| Author (Person) | Davies, Eric |
|---|---|
| Publisher | ProQuest Information and Learning |
| Series Title | In Focus |
| Series Details | 11.2.03 |
| Publication Date | 11/02/2003 |
| Content Type | News, Overview, Topic Guide | In Focus |
|
On 10 February 2003 Commissioner Erkki Liikanen announced that the European Commission has drafted a Regulation intended to establish a European Network and Information Security Agency. The Agency would be a centre of competence on matters relating to cyber security. Its expertise would be available to EU institutions and to Member States. Society now relies heavily on computer-based communications networks. Citizens, businesses and public administrations are all affected. Public transport systems and water and power supplies are controlled by computers. National and local governments are increasingly moving to 'e-government'. Over 90% of EU businesses are connected to the internet, as are about 40% of households. As technologies become more sophisticated and society's dependence on them increases, it becomes more vulnerable to breakdowns and to malicious attacks. The move to broadband technology, which allows permanent internet connections ('always on'), is cited as an example of increasing users' vulnerability and something which demands enhanced security. In his speech, Commissioner Liikanen defined network and information security as: 'the ability of a network or an information system to resist, with a given level of confidence, accidental events or malicious actions that compromise the availability, authenticity, integrity and confidentiality of data and the related services offered by or accessible via these networks and information systems'. Although the Commission issued a Communication on network and information security in June 2001, security concerns raised in the wake of the 11 September 2001 terrorist attacks have given the issue an added sense of urgency. The June 2002 Seville European Council endorsed the eEurope 2005 Action Plan, which called for a Cyber Security Task Force to be set up by mid 2003. That idea appears to have been replaced by the current proposal for a European Network and Information Security Agency to be created. The 2005 Action Plan also called for a 'culture of security' to be achieved by the end of 2005. There are three main elements of EU activities related to network and information security:
Although public and private organisations in the Member States - and elsewhere - already gather data on information security issues, there is no central EU-level body coordinating their work. In this context, Commissioner Liikanen said: 'The EU will benefit from increased co-ordination between Member States to achieve a sufficiently high level of security in all Member States. The European Network and Information Security Agency will build on national efforts to enhance network and information security and to increase the ability of Member States and EU Institutions to prevent and respond to network and information security problems.' The Commission proposes that the Agency should be managed by an Executive Director 'who possesses a high degree of independence and expertise'. There would also be an appointed Management Board and an Advisory Board. A five-year budget of EUR 24,300 million is proposed to cover the 15 Member States; an additional EUR 9 million would be required to cater for 10 new members. The Agency would have some 30 staff, recruited from both the public and private sector. The Commission would like to see it star work in January 2004. Links: Eric Davies On 10 February 2003 Commissioner Erkki Liikanen announced that the European Commission has drafted a Regulation intended to establish a European Network and Information Security Agency. |
|
| Subject Categories | Business and Industry |
