Brussels, 1 April 2011
Digital Agenda: Commission reviews Member States' protection against cyber attacks
In a report taking stock of progress made in implementing its EU-wide 2009 action plan, the European Commission praises Member States' efforts to protect critical information infrastructures from cyber attacks and disruptions (see IP/09/494). However, the report underlines that further action in this area is required, notably to establish an efficient network of Computer Emergency Response Teams (CERTs) by 2012. Cyber security and the protection of critical information infrastructures are vital for people and companies to trust the internet and other networks and are a key priority of the Digital Agenda for Europe (see IP/10/581, MEMO/10/199 and MEMO/10/200).
Neelie Kroes, Commission Vice-President for the Digital Agenda said: "Europeans need and expect to have access to secure, resilient and robust online networks and services. In the past two years we have achieved significant progress but we must step up our efforts in the EU and at the global level to address ever-changing cyber-threats."
Recent events have demonstrated that new and technologically more sophisticated cyber threats can disrupt or destroy vital societal and economic functions. Examples include the attacks on the networks of the French Finance Ministry prior to the G20 summit, on the EU Emissions Trading System and most recently on the European External Action Service and the Commission itself. These events demonstrate the need to create a well functioning network of governmental/national Computer Emergency Response Teams (CERTs) in Europe by next year, to organise more regular cyber attack simulations and to look into governance issues for the security of emerging technologies like cloud computing.
The main findings of the report are:
The report outlines the way forward to reinforce international cooperation in this area. The Commission will engage with Member States and the private sector at national, European and international level by:
In March 2009, the Commission adopted a Communication on Critical Information Infrastructure Protection – ‘Protecting Europe from large scale cyber-attacks and cyber-disruptions: enhancing preparedness, security and resilience’ (COM(2009)149) which set out an Action Plan to protect critical information infrastructures by making the EU more prepared for and resistant to cyber attacks and disruptions.
The 2010 Digital Agenda for Europe stressed the importance of trust and security and highlighted the pressing need for all stakeholders to join forces and develop effective and coordinated mechanisms to respond to new and increasingly sophisticated cyber risks.
On 30 September 2010, the Commission adopted a proposal to strengthen and modernise the European Network and Information Security Agency (ENISA) (IP/10/1239).
The full text of the Communication on Critical Information Infrastructure Protection ‘Achievements and next steps: towards global cyber-security’:
Neelie Kroes' website: http://ec.europa.eu/commission_2010-2014/kroes/
Digital Agenda website:
Follow Neelie Kroes on Twitter: