Information published on 18 June 2013 in the UIC electronic newsletter "UIC eNews" Nr 351.

Network and Information Security (NIS) Public-Private Platform

  • Security

UIC, nominated by the EC as an official member, participated in the first plenary meeting of NIS Public-Private Platform that took place on June 17, 2013, in Brussels. Also from the railway and public transport sector, CER and UITP are official members of this new EC platform.

The NIS Platform will complement and underpin the proposed NIS Directive. The aim of the proposed Directive is to ensure a high common level of network and information security (NIS). In particular, through identifying best practice, it will help the relevant companies and public administrations implement in a consistent manner the general risk management and incident reporting obligations proposed under the Directive. It will also contribute to the process leading to the development of the implementing measures set out in the proposal, for example by helping simplify the reporting process.

The establishment of the NIS Public-Private Platform was announced in the Cyber Security Strategy of the European Union (Cybersecurity Strategy of the European Union: An Open, Safe and Secure Cyberspace, JOIN/2013/01 final). The Strategy “calls for the establishment of a platform, bringing together relevant European public and private stakeholders, to identify good cyber security practices across the value chain and create favourable market conditions for the development and adoption of secure ICT solutions”. The Platform is tasked with developing “incentives to carry out appropriate risk management and adopt security standards and solutions, as well as possibly establish voluntary EU-wide certification schemes building on existing schemes in the EU and internationally”.

As a first objective, the Platform will focus on fostering the adoption of effective risk management practices. The findings of the Platform on risk management will help companies and public administrations to increase their preparedness and cooperate more effectively, thereby enhancing cyber resilience in the EU. They will feed into Commission recommendations on cyber security to be adopted in 2014, said Giuseppe Abbamonte (Head of Unit EC - DG for Communications Networks, Content and Technology (CONNECT)).

In addition, the NIS platform is also expected to provide input to the secure ICT Research & Innovation agenda at national and EU level, including H2020.

The NIS Platform will be structured between plenary meetings composed of senior government and company representatives and thematic working groups or taskforces composed of experts. The plenary meetings will be held two to three times a year with the aim to steer the work of the Platform and validate the output of the working groups or taskforces that will meet on a regular basis to conduct technical discussions and produce draft consensus papers.

Paul Timmers (Director, Sustainable and Secure Societies, DG CONNECT, European Commission) said that “the Platform will have to produce results fairly quickly. In this first meeting it will be important to create a sense of urgency. NIS is increasingly important to our economy and society. NIS is also an important precondition to create a reliable environment for worldwide trade in services.”

It was also stressed that the Platform will continue to operate after it has delivered this first output and the work programme will have to incorporate both short-term and longer-term objectives and milestones.

The outputs of the Platform and regular progress reports will be made publicly available to ensure appropriate dissemination of the work of the Platform and allow entities not directly involved in the work of the Platform, including political bodies and the general public, to closely follow its activities.

For further information please contact José Pires: pires@uic.org