About
Articles by Dan
-
My first thoughts as The Director of a National Cyber Security Directorate
My first thoughts as The Director of a National Cyber Security Directorate
By Dan Cimpean
Activity
-
Security Affairs #newsletter Round 481 by Pierluigi #Paganini – INTERNATIONAL EDITION https://lnkd.in/dV6srDNV #securityaffairs #hacking
Security Affairs #newsletter Round 481 by Pierluigi #Paganini – INTERNATIONAL EDITION https://lnkd.in/dV6srDNV #securityaffairs #hacking
Liked by Dan Cimpean
-
Ana-Maria Georgescu de la Smart Fintech, Corina Zaharia și Nic Marius Balaceanu de la Lendrise au fost martorii primei generații de absolvenți ai…
Ana-Maria Georgescu de la Smart Fintech, Corina Zaharia și Nic Marius Balaceanu de la Lendrise au fost martorii primei generații de absolvenți ai…
Liked by Dan Cimpean
-
CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts. Mac and Linux hosts are not…
CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts. Mac and Linux hosts are not…
Liked by Dan Cimpean
Experience & Education
Licenses & Certifications
-
Cyberdiplomacy Course
United Nations Office for Disarmament Affairs
-
-
Certified in the Governance of Enterprise IT CGEIT
ISACA
IssuedCredential ID 0903060 -
Certified Internal Auditor - CIA
The Institute of Internal Auditors (IIA)
IssuedCredential ID 63771 -
ITIL® v3 Foundation Certificate in IT Service Management
Examen Instituut voor de Informatica (EXIN) Netherlands
IssuedCredential ID 803586 -
Certified Information Systems Auditor - CISA
ISACA
IssuedCredential ID 0435538
Publications
-
Women in Cyber
Deloitte
Women in Cybersecurity whitepaper by Deloitte explains how the European Cyber Security Challenge (ECSC) initiative of the European Union Agency for Cybersecurity (ENISA) serves as an enabler for achieving a more balanced cyber workforce. As a well-established platform, the ECSC is an opportunity to attract more women to the cyber profession.
Other authorsSee publication -
Good practices in innovation on cyber security under National Cyber Security Strategies (NCSS)
ENISA - European Union Agency for Cybersecurity
This report is analysing how EU Member States are approaching innovation as a strategic priority under National Cyber Security Strategies (NCSS). The analysis is structured around several aspects of innovation such as: Innovation Priorities, Industrialisation and Collaboration and Market and Policy. Each of these aspects is at the same time divided into two dimensions. Innovation priorities can be divided into Innovation in technologies and services, and into economic incentives and…
This report is analysing how EU Member States are approaching innovation as a strategic priority under National Cyber Security Strategies (NCSS). The analysis is structured around several aspects of innovation such as: Innovation Priorities, Industrialisation and Collaboration and Market and Policy. Each of these aspects is at the same time divided into two dimensions. Innovation priorities can be divided into Innovation in technologies and services, and into economic incentives and investments. Industrialisation and collaboration can be divided into industrialisation processes and activities, and stakeholders’ collaboration. Market and Policy can be divided into Market and Technology Alignment and Market regulation. Each dimension can be supported by several activities and mechanisms.
(Report executed as contractor of ENISA)Other authorsSee publication -
Good practices on interdependencies between OES and DSPs
ENISA - European Union Agency for Cybersecurity
This study is concerned with dependencies and interdependencies among Operators of Essential Services (OES) and Digital Service Providers (DSPs) as defined in the NIS Directive and addresses emerging dependencies and interdependencies across sectors.
(Report executed as contractor of ENISA)Other authorsSee publication -
Strengthening the EU’s Cyber Defence Capabilities
Centre for European Policy Studies CEPS
The CEPS Task Force on Strengthening the EU's Cyber Defence Capabilities identified a clear EU-wide interest for greater coordination and cooperation in this space. After a comparative analysis of alternative scenarios, the Task Force concluded in favour of creating an EU Cyber Defence Agency with executive competencies and therefore, the ability to develop and utilise strategic and operational capabilities at the EU level. This would mark a critical step towards a more effective and…
The CEPS Task Force on Strengthening the EU's Cyber Defence Capabilities identified a clear EU-wide interest for greater coordination and cooperation in this space. After a comparative analysis of alternative scenarios, the Task Force concluded in favour of creating an EU Cyber Defence Agency with executive competencies and therefore, the ability to develop and utilise strategic and operational capabilities at the EU level. This would mark a critical step towards a more effective and collaborative approach to enhancing cyber security and resilience in the EU.
Other authorsSee publication -
Common practices of EU-level crisis management and applicability to cyber crises - ENISA report
ENISA - European Union Agency for Cybersecurity
Based on detailed analysis of five different EU-level crisis management frameworks, this report highlights those lessons learnt from years of crisis management in five different sectors which would be applicable to the cyber domain, and provides a series of key recommendations regarding EU-level priorities to alter the outcome of the next cyber crisis.
(Report executed as contractor of ENISA)Other authorsSee publication -
Cyber Security Information Sharing: An Overview of Regulatory and Non-regulatory Approaches
ENISA - European Union Agency for Cybersecurity
This study aims to present the regulatory and non-regulatory approaches of EU Member States as well as EEA and EFTA countries to share information on cyber incidents, the different sector regulation challenges of managing cyber security issues, and their key practices in addressing them. The study identifies three types of approaches to share information on cyber security incidents: 1) traditional regulation; 2) alternative forms of regulation, such as self- and co-regulation; 3) other…
This study aims to present the regulatory and non-regulatory approaches of EU Member States as well as EEA and EFTA countries to share information on cyber incidents, the different sector regulation challenges of managing cyber security issues, and their key practices in addressing them. The study identifies three types of approaches to share information on cyber security incidents: 1) traditional regulation; 2) alternative forms of regulation, such as self- and co-regulation; 3) other approaches to enable information sharing, such as information and education schemes.
(Report executed as contractor of ENISA)Other authorsSee publication -
Supporting the CERT Community “Impact Assessment and Roadmap”
ENISA - European Union Agency for Cybersecurity
This report represents the outcome of an impact assessment of ENISA’s support to Computer Emergency Response Teams (CERTs) for the period 2005 until today. The impact assessment has served as a basis for a proposed roadmap to 2020. The key objectives of the study are to:
▪ Take stock of ENISA achievements in relation to European CERTs, and in light of relevant policy documents;
▪ Perform an impact analysis of ENISA’s achievements with regard to CERTs and other operational communities,…This report represents the outcome of an impact assessment of ENISA’s support to Computer Emergency Response Teams (CERTs) for the period 2005 until today. The impact assessment has served as a basis for a proposed roadmap to 2020. The key objectives of the study are to:
▪ Take stock of ENISA achievements in relation to European CERTs, and in light of relevant policy documents;
▪ Perform an impact analysis of ENISA’s achievements with regard to CERTs and other operational communities, and
▪ Provide a roadmap for the period leading up to 2020 based on the results of the impact analysis.
(Report executed as contractor of ENISA)Other authorsSee publication -
Feasibility study and preparatory activities for the implementation of a European Early Warning and Response System against cyber-attacks and disruptions
European Commission
The European Commission’s Directorate-General CONNECT (Communications Networks, Content and Technology) published the results of the feasibility assessment of a European-wide Early Warning and Response System against cyber-attacks and disruptions. ISBN 978-92-79-33423-8
The feasibility of the EWRS has been assessed by taking into account all relevant inputs: a) research into the current state of art in early warnings and response systems in the context of cybersecurity, b) a stock-taking of…The European Commission’s Directorate-General CONNECT (Communications Networks, Content and Technology) published the results of the feasibility assessment of a European-wide Early Warning and Response System against cyber-attacks and disruptions. ISBN 978-92-79-33423-8
The feasibility of the EWRS has been assessed by taking into account all relevant inputs: a) research into the current state of art in early warnings and response systems in the context of cybersecurity, b) a stock-taking of Member States’ requirements towards a European-wide EWRS against cyber-attacks and disruptions, c) identification of three scenarios for the architecture and scope of a European-wide EWRS against cyber-attacks and disruptions, d) Identification of milestones which need to be completed once the decision to implement a European-wide EWRS has been taken and concludes with e) recommendations for both the European Commission and the Member States on initiatives which could be started pending the adoption of the NIS Directive.Other authors -
Report on Second International Conference on Cyber-crisis Cooperation and Exercises
ENISA - European Union Agency for Cybersecurity
Involved in assisting ENISA who hosted the ‘Second ENISA International Conference on Cyber Crisis Cooperation and Exercises’ on 23–24 September 2013 in Athens, Greece. The Second ENISA International Conference on Cyber-Crisis Cooperation and Exercises was a unique high-profile international event that aimed to directly support the new cyber security strategy of the European Union by helping various constituents in their efforts to establish a more coherent cyber security policy. Additionally…
Involved in assisting ENISA who hosted the ‘Second ENISA International Conference on Cyber Crisis Cooperation and Exercises’ on 23–24 September 2013 in Athens, Greece. The Second ENISA International Conference on Cyber-Crisis Cooperation and Exercises was a unique high-profile international event that aimed to directly support the new cyber security strategy of the European Union by helping various constituents in their efforts to establish a more coherent cyber security policy. Additionally, the conference was a key knowledge sharing platform for national and governmental level cyber security experts. It also facilitated debate and information exchange, and offered networking opportunities to both technical experts and executive stakeholders.
Other authorsSee publication -
ENISA Appropriate Security Measures for Smart Grids
ENISA - European Union Agency for Cybersecurity
This technical document provides guidance to smart grid stakeholders by providing a set of minimum cyber security measures which might help in improving the minimum level of their cyber security services. The proposed security measures are organised into three (3) sophistication levels and ten (10) domains.
Other authorsSee publication -
Inventory of Computer Emergency Response Teams (CERTs) activities in Europe
ENISA - European Union Agency for Cybersecurity
This document aims to provide an overview on the actual situation concerning CERT matters in Europe. It provides a list of computer emergency response teams and similar facilities by country, but also contains a catalogue of co-operation, support and standardisation activities related to them. The CERT inventory’s new improved tabulated format shows Europe’s “digital fire brigades” by sector for each country, while the new CERTs map provides filtering capabilities for all CERT teams in the…
This document aims to provide an overview on the actual situation concerning CERT matters in Europe. It provides a list of computer emergency response teams and similar facilities by country, but also contains a catalogue of co-operation, support and standardisation activities related to them. The CERT inventory’s new improved tabulated format shows Europe’s “digital fire brigades” by sector for each country, while the new CERTs map provides filtering capabilities for all CERT teams in the wider EU geographical region. This now includes 195 CERT teams, 22 more than when the inventory was last updated in spring 2012.
An extra feature of the map is the inclusion of the General CERT Report and the National Governmental CERT Report, which provide information on the countries’ CERT teams.Other authorsSee publication -
Cyber Security Aspects in the Maritime Sector
ENISA - European Union Agency for Cybersecurity
The first EU report ever on cyber security challenges in the Maritime Sector. This principal analysis highlights essential key insights, as well as existing initiatives, as a baseline for cyber security.
Recent deliberate disruptions of critical automation systems, such as Stuxnet, prove that cyber-attacks have a significant impact on critical infrastructures. Disruption of these ICT capabilities may have disastrous consequences for the EU Member States’ governments and maritime sector.Other authorsSee publication -
Assessment of the Public Procurement System in Romania
Published by European Commission Directorate General Regional Policy
The objective of this study launched by the European Commission Directorate General Regional Policy was to assess the situation prevailing in Romania regarding public procurement with a view to identifying malfunctions and weaknesses regarding the institutional framework, applicable procedures and capacity of contracting authorities.
Other authorsSee publication -
Cloud Security Alliance Cloud Controls Matrix
Published by Cloud Security Alliance
Co-author of the Cloud Security Alliance Cloud Controls Matrix (CCM v1.2) that is specifically designed to provide fundamental security principles to guide cloud vendors and to assist prospective cloud customers in assessing the overall security risk of a cloud provider. The CSA CCM provides a controls framework that gives detailed understanding of security concepts and principles that are aligned to the Cloud Security Alliance guidance in 13 domains.
-
Analysis of Member States’ Policies and Regulations - Policy Recommendations
ENISA - European Union Agency for Cybersecurity
The report on EU Member States’ security policies and regulations for communication networks and information systems does analysis of rules, policies and practices EU Member States and EFTA countries develop and deploy with the aim to enhance resilience of their public e-Communication networks.
Provides high level and context specific recommendations to policy and decision makers on how Member States could improve their policies and activities. Identifies good practices that might serve as…The report on EU Member States’ security policies and regulations for communication networks and information systems does analysis of rules, policies and practices EU Member States and EFTA countries develop and deploy with the aim to enhance resilience of their public e-Communication networks.
Provides high level and context specific recommendations to policy and decision makers on how Member States could improve their policies and activities. Identifies good practices that might serve as “inspiring cases” to countries wishing to improve their policies and activities in certain areas.Other authors -
Measuring the uptake of ENISA deliverables in the Member States
ENISA - European Union Agency for Cybersecurity
The report includes assessment of the impact of the ENISAs output and deliverables to the respective target groups (e.g. European Union Member States, Industry, Academia, ENISA Board Members etc.
Other authorsSee publication -
CobiT® and Application Controls: A Management Guide
Published by ISACA
Co-author of this ISACA publication that provides guidance primarily for business executives business management, and IT management, as well as IT developers and implementers, internal and external auditors and other professionals on the:
- Definition and nature of application controls (addressing at least the six application controls discussed in COBIT)
- Design and operation of application controls
- Relationships and dependencies that application controls have with other controls…Co-author of this ISACA publication that provides guidance primarily for business executives business management, and IT management, as well as IT developers and implementers, internal and external auditors and other professionals on the:
- Definition and nature of application controls (addressing at least the six application controls discussed in COBIT)
- Design and operation of application controls
- Relationships and dependencies that application controls have with other controls (such as IT general controls)
- Relative responsibilities of business management and IT managementOther authorsSee publication
Projects
Languages
-
English
Full professional proficiency
-
Romanian
Native or bilingual proficiency
-
French
Professional working proficiency
-
Dutch
Elementary proficiency
Organizations
-
Cloud Security Alliance
-
- PresentLeader of the "Risk Management" track for Cloud Security Alliance workgroup that developed in the CSA Security Controls Framework for Cloud Providers and Consumers (the Cloud Controls Matrix - CCM v1.2). See: https://cloudsecurityalliance.org/research/ccm/#_version1_2
-
Information Systems Audit and Control Association (ISACA)
Speaker at ISACA conferences (NACACS, EUROCACS, ISRM)
- Present2016 Speaker EuroCACS, Information Security & Risk Management Conference ISACA, Dublin 2015 Speaker EuroCACS, Information Security & Risk Management Conference ISACA, Copenhagen 2014 Speaker EuroCACS, Information Security & Risk Management Conference ISACA, Barcelona 2013 Speaker EuroCACS, Information Security & Risk Management Conference ISACA, London - Security Forum: Data Confidentiality in the Cloud - Workshop: Cloud Computing, Audit, Risk and Control Frameworks 2012 Speaker at North…
2016 Speaker EuroCACS, Information Security & Risk Management Conference ISACA, Dublin 2015 Speaker EuroCACS, Information Security & Risk Management Conference ISACA, Copenhagen 2014 Speaker EuroCACS, Information Security & Risk Management Conference ISACA, Barcelona 2013 Speaker EuroCACS, Information Security & Risk Management Conference ISACA, London - Security Forum: Data Confidentiality in the Cloud - Workshop: Cloud Computing, Audit, Risk and Control Frameworks 2012 Speaker at North American CACS Conference, ISACA, Orlando - “Understanding and Mitigating Systems of Cloud Computing” - "Cloud Computing Audit and Assurance Issues Workshop" 2010 Speaker, North American Information Security and Risk Management Conference, ISACA, Las Vegas - “Assurance Frameworks for Cloud Computing” 2010 Speaker, European Information Security and Risk Management Conference ISACA, Vienna - “Assurance Frameworks for Cloud Computing”
Recommendations received
2 people have recommended Dan
Join now to viewMore activity by Dan
-
🇷🇴📲 Parteneriat strategic pentru România cu un gigant tech mondial: Google! În prezența Premierului Marcel Ciolacu si a lui Thomas Kurian, CEO-ul…
🇷🇴📲 Parteneriat strategic pentru România cu un gigant tech mondial: Google! În prezența Premierului Marcel Ciolacu si a lui Thomas Kurian, CEO-ul…
Liked by Dan Cimpean
-
It is key that organizations are capable of effectively addressing and recovering from a cybersecurity incident that is disrupting the availability…
It is key that organizations are capable of effectively addressing and recovering from a cybersecurity incident that is disrupting the availability…
Shared by Dan Cimpean
-
As a good practice in cybersecurity, all unnecessary operating system applications and network protocols should be disabled on the internet-facing…
As a good practice in cybersecurity, all unnecessary operating system applications and network protocols should be disabled on the internet-facing…
Shared by Dan Cimpean
-
A new week full of satisfaction and moments to remember. Wishing you a pleasant and fulfilling weekend! Continue to follow your dreams and don’t…
A new week full of satisfaction and moments to remember. Wishing you a pleasant and fulfilling weekend! Continue to follow your dreams and don’t…
Liked by Dan Cimpean
-
🌻URGENT: KYIV WE ARE HERE FOR YOU🌻 Atrocious missile attacks across Ukraine have killed at least 20 people and injured more than 50 today, with…
🌻URGENT: KYIV WE ARE HERE FOR YOU🌻 Atrocious missile attacks across Ukraine have killed at least 20 people and injured more than 50 today, with…
Liked by Dan Cimpean
-
#AI for scientific discovery is listed as one of the top 10 emerging technologies of 2024 in a new Forum report. In this article, three…
#AI for scientific discovery is listed as one of the top 10 emerging technologies of 2024 in a new Forum report. In this article, three…
Liked by Dan Cimpean
-
Let Deloitte transport you to a place where #innovation, #tech, and sports collide. Introducing the new Sports Innovation Hub by #Deloitte in…
Let Deloitte transport you to a place where #innovation, #tech, and sports collide. Introducing the new Sports Innovation Hub by #Deloitte in…
Liked by Dan Cimpean
-
Happy Independence Day! 🇺🇸 We are celebrating the 248th Anniversary of the Independence of the United States of America. What an excellent…
Happy Independence Day! 🇺🇸 We are celebrating the 248th Anniversary of the Independence of the United States of America. What an excellent…
Liked by Dan Cimpean
-
Great meeting today in Athens with European Union Agency for Cybersecurity (ENISA)'s Executive Director, @Juhan Lepassaar, and his team! This marks…
Great meeting today in Athens with European Union Agency for Cybersecurity (ENISA)'s Executive Director, @Juhan Lepassaar, and his team! This marks…
Liked by Dan Cimpean
-
At the 9th Meeting of the Governing Board of the European Cybersecurity Competence Centre (ECCC) on 27/28 June 2024 in Dublin, I said goodbye as a…
At the 9th Meeting of the Governing Board of the European Cybersecurity Competence Centre (ECCC) on 27/28 June 2024 in Dublin, I said goodbye as a…
Liked by Dan Cimpean
Other similar profiles
-
Directoratul Național de Securitate Cibernetică
Romanian Cyber Security Authority
Connect -
Maria Manuela Catrina
Cybersecurity
Connect -
Octavia Lojnita
CSPO, PMP for Crisis Management. Women4Cyber Romania Founder and Vice President
Connect -
Radu Stanescu
Connect -
Mihaela Curca
Cybersecurity Project Manager | Researcher | Political analyst | Human
Connect -
Anton-Mugurel Rog
Connect -
Sebastian Burduja
Connect -
Alina U.
Researcher, Cybersecurity
Connect -
Daniela Tapi
Projects Implementation Expert at National Cyber Security Directorate
Connect -
Octavian Popa
Manager of General Division for Institutional Partnerships | DNSC
Connect
Explore collaborative articles
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
Explore MoreOthers named Dan Cimpean
-
Dan Traian Cimpean
Director de arte en CACTUS MEDIA | Co-fundador BLOND
-
Dan Cimpean
--
-
dan cimpean
--
-
Dan Cimpean
--
16 others named Dan Cimpean are on LinkedIn
See others named Dan Cimpean