European member states must work harder to establish national Computer Emergency Response Teams (CERTs) by 2012 if they are to meet the European Commission’s expectations for critical infrastructure protection, according to a new EC review.
The report looks at efforts by member states to meet the goals of its 2009 action plan, designed to ensure that Europe is prepared for and resistant to attacks on its critical information infrastructure.
Although the report broadly praises member states for their work in setting up CERTS, sharing best practice and further engaging the private sector, it called for remaining states to set up their CERTS by 2012.
“Europeans need and expect to have access to secure, resilient and robust online networks and services,” said Digital Agenda commissioner Neelie Kroes.
“In the past two years we have achieved significant progress, but we must step up our efforts in the EU and at the global level to address ever-changing cyber threats.”
The EC highlighted recent events such as the hack of the French finance ministry prior to the G20 summit, and attacks on the EU Emissions Trading System and on the EC itself as demonstrating the need for a functioning network of CERTS in the region.
The report also called for the development of a European cyber incident contingency plan, regular cyber incident exercises at national and pan-European levels, and the establishing of strategic partnerships with non-EU countries.