The European Commission launched a public consultation in order to know experiences and EU possible responses to cyber incidents which cause disruption to essential Network and Information Systems (NIS), including the internet. The consultation runs until 12 October 2012.

The European Commission launched a public consultation to help it prepare a legislative proposal on network and information security, which will be an important element of the upcoming EU strategy on Cyber security. In particular, the Commission is seeking the views of governments, businesses, citizens about their experiences and EU possible responses to cyber incidents which cause disruption to essential Network and Information Systems (NIS), including the internet. In April 2011, the Commission already wondered if the EU critical infrastructures are protected against cyber-attacks.

The consultation, which will run until 12 October 2012, will offer a feedback that will help the Commission to draw up an approach to possible future risk management and security breach reporting requirements that would affect businesses in particular. As far as Network and Information Systems are concerned, the aim would be to enhance preparedness, strengthen the resilience of critical infrastructure as well as to foster a cyber-security culture in the EU.

In 2011, web-based attacks increased by 36% over one year and there was a five-fold increase in companies reporting security incidents with a financial impact between 2007 and 2010 (5%-20%). And the risk is growing. In the next decade there is a 10% risk of a major Critical Information Infrastructure incident causing more than $250 billion in economic damage, according to the World Economic Forum. Cyber incidents can be triggered by accidents like natural events, human errors, technical failures or by more sinister causes such as malicious attacks, economic espionage, terrorism and state-sponsored activity.