The European Commission unveiled two new measures to ensure that Europe can defend itself from attacks against its key information (IT) systems. A proposal for a Directive to deal with new cyber crimes, such as large-scale cyber attacks, is complemented by a proposal for a Regulation to strengthen and modernise the European Network and Information Security Agency (ENISA). The two initiatives are foreseen by the Digital Agenda for Europe and the Stockholm Programme to boost trust and network security (see IP/10/581, MEMO/10/199 and MEMO/10/200). Under the proposed Directive, the perpetrators of cyber attacks and the producers of related and malicious software could be prosecuted, and would face heavier criminal sanctions. Member States would be also obliged to quickly respond to urgent requests for help in the case of cyber-attacks, rendering European justice and police cooperation in this area more effective. Strengthening and modernising ENISA would also help the EU, Member States and private stakeholders develop their capabilities and preparedness to prevent, detect and respond to cyber-security challenges.
The European Parliament’s Security and Defence sub-committee discussed the measures on 25 October. It brought together MEPs and security experts to discuss inter alia the European Commission’s proposals (COM(2010) 517 final) to confront the threat of cyber-attacks.
– NATO – Defending against cyber attacks
– Council Framework Decision 2005/222/JHA of 24 February 2005 on attacks against information systems
– DG EXPO Policy Department, Cyber Security and Politically, Socially and Religiously motivated cyber attacks