Following in the footsteps of the United States’ National Plan for Critical Infrastructure Protection, the European Commission has unveiled a plan to step up security on the Net.
“The Net’s openness may have been the basis for its success, but this openness also entails certain risks,” noted Erkki Liikanen, European Commissioner for the Enterprise and Information Society. “That is why we need a strategy to tackle existing and emerging security threats.”
As such, the commission’s plan calls for increased cooperation between EU members to tackle issues of Net security.
Earlier this year the Stockholm European Council called for a comprehensive strategy to secure electronic networks. In response the European Commission has drafted a proposal that calls for larger investments in security research and education, more effective threat-warning systems, and harsher punishments for cybercriminals.
“Education systems in member states should give more emphasis to courses focused on security,” the proposal said. Measures to aid European companies in establishing effective security strategies as well as stratagems for educating the general public about the Net’s perils are therefore high on the agenda.
In addition, the proposal suggests that separate Computer Emergency Response Teams (CERTs) in various European states be combined into a single system. Such a unified system, it suggests, will ensure a more complete European Warning and Information System. “The existing CERTs are not always well equipped and their tasks are often not clearly defined…furthermore they operate differently in each Member State, making cooperation complex,” the proposal said.
New laws to step up the prosecution of cybercriminals across territory lines as well as better standardization efforts on encryption and certification for security experts were also suggested.
The Cybercrime Treaty, a separate pact amongst member states, has also called upon signatories to aid other countries in their investigations and pursuit of cybercriminals.
The EU clearly means business when it comes to issues of Net Security. The EU plans to spend 30 million euros on researching better methods of tackling online security during 2001 and 2002.