The proposed General Data Protection Regulation (GDPR) continues to cause controversy, despite the political agreement reached this week on a compromise text in the European Parliament‘s Committee on Civil Liberties, Justice and Home Affairs (LIBE). Despite over 4,000 tabled amendments made to date, the GDPR won’t provide a single framework for Data Protection in Europe. This will [...]
Following on from E RADAR’s recent submission to government, Dr Daniel Dresner sets out his own wish-list for the draft EU Network and Information Security Directive. So. We need a directive about Network and Information Security? Brussels says so. And yes, it is necessary. We needed Tufty, the late Jon Pertwee, and the Green Cross [...]
E RADAR has submitted its response to the UK Government’s consultation on the proposed EU Directive on Network and Information Security Online business is global business. The revolution of digital technologies has changed society and our economy fundamentally. The ease of accessibility and searchability of information contained in computer systems, combined with the practically unlimited [...]
I have long been convinced about the many benefits of new digital services – and remain so. These are tools we all can enjoy and benefit from – more convenient, more efficient and offering a huge boost to our economy and society.
But recent allegations remind us how important privacy is. People will only use those services as much as they trust them. Trust that they or their data won’t be compromised, hacked into or spied on. Particularly if they’re sharing personal or sensitive information online.
To ensure that trust, we need networks and systems that are secure and resilient; and that calls for proper cybersecurity practice everywhere.
The fact is, too often, big ICT users like businesses or governments underestimate the risks they face. They need to not just become more aware of those risks – but to manage them. This is become truly urgent. Every week, we seem to hear about new incidents: loss of passwords, attacks on banks, hacking of websites or systems.
Technology is rapidly evolving; so are threats. A lot of businesses seem to think just using basic ICT security tools is enough – but in general it isn’t. Proper risk management practice means things like dynamically assessing and mitigating risks. It also helps to exchange information on threats and vulnerabilities – and perhaps, if there is actually an incident, to respond together. Those processes and practices need to be well-thought-through and fully embedded, not an afterthought or box-ticking exercise.
But how do we identify and embed such good practices, across the ICT value chain? We call in the experts. Our Cybersecurity Strategy, published in February, calls for a platform bringing together public and private stakeholders to do exactly that – and to ensure the kind of market where secure ICT solutions can be developed and taken up. And that platform had its first meeting just yesterday.
Featuring top experts from a range of organisations—from national governments to ICT companies; banks to service providers—the Platform is looking at exactly these areas: like how to provide incentives to manage and measure risks; how to exchange information about risks and incidents; and input to the Research and Innovation agenda.
They have my full support. Their findings will help ICT users prepare and work together better; and they will feed into Commission Recommendations on cybersecurity due in 2014, in areas from risk management to incident reporting. Ultimately, they will build a digital Europe that is more cyber-resilient, and less prone to hacking and security breaches.
And of course, this is in parallel with legislative work we are doing on the proposed Directive on Network and Information Security: ensuring that critical infrastructure and Internet enablers stay cybersecure. So I will be working closely with the European Parliament and Council to ensure this proposal is agreed as a matter of urgency; these days, protecting our networks and systems should be every politician’s top priority.
This matters. As more and more people – and more and more core economic sectors – get connected and start relying on digital systems, ensuring security is no longer just an issue for telecoms providers: it’s also something that matters to governments, banks, transport companies, energy grids, health providers and more.
So I hope that this platform gets to work straight away – I’m confident that soon it can raise the bar and raise awareness about the cybersecurity risks businesses and governments face – and help stimulate the solutions, too.
The lines are drawn on net neutrality as EU Commissioner Neelie Kroes sets out her plans to stop online throttling and line blocking. But in the US the issue is not so cut and dry. Jim Richardson discusses his concerns. If you’ve been paying attention to what’s going on with the web at all for [...]
The UK Government is proposing a new Intellectual Property Bill which would seem to criminalise businesses for what they do best – to innovate. IP Minister Lord Younger has introduced a new Intellectual Property Bill to help UK businesses wanting to protect their products and technologies through patents and design right. The Bill aims to [...]
The focus should be on making it much easier to report attacks to those who will take action against predators and those who have aided and abetted them, not to regulators who will merely penalise the messenger. The only mandatory requirements should be on those to whom attacks are reported. This should include acting as a "first stop shop" and passing reports to those who may be in a better position to take action.
Hence the also the reason why the blog entry quoted on the Today Programme concluded on the need for genuine partnership and a Communications BIll that really does address the obstacles to that partnership: not the re-creation of a mythical past.
The stakes are now much higher. The time has come for those who think they understand the problems to start putting forward effective solutions, not just snipe at those who advocate that which it impractical or counter-productive because they know no better.
Podcast: Download Plans to update data protection laws in Europe are facing increasing criticism from members of the European Parliament, with one UK commentator calling the draft proposals “a completely demented set of regulations.” But Justice Commissioner Viviane Reding remains adamant that her proposals should become law and has even accused the UK Government of introducing [...]