have a serious impact on the availability of internet and telephony services, and providers are not always able to solve such issues quickly. The ICT Security Guide we publish today is a practical tool that will help providers to buy ICT products and services from vendors and suppliers with the necessary security requirements. "

RSS Technology: Analyzes

Registration in iGuRu.gr via Email

Enter your email to subscribe to the email notification service for new posts.


Read them Technology News from all over the world, with the validity of iGuRu.gr

Follow us on Google News iGuRu.gr at Google news