Data and Security Breaches and Cyber-Security Strategies in the EU and its International Counterparts
The report from the Directorate-General for Internal Policies (European Parliament, 2013) provides an overview of the definition of security incidents and breaches and an analysis of their scale and trends. It summarises the current EU-level efforts to address network and information security, review some of the provisions of the Commission’s 2013 proposals for a Network and Information Security Directive and offer recommendations. It poses the concerns of the relationship of incident notification achieving the outcomes of the directive, potential for overlapping regulation and definitions of covered entities. It is suggested that it would be helpful to clarify what kind of incidents the Directive is aimed to address.