The European Network and Information Security Agency (ENISA) has published its first ever European Union (EU) survey on public communication network resilience.
The agency said its "Stock Taking of Regulatory and Policy Issues related to Resilience of public eCommunications Networks" report identified a significant variety in the strategies, policies, initiatives and regulatory provisions deployed across the EU.
But it also identified commonalities between the approaches of member states to network resilience that it said demonstrated best practice, including strong public and private collaboration. And a focus on how well things are working in practice.
Although, telecommunication including broadcasting, postal services, internet service providers (ISPs), fixed line and mobile telephone services is considered one of the UK's nine critical infrastructures, the report found that telecoms emergency planning and response was lightly regulated.
Based on interviews with representatives with the primary agencies involved in national network resilience, the UK report highlighted related responsibilities of the Department of Business, Enterprise and Regulatory Reform, Ofcom and the Centre for the Protection of National Infrastructure (CPNI) and said the 2007 floods proved their collaboration was effective.
While UK regulation in this area is light, the report highlighted that it has two mechanisms at its disposal in case of a communications security incident: UK Network Security Information Exchange (UK-NSIE) members discuss security incidents that have affected them and how they dealt with that information.
UK-NSIE reporting is voluntary, but the CPNI Combined Security Incident Response Team (CSIRTUK) may investigate. CSIRTUK will contact communications service providers who are involved in an incident that has been reported. And if the incident shows a pattern or trend, then an advisory will be issued.
The National Emergency Alert for Telecoms (NEAT) may also be used to inform operators. But Ofcom said there had been few examples where it has stepped in to investigate.
Andrea Pirotti, the executive director of ENISA, said: "This work underpins member states authorities' efforts to debate and co-operate on this issue in a structured manner."
The analysis of the stock taking results is due to be published by mid-January, 2009, after a workshop planned to discuss their findings in Brussels on 12-13 November.
ENISA is looking to keep Europe's networks secure - click here to read our feature on what they plan to do.
-
Everything we know about the Plex data breach so farNews Plex advised users to sign out of any connected devices that are currently logged in and enable two-factor authentication if they haven’t already.
-
Mainframes are back in vogueNews Mainframes are back in vogue, according to research from Kyndryl, with enterprises ramping up hybrid IT strategies and generative AI adoption.
-
The second enforcement deadline for the EU AI Act is approaching – here’s what businesses need to know about the General-Purpose AI Code of PracticeNews General-purpose AI model providers will face heightened scrutiny
-
Meta isn’t playing ball with the EU on the AI ActNews Europe is 'heading down the wrong path on AI', according to Meta, with the company accusing the EU of overreach
-
‘Confusing for developers and bad for users’: Apple launches appeal over ‘unprecedented’ EU fineNews Apple is pushing back against new app store rules imposed by the European Commission, suggesting a €500m fine is a step too far.
-
Apple, Meta hit back at EU after landmark DMA finesNews The European Commission has issued its first penalties under the EU Digital Markets Act (DMA), fining Apple €500 million and Meta €200m.
-
‘Europe could do it, but it's chosen not to do it’: Eric Schmidt thinks EU regulation will stifle AI innovation – but Britain has a huge opportunityNews Former Google CEO Eric Schmidt believes EU AI regulation is hampering innovation in the region and placing enterprises at a disadvantage.
-
The EU just shelved its AI liability directive
News The European Commission has scrapped plans to introduce the AI Liability Directive aimed at protecting consumers from harmful AI systems.
-
A big enforcement deadline for the EU AI Act just passed – here's what you need to know
News The first set of compliance deadlines for the EU AI Act passed on the 2nd of February, and enterprises are urged to ramp up preparations for future deadlines.
-
EU agrees amendments to Cyber Solidarity Act in bid to create ‘cyber shield’ for member statesNews The EU’s Cyber Solidarity Act will provide new mechanisms for authorities to bolster union-wide security practices
