- V3 Apps
Vice president of the European Commission (EC) Neelie Kroes has pledged to introduce new measures forcing businesses to report significant security breaches to national authorities.
Kroes said she would instigate the new laws during a speech at the World Economic Forum (WEF), claiming the cyber threat facing Europe is too big for individual states and companies to take on alone.
"After a series of consultations, I have become convinced that the matter of cyber security is too important to be left to the goodwill of companies. The proposal requires the member states to be appropriately equipped," said Kroes.
Under Kroes' proposals, member states could then cooperate at a national level.
"The Commission will also propose to extend the obligations to...report significant incidents to national authorities, to new sectors which are vital for our economy and society - energy, transport, banking, healthcare, key Internet companies," she added.
Kroes originally revealed the EC was considering forcing private sector firms hit by security attacks to report incidents during a speech at the Information Security Forum Conference in Chicago in November 2012.
The details of how the EC will force companies to share information regarding significant cyber incidents remain unknown.
Despite the lack of solid information, the proposed shift has been decried by numerous security experts.
In November representatives from Trend Micro, Spiderlabs and F-Secure told V3 that while well intentioned, there is no realistic way to implement such laws.
Kroes cited the heavy financial impact cyber attacks to hitting the region have had as evidence the new laws are needed.
"The World Economic Forum affirmed that in the next 10 years there is a 10 percent likelihood of a major critical information infrastructure breakdown with possible economic damages of over $250bn. Incidents and attacks are on the rise," said Kroes.
The EC will attempt to increase information sharing between EU states over cyber attacks, with Kroes proposing the creation new Network and Information Security (NIS) programme.
The UK government has already begun mounting similar cyber defence reforms.
Most recently the GCHQ announced plans to implement several new cyber defence programmes, these included the creation of a new cyber reserves force and Cyber Incident Response initiative.