An easy way of publishing your relevant EU press releases.

Response to EU Cybersecurity Strategy and proposed Directive on Network and Information Security (NIS)


07 Feb 2013


Innovation & Enterprise

BRUSSELS, Thursday, 7 February 2013

DIGITALEUROPE believes in a co-ordinated approach to cybersecurity and welcomes various initiatives under the Cybersecurity Strategy published today. We believe that elements of the strategy will strengthen European citizens', companies' and public sector institutions' resilience to cyber incidents and criminal activity. We support the strengthening of public sector Computer Emergency Response Teams' capabilities, the introduction of a co-operation network, continuation and the scaling-up of cyber exercises, awareness raising activities, measures to tackle cybercrime and capacity building in third nations.

However, we see room for improvement in the Strategy. Member States are building communities and trust through local, regional, or sector specific private public partnerships, yet we see a general change in approach in the draft Network and Information Security Directive from working hand-in-hand with industry, to top-down, unidirectional reporting obligations and requirements. These could divert resources from effective security measures and would also undermine the benefits that companies gain from bi-directional exchange, which allows for the understanding of new threats and improves incident response. If the scope of the proposed incident reporting mechanism is too wide and burdensome, it could weaken trust at a time when we need to build on real-time information sharing and collective response. We are also concerned that the measures imposed on market operators could lead to interference with the design and manufacture of ICT products, which would stifle innovation and lead to a balkanisation of the network.

DIGITALEUROPE believes the proposed requirements should not be targeted at sectors which are not critical infrastructure, and question the inclusion of enablers of internet services on this basis. In this new economy, data security is most relevant for citizens, governments and companies alike, and respective data breach notification obligations are currently already under way in the draft privacy regulation.

By not addressing applicable law or adopting a fully harmonised approach, we feel that the proposal could lead to a patchwork of authorities that could strain the resources of market operators.

DIGITALEUROPE will continue to work with the EU institutions in order to achieve these improvements and to participate in initiatives that strengthen the partnership between public and private sectors.


Media and interview enquiries Jonathan Murray - DIGITALEUROPE, Director T. +32 2 609 53 10 E.


International Association for Democracy (IAD)
Lobbying Officer (voluntary)
European Food Banks Federation
Head of ​Fundraising and Partnerships​​
European Affairs Consulting Group (Eacon)
EU Public Affairs Trainee
International Commission of Jurists - European Institutions
Programme Manager
Terre des Hommes International Federation
Child and Youth Participation Advisor (Environment & Climate)
KIOS Foundation
Team leader
European Parliament, office of MEP Siegfried Mureșan
Accredited Parliamentary Assistant, office of MEP Siegfried Mureșan