The report outlines the findings on data breach, provides a description and analysis of the domain and lists relevant recent incidents. A series of proposed actions for mitigation is provided.
Recommendations for a methodology of the assessment of severity of personal data breaches
The European Union Agency for Network and Information Security (ENISA) reviewed the existing measures and the procedures in EU Member States with regard to personal data breaches and published in 2011 a study on the technical implementation of the…
Implementation of Art 15: Security breaches notifications in trust services
The European Commission proposed on July 2012 a draft regulation on electronic identification and trust services for electronic transactions in the internal market, which will replace the existing Electronic Signature Directive 1999/93/EC. Article…
Recommendations for technical implementation of Art.4
In 2011 ENISA has set up an Expert Group composed of representatives of the EU institutions, Art.29 Working Party, national DPAs and industry. This group helped in the development of the specific technical recommendations for the implementation of…
Security framework for Trust Service Providers - Technical guidelines on trust services
Article 19, which is the main focus of this document, of the eIDAS Regulation, states that Trust Service Providers have to demonstrate due diligence, in relation to the identification of risks and adoption of appropriate security practices, and…
Algorithms, Key Sizes and Parameters Report - 2013
This document collates a series of recommendations for algorithms, keysizes, and parameter recommendations. It addresses the need for a minimum level of requirements for cryptography across European Union (EU) Member States (MSs) in their effort to…
Data Breach Notifications analysed
The Executive Director participated in a high level panel at the European Data Protection and Privacy conference , subtitled
'Creating a modernized and harmonized regulatory framework' in Brussels on 30/11/2010 on the topic: 'Data Breach…
New report: Data Breach Notifications in Europe
The EU’s ‘cyber security’ Agency ENISA, (the European Network and Information Security Agency) has today issued a report on Data Breach Notifications. The EU data breach notification (DBN) requirement for the electronic communications sector in the…
Reporting data breaches - public consultation by the EU Commission
The European Commission has launched a public consultation on the procedures and formats for personal data breach notifications under the ePrivacy Directive. (2002/58/EC). This is an important development to increase the level of data security for…
Closer cooperation on Data Breach Notifications between ENISA & Art. 29 Data Protection Working Party
The Agency and the Art. 29 Data Protection Working Party agreed to intensify their cooperation on Data Breach Notifications, at a meeting recently taking place in Brussels.