The European Union's international cybercrime squad is
up and running, a year after it was given the go-ahead by the
European Commission.
The European Network and Information Security Agency (Enisa) has
a five-year budget of €34.3m (£24m) and a mandate to get member
states working together to combat security threats.
Enisa has appointed an executive director, put internal rules of
procedure into place and has begun hiring technical experts, the
organisation said.
Enisa's management board, including representatives from
industry, member states and the commission, met at the agency's
headquarters in Heraklion, Greece to formalise the organisation's
plans.
The body has a five-year mandate, and its existence will only be
continued after that if it proves a success.
It aims to become a pan-European "centre of excellence" on
security matters, collecting and analysing data on security
incidents, advising the commission and member states on security
issues, standardising security approaches and pushing for more
co-operation between the private and public sectors.
Executive director Andrea Pirotti, officially appointed last
month, is a Marconi veteran who was in charge of technology
products for critical IT infrastructure, and set up various
overseas companies in the Marconi communications group.
The management board is to be led by chair Kristiina
Pietikainen, director of a data security unit at the Finnish
Ministry of Transportation and Communications, and vice-chair
Ferenc Suba of the equivalent government body in Hungary.
Even as Enisa forges ahead, many stakeholders - including
government and industry representatives from around the EU - remain
sceptical about what the agency can do to improve security.
Hedy van der Ende, general manager of the Netherlands' Computer
Emergency Response Team (Cert), said Enisa will face a difficult
task, given that "Certs from different countries co-operate closely
already".
Arlene McCarthy, a Labour MEP best known for pushing what many
call a pro-software patent agenda in European legislation, has also
voiced doubts.
In a draft opinion written prior to the creation of Enisa,
McCarthy wrote it "may be more in the nature of a solution looking
for a problem rather than a real contribution to the creation of
[a] 'culture of security'".
However, she acknowledged the problem of IT security is severe
enough that the agency is "a worthwhile experiment", given that it
is established for a limited period.
On the other hand, McCarthy also recommended the agency to
promote a pan-European "trustworthy computing" initiative, a highly
controversial suggestion.
"Trustworthy computing" projects undertaken by the likes of
Microsoft and Intel have been promoted as improving security by
building anti-hacking measures into the hardware level. However,
they are widely understood by industry analysts to be a way of
building more draconian anti-copying measures into PCs.
Matthew Broersma writes for Techworld.com