EU cyber security plans welcomed, with insistence that objectives must be achieved
EU cyber security plans welcomed, with insistence that objectives must be achieved

The EU's network and information security agency (ENISA) is to be strengthened in-line with the proposed cyber security strategy.

Set to include an EU-based computer emergency and response team (Cert) and be led by an executive board and branch office that will be based in Athens, the seven-year mandate was voted for by 626 MEPs to 45 votes against.

The changes will take effect on the 13th September 2013 and the aim is to strengthen the agency to enable it to cope with network and information security challenges. It will also see an increase in financial and human resources to correspond to its enhanced role and tasks.

The executive board will be established to enable the management to focus on issues of strategic importance, while an executive director will be appointed after obtaining the approval of the European Parliament.

European Commission vice president Neelie Kroes said: “Today's vote offers a new start for a new ENISA: with expanded tasks, a more agile and efficient organisation and governance. This will help secure European networks and information systems, in line with our cyber security strategy.”

ENISA executive director Professor Udo Helmbrecht welcomed the ‘important step' that he said will enable it to focus its work more intensively on prevention and preparedness in the field of cyber security.

“In light of the political reality, with cyber security ever higher up on the political agenda, this strong acknowledgement of our work is a very important step,” he said.

Also set to launch as the result of the mandate is an EU Cert, as requested by the parliament's industry committee. The EU said that this will allow national bodies and EU institutions and agencies to request expertise and advice from ENISA in the event of a security breach or loss of integrity.

Brian Honan, founder of the Irish CERT, welcomed this move. He said: “It can act on a number of fronts: to protect EU institutions and bodies; to provide the capability to respond to attacks against all or some countries within the EU; and to provide expert guidance to national CERTs in member states.

“I do not see this undermining the functions of national CERTs, but rather enhancing their ability to work together against attacks against either individual member states or across multiple borders. Having the ability to react quickly and coordinate responses can be invaluable in the response to a major incident.

“It would also be good to see the EU CERT disseminate best practise across the various member states' national CERTs to ensure they are implementing the appropriate tools, resources, training and processes and procedures.”  

 

Michael Dager, CEO of Arxan Technologies, said: “With the growing threat of cyber crime and proliferation of mobile devices, the vote to strengthen the ENISA is a great step towards increasing resources to help protect Europe's digital society.

“The EU's cyber security strategy is making all the right moves to not only raise awareness of cyber crime across Europe, but to encourage law enforcement agencies to work together to combat this growing threat.”