Sign in / up

back to article Knives out for new EU rules forcing govts to reveal hacker attacks

Talks began on a new computer security law for Europe on Tuesday night. National ministers, the European Commission and MEPs got together for the first time in an attempt to nail down the wording in the proposed Network and Information Security (NIS) Directive. When it was proposed by the commission early last year, the draft …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. John Miles
    Facepalm

    re: setting up a competent authority

    This is something they expect governments achieve, despite all the evidence to the contrary ???

    6 0 Reply
  2. Christoph

    "According to the commission, 93 percent of large corporations experienced a cyber attack in 2012."

    What do they class as a cyber attack? If it's something like "someone tested our web site for a few obvious security holes but didn't get anywhere" then it must be 100% who got attacked.

    2 0 Reply
    1. Ole Juul
      Reply Icon

      What do they class as a cyber attack?

      If it's something like "someone tested our web site for a few obvious security holes but didn't get anywhere" then it must be 100% who got attacked.

      Now we really got to wonder about that 7%.

      2 0 Reply
  3. Sel

    reporting cyber incidents would not incur any additional costs

    They obviously have no idea what reporting to government agencies is really like. Reporting an incident will merely be a trojan horse to auditing your entire infrastructure and then being forced to upload it to an insecure government database.

    2 0 Reply
    1. tom dial Silver badge
      Reply Icon

      Re: reporting cyber incidents would not incur any additional costs

      And before the audit you will have to complete about an inch of vulnerability self assessment checklists for each system, for each year (or inch-equivalent - somewhere between 500 and 1000 questions). The questions will, of course, change from year to year, dampening excessive cloning. This manual effort will supplement the required vulnerability scans, further burdening employees who might otherwise be spending time patching and fixing the vulnerabilities, or requiring hire of additional employees or contractors.

      1 0 Reply
  4. Sirius Lee

    "enablers of information society services" such as Google, Amazon, eBay and Skype"

    It's a bit of an indictment that the companies chosen as example targets for the proposed directive are US. based. Are there no EU companies worthy even of being mentioned? It also makes the directive look like what it is, an attempt to try to control these US companies, the services of which very many EU citizens want to use.

    How about instead of trying to regulate these companies which is a complete waste of time, try to remove the reasons why there are almost no EU companies that are able to provide these services.

    0 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like