Network and Information Security Network and Information Security

ICT has become the backbone of our economic growth and is a critical resource which all economic sectors rely on. Many business models are built on the uninterrupted availability of the Internet and the smooth functioning of information systems. However, information systems can be affected by security incidents, such as human mistakes, natural events, technical failures or malicious attacks. Cybersecurity incidents are increasing at an alarming pace and could disrupt the supply of essential services. The Commission's online public consultation on ‘Improving network and information security in the EU1' found that 57% of respondents had experienced network and information security (NIS) incidents over the previous year that had a serious impact on their activities.

The likelihood and frequency of incidents and the inability to ensure efficient protection also undermine public trust and confidence in network and information services. Across the EU, more than one in ten Internet users have already become victims of online fraud. The 2012 Eurobarometer on Cybersecurity found that 38% of EU Internet users are concerned about the safety of online payments and have changed their behaviour because of concerns with security issues: 18 % are less likely to buy goods online and 15% are less likely to use online banking.

This problem affects all parts of society and economy (national and local administration, business and consumers). In particular, a number of sectors play an essential role in providing key support services for our economy and society. These sectors include banking, stock exchanges, energy generation, transmission and distribution, transport (air, rail, maritime), health, enablers of key Internet services and public administrations.

Security incidents are capable of rendering critical government functions unavailable for several days, as demonstrated by the cyber-attacks against Estonia in 2007, which severely affected not only the provisioning of online services such as e-government and e-banking within the country, but also prevented citizens from accessing online services across borders.

Public networks are strongly interconnected and an incident affecting one entity even at local level can easily spread to another entity. Due to this strong interconnection, a network effect, resulting from incidents affecting a number of similar administrations, even small and local, is more likely in the context of public administrations. Such an effect carries the risk of NIS incidents spreading within or between administrations, which could disrupt or paralyse vast fields of local and national public activities. This risk is increased by the fact that state and local administrations are often targeted by cyber-attacks and are facing very significant and rising NIS risks. Criminals in particular can use a local administration as an entry point to attack other sectors of the administration.

The resilience and reliability of public on-line services to citizens is key to building and preserving their trust in e-government. eGovernment and eParticipation are increasing with citizen demand for timely and cost-effective services and so are the NIS risks for state and local administrations. The risk of public online services being hindered by NIS problems exists at all levels of government, local or regional.

This area of activity can be an important element of a digital strategy. It might, however, not be eligible for funding through ESIF.

Useful resources Useful resources

Thematic fiche

Network and information security

News

Connecting Europe facilities — cybersecurity digital service infrastructure.The European Commission has launched a call for tenders for the establishment of a core service platform between participating Member States and the operation of cooperation mechanisms for computer emergency response teams.

Building online trust and confidence: Electronic signatures, seals and trust services now valid throughout EU
From 1st July, people, businesses and public administrations will be able to carry out convenient, secure and legally valid electronic transactions across borders. EU rules on electronic signatures, electronic seals, time stamps, electronic delivery service and website authentication, as well as electronic documents apply directly across the 28 Member States.

Further reading

European Network and Information Security Market by IDC EMEA