The European Commission is exploring ways to strengthen Europe’s common cyber defences and will present new plans at the beginning of 2009, announced Information Society Commissioner Viviane Reding.
In her proposed review of the telecoms sector, Commissioner Reding has already highlighted the importance of improving the security of information networks. Speaking at a conference on ‘European security awareness‘, she said yesterday (7 April) that telecoms security has an increasingly significant part to play in protecting the effective functioning of other key activities such as energy supplies and financial services.
Now the Commission is proposing to clarify its plans on this regard. An essential element will be the replacement of the existing EU temporary agency dealing with information networks security, ENISA, with a new authority. The body would be in charge of the entire EU Telecoms sector, with powers ranging from security to regulation (see EURACTIV 06/03/08). However, the idea has thus far been strongly criticised by different actors and decision makers (see EURACTIV 29/02/08).
On the eve of the NATO Summit in Bucharest, Reding’s spokesperson Martin Selmayr already clearly outlined to EURACTIV the role the Commission plans to attribute to the new authority as far as security issues are concerned: “We need a rapid reaction force. What ENISA is doing now is sitting around a table and drafting reports. They are very accurate but this is not enough. We need a body that operationally deals with the security,” he said (see EURACTIV 04/04/08).
The Crete-based ENISA will end its mandate in 2009 but widespread agreement has already been reached to extend this for a further two years until 2011, when the new EU authority is expected to take over, according to the Commission’s plans.
However, apart from a new EU body, a veritable common European approach to cyber defence also requires every member state to establish a national structure for the prevention of and defence against cyber attacks, the so-called Computer Emergency Readiness Teams (CERTs). Currently only a few European states have such structures.