:: 
METRICA-SEC FP7-ICT-SEC-2007-1 - Joint Call ICT Security 1 29Nov07
ICT Theme:ICT-SEC-200 .1.:Technology building blocks for creating, monitoring and managing secure,resilient and always available information nfrastructures that link critical infrastructures See also the chance to opt to a Collaborative Project in the Topic: Security Theme:ICT-SEC-200 -1.0-02 Modelling and simulation for training
Abstract
Creation of a WG to reach an agreement about the metrics to be used to evaluate the IT security achieved by industry,enterprises and public administrations.
Objectives
Organisation of collaborative environment to collect contributions and initiatives
raised in Europe to promote the application of IT Security measures.
Identification of suitable indicators of the success of these initiatives,through
commonly agreed metrics.
Production of recommendations to EU Member States to launch most suitable
successful initiatives in their countries,according to metrics collected in
previous successful experiences in other countries.
The proposal will be launched as a Collaborative and Supportive action,with a
budget of 500K€ to share amongst all the partners.
So far,leadership is hold by tb-security,but since it is a SME,maybe we should
encourage a larger organisation to act as such.Manel Medina could participate
also as esCERT-UPC,and use this “independent ” head,representing an
organisation with 12 years disseminating security and evaluating security
advises to lead the proposal.
Telefonica and Isdefe have already declined the leadership.Nevertheless
Telefonica will check if one of its daughter Companies coud take this role.
5.1 Awareness of current situation in EU
5.1.1Approach
Research of on-going work in this field in EU.
Identification of relevant standards and good practices recommendations:
-ISO 2 004,Telefonica has already contributed to this standard with
some indicators,but they have been kept just as examples
-NIST,has recommended some benchmarking indicators,but they may
change depending on the goals of the benchmark,maybe we should
concentrate in some of them
5.1.2Deliverable
Organization of a workshop to set up a common understanding of the current
situation
5.2 Metric goals and approaches
5.2.1Approach
Production of a set of security indicators,rating them according to the intended
interest of security parameter to measure and the population to which it is
addressed.
This work will be done through ad-hoc working groups,each of them focused in
a particular application scenario.They will identify the needs of each scenario
and indicate the level of suitability of the general indicators for each of them.
The project will address the identification of indicators to measure the following
topics:
-User awareness level
-Risk Analysis results and deepness
-Anti-Malware update policy:frequency and wideness
-Network protection tools:use,update policy,etc.
-Legislation and regulation compliance strategy
-Business Resilience and Continuity protection plans
5.2.2Deliverable
Production of a good practices guidelines report.The report will provide tools to
identify the largest number of security breaches,and it will also propose
countermeasures to fix them.
The good practices will be classified according to the application scenario to
which they are addressed.
Please, send to us before <15Nov
1) A2 form
2) one-page profile
3) SEC technical/professional capacity
Thank you for registering with the 7th Framework Programme Electronic Proposal Submission Service (EPSS).https://www.epss-fp7.org/ FP7-ICT-SEC-2007-1 and for the Sub-Scheme CSA-CA.
Partner username : S4G7QXN9DL
Partner password : METRICASEC07
1 UPC medina@ac.upc.edu consen@consen.org
2 Telefónica benjamin.martingarcia@telefonica.es noelia.pedreiragarcia@telefonica.es juancarlos.gomezcastillo@telefonica.es
3 isdefe dfvazquez@isdefe.es
4 Sysgenic dumitru.radoiu@sysgenic.com
5 EFPC michael@efpconsulting.com
6 MUFICATA consen@consen.org
7 UPM jmanas@dit.upm.es
8 IICD AJager@iicd.org
9 VESZPROG fleitold@veszprog.hu
10 IGD Security drago@unidentity.com
Members: http://ecentres.net/og/users/918
WEKOMS 
