Trust
Note: eEurope 2005 finished at the end of 2005.
Please note that these pages are archived and no longer updated.
For up to date information, please see the i2010 strategy website.
As the Information Society becomes more and more important to business and society, ensuring the security of both the infrastructure itself and the information that runs through it is critical.
-
Handbook of Legislative Procedures of Computer and Network Misuse in EU Countries
-
Risk Preparedness in Business in the field of Network and Information Security
In order to serve the Information society the Internet needs to be available, the information we transmit and store should be kept confidential, we need to be able to ensure who is the author of the information and that the information has not been altered. Besides having the complexity of the systems themselves to cope with, internet users today also face threats from attacks such as hackers and viruses. If not addressed, the consequences will grow as the Ambient Intelligence paradigm takes hold and Information Society technologies pervade business, society and even other infrastructures. 'Always on' broadband connections, for example, can increase the vulnerability of consumer and business IT systems, while new wireless applications could open new opportunities for virus authors and hackers. Failures in electronic communications could even create cascading problems in areas as diverse as energy and water supplies, healthcare systems and traffic management. Security problems reduce our trust in the networks and information systems and hinders the full use of Internet and all its advantages.
Until security issues are addressed, therefore full development of the information society can not take place. Security is therefore a key component of the Commission's vision for the Next Generation Internet and is one of the eEurope 2005 six policy priorities.
eEurope 2005 Security Policies in Brief
Ensuring information security is not purely a technological challenge - security consists to a large extent of human behaviour and knowledge of threats and remedies. Information security concerns a number of policy fields such as privacy, industrial policy, international trade, citizens' rights, law enforcement, defence, and much more, so holistic approaches at both European and global levels are essential.
The EU has already developed rules to secure electronic communications e.g. through the electronic signatures directive and the data protection legislation for electronic communication (see 'Privacy in the Information Society').
A number of other strands are currently being addressed under the eEurope 2005 action plan:
-
Network and Information Security: a range of activities at European and Member State level will focus on improving the robustness of networks and information systems against both accidents and criminal attacks;
-
Secure Communications for eGovernment: the Commission and Member States are working together to develop a secure trans-European communications network through which they can share classified information, the IDA project.
Implementing Security in Europe
A range of activities are being implemented at the European level to support these policies:
-
European Network and Information Security Agency (ENISA): a centre for information security for both Member States and EU Institutions, the Agency will increase co-operation and information exchange between different stake holders in the Member States and contribute to a higher level of information security on the internal market. Here is the Proposal for a Regulation in establishing the European Network and Information Security Agency and the Regulation itself establishing the European Network and Security Agency.
-
Safer Internet Action Plan: The original Safer Internet Action Plan has recently been extended by two years to widen its scope to more forms of illegal and harmful content on a larger range of online technologies, including mobile systems, P2P, chat rooms and online games;
-
Research and development: the IST priority within the Sixth Framework Programme for Research is supporting R&D in areas such as e-Authentication (smartcards, biometrics);
-
New standards: created by the European standardisation bodies, the Network and Information Security (NIS) Focus Group is a group of technical experts set up to evaluate existing security standards and to identify possible gaps in the standards spectrum, as requested by the Communication on Networking and Information Security. The Group published its final draft report in July 2003. See also NISSG, which was created by the ICT Standards Board in March 2004 to ensure that the standardisation requirements, expressed in the NIS report that was prepared by the NIS Focus Group, are implemented.
-
Trans-European Networks for Telecommunications: the active involvement of businesses and citizens in the information society is dependent on their trust and confidence in the available services. Security is therefore a priority issue presenting a major challenge for the future. The programme eTEN provides support for Trust and confidence services in the public interest aimed at all aspects of security including cooperation for effective networking within the European Union on national CERT systems.
Between them, the above initiatives cover most of the technological and many of the legal issues surrounding Information Society security. More needs to be done, however, to develop a comprehensive policy encompassing issues from the worlds of business, economics and society.
Further information can be found
here on the scope of activities that have been launched in the FP6 Work
Programme 2003-2004.
 |
 |
| Last update: 04/05/2007 |
| Contact the Editor |