Activities of Ivailo KALFIN related to 2010/0275(COD)
Plenary speeches (1)
European Network and Information Security Agency (ENISA) (debate)
Amendments (13)
Amendment 14 #
Proposal for a regulation
Recital 11
Recital 11
(11) The Agency should contribute to a high level of network and information security within the Union and to the development of a culture of network and information security for the benefit of citizens, consumers, businesses and public sector organisations in the European Union, thus contributing to the smooth functioning of the internal market. In this regard, necessary budgetary provisions should be allocated to the Agency so that it can propose, by the end of the second year of its new mandate and after consulting all relevant stakeholders, a clear pan-European strategy on cyber- security;
Amendment 17 #
Proposal for a regulation
Article 12 – paragraph 4
Article 12 – paragraph 4
4. The work programme shall be organised in accordance with the Activity-Based Management (ABM) principle. This work programme shall include both the virtual and non-virtual aspects of the Agency's operations, activities and commitments. The work programme shall be in line with the statement of estimates of the Agency's revenue and expenditure and the Agency's budget for the same financial year.
Amendment 138 #
Proposal for a regulation
Recital 12
Recital 12
(12) A set of tasks should indicate how the Agency is to accomplish its objectives while allowing flexibility in its operations. The tasks carried out by the Agency should include the collection of appropriate information and data needed to carry out analyses of the risks to the security and resilience of electronic communications, infrastructure and services and to assess, in cooperation with Member States, the Commission and, where appropriate, with relevant stakeholders, the state of network and information security in Europe. The Agency should ensure coordination with Member States and enhance cooperation between stakeholders in Europe, in particular by involving in its activities competent national bodies and private sector experts in the area of network and information security. The Agency should provide assistance to the Commission and the Member States in their dialogue with industry to address security-related problems in hardware and software products, thereby contributing to a collaborative approach to network and information security.
Amendment 145 #
Proposal for a regulation
Recital 20 a (new)
Recital 20 a (new)
(20a) The Agency shall, inter alia, assist the relevant European institutions and the Member States in setting up and implementing an Union-wide public education campaign to end users, aiming at promoting safer individual online behaviours and raising awareness on the potential threats in the cyberspace (cybercrimes, as phishing attacks, botnets, financial and banking fraud, but also basic authentification - and data protection advice).
Amendment 147 #
Proposal for a regulation
Recital 26
Recital 26
(26) Network and information security problems are global issues. There is a need for closer international cooperation to improve security standards, improvein addressing the need of an international legal framework, to improve security standards (including the definition of common norms of behaviour and codes of conduct) and information exchasharinge, and promoteing a swifter international collaboration in response, as well as a common global approach to network and information security issues. To this end, the Agency should support a further European involvement and cooperation with third countries and international organisations in cooperationby providing, where appropriate, with the EEASthe necessary expertise and analysis to the relevant European bodies and institutions.
Amendment 158 #
Proposal for a regulation
Recital 37
Recital 37
(37) The Agency should be established for a limited period. Its operations should be evaluated with regard to the effectiveness of achieving the objectives and of its working practices, in order to determineAs the current five years-mandate system limits the Agency’s capability in setting up long-term planning for its operations and activities, and prevents the continuing validity, or otherwise, of the objectives of the Agency and, based on this, whether the duration of its operations should be further extendf its work, the possibility to lift its temporary mandate should be considered,.
Amendment 185 #
Proposal for a regulation
Article 3 – paragraph 1 – point g
Article 3 – paragraph 1 – point g
(g) Support cooperation between public and private stakeholders on the Union level, inter alia, by promoting information sharing and awareness raising, and facilitating their efforts to develop and take up standards for risk management and for the security of electronic products, networks and services, services and civilian - public, private or public-private - Critical Information Infrastructures (CII);
Amendment 189 #
Proposal for a regulation
Article 3 – paragraph 1 – point i
Article 3 – paragraph 1 – point i
(i) Assist the Member States and the European institutions and bodies, at their request, in their efforts to develop network and information security detection, analysis and response capability; , as well as a framework for security breach notification;
Amendment 195 #
Proposal for a regulation
Article 3 – paragraph 1 – point i a (new)
Article 3 – paragraph 1 – point i a (new)
(ia) If requested, to assist the Commission and relevant EU bodies or institutions in providing advice and expertise in the setting up of the European Institutions’ CERT;
Amendment 196 #
Proposal for a regulation
Article 3 – paragraph 1 – point i b (new)
Article 3 – paragraph 1 – point i b (new)
(ib) In case of severe cyber-threat, and if explicitly requested by a Member State or a European Union body/ institution, to assist it in operational tasks for securing the affected network, infrastructure or data;
Amendment 198 #
Proposal for a regulation
Article 3 – paragraph 1 – point j
Article 3 – paragraph 1 – point j
(j) Support Union dialogue and cooperation with third countries and international organisations in cooperation where appropriate with the EEASrelevant European bodies/institutions, to promote international cooperation and a global common approach to network and information security issues;
Amendment 201 #
Proposal for a regulation
Article 3 – paragraph 1 – points j a to j f (new)
Article 3 – paragraph 1 – points j a to j f (new)
(ja) In cooperation with the Commission and Member States, define common minimum cybersecurity certifications, norms of behaviour and cooperation practices between and among national- and European CERTs. The Agency shall also consult relevant stakeholders for defining similar cyber-security measures for private networks and infrastructures; (jb) Promote and support cooperation between and among relevant Member States and European CERTs in the event of incidents, attacks or disruptions on networks or systems, managed or protected by them; (jc) In order to achieve a coordinated and rapid European-wide rapid response system to cyber-attacks, incidents or disruptions, support, where necessary and upon the relevant Member State’s request, the setting up of a 24/7 continuity resilience service within the applicable CERT, and provide the necessary expertise for providing instant response readiness; (jd) Foster the adoption of a European “points-of-contact” directory and shall promote responsibility sharing and information- and best practices exchange among and between the above mentioned CERTs; (je) Continue coordinating pan-European cybersecurity preparedness and resilience exercises, and analysing their outcome and forthcoming steps to be undertaken by Member States and the EU, and it shall promote the participation of like-minded third partners to such exercises; (jf) Offer its expertise and advice to Member States and European institutions with regard to their participation to international fora on network and information security and cybersecurity;
Amendment 215 #
Proposal for a regulation
Article 9 – paragraph 2 a (new)
Article 9 – paragraph 2 a (new)
2a. In order to promote transparency and a smooth decision-making process of the Management Board, voting through remote conferencing shall be allowed in case of a major and unforeseen impediment to the personal attendance of at least three of its members.