Freely subscribe to our NEWSLETTER

The report recommends in seven points that:

– Member States may consider soft-law instruments (e.g. good practices and recommendations) as a means to intervene in the market

– Member States may consider simplification and harmonisation of competences (abilities, faculties) and tasks of relevant national authorities

– Member States may consider developing and implementing an integrated and holistic national risk management process

– Member States should consider assessing the degree of operators’ adherence to preparedness measures

– Each Member State must establish one national Computer Emergency Response Team, i.e. a ’CERT’

– Member States expressed the need for more good practice guidance on emerging policy issues (e.g. trusted information sharing exchanges, incident reporting, exercises)

– The European Commission should consider the development and implementation of a coherent pan European strategy based on Member States’ experiences

The Executive Director of ENISA, Mr. Andrea Pirotti remarked:

“This work underpins Member States’ efforts to debate and co-operate on this issue in a more structured manner. ENISA firmly responds to Member States needs by developing good practices on information sharing, incident reporting and exercises”

These results constitute the basis of ENISA’s contributions to the European Commission (or EU) strategy on Critical Information Infrastructure Protection (CIIP). This strategy builds on some of these recommendations and calls for ENISA’s active role in a number of crucial areas.

For full report:

http://enisa.europa.eu/doc/pdf/deliverables/enisa_resilience_policies.pdf