On September 1, the European Union Agency for Network and Information Security (ENISA) published the dates and events planned for the 2014 European Cyber Security Month (ECSM).
ECSM is an EU-based advocacy campaign that has taken place every October since 2012 across several EU member states.
From the event’s dedicated website:
ECSM aims to promote cyber security among citizens, to change their perception of cyber-threats and provide up to date security information, through education and sharing good practices.
Primary ECSM objectives center around raising awareness. Different weekly themes target private and public business owners, students, and the digital community at large in accordance with this year’s overall message: “Online security requires your participation.”
ECSM objectives derive from the EU Cyber Security Strategy and include raising “general” awareness about cybersecurity as well as “specific” awareness about NIS. The campaign also aims to involve “relevant stakeholders” including private and public actors in the online security venue.
This year’s NIS topics target different audiences and actors depending on each weekly theme:
- Week 1: Employee training, targeting public and private organizations
- Week 2: Desktop and mobile security, targeting the entire digital community
- Week 3: Programming, targeting current students
- Week 4: Cybersecurity exercises, targeting the technical experts in the industry
- Week 5: “ePrivacy,” targeting the entire digital community
The official launch event takes place in Brussels on October 1, 2014 and marks ENISA’s ten-year anniversary since its formation in 2004.
Launch event discussions all focus on the future with topics such as “Can Cybersecurity be an Economic Enabler?”, “Can we Secure Future Technologies?”, and a discussion on net neutrality. The event will also feature a live demonstration showcase. MEPs Christian Ehler (Germany) and Claude Morales (United Kingdom) are both confirmed speakers.
Official ECSM events will take place throughout the EU and will combine both national and European topics. Of particular interest include ISSA France’s crowdsourced Cybersecurity Media Kit for Journalists, “avoiding thus counter-productive media coverage of cybersecurity events in France and Europe.”
Austria has multiple Week 2 events scheduled that target contemporary youth, including a Young Researchers Day and a teaching workshop called “Safer Internet in Schools.” Czech KYBERPSYCHO on October 15 “will focus on the most actual threats related to online environment and also on the analysis of criminal cases and cyber incidents provided by professional speakers.”
Hack.lu 2014 is an open Luxembourg-based security conference scheduled for Week 4 (the 21st through 24th of October). According to the ECSM events page, “the aim of the convention is to make a bridge of the various actors in the computer security world” including professional and academic computer scientists. This year’s Hack.lu theme draws from a paper by Gregory Conti titled “Why Computer Scientists Should Attend Hacker Conferences” and encourages collaboration between technological researchers and the broader hacker community.
Week 5 closes out with a five-day ENCS Advanced Cybersecurity Course at The Hague. The course covers industrial control systems and smart grid security. It ends with a “red team/blue team” practical exercise whereby one team protects a theoretical chemical company while the other attempts to attack and disrupt the production process.
The first ECSM took place as a pilot program in 2012 across only eight member states: the Czech Republic, Luxembourg, Norway, Portugal, Romania, Slovenia, Spain, and the United Kingdom. Both ENISA and the European Commission supported the pilot program intended to raise awareness about both cybersecurity in general and, in particular, NIS topics of interest.
A final synthesis report determined that the pilot was a success and concluded “the significant experience of the ECSM’s participating countries and their commitment to achieving long-lasting change in human behaviour and perception of risks were the two key elements that led to a successful project.”
This year’s ECSM takes place in the context of a recent agreement between ENISA and Europol for the “exchange of expertise” regarding cybersecurity and cybercrime. The strategic cooperation agreement includes information exchange, analytic reports, and “training and awareness raising.” ENISA executive director Udo Helmbrecht and Europol director Rob Wainwright issued a joint statement:
This agreement is an important step in the fight against ever more skilled cyber criminals who are investing more time, money and people on targeted attacks. Our agreement demonstrates that we are highly committed to jointly contributing within our respective areas of expertise, and to support each other’s work in the quest to make Europe a safer place online.