SECURITY
Cybersecurity needs industry support: BSA
12-06-2003
by Andrew McLindon
An industry body has said that cyberspace will not be secure unless the IT sector gets heavily involved in the proposed EU national security agency.
The Business Software Alliance (BSA), which is better known for campaigning against illegal software, said that the industry must participate in the European Network and Information Security Agency in order to improve the security of the global information infrastructure.
However, doubts have been cast on whether industry input will be sought. Last week, European telecommunications ministers endorsed the plan for the agency, but decided to axe a planned advisory panel, which would have included Internet, telecoms and IT companies.
The European Commission, which is backing the agency concept, condemned this move by the ministers and has pledged to ensure that the industry has a say in the agency's direction.
The BSA's president and chief executive officer, Robert Holleyman, said the organisation was a strong supporter of the agency, which is due to be launched in 2004.
"By serving as a centre of expertise for the European Commission and member state governments, the agency will help enhance the security of networks both in Europe and, by extension, throughout the world," Holleyman told on EU Parliament public forum in Brussels on Wednesday.
Holleyman added that the agency would also help increase co-operation between Europe and the US in the area of network and information security. America announced in June that it was to set-up a similar body, the National Cyber Security Division.
The idea behind the European Network and Information Security Agency is to enhance members states' efforts to improve network and information security, and to increase their and EU institutions' abilities to prevent and respond to major network and information security problems.
The European Commissioner responsible for the Information Society, Erkki Liikanen, said on Wednesday that the agency was needed to combat the growing wave of cyberattacks.
"The initiation of a co-ordinated European approach and the promotion of risk assessment and risk management methods will enhance our capability to deal with increasing information security threats," commented Liikanen.
However, the disposing of the agency's advisory panel by EU ministers, along with their insistence on directly appointing members themselves to its management board, has angered the Commission. Such moves, it is argued, would increase the e-security organisation's size and potentially make it unwieldy, The Commission argued that the new agency should be "an efficient and flexible entity" capable of making its own day-to-day decisions on cyber threats.
Liikanen also said on Wednesday that the agency's standardisation efforts would be done "in close collaboration with industry and building upon their expertise". He also said he wanted to reassure the sector that the agency would not be developing standards.
The European Parliament is to assess the proposed agency towards the end of the year. The proposal needs the backing of the Parliament and member states before it can go ahead.
Meanwhile, recommendations for improved security standards in Europe are to be debated at an open meeting in Brussels on Friday. The Network and Information Security Focus Group, which includes experts appointed by two European standards organisations -- CEN and ETSI, has evaluated existing security standards and identified possible gaps in the standards spectrum.
The meeting on Friday will debate the group's report, which was released in mid-May, with the aim of coming to a consensus on the report and its recommendations.
Caped Koala Studios has built a virtual world for kids, combining education and social networking 