Glaswegian

The EU is refining a set of guidelines that would strengthen its ability to respond to computer security threats as well as ensuring that Internet infrastructure in member countries becomes more resilient.

In late March, the European Commission adopted a set of recommendations called the Critical Information Infrastructure Protection (CIIP).

The proposals seek to improve Europe's ability to cope with large-scale cyberattacks or disruptions, said Andrea Glorioso, a policy officer in the Commission's Directorate-General for the Information Society and Media. Glorioso gave a presentation at the Conference on Cyber Warfare on Thursday in Tallinn, Estonia.

The proposals call for a range of measures, including agreeing on minimum standards for the capabilities of European Computer Emergency Response Teams (CERTs), government-run agencies dedicated to computer security.

Other suggestions include creating an agency that would foster closer cooperation between the private sector and government to increase the resilience of networks that could fall under attack as well as improve information sharing between EU countries.

By the end of 2010, Europe also hopes to have a roadmap for the European Information Sharing and Alert System (EISAS), which would distribute information on cyberthreats to businesses.

The CIIP plan also calls for EU members to run national cybersecurity exercises with a view to holding pan-European network security exercises.

"We want to know how good we are," Glorioso said.


http://www.techworld.com/security/ne...&NewsID=117718