Cyber crime is costing $380bn a year, but not enough is being done to protect IT internet users, according to European...
Commission vice-president Neelie Kroes.
"Everyone uses computers, so cyber attacks can affect everyone," she said in a video address to Infosec Europe 2012 in London.
Kroes, who is in charge of the Digital Agenda re-iterated an address made in Brussels last month, saying internet security cannot be confined to national security agencies.
Cyber threats come from around the world and have a variety of motives and impacts, which means the solution is not simple, she said.
"It cannot be left to national security authorities, but needs a comprehensive solution that involves governments, businesses and individuals," said Kroes.
Internet security is not a problem that is going to go away, she said, but a safer internet can be achieved with an approach built on the single market, which gives the right incentives to the private sector, invests in supply, and has an international outlook.
To that end, the European Commission is due to present a plan, entitled a European strategy for internet security, in the third quarter of this year.
The plan is based on five key areas, Kroes said. First, there is a need to build a network to respond to cyber threats and share that information.
EU member states will be asked to guarantee minimum capabilities to respond adequately to threats and share critical information in a secure and confidential manner.
Second, there needs to be a governance structure. Member states will be required to establish competent authorities to centralise information, to: create a regional forum to enable collaboration with the private sector; support a European cyber incident contingency plan; and exchange best practices.
Because the private sector owns, runs and supplies much of the critical national infrastructure, Kroes said the third aim of the strategy will be to improve security at every point in the supply chain.
Fourth, there needs to be a vibrant information security market, she said. The strategy will aim to foster investment in innovation for security technologies, including through the EU budget.
"We need to fill the gaps in the value chain and bring bright ideas to the market, to boost user trust through giving them confidence in the systems they use," she said.
Finally, she said, internet security is not a European-only problem. Emphasising the need for a global response, Kroes said that, with an international view, the strategy would deliver an internet that was safe and secure for everyone.