EU proposes new cybercrime reporting rules

 
European cybercrime centre A European cybercrime centre was opened in The Hague last month

Related Stories

Over 40,000 firms, including energy providers, banks and hospitals could be required to report cyber-break-ins under new rules proposed by the EU.

It is part of a move to intensify global efforts to fight cybercrime.

Digital agenda commissioner Neelie Kroes said that Europe needed to improve how it dealt with cybersecurity.

But firms are concerned that reporting online attacks and security breaches might damage their reputations.

Many breaches

The EU is keen that member states share information about attacks and shore up their cyber-defences.

Under the proposals, each country would have to appoint a Computer Emergency Response Team and create an authority to whom companies would report breaches.

These new bodies would decide whether to make the breaches public and whether to fine companies.

Announcing the changes, Ms Kroes said: "Europe needs resilient networks and systems and failing to act would would impose significant costs on consumers, businesses and society."

According to the EU, only one in four European companies has a regularly-reviewed, formal ICT security policy. Even among ICT companies, the figure is only one in two, it said.

A recent study by accountants PwC suggested that three quarters of UK small businesses, and 93% of large ones, had recently suffered a cybersecurity breach.

 

More on This Story

Related Stories

The BBC is not responsible for the content of external Internet sites

Comments

This entry is now closed for comments

Jump to comments pagination
 
  • rate this
    +4

    Comment number 115.

    All this does is increase red tape and bureaucracy and will do nothing to solve the number one cause of security flaws in any network, users. Any measure you take to make life easier for users compromises security a bit and then you have downright incompetence of people keeping default passwords of leaving passwords laying around. That happens a lot.

  • rate this
    +3

    Comment number 90.

    I can see this getting costly. Decent network security is very expensive. I work in a school and have to purchase Antivirus licenses, endpoint protection, encrypted memory sticks just to compley with the ICO and the Data Protection Act 1998. This cost then has to be passed on to the taxpayer.

  • rate this
    +10

    Comment number 49.

    As long as there are computers there will be hackers. These programs to prevent hacking are tested out by hackers. They shouldn't prosecute these people but rather take them on as advisers and programmers, it won't stop them all just like have a police force doesn't prevent crime but we can deal with it and manage it more efficiently.

  • rate this
    +9

    Comment number 43.

    The different rules in different countries in Europe is consistently an issue with software design and legal compliance. This variation in rules mean that now I am running all personal my servers in Germany as I want to work with hosting companies bound by stricter laws. I would not host my servers in the UK or Italy as the legal standards are too low in privacy and security.

  • rate this
    +3

    Comment number 35.

    Cyber-attacks can never be totally eliminated; the attackers are as good at breaking-in as the owners are at developing security systems.
    I don't think regular persons have latched on to the risk because thus far no real damage has been done that effects them directly.
    The most critical of secretive information should be maintained where it can't be hacked i.e. power grid information.

 

Comments 5 of 12

 

More Technology stories

RSS

Features & Analysis

BBC Future

Changing shape

What Concorde was like to fly

The supersonic icon of air travel Read more...

Programmes

  • Ebola patients in Sierra LeoneHARDtalk Watch

    Dr Geraldine O'Hara recalls the horrors of working on the Ebola frontline in Sierra Leone

BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.