Wednesday, May 29 2019
One of the main objectives of the Directive is to establish a cooperation group in order to support and facilitate strategic cooperation and information exchange between Member States, helping to create trust and mutual collaboration.
The 8 article states that the single national contact acts as a liaison to ensure cross-border cooperation of Member State authorities with:
- the competent authorities in the other Member States
- the cooperation group defined below
- the previously defined CSIRT network.
It is the 11 article to set up and define the tasks of the cooperation group with the aim of supporting and facilitating strategic collaboration and information exchange between Member States, developing trust and achieving a common high level of network security and information services in the Union.
Below is the detail of its tasks:
- provide strategic guidance for the activities of the CSIRT network;
- define good practices on the exchange of information relating to the notification of incidents;
- exchange best practices between Member States and, in collaboration with ENISA, provide them with assistance for capacity building on network and information system security;
- discuss Member States' capacities and preparedness and evaluate, on a voluntary basis, national strategies on network and information system security and the effectiveness of CSIRTs and identify best practices;
- exchange information and best practices on awareness and training;
- exchange information and best practices on research and development concerning the security of networks and information systems;
- where appropriate, exchange experiences on network and information system security with relevant Union institutions, bodies and bodies;
- discuss standards and specifications with representatives of relevant European standardization organizations;
- gather information on best practices in relation to risks and accidents;
- to examine, on an annual basis, the summary reports of the national single contacts;
- discuss the work done on exercises in network and information system security, education and training programs, including the activities carried out by ENISA;
- with the assistance of ENISA, exchange best practices related to the identification of operators of essential services by Member States, including in relation to cross-border dependencies regarding risks and incidents;
- discuss how to report incident notifications.
Every 18 months the cooperation group draws up a report in which it evaluates the acquired experience regarding the strategic cooperation, realized according to the present article.
The European Commission itself periodically reviews the functioning of this directive and presents a report on this to the European Parliament and the Council. To this end and in order to further intensify strategic and operational cooperation, the Commission takes into account the reports of the cooperation group and the CSIRT network on the experience acquired at strategic and operational level. As part of the review, the Commission also evaluates the list of OSEs and FSDs and the consistency in identifying the relevant operators. The first report will be presented by the 9 May 2021