How do 23 countries in Europe strengthen the resilience of public communication networks? EU Agency presents the first EU-wide survey on policies and

The EU Agency ENISA presents its first ever EU wide report on "Stock Taking of Regulatory and Policy Issues related to Resilience of public eCommunications Networks"

In October 2008 ENISA released the first ever comprehensive European report which presents 23 different national regulatory and policy strategies that are being used to facilitate, support and strengthen efforts to improve dependability and resilience of public eCommunications Networks.

In summary, the report identified that there is a significant variety in the deployed strategies, policies, initiatives and regulatory provisions across the EU. Despite these differences, certain preliminary strategy commonalities across Europe for increasing resilience can be highlighted:

- Development of a national strategy, a solid policy and/or regulatory environment and concrete preparedness measures; define clear roles and responsibilities of public agencies; encourage intra- agency and information sharing,
- Encouragement of voluntary collaboration between public and private stakeholders. Capitalising on the know-how of experts from both industry and public authorities to support the development of best practices and guidelines.
- Focus on how well things are working in practice (e.g. exercises, audits, onsite visits, etc.)
- Prompt reaction on reported incidents and their analysis within a trusted group of experts from public and private sector stakeholders
- Multiple, frequently performed small steps have proved to be more effective than big national initiatives. This holds true for current and in future e-resilience issues.

This study is done in the context of ENISA's multi annual thematic program on Resilience of public communication networks. It focuses on giving an accurate picture of each country's policies, initiatives, and regulations. Institutional stakeholders could use this inventory of policies and strategies to identify common approaches, confirm the appropriateness of their measures and activities, and to become inspired by the initiatives of other countries.

The Executive Director of ENISA, Mr. Andrea Pirotti remarked: "This work underpins Member States authorities' efforts to debate and co-operate on this issue in a structured manner. We will continue serving this constituency with the full analysis of the stock taking findings."

The analysis of the stock taking results is due to be published by ca mid January, 2009, after the workshop that has taken place in Brussels on 12-13th of November.

For those who do not, as yet, know, the European Network and Information Security Agency (ENISA) is an agency of the European Union. ENISA was created in 2004 by EU Regulation No 460/2004 and is fully operational since September 1st, 2005. It has its seat in Heraklion, Crete (Greece). The objective of ENISA is to improve network and information security in the European Union. The agency has to contribute to the development of a culture of network and information security for the benefit of the citizens, consumers, enterprises and public sector organisations of the European Union, and consequently will contribute to the smooth functioning of the EU Internal Market. ENISA assists the Commission, the Member States and, consequently, the business community in meeting the requirements of network and information security, including present and future Community legislation. ENISA ultimately strives to serve as a centre of expertise for both Member States and EU Institutions to seek advice on matters related to network and information security.

Source: ENISA