Variations in the effectiveness of national Computer Emergency Response Teams (CERTs) are undermining efforts to strengthen cyber-security across the continent, according to the EU’s own experts.
In two reports published on the 17th December, the European Network and Information Security Agency (ENISA) concluded that large discrepancies between CERTs in different EU member states remain.
Udo Helmbrecht, Executive Director of ENISA, identified a lack of clarity regarding the exact roles and responsibilities of CERT operations, a lack of funding, and inadequate numbers of highly specialised IT, legal and PR experts, as three of the main deficiencies.
"When exchanging information on incidents with their peers in other member states, it is still common that partnering teams do not act upon information provided in a timely and professional way," says the report.
The EU Commission has long been aware of these problems and is set to release a draft directive on cyber-security in January 2013 to tackle this very issue, as part of its ongoing Digital Agenda programme.
Proposals are likely to include the creation of a co-operation mechanism to prevent and counter cross-border cyber incidents, in addition to establishing a minimum standard of cyber-preparedness at the national level.
Original Photo Source: Steve Rhode @ Flickr.com