1 / 7

IT security seminar Copenhagen, April 4th 2002

Explore the global concern of IT security and its significance in the development of the Information Society. Learn about the European approach, the role of National Regulation Authorities, and the need for harmonization and cooperation.

jwillie
Télécharger la présentation

IT security seminar Copenhagen, April 4th 2002

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. IT security seminarCopenhagen, April 4th 2002 M. Jean-Michel HUBERT Chairman of the French Regulation Authority IRG Chairman

  2. Security is a global concern • Security issues are a global concern in the Society in general • But concerns around IT security significantly increased in the recent years as the Information Society is developing • The events of September 11th in the United States highlighted • the ability of Internet to support emergency response, personal and other communications after the attacks • but also that potential threats can affect its functioning • and that Internet is a sphere of activity for cybercriminals • Internet gathers most of the IT security issues • it is an intrinsically open and international network • commercial use increased the need for security • networks and security solutions are heterogeneous

  3. Internet security is a major concern • Internet is part of the everyday environment for 38 % of European households in average (Eurobarometer 2002, EC) • It is a working tool for most European companies • More and more commercial and administrative transactions make use of the Internet : net bank, e-commerce, tax declarations… • Personal and confidential data are now carried over the Internet, more and more sensitive and economic valuable information • Usage and applications of the Internet broaden as mobile phones, PDAs, TVs or home electronic equipment are going to be connected, with ‘always-on’ connections • A safer Internet is one of the conditions for its continued development and use: e-commerce, e-government • It is a complex and dynamic issue as technology changes constantly pose new challenges

  4. The European approach • IT security has been recognized as a public action problem in Europe • A safer Internet was one of the key objectives of the action plan eEurope 2002 • The European Council adopted a Resolution on IT security in January 2002 • The new EU regulatory framework for electronic services and the data protection Directive contain security and integrity of networks provisions • The Communication of the Commission on IPv6 in February 2002 gives incentive for the deployment of a more secure Internet protocol • The proposed new action plan eEurope 2005, to be adopted in Seville next June, will set new objectives and concrete actions for Europe in IT security

  5. What has been done in France ? • The draft Information Society Act clarify the legal framework for e-commerce as well as reinforce network level of security • Articles against cybercriminality have been adopted right after September 11th events • It is planned to totally liberalize the use of encryption • Electronic signature has been recognized in March 2000 • A CERT dedicated to protect governmental networks has been established at the end of 1999 • A growing number of teleservices and electronic administrative procedures are using security mechanisms: tax teledeclaration for companies and residentials, electronic medical sheets • A number of initiatives to promote research and education on IPv6, French universities contribute to IPv6 standardization

  6. Progress still need to be done • raise awareness on IT security : the use of security mechanisms in Europe is lower than in the US • as well as demystify IT security threats for users • provide recognized statistic indicators to measure risks and security improvements • reinforce coordination and cooperation in Europe on procedures for detection, warning and response, exchange best practices • address the problem of competing and non interoperable standards for security solutions Source: OECD

  7. A common policy approach • IT security should remain a priority for policy makers but what should be the role of National Regulation Authorities ? • IT security measures should take account of competitive markets, of a rapidly changing environment of new technologies and convergence of networks • good balance between IT security requirements and costs for operators to implement security mechanisms • Harmonization on information and procedures is an European objective • Regulators have a key role in raising awareness, encouraging cooperation and participation of players in standardization activities

More Related