The participants have decided to set up three Working Groups:
- Working Group 1 on Risk Management, that will identify best practices on risk management, including information assurance, risk metrics and awareness raising;
- Working Group 2 on Information exchange, that will identify best practices on information exchange, including incident reporting, incident coordination and exchange of information on threats and vulnerabilities, as well as related risk metrics;
- Working Group 3 on secure ICT research and innovation.
The Working Groups will follow a cross-sectoral approach.
Working Groups 1 and 2 will also look at economic, legal and technological incentives that could be set at EU and/or national level to stimulate the take-up of the best practices identified and help less advanced stakeholders to progressively increase their level of NIS. Such incentives will have to be economically sustainable and be aimed at ensuring a level playing field among businesses in the EU.
The Working Groups will hold their first meeting in September 2013.
The Commission is now going through the process of registering the NIS platform as an Expert Group of the European Commission.