The EU wants full security breach disclosure

The Feedster

Active Member
Premium Member
Jun 26, 2007
Reaction score
In a bid to curb data loss in Europethe EU is asking companies to be transparent about any violations of securitythey may have been subject too.
If the new rules are greenlit, companies would have to let TheEuropean Network and Information Security Agency (ENISA) know ever time abreach to their computer systems.
The proposed ruling comes after some high-profile cases of confidentialinformation being lost due to laptops being stolen or data discs going awry.The latest worldwide case of data going missing was earlier this month when anHSBC server was lost and some 159,000 Chinese bank account details went missing.
Closer to home was the child benefit data scandal that sawthe UKgovernment lose CDs containing 25 million people’s data.
Call in the Certs
According to, in 2005 the EU set up what is dubbed as the ‘digital fire brigade’.Called Computer Emergency Response Teams (Certs), these teams are currently employedin eight states and combat such things as spam and server attacks. The ENISA (The European Network and Information SecurityAgency) wants the number of states with Certs increased to 15.
Andrea Pirotti, executive director of ENISA, saidin a statement: "Europe must take security threats more seriously andinvest more resources in NIS[network and information security].
"Therefore, ENISA calls for the EU to introduce mandatory reporting onsecurity breaches and incidents for business, just as the US has alreadydone.”