ENISA puts smart devices and IoT on top of European security agenda

EU infosec body broadens remit with funding into car, healthcare and airport IT security research.

Internet of Things attacks unlikely - but the cloud is another matter
Internet of Things attacks unlikely - but the cloud is another matter

The security of the Internet of Things, vehicles, airports and healthcare will be part of a wider focus of EU-backed infosec organisation ENISA's work next year.

In an announcement by the European Union Agency for Network and Information Security (ENISA), a new work programme was detailed which will include research into the security of smart buildings, cars, healthcare and IoT security. The announcement was made during ENISA's Cyber Security Month.

It said it would continue “its work on established priorities such as the pan-European cyber-security exercises, critical information infrastructure protection (CIIP), support for implementation of Security & Data Breach notification obligations, the EU Cybersecurity Month and the work that ENISA has done in supporting the CERT community, while broadening its scope in areas including, smart cars, smart airports and smart hospitals, with new studies in health and security of IoT”.

It said that its work has the capacity to boost the EU infosec market it said was worth €20 billion, and growing at six percent CAGR as well as protecting economic assets within Europe estimated at €640 billion.

The organisation pointed to the growing security threat around IoT as the volume of IoT devices worldwide continues to increase. It referenced a Gartner report that forecast the number of connected devices, including intelligent transport systems and smart health services, will reach 25 billion by 2020.

Among the potential threats outlined were machine-to-machine communication which was identified as a threat to organisations, homes and public infrastructure if security around these were breached.

ENISA will also look at smart cars and intelligent roads, but not public transportation. It said it would identify smart car and vehicle manufacturers and operators and will take stock of cyber-security risks and challenges introduced by the use of IoT devices.

It will also look at smart airports including testing supply-chain integrity, identifying major airports that develop and operate smart services and taking stock of the security challenges arising from the usage of these services.

ENISA will not only be looking for security vulnerabilities but also will be formulating policies that the EU can standardise around in the future.

ENISA's executive director Udo Helmbrecht said: "The management board adopted a challenging work programme for 2016, given the limited resources of the agency and the rapidly evolving cyber landscape.

"The agency is in the unique position to support the digital single market initiative by providing the solutions and knowledge for investment and deployment of electronic services in the EU internal market, supporting the economic benefits of Europe from the cyber market creating value from effective security," he added.

Sign up to our newsletters