L'European Network and Information Security Agency (ENISA [2]) ha pubblicato, lo scorso 25 aprile 2007, un documento dal titolo "Inventory and assessment of EU regulatory activity on network and information security (NIS)" (pdf [3], 317 K) che contiene la raccolta delle principali normative europee in ambito sicurezza delle informazioni.
Un contesto confuso
Il rapporto evidenzia che il contesto legale e normativo europeo è, al momento, incerto, incompleto e confuso e che questo influenza in maniera negativa la costituzione di una cultura europea della sicurezza e pone ostacoli allo sviluppo dei mercati legati alle nuove tecnologie.Indice del documento
- 1. Introduction
- 2. Executive summary
- 2.1 Background
- 2.2 Objectives
- 2.3 Structure
- 2.4 Participants
- Diagram 1: Network and information security-related topics
- Diagram 2: Network and information security instruments by type
- Diagram 3: Juxtaposition of NIS instruments
- 3. Inventory of regulatory instruments
- 3.1 Network and information security
- 3.2 Attacks against information systems
- 3.3 Corporate governance / IT governance
- 3.4 Data authentication and security
- 3.5 Data protection and data retention
- 3.6 Provision of electronic communications networks and services
- 3.7 Intellectual property rights and the protection of technical mechanisms designed to prevent copying and counterfeiting
- 3.8 Security and financial services
- 4. Assessment
- 4.1 General challenges to be considered
- 4.2 Regulatory mechanisms in NIS
- 4.3 Most important areas for regulatory activities identified in NIS
- 4.4 Application-centric approaches
- 4.5 NIS regulation on the global stage
- Annex: Draft proposals for ENISA on the NIS legal framework
IsacaRoma Newsletter link
- ENISA Quarterly:
- Tutti gli articoli su ENISA [7]