EU takes stock of public networks

gallery

The European Network and Information Security Agency (ENISA) has published its first ever European Union (EU) survey on public communication network resilience.

The agency said its “Stock Taking of Regulatory and Policy Issues related to Resilience of public eCommunications Networks” report identified a significant variety in the strategies, policies, initiatives and regulatory provisions deployed across the EU.

But it also identified commonalities between the approaches of member states to network resilience that it said demonstrated best practice, including strong public and private collaboration. And a focus on how well things are working in practice.

Although, telecommunication – including broadcasting, postal services, internet service providers (ISPs), fixed line and mobile telephone services – is considered one of the UK’s nine critical infrastructures, the report found that telecoms emergency planning and response was lightly regulated.

Based on interviews with representatives with the primary agencies involved in national network resilience, the UK report highlighted related responsibilities of the Department of Business, Enterprise and Regulatory Reform, Ofcom and the Centre for the Protection of National Infrastructure (CPNI) and said the 2007 floods proved their collaboration was effective.

While UK regulation in this area is light, the report highlighted that it has two mechanisms at its disposal in case of a communications security incident: UK Network Security Information Exchange (UK-NSIE) members discuss security incidents that have affected them and how they dealt with that information.

UK-NSIE reporting is voluntary, but the CPNI Combined Security Incident Response Team (CSIRTUK) may investigate. CSIRTUK will contact communications service providers who are involved in an incident that has been reported. And if the incident shows a pattern or trend, then an advisory will be issued.

The National Emergency Alert for Telecoms (NEAT) may also be used to inform operators. But Ofcom said there had been few examples where it has stepped in to investigate.

Andrea Pirotti, the executive director of ENISA, said: “This work underpins member states authorities’ efforts to debate and co-operate on this issue in a structured manner.”

The analysis of the stock taking results is due to be published by mid-January, 2009, after a workshop planned to discuss their findings in Brussels on 12-13 November.

ENISA is looking to keep Europe's networks secure - click here to read our feature on what they plan to do.

Email to a friend

Print this page