The Role of Security Breach Notifications in Improving Cyber Security

Autores

  • Steve Purser Attended the universities of Bristol and East Anglia where he obtained a BSc. in Chemistry and a PhD in Chemical Physics respectively. He started work in 1985 in the area of software development, subsequently progressing to project management and consultancy roles. From 1993 to 2008, he occupied the role of Information Security Manager for a number of companies in the financial sector. He joined ENISA in December 2008 as Head of the Technical Department and is currently responsible for all operational activities of ENISA. Steve is co-founder of the ‘Club de Securité des Systèmes Informatiques au Luxembourg’ (CLUSSIL) and is currently the ENISA representative on the ISO SC 27 working group. He frequently publishes articles in the specialised press and is the author of ‘A Practical Guide to Managing Information Security’ (Artech House, 2004).

Resumo

This article examines how Security Breach Notification (SBN) procedures can be used to improve cyber security in a cross-border environment. The central idea is that quantitative data is necessary in order to better understand the evolving threat environment, although there are some strong limitations on this statement and it is extremely important to implement the data collection in a structured way and to analyse any trends cautiously. A distinction is made between SBN schemes and Data Breach Notification (DBN) schemes. Both schemes are likely to play a role in future EU policy developments relating to cyber security and implementations will need to take account of the specific requirements on both processes whilst remaining economically viable. Finally, issues related to implementing such schemes in a cross-border and cross-community environment will be presented.

Downloads

Publicado

2024-10-24

Edição

N.º 133 (2012): Cibersegurança

Secção

Artigos