TelecomTV TelecomTV
  • News
  • Videos
  • Channels
  • Events
  • Directory
  • Smart Studio
  • Surveys
  • Debates
  • Perspectives
  • DSP Leaders World Forum
  • DSP Summits
  • Great Telco Debate
    • |
    • Follow
    • |
    • Subscribe
  • |
  • More
  • Webcasts
  • Surveys
  • Debates
  • Perspectives
  • Great Telco Debate
  • |
  • Follow TelecomTV
  • |
    • Subscribe
    • |
  • About
  • Privacy
  • Help
  • Contact
  • Follow TelecomTV
  • About
  • Privacy
  • Help
  • Contact
  • Sign In Register Subscribe
    • Subscribe
    • Sign In
    • Register
  • Search

Policy & Regulation

Policy & Regulation

First pan-European cyber-security law to be enacted

Martyn Warwick
By Martyn Warwick

Dec 9, 2015

via Flickr © fdecomite (CC BY 2.0)

via Flickr © fdecomite (CC BY 2.0)

  • New Network and Information Security Directive codifies legal responsibilities of Internet companies.
  • Those classified as "essential services" must report all serious breaches of their networks and systems.
  • List includes the likes of Amazon, Cisco, eBay and Google but not social networks such as Facebook and Yahoo.
  • Firms face fines of 5 per cent of global turnover if they fail to report incidents

Legislators have agreed on the basis and principles upon which to fashion the European Union's (EU) first cyber-security law: the Network and Information Security Directive (NISP). Remarkably, the accord came following a mere five-hour-long discussion between the European Parliament and the individual governments of the 28 member states of the EU - a rare event indeed and evidence of genuine political accord and just how seriously the EU now takes the ever-increasing threats and incidences of cyber attacks and the resultant breaches of security and privacy and bringing down of vital commercial and governmental networks and Internet sites.

One of the central tenets of the new law is that ISPs such as Amazon. eBay and Google will be legally bound to report all 'serious breaches' of their networks to the national governments of the EU member states and systems or face serious sanctions. However, social networking sites such as Facebook and Yahoo will not be subject to the same requirements or penalties.

Andus Ansip, the former Prime Minister of Estonia, is now at the European Commission (EC) overseeing the development of Europe's Digital Single Market with the remit to make Europe a world leader in ICT and to fight cybercrime.  He commented, “Trust and security are the very foundations of a Digital Single Market. If we want people and businesses to use and make the most of connected digital services, they need to trust them to be secure in the case of attack or failure.”

Mr. Ansip added, "The Internet knows no borders - a problem in one country can have a knock-on effect in the rest of Europe. This is why we need EU-wide cyber-security solutions. This agreement is an important step in this direction. The new law will build-up consumers' trust in Internet services, especially cross-border services."

The Network and Information Security Directive codifies in law the security and reporting obligations incumbent on companies and enterprises in what are classified as 'critical and essential sectors'. These include, energy, health, finance and transport.

German MEP, Andreas Schwab, who oversaw the law's passage through the European Parliament said, "Germany pushed hard for a harmonised identification of critical operators in energy, transport, health or banking fields, which will have to fulfil security measures and notify significant cyber incidents. Member states will have to cooperate more on cyber-security – which is more important than ever in light of the current security situation in Europe."

It means that the likes of Amazon, Cisco, Google and Microsoft have been classified as 'essential service providers, alongside the likes of energy, banking, healthcare and transport companies, and they too will be required to report any attacks or breaches.

Andus Ansip again: “We need EU-wide cyber-security solutions. The agreement is an important step in this direction, but we cannot stop here: we plan an ambitious partnership with the industry in the coming months to develop more secure products and services.”

Günther Oettinger, the EU's Commissioner for the Digital Economy and Society, observed, "The agreement constitutes a major step in improving the resilience of our network and information systems in Europe. Improving cooperation and information exchange between Member States is a key element of the agreed rules and will help us tackle the increasing number of cyber-attacks.”

Now the text of the political agreement will be approved by the European Parliament and the Council. After that  it will gazetted in the EU Official Journal and thus become European law. Henceforth it will be incumbent on relevant businesses and organisations to make themselves completely familiar with their responsibilities under the terms of the new legislation and as "operators of essential services” must be prepared to take all “appropriate security measures” and notify serious incidents to the relevant national body.

The EC expects that the new law will have the effect of making companies much more honest and transparent about the security breaches they suffer and will force the senior management and boards of directors of such enterprises publicly to declare and reveal that a cyber-security breach has happened; something that, in the past, many companies have been most unwilling to acknowledge. Should they fail to so so once the new law is in place, the companies face fines of five per cent of their global revenues.

Related Topics
  • Analysis & Opinion,
  • Business Models,
  • News,
  • Policy & Regulation,
  • Privacy,
  • Security

More Like This

Access Evolution

IoT specialists are finding network security hard

Apr 19, 2021

AI, Analytics & Automation

The EU wields a big stick to prevent AI being used for ‘indiscriminate surveillance’

Apr 16, 2021

Policy & Regulation

US Supreme Court Justice calls for Amazon, Facebook and Google to be regulated like telcos

Apr 7, 2021

Digital Platforms & Services

Commercial Vehicle Video Telematics Solution Revenues Set to Exceed US$8 Billion by 2026

Apr 7, 2021

3GPP

New Services in SAP HANA Cloud Lower TCO for Customers in Data-Intensive, Highly Regulated Industries

Apr 7, 2021

Email Newsletters

Stay up to date with the latest industry developments: sign up to receive TelecomTV's top news and videos plus exclusive subscriber-only content direct to your inbox – including our daily news briefing and weekly wrap.

Subscribe

Top Picks

Highlights of our content from across TelecomTV today

DSP Leaders World Forum 2021 Delegate Report

0:50

DSP Leaders Open Telco Summit

23:25

Extra Shot: Next Steps for DSPs

11:17

How cloud dynamics are reshaping the telecoms sector

  • TelecomTV
  • Decisive Media

TelecomTV is produced by the team at Decisive Media

Menu
  • News
  • Videos
  • Channels
  • Directory
  • Smart Studio
 
  • Surveys
  • Debates
  • Perspectives
  • Events
  • About Us
Our Brands
  • TelecomTV Tracker
  • TelecomTV Perspectives
  • DSP Summits
  • DSP Leaders World Forum
  • The Great Telco Debate
Get In Touch
info@telecomtv.com
+44 (0) 207 448 1070

Request a Media Pack

Follow
  • © Decisive Media Limited 2021. All rights reserved. All brands and products are the trademarks of their respective holder(s).
  • Privacy
  • Terms
  • Legal Notices