Critical Infrastructure Protection (PIC) in Europe, and indeed all over the world, is essential in maintaining good social and economic order, and in particular the security and well-being of civilians.
As highlighted in report 162 CDS 07 of the NATO parliamentary assembly, “In the current security environment, CIP efforts cannot remain isolated. Many critical sectors – transport, energy, information and communication – are increasingly globalized and interconnected.”
Launched in 2006 by the European Commission, the European Programme for Critical Infrastructure Protection (EPCIP) testifies to awareness at the very highest level of the need for coordination between Member States and Essential Operators in order to reinforce the security of these infrastructures, especially those that if shut down or destroyed would affect several States.
The Critical Infrastructure Warning Information Network (CIWIN) constitutes one of the first collaborative measures implemented within the framework of the EPCIP programme. Indeed, since January 2013, a digital portal enables European players in the field of CIP to exchange information on vulnerabilities and threats and also to share good CIP practices.
Launched on 1st June 2014, ECOSSIAN – “European COntrol System Security Incident Analysis Network” is a logical continuation of this process. It also contributes to the worldwide initiatives on cyber security of Industrial Control Systems and Smart Grids.
ROLE OF BERTIN IT
Leading the definition of ECOSSIAN‘s architecture and security functions, Bertin IT also lends its expertise to the management of data exchange between different computer environments of varying sensitivity levels.
At the end of February, Bertin IT delivered the first document describing the overall architecture of ECOSSIAN and since then has begun work on the detailed specifications that will be provided at the end of this year.
Bertin IT is also experimenting with secure gateways that will enable the interconnection of systems of differing sensitivity levels and also guarantee the security and anonymity of exchanges between critical infrastructures and national or European SOCs.
Development of the framework of these gateways has begun and will continue into 2016.