ENISA released a Tool to map dependencies to International Standards

Pierluigi Paganini April 06, 2020

The European Agency for Cybersecurity ENISA has released a tool for the mapping of international security standards to interdependencies’ indicators.

ENISA has released a tool for the mapping of international security standards to interdependencies’ indicators that have been introduced and demonstrated in the report Good practices on interdependencies between OES and DSPs.

This ENISA report analyzed the dependencies and interdependencies between Operators of Essential Services (OES) and Digital Service Providers (DSPs), experts also identified a set of indicators to assess them.

“These indicators are mapped to international standards and frameworks, namely ISO IEC 27002, COBIT5, the NIS Cooperation Group security measures and NIST Cybersecurity Framework.” reads the announcement published by ENISA.

The report addresses the risks associated with the increasing digitalisation of services in all major sectors by analyzing the increasing level of cyber (inter)dependencies on digital infrastructures and DSPs.

“Integrating the assessment of (inter)dependencies in an overall risk management process is a complex process, particularly in the case of cross-sector or cross-border dependencies and interdependencies.” continues ENISA.

“The following framework was used to identify, analyse these interdependencies and then define the (inter)dependencies’ indicators.”

ENISA tool

The tool was designed to help Operators of Essential Services (OES), Digital Service Providers (DSPs), National Competent Authorities (NCAs).

According to the EU agency, the tool contributes to the NIS Directive (Article 3) objective for a common and converged level of security in network and information systems at EU level.

The tools would allow operators to:

  1. Describe the interdependencies among OES and DSP in a straightforward  and comprehensive manner;
  2. Easily identify risk assessment practices for the evaluation of the potential impact of interdependencies;
  3. Define good practices for assessing interdependencies stemming from international standards and frameworks.

The tool is available at the following address: the Interdependencies between OES and EDPS – Tool

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – risk assessment, ENISA)

[adrotate banner=”5″]

[adrotate banner=”13″]



you might also like

leave a comment