Greece have not yet implemented a cybersecurity strategy.
National Cyber Security Strategy
|Year of adoption||Greece have not yet implemented a national cybersecurity strategy, however according to the European Union Agency for Network and Information Security, Greece is in the process of preparing a cybersecurity strategy.|
|Updates and revisions||N.A.|
As for cybercrime legislation, there is no uniform legal framework, but rather only fragmentary provisions (for example computer fraud) in the Penal Code and other laws, such as the law on data protection and the law of property intellectual.
In repsonse to the the EU Critical Infrastructure Directive (2008/114/EC), Greek adopted a specific national law on Critical Infrastructure Protection through the Presidential Decree 39/2011 (Greek language).
The Hellenic Authority for Information and Communication Security and Privacy is the primary body responsible for network and information security in Greece. The National Intelligence Service (NIS) is responsible for matters relating to information and network security while the Directorate of Cyber Defence is responsible for cyber warfare and liaises with the NIS and the Greek police.
The Greek Cybercrime Centre is a national project aimed primarily at improving research and education in the area of cyber attacks.
|Risk assessment plan||There is no legal obligation for companies to report cybercrime incidents to the authorities.|
Current status: NIS Directive and national CERTs/CSIRTs
Greece has an officially recognized national CERT known as the National Authority against Electronic Attacks (NAAEA)
NAAEA is the agency responsible for encountering-protecting mainly the Public Sector along with the Critical National Infrastructures as established by Bill 3469/2008 and Presidential Decree 126/2009.
FORTH CERT is the Incident Response Team of the Foundation for Research and Technology - Hellas, one of the leading scientific organization in Greece.
A.U.Th.-CERT is the incident response team security aims to inform the academic community in security and computer networks. It also aims to address security threats to computers and networks.
Greece conducted two rounds of national exercises in 2010 and 2011 and participated in the NATO Cyber Defence Exercise of 2010 and 2011.
|Report an incident||
NAAEA PGP Fingerprint and email address.
FORTH CERT reporting form for cyber incidents.
A.U.Th.-CERT public key for encryption and email address.
|Date of last WISER analysis||September 2016|