On 30 March 2009, the European Commission (EC) announced its strategy on protecting the European Union's critical information infrastructure (CII) with the publication of the EC Communication, "Protecting Europe from large-scale cyber attacks and disruptions: enhancing preparedness, security and resilience".
In its Communication, the Commission identifies the five key points of its action plan:
• Preparedness and prevention: ensure preparedness at all levels;
• Detection and response: to provide adequate early warning mechanisms;
• Mitigation and recovery: to reinforce European Union defence mechanisms for CII;
• International cooperation: to promote EU priorities internationally;
• Criteria for the ICT sector: to support future implementation of the Directive on the identification and designation of European Critical Infrastructure (ECI).
The EC also notes that these courses of action are to be taken in parallel and in line with the European Programme for Critical Infrastructure Protection (EPCIP), in which one of the key factors is the above Directive on ECI, as well as the Critical Infrastructure Warning Information Network (CIWIN). The Commission also stresses that the success of these actions depends on their effectiveness to build upon and benefit public and private sector's activities, and also on the commitment and full participation of Member States, European Institutions and stakeholders. To this end, the EC has announced a Ministerial Conference to take place on 27-28 April 2009 to discuss the proposed initiatives with Member States and to mark their commitment to the debate on a modernised and reinforced network and information security policy in Europe.
Further information:
- Protecting Europe from large scale cyber-attacks and disruptions: enhancing preparedness, security and resilience http://ec.europa.eu/information_society/policy/nis/docs/comm_ciip/comm_en.pdf
- Critical Information Infrastructure Protection 'Protecting Europe from large scale cyber-attacks and disruptions: enhancing preparedness, security and resilience' http://ec.europa.eu/information_society/policy/nis/docs/comm_ciip/ia_en.pdf
- Commission acts to protect Europe from cyber-attacks and disruptions http://europa.eu/rapid/pressReleasesAction.do?reference=IP/09/494&format=HTML&aged=0&language=EN&guiLanguage=en
- Protecting Critical Information Infrastructures: Frequently Asked Questions (FAQ) http://europa.eu/rapid/pressReleasesAction.do?reference=MEMO/09/141&format=HTML&aged=0&language=EN&guiLanguage=en
