27 August 2012: In a new paper the EU cyber security agency ENISA takes a snapshot of existing and future EU legislation on security measures and incident reporting. The analysis underlines important steps forward, but also identifies gaps in national implementation, as most incidents are not reported.
The new report Cyber Incident Reporting in the EUprovides an overview of existing and planned legislation covering the mandatory incident reporting clauses in EU legislation. The study shows common factors and differences between the articles and looks ahead to the EU cyber security strategy. The paper also identifies areas for improvement.
You can read more about the paper and download a copy from ENISA at http://www.enisa.europa.eu/media/press-releases/eu-agency-enisa-analyses-cyber-security-legislation-spots-implementation-gaps-incidents-remain-undetected-or-not-reported