U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

ENISA released a Tool to map dependencies to International Standards

The European Agency for Cybersecurity ENISA has released a tool for the mapping of international security standards to interdependencies’ indicators. ENISA has released a tool for the mapping of international security standards to interdependencies’ indicators that have been introduced and demonstrated in the report Good practices on interdependencies between OES and DSPs. This ENISA report analyzed […]

ENISA tool

The European Agency for Cybersecurity ENISA has released a tool for the mapping of international security standards to interdependencies’ indicators.

ENISA has released a tool for the mapping of international security standards to interdependencies’ indicators that have been introduced and demonstrated in the report Good practices on interdependencies between OES and DSPs.

This ENISA report analyzed the dependencies and interdependencies between Operators of Essential Services (OES) and Digital Service Providers (DSPs), experts also identified a set of indicators to assess them.

“These indicators are mapped to international standards and frameworks, namely ISO IEC 27002, COBIT5, the NIS Cooperation Group security measures and NIST Cybersecurity Framework.” reads the announcement published by ENISA.

The report addresses the risks associated with the increasing digitalisation of services in all major sectors by analyzing the increasing level of cyber (inter)dependencies on digital infrastructures and DSPs.

“Integrating the assessment of (inter)dependencies in an overall risk management process is a complex process, particularly in the case of cross-sector or cross-border dependencies and interdependencies.” continues ENISA.

“The following framework was used to identify, analyse these interdependencies and then define the (inter)dependencies’ indicators.”

ENISA tool

The tool was designed to help Operators of Essential Services (OES), Digital Service Providers (DSPs), National Competent Authorities (NCAs).

According to the EU agency, the tool contributes to the NIS Directive (Article 3) objective for a common and converged level of security in network and information systems at EU level.

The tools would allow operators to:

  1. Describe the interdependencies among OES and DSP in a straightforward  and comprehensive manner;
  2. Easily identify risk assessment practices for the evaluation of the potential impact of interdependencies;
  3. Define good practices for assessing interdependencies stemming from international standards and frameworks.

The tool is available at the following address: the Interdependencies between OES and EDPS – Tool

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – risk assessment, ENISA)

[adrotate banner=”5″]

[adrotate banner=”13″]