The Regulation to extend ENISA mandate for a seven year period to 2020 was agreed by the European Parliament in April 2013. The cyber security strategy and NIS directive were adopted in February 2013
What is the problem? Networks are not secure
The internet has become a critical information infrastructure, encompassing IT systems and networks across the globe. It must be resilient and secure against all sorts of threats.
Why is EU action required? EU helps Member States to cooperate
Strong cooperation between EU governments, public bodies and private companies is necessary to improve information exchange and to ensure that security problems are addressed quickly and effectively.
The European Network Information and Security Agency (ENISA) serves as a focal point for this exchange and cooperation. An enhanced ENISA is expected to have a significant positive economic impact, as the current costs associated with network and information security breaches are considerable and are still growing.
To react to threats in real-time conditions, a well-functioning and wider network of Computer Emergency Response Teams (CERTs) should also be established in Europe, including for European institutions (see Action 38 for more information on CERTs).
What has the Commission done so far?
- Conducted a public consultation on improving network and information security in the EU.
- Established CERT-EU, a Computer Emergency Response Team for the EU institutions, on a permanent basis.
- Presented in February 2013 a proposal, together with the High Representative of the Union for Foreign Affairs and Security Policy, for a 'Cyber security Strategy of the European Union' (action 124 of the Digital Agenda Review package).
- Presented in February 2013 a legislative proposal on enhanced network and information security across the Union (action 123 of the Digital Agenda Review package).
- Secured ENISA's future – in April 2013 the European Parliament voted to extend ENISA's mandate by seven years.
- Established a public-private Platform on Network and Information Security as part of the European Strategy for Cybersecurity
What will the Commission do next?
- Work with the European Parliament and Council on the adoption of the NIS Directive (Action 123)
- Implement the EU Cybersecurity Strategy (Action 124)