Komentá? najdete v ?lánku
EC shows leadership on security. European Commission is urging industry and the public sector to shore up security (Phil Muncaster, IT Week).
Z úvodu dokumentu:
The purpose of the present Communication is to revitalise the European Commission strategy
set out in 2001 in the Communication “Network and Information Security: proposal for a
European Policy approach”2. It reviews the current state of threats to the security of the
Information Society and determines what additional steps should be taken to improve network
and information security (NIS).
Drawing on the experience acquired by Member States and at European Community level, the
ambition is to further develop a dynamic, global strategy in Europe, based on a culture of
security and founded on dialogue, partnership and empowerment.
In tackling security challenges for the Information Society, the European Community has
developed a three-pronged approach embracing: specific network and information security
measures, the regulatory framework for electronic communications (which includes privacy
and data protection issues), and the fight against cybercrime. Although these three aspects
can, to a certain extent, be developed separately, the numerous interdependencies call for a
coordinated strategy. This Communication sets out the strategy and provides the framework to
carry forward and refine a coherent approach to NIS.
The 2001 Communication defines NIS as “the ability of a network or an information system
to resist, at a given level of confidence, accidental events or malicious actions that
compromise the availability, authenticity, integrity and confidentiality of stored or transmitted
data and the related services offered by or accessible via these networks and systems”. Over
recent years, the European Community has implemented a number of actions to improve NIS.
The regulatory framework for electronic communications, the review of which is underway,
includes security-related provisions. In particular, the Directive on Privacy and Electronic
Communications3 contains an obligation for providers of publicly available electronic
communications services to safeguard the security of their services. Provisions against spam4
and spyware5 are laid down.