Brussels, 10/02/2003 (Agence Europe) - So as better to tackle the problem of the vulnerability of digital communications networks that daily take up more room in the economy, the European Commission presented a draft regulation on Monday aimed at creating a European Network and Information Security Agency". Its task will be to serve at centre of expertise to which Member States and EU institutions may turn to ask for advice on issues linked to cyber security. The agency will also provide assistance to the authorities of Member States, and notably their intervention teams in case of computer emergency. It will also have as task to guarantee the interoperability of security functions of computer networks and systems.
Presenting the initiative to the press, Erkki Liikanen stressed that "The EU will benefit from increased co-ordination between Member States to achieve a sufficiently high level of security in all Member States. The European Network and Information Security Agency will build on national efforts to enhance network and information security and to increase the ability of Member States and EU Institutions to prevent and respond to network and information security problems".
Today more than 90 percent of companies in the EU have an Internet connection and the majority of them operate a web site. In 2002 about 40% of EU households had their own Internet connections and more than two-thirds of the population used a mobile phone. Public administrations are moving towards electronic government. Computers and communication networks control critical infrastructures such as electricity and water supply or public transport systems. Already a lot depends on networks and information systems and their secure functioning has become a key concern, especially in the aftermath of the 11th of September events, for everybody: citizens, businesses and public administrations. In the near future, security requirements will rapidly change as networking and computing develop further and electronic communications become more ubiquitous. For instance broadband connections offer people the possibility to be connected to the Internet at all times which will multiply the potential risks of cyber-attacks, and new wireless applications will enable the users to access the Internet from anywhere.
From an EU-policy perspective the activities related to network and information security are interrelated with the legal framework on telecommunications, data protection and cyber-crime. Governments see a widening responsibility for society and are increasingly making efforts to improve security on their territory. Currently, bodies, both public and private, pursue different objectives, gathering data on incidents in the field of information technology and other relevant information for information security. However, the Commission notes, the state of progress of measures taken and approaches adopted vary depending on Member States. Furthermore, today, there is no systematic cross-border co-operation on network and information security between Member states, although security issues cannot be an isolated issue for only one country. Whence the Commission's initiative of creating, at European level, a central body for the collection and analysis of data in view of supporting EU policy action in the field of information network security, while providing added value to national initiatives.
The Agency will thus launch co-operation initiatives between the different players in the sector of information security, with the aim notably, of supporting the development of safe electronic commerce. "This co-operation will be a crucial precondition for the security of the workings of the information and network systems in Europe", Liikanen pointed out. The problems of information and network security also having a global dimension - communications channels do not stop at national or European borders -, the Commission proposes strengthening international co-operation in the area. The regulation proposed provides for the Agency providing assistance regarding EU contacts with parties concerned I third countries Finally, given the experience gained and emerging needs, the Agency's tasks could later be broadened: the Commission's proposal indeed provides for a review clause.
…/..
BA package of EUR 24 million over five years is planned for setting up and running the Agency. A further EUR 9 million are foreseen in the perspective of the candidate countries joining the EU. These figures may change when the proposals is discussed by the European Parliament and the Council, suggested Erkki Liikanen. The Commissioner pointed out that the decision on where the Agency's headquarters were to be based should be taken during the first six months of adoption of the regulation at the latest.