Information security is the responsibility of businesses, not just governments, the European Commission has told the ISSE 2009 security conference in The Hague.
Information security is not something that only comes from and is funded by government, said Andrea Servida, deputy head of the EC information society and media directorate.
The cyber attacks on Estonia 2007 were a wake up call for some, but many in central Europe still do not appreciate the important role they have to play in improving cyber security.
Information security is high on the EC agenda, said Servida, but while the commission is still formulating a regional strategy, all parties have to work together.
It is imperative that we act now and do so in a collaborative way, he said. All stakeholders should focus on building resilience into all software and IT systems, he said.
Europe has to move from talking about information security to collaborative action across the region and internationally. Unless all parties are involved, there will be no success, he said.
Servida said European countries need to prioritise setting up mechanisms for bringing security expertise together to tackle common cybersecurity threats.
Public-private partnerships will be key to achieving this as many of the players are global organisations that can help guide actions and investments, he said.
The EC is facilitating the debate so that there is greater collaboration and less duplication of effort and will consult widely in formulating a package of proposals in the longer term, said Servida.