Wednesday, February 13, 2013

EU Cybersecurity plan to protect open internet and online freedom and opportunity

On Thursday, 7 February the European Commission has launched EU Cybersecurity plan to protect open internet and online freedom and opportunity. Its purpose is to enhance cyber resilience of information systems, to reduce cybercrime and strengthening EU international cyber-security policy and cyber defence.

EU Cybersecurity plan includes:

  • Cybersecurity Strategy of the European Union: An Open, Safe and Secure Cyberspace
  • Proposal for a Directive of the European Parliament and of the Council concerning measures to ensure a high common level of network and information security across the Union
  • Executive Summary of the Impact Assessment
  • Impact Assessment

‘The proposed NIS Directive is a key component of the overall strategy and would require all Member States, key internet enablers and critical infrastructure operators such as e-commerce platforms and social networks and operators in energy, transport, banking and healthcare services to ensure a secure and trustworthy digital environment throughout the EU. The proposed Directive lays down measures including:
(a) Member State must adopt a NIS strategy and designate a national NIS competent authority with adequate financial and human resources to prevent, handle and respond to NIS risks and incidents;
(b) Creating a cooperation mechanism among Member States and the Commission to share early warnings on risks and incidents through a secure infrastructure, cooperate and organise regular peer reviews;
(c) Operators of critical infrastructures in some sectors (financial services, transport, energy, health), enablers of information society services (notably: app stores e-commerce platforms, Internet payment, cloud computing, search engines, social networks) and public administrations must adopt risk management practices and report major security incidents on their core services.’[1]