EU Policy on Network and Information Security
Latest News
NEW Commission Communication to the European
Parliament, the Council, the European Economic and Social Committee and the
Committee of the Regions on Critical Information Infrastructure Protection –
"Achievements and next steps: towards global cyber-security" - COM(2011) 163
-
Press release IP/11/395
NEW
European principles and guidelines for the
resilience and stability of the Internet developed in the context of the
European Forum for Member States
The 14th and 15th of April 2011, a
Telecom Ministerial Conference on CIIP will be held, by the Hungarian
Presidency, in Balatonfüred (Hungary)
Most EU citizens use Information and Communications Technologies (ICTs) every day. This means they expect trustworthy and secure ICTs that ensure reliable digital services. But security issues must not undermine the protection of fundamental (on-line) rights such as the right to privacy and freedom of speech. The European Union aims to ensure that a coherent approach to network and information security issues (NIS) is developed across the EU.
What is Network and Information Security (NIS)?
The European Commission defined NIS as "the ability of a network or an information system to resist […] accidental events or malicious actions that compromise its availability, authenticity, integrity and confidentiality […]".
Relevant EU Initiatives:
-
Digital Agenda for Europe: Trust and Security pillar
The
Digital Agenda for Europe (COM(2010)245), one of the flagship initiatives
under the Europe 2020 strategy, clearly identifies trust and security as key
enablers of a vibrant digital society and fundamental contributors to smart,
sustainable and inclusive growth.
Under its trust and security pillar, it defines
14 actions that aim at improving Europe's capability to prevent, detect and
respond to network and information security problems.
-
Strategy for a secure information society
In 2006, the European Commission adopted a
Strategy for a Secure Information Society.
This Strategy forms an integral part of the
i2010 initiative launched in 2005. i2010 highlights the need to coordinate
efforts across the EU to develop policies, regulate where appropriate, support
technological solutions and raise awareness in order to strengthen trust and
confidence of businesses and citizens in electronic communications and services.
-
Critical Information Infrastructure Protection (CIIP)
The EU initiative on CIIP aims to strengthen the security and resilience of vital Information and Communication Technology (ICT) infrastructures by stimulating and supporting the development of a high level of preparedness, security and resilience capabilities both at national and European level. On 30 March 2009, the Commission set out a CIIP Action Plan within its Communication on Critical information Infrastructure Protection – ‘Protecting Europe from large scale cyber-attacks and cyber-disruptions: enhancing preparedness, security and resilience’ - COM(2009) 149. The recent Commission Communication on Critical Information Infrastructure Protection – "Achievements and next steps: towards global cyber-security" - COM(2011) 163 adopted on 31 March 2011, takes stock of the results achieved since the adoption of the CIIP action plan in 2009 and describes the next steps planned for each action at both European and international level.
-
Promoting a culture of Network and Information Security
The European Network and Information Security Agency (ENISA) was established in 2004 to help develop a culture of network and information security for the benefit of citizens, consumers, enterprises and public sector organisations.
-
Encouraging research efforts
Trust and security play an important part in the European Union programs devoted to research and development. The ICT Programme within the Research Framework Programme addresses these issues through a wide range of projects. Efforts are being reinforced in the current 7th Framework Programme with the establishment of a European Security Research Programme. Additionally, the Safer Internet Plus programme supports networking projects and the exchange of best practices to combat harmful content circulating on information networks.
-
Relevant Studies
Relevant studies are available
there.
Last updated: 31.3.2011