ENISA: Concerted EU efforts are needed to avoid a 'digital 9/11' and combat cyber threats
ENISA presented a summary of its 'General Report 2007' and showcased some of its activities. The Agency underlined the crucial importance of Network and Information Security (NIS) for the European economy, in particular in regards to the i2010 goals (http://europa.eu/...).
Today, 30% of global trade is 'digitally dependent'. Spam costs business about €64,5bn in 2007, double the 2005 figure (Source: Ferris). As only 6% of spam reaches mailboxes, the problem is perceived to be under control. However, it is growing in quantity, size and bandwidth and remains a costly problem (http://www.enisa.europa.eu/...), with 94 % of spam being the invisible part of the 'ice-berg'.
The Agency highlighted its success in mitigating Cyber Attacks by supporting the set up of 'Computer Emergency Response Teams' (CERT), almost like 'digital fire brigades'. In 2005, only eight EU Member States had governmental CERTs, whereas in 2008 the number has almost doubled to 14 (http://www.enisa.europa.eu/...), with ten more planned within the next one to two years. CERTs are key components in combating cyber attacks such as those in Estonia, or spam generated by 'botnets'; hijacked computers of which there are 6mn in Europe (http://www.enisa.europa.eu/...) used by organised criminals for sending spam and committing online fraud.
At the same time, ENISA underlined a concerning imbalance in Member States' security measures. The Executive Director of ENISA, Mr Andrea Pirotti commented:
"Europe must take security threats more seriously and invest more resources in NIS. Therefore, ENISA calls for the EU to introduce mandatory reporting on security breaches and incidents for business, just as the US has already done. The Member States should undertake concerted efforts to reduce the imbalances in security levels, with more cross-border cooperation. ENISA is confident that the need for secure networks to safeguard the European economy is a distinct driving force for Member States to cooperate more closely.", Mr Pirotti concluded.
The Agency stressed the risks of online social networking sites (http://www.enisa.europa.eu/...) and recommended for example a review of the Regulatory Framework of Directive 2002/58 on privacy and electronic communications.
ENISA has produced a feasibility study on a European Information Sharing and Alert System (http://www.enisa.europa.eu/...) for citizens and small business, with SMEs constituting 2/3 of the EU economy. ENISA has launched a three-year program as of the beginning of 2008 to improve resilience to public e-communication networks, for Member States to mitigate the risks of a digital 9/11.
Upcoming future threats and risks beyond 2008 were identified: e.g. fraud in virtual worlds, where assets are estimated to be between €64,5mn and €100mn (in 2006). The Agency will in 2008 issue various Position Papers with recommendations, e.g. on interoperable eID for Europe.The Agency is an Expert body, providing independent, expert advice to the EU and its Member States, in e.g. Risk Management/Assessment, Awareness Raising, security policies, resilience, etc.
General Report 2007- Executive Summary http://www.enisa.europa.eu/...
Press releases you might also be interested in
Weitere Informationen zum Thema "Sicherheit":
E-Mail-Archivierung hilft bei Erfüllung der Compliance-Anforderungen
Die DSGVO harmonisiert das Datenschutzrecht in Europa und stellt den Schutz personenbezogener Daten in den Vordergrund. Als eines der meist genutzten Business- Kommunikationsmittel enthält die E-Mail personenbezogene Daten. Somit trägt E-Mail-Archivierung dazu bei, der DSGVO zu entsprechen.Weiterlesen