While I was looking after some resources for a presentation, I found this interesting lecture from ENISA.   Advancing Software Security in the EU Download PDF document, 622 KB This study discusses some key elements of software security and provides a concise overview of the most relevant existing approaches and standards while identifying shortcomings associated with the secure software development landscape, related to different inherent aspects of the process. Lastly, it provides a number of practical considerations relevant to the different aspects of software development within the newly established EU cybersecurity certification framework and the EU cybersecurity certification schemes. Fundamental security principles are often overlooked during software development. This is because Security is a non functional feature. Functional requirements are about behaviour of the system towards the outside world (e.g. a user), whereas non-functional requirements are mainly about the internal mechanisms. Many of the security requirements are non-functional; for example on how to store passwords in a database. Security requirements originate from different sources, such as – explicit functional and non-functional requests from user(s), – requirements and obligations originating from the underlying legal framework – requirements that are considered as best practices, company policies, in widely accepted guidelines, from threat…

Cyber Security is a Shared Responsibility: October is Cyber Security Month

The 3rd consecutive year, celebrating the European Cyber Security Month (ECSM) through-out October, has just been kicked-off in Brussels.     Here is the agenda: WEEK 1 Cyber Security Training for Employees WEEK 2 Creating a Culture of Cyber Security at Work WEEK 3 Code Week for All WEEK 4 Understanding Cloud Solutions for All WEEK 5 Digital Single Market for All   In the Activities page, depending of where you are, you can filter which activities to see: Germany, USA If you’re a hand-on cyber security professional, you may want to start with the Toolbox. In the awareness files you can find some nice posters like the one below:

No Image

ENISA’s Innovative tools for creating an engaging user awareness programme

ENISA -the European Network and Information Security Agency, working for the EU Institutions and Member States. ENISA is the EU’s response to these cyber security issues of the European Union. As such, it is the ‘pace-setter’ for Information Security in Europe, and a centre of expertise. The objective is to make ENISA’s web site the European ‘hub’ for exchange of information, best practices and knowledge in the field of Information Security. This web site is an access point to the EU Member States and other actors in this field.  ‘ENISA- Securing Europe’s Information Society’. Enisa’s illustrations are great tools for any organisation raising the awareness of correct information security policy and procedures associated with their work. ENISA has created illustrations which will capture your employee’s attention to security risks and remind them of the related golden rules. By placing the illustrations in common areas and meeting points you could educate your employees efficiently on different security topics every day. The ENISA illustrations are available for download and use in any information security training programme, awareness activity and company website.     Illustration 1 Illustration 2 Illustration 3     Illustration 4 Illustration 5 Illustration 6     Illustration 7 Illustration 8…

%d bloggers like this:

By continuing to use the site, you agree to the use of cookies and to its Privacy Policy more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.