The European Network and Information Security Agency (ENISA) published a new report on the largest ever pan-Europe cyber security exercise, Cyber Europe 2012, which took place last year. The goal of the exercise was to strengthen cyber crisis cooperation, preparedness and response across Europe. The entire Internet ecosystem plays an integral role in fighting cyber crime. More than 500 individual players participated, including representatives from the private sector – financial, telecom and Internet – for the first time. The conclusion: for fast and effective response to cyber incidents, knowledge of procedures and information flows is crucial.
Key recommendations from Cyber Europe 2012 noted:
- More pan-European and national cyber exercises are necessary to improve cross-country cyber crisis cooperation. EU Member States and European Free Trade Association countries should improve the effectiveness, scalability, and knowledge of existing mechanisms, procedures and information flows for both national and international cooperation.
- More training in crisis procedures is necessary for all cyber crisis stakeholders.
- Increased private sector involvement at the national level should be considered for future exercises.
- Input from other European critical sectors (e.g. energy, transportation) is a good next step.
The exercise scenario involved large-scale cyber-incidents in Europe, which affected all participating countries. Cyber-incidents challenged the public and private sector participants, triggering a need for cross-country cooperation. The scenario provides of good reminder of the importance of a comprehensive multi-stakeholder strategy for addressing cyber security. An Internet security strategy for the EU and the Member States that streamlines approaches to the protection of critical information infrastructure, in close partnership with the private sector, is important to fighting cyber crime.
We welcome the European Commission’s work on this issue and were pleased to see that “establishing a coherent international cyberspace policy for the European Union” was listed as a priority for the EU’s cyber security plan which was announced last week. As Neelie Kroes, European Commission Vice-President for the Digital Agenda said: “The more people rely on the internet the more people rely on it to be secure. A secure internet protects our freedoms and rights and our ability to do business. It’s time to take coordinated action – the cost of not acting is much higher than the cost of acting.”
Given the rapid evolution of communications technologies, we need high-level principles on cyber security that can adapt with the pace of technology. Public policies must let providers of smart networks, such as AT&T, apply sophisticated network management practices that our customers request. Our intelligent network technologies allow us to analyze traffic flows for malicious cyber-activities and to identify early indicators of attacks before they have the opportunity to become major events.
There is no easy or perfect solution to cyber crime. It will remain an ongoing effort. But what is clear is that staying ahead of the growing threats and protecting our digital infrastructure will require collaboration among many different partners.
The post What we learned from Cyber Europe 2012 appeared first on AT&T Global Public Policy.