Greece Last Updated: September 2021 CYBERSECURITY POLICY Strategy Documents Εθνική Στρατηγική Κυβερνοασφάλειας 2020 – 2025 (National Cybersecurity Strategy 2020-2025) ΕΘΝΙΚΗ ΑΡΧΗ ΚΥΒΕΡΝΟΑΣΦΑΛΕΙΑΣ (National Cybersecurity Authority) Source Source 2 7 December 2020 STRUCTURE National Centre or Responsible Agency Εθνική Υπηρεσία Πληροφοριών - ΕΥΠ (National Intelligence Service) (EYP) Designated as National Authority against Electronic Attacks, competent for preventing and statically and actively dealing with electronic attacks against communication networks, information storage facilities and computer systems, pursuant to the provisions of article 2 (3) of Presidential Decree 325/2003. Source 9 May 1953 National Cyber Security Authority Ministry of Digital Policy, Telecommunications and Media Mandate includes: Monitoring and implementing the National Cyber Security Strategy, Coordinate with stakeholders from the public and private sector to implement its mandate. Source 10 August 2017 (established by Presidential Decree N.82 of) Dedicated Agencies and Departments Directorate of Cyber Defence Hellenic National Defence General Staff Responsible for defending against acts of cyberwarfare, and for the coordination of cyberdefence exercises. Source Source 2 2013 Cyber Crime Division Hellenic Police Division within the Hellenic Police dedicated to cybercrime; Mission includes the prevention, investigation, and repression of crimes committed through the Internet or other means of electronic communications. Source 2014 Greece Last Updated: September 2021 Hellenic Authority for Communication Security and Privacy (ADAE) Independent authority Purpose is to protect the free correspondence or communication in any possible way. Source 2003 National CERT or CSIRT National Authority Against Electronic Attacks (NAAEA) - National CERT National Intelligence Service Tasked with attending to the prevention as well as the passive and active encounter of electronic attacks against communication networks, data storage facilities and IT systems; Responsible for processing the data and notifying the competent authorities. Source Source 2 3 March 2008 Hellenic Computer Security Incident Response Team (CSIRT) Source LEGAL FRAMEWORK Legislation Presidential Decree N. 82 of 2017 Ministry of Digital Policy, Telecommunications and Media Outlines the composition of the Cybersecurity Division (Article 15) of the Ministry; Establishes and mandates the National Cyber Security Authority to monitor, implement and bear overall responsibility for the National Cyber Security Strategy. Source 10 August 2017 Law 4411/2016 (FEK 142/03.08.2016) Transposes the Directive 2013/40/EU of the European Parliament and of the council of 12 August 2013 on attacks against information systems into Hellenic Law, and replacing the Council Framework Decision 2005/222/JHA. Source 3 August 2016 Law N. 3649/2008 National Intelligence Service Created the National Intelligence Service; Greece Last Updated: September 2021 Designated the Service as National Authority against Electronic Attacks, competent for preventing and statically and actively dealing with electronic attacks against communication networks, information storage facilities and computer systems Source Source 2 3 March 2008 Law N. 2472/1997 Law on the protection of individuals from the elaboration of personal data; Source 1997 (adopted); 2006 (amended) Penal Code Article 370C§2: Unauthorized access to data recorded in a computer or in the external memory of a computer or transmitted by telecommunication systems. If the act concerns the international relations or the security of the State, he shall be punished according to Article 148 (on spying) Source COOPERATION Multilateral Agreements Budapest Convention PARTY Source 1 May 2017 (entry into force) UN Processes Expressed views to the Annual Report of the UN Secretary-General on Developments in the Field of Information and Telecommunications in the Context of International Security Source 2010, 2011, 2017 Expressed Views at the Open-Ended Working Group on Developments in the Field of Information and Telecommunications in the Context of International Security Source 2019/2020 Bilateral and Multilateral Cooperation Permanent Structured Cooperation on security and defence (PESCO) European Union Member; Comprises two projects on cybersecurity out of 17 projects: (1) cyber threats and incident response information sharing platform; and (2) cyber rapid response teams and mutual assistance in cyber security. Source Greece Last Updated: September 2021 11 December 2017 (decision adopted by the European Council on) Cooperation discussions, Greece-Cyprus Ministry of Public Order and Citizen Protection Discussions with Cyprus' Justice Minister, including on cyber security and the need for more specialised knowledge and ways to address these challenges. Source 26 July 2017 Select Activities European Union Agency for Cybersecurity (ENISA) ' ENISA is based in Greece; The EU’s agency dedicated to achieving a high common level of cybersecurity across Europe. Source 2004 Membership European Union (EU) International Telecommunications Union (ITU) North Atlantic Treaty Organization (NATO) Organization for Security and Co- operation in Europe (OSCE) United Nations (UN).