europe

Awen is Cybersecurity Made in Europe

As of 11th March 2021, Awen Collective has received the “Cybersecurity Made in Europe” mark after meeting the requirements outlined by the European Cyber Security Organisation (ECSO).

 
 

The label is issued across Europe somewhat geographically via ECSO Authorised partners. Our issuer was Cyber Wales CIC, which Awen has been a member of since our very earliest days as a business.

 
 


The requirements include ensuring compliance to the “Indispensable baseline security requirements for the secure ICT products and services” by ENISA, which we easily achieved thanks to our existing CyberEssentials+ certification and our in-depth expertise around the NIS Directive, the Cyber Assessment Framework (CAF), ISO 27001 and IEC 62443.

 
 

This ECSO label is very important for us, as we have always considered ourselves as being Made in Wales, Made in Britain and Made in Europe. Every single line of code in our products is developed by us here in Wales, and we are dedicated to making society safer by increasing the cyber resiliency of our critical national infrastructures (and other industrial sectors) in Wales, the United Kingdom, The Netherlands, right across Europe and internationally.

The ECSO label is fast becoming a mark of both quality and trust - and we are honoured and very pleased to be one of the first to have received it.

Profile is a compliance checking and improvement tool which was built specifically with the UK and EU-wide NIS Directive in mind.

Dot is a software system for asset discovery and cyber vulnerability analysis built specifically for Operational Technologies (OT) such as Industrial Automation and Control Systems (IACS), as well as for the specific constraints of industrial engineering processes.

If what we are doing in the UK, Europe and internationally is of interest, then please do contact us today.

Collaboration across EU helps cyber-security of society

wales-belgium.png

Awen Collective has produced a Software-as-a-Service product called Profile which makes it much quicker and easier for Critical National Infrastructure, their partners and their regulators to perform audits to ensure regulatory compliance to the NIS Directive. We are also actively working on other projects for some of our continental partners.

The NIS Directive is a European Union directive that has, as of 2018, been implemented in law in all 28 member states of the EU (including the UK). This regulation provides a much needed prompt to European critical infrastructure providers to improve the cyber-security policies, processes and technologies within their whole organisation – from board member to engineer, from IT to Operational Technologies (OT).

However, it is not the only good thing that the European Union has done or is doing in regard to cyber-security in general and industrial cyber-security in specific. We don’t even need to mention GDPR. This blog post outlines some of the other great initiatives.

Europe-wide Cyber-Security Initiatives & Programmes

European Union Agency for Network and Information Security (ENISA) – is a great organisation (or agency) which contributes to the network & information systems security across Europe, with a particular focus on ensuring the security and safety of European society, commerce and government. It is a very holistic organisation, very much worth checking out if you have not heard of them. ENISA has done so well over the years, that the EU decided to enhance the powers of ENISA through the Cybersecurity Act of December 2018.

The Computer Emergency Response Teams for the EU institutions, agencies and bodies (CERT-EU). It provides threat intelligence and assistance in the prevention, detection, mitigation and response to cyber-attacks by providing a cyber-security information exchange. It works closely with other CERTs in the public & private sectors across Europe.

The European Cyber Crime Centre (EC3) is a division of the EU agency for law enforcement cooperation (EUROPOL). EC3 assists with the law enforcement response to cyber-crime across the EU, with particular focus on strategy, forensics and operations/intelligence. EC3 publishes the Internet Organised Crime Threat Assessment report, which highlights some interesting information.

The European Cybersecurity Industrial, Technology and Research Competence Centre (ECITRCC) is a policy-driven centre focused on the European digital market. It will contribute to the deployment of the latest cyber-security technology, provide financial & technical support to cyber-security start-ups & SMEs, it will support industrial R&D, push high-levels of cyber-security standards and facilitate cooperation between civil & defence spheres in regard to cyber-security. It is too early to say how effective the Centre will be, but it seems to be very promising.

There is also a significant number of funded R&D initiatives across Europe through the Horizon 2020 framework, which require collaboration from different organisations in at least a few member states and typically support a mixture of SMEs, universities, larger organisations and the public sector across Europe.

Plus much more…

All of the above combine to help everyone to live and work in Europe safely and securely.

What are Awen doing?

Awen have built software to provide solutions to an international problem. One product, Profile, addresses the NIS Directive directly and is naturally a European-focused product. Contact us today to organise a demonstration of Profile. Email: hello@awencollective.com