The Governance of Network and Information Security In the European Union: The European Public-Private Partnership for Resilience (EP3R)
In: Gaycken, Krueger, Nickolay (eds.). The Secure Information Society. Berlin: Springer Publ.
29 Pages Posted: 4 Jun 2012
Date Written: June 4, 2012
In public policy information and communications technology (ICT) infrastructures are typically regarded as critical information infrastructures and, thus, require security and protection against cyberthreats. The European Union (EU) Network and Information Security (NIS) policy combines public and private policies at the level of the operators which are highly interdependent. Any NIS policy success rests to an overwhelming degree on the commitment and compliance of the ICT infrastructure operators. Increasingly, policy makers have to pay attention to the supporting governance system which would give best effect to the NIS policy objectives.
This contribution focuses on NIS governance in the EU and explores mechanisms of cooperation between public and private operating ICT infrastructure through the lens of governance theory. It concludes that NIS governance objectives can be pursued in public-private partnerships, but not all functions of NIS policy can be suitably performed at the EU level. Any engagement with the industry needs to be supported by appropriate governance mechanisms that deliver high levels of commitment and compliance by private stakeholders. Against this backdrop this paper critically assesses the European Public-Private Partnership for Resilience (EP3R) NIS and offers recommendations for EU policy makers on a suitable Europe-wide multi-stakeholder governance framework to promote NIS strategy and highlevel policy.
Keywords: Cybersecurity, network and information security, critical information infrastructure
Suggested Citation: Suggested Citation