EU will fund car, hospital and airport IT security research

ENISA, the EU network security agency, has added smart vehicles, airports and hospitals to its remit

Smart cars, airports and hospitals are likely to increasingly become targets for hackers -- and now the European Union's Agency for Network and Information Security (ENISA) has them in its sights too.

The agency has added intelligent transport systems and smart health services to its remit for 2016. It plans to analyse the security risks inherent in their communications networks, and wants governments to take up its recommendations for securing them by 2017, it said Monday.

The research will focus on the problems posed by the introduction of smart objects and machine-to-machine communications to replace humans in airport supply chains, whether that's for the delivery of spare parts to aircraft, luggage to conveyor belts or bottled water to airport stores.

In transport, ENISA will focus on smart cars and intelligent roads, but not public transportation. The stakes here are high as European countries decide whether to allow self-driving cars on to public roads, and where it has been shown that even nominally human-controlled cars can be remotely controlled by attackers.

Health care is another area ripe for research, as manufacturers discover that obscurity does not provide sufficient security for remotely programmable prosthetic devices such as pacemakers or insulin pumps. Patients willingly increase the potential that information about their health will leak by constantly wearing fitness trackers or similar gadgets. If companies such as Theranos convince regulators to let them move hundreds of laboratory tests into a single computerized box, even diagnostics could become a focus for medical blackmail or life-threatening disruption. ENISA will look at the cybersecurity risks in the communication systems in and between hospitals, cloud service providers, insurance companies and smart laboratories.

While the organization tends not to hunt for software security vulnerabilities itself, it plays a role in aggregating information about the many threats to critical infrastructure and helping governments and businesses plan their responses.

Airports, hospitals and cars figure in ENISA's 2016 work program. In previous years, it has conducted similar studies of smart grids, smart homes and Internet infrastructure.

Join the CSO newsletter!

Error: Please check your email address.

More about Smart

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Peter Sayer

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place