Slashdot Mirror

← Back to Stories (view on slashdot.org)

European Union's First Cybersecurity Law Gets Green Light (bloomberg.com)

Posted by BeauHD on from the red-light-green-light dept.

An anonymous reader quotes a report from Bloomberg: The European Union approved its first rules on cybersecurity, forcing businesses to strengthen defenses and companies such as Google Inc. and Amazon.com Inc. to report attacks. The European Parliament endorsed legislation that will impose security and reporting obligations on service operators in industries such as banking, energy, transport and health and on digital operators like search engines and online marketplaces. The law, voted through on Wednesday in Strasbourg, France, also requires EU national governments to cooperate among themselves in the field of network security. The rules "will help prevent cyberattacks on Europe's important interconnected infrastructures," said Andreas Schwab, a German member of the 28-nation EU Parliament who steered the measures through the assembly. EU governments have already supported the legislation. The EU Parliament also noted that network-securitiy incidents resulting from human error, technical difficulties, technical failures or cyberattacks cause annual losses of upwards of $377 billion (340 billion euros).

38 of 89 comments (clear)

  1. bad security mostly not human error by turkeydance · · Score: 1

    it's human on purpose

  2. Finally. by AlphaBro · · Score: 5, Insightful

    This has been a long time coming. Companies should be held accountable for their negligence.

    1. Re:Finally. by Anonymous Coward · · Score: 1

      I'm sure Enron was just trying to "get stuff done" too. Regulation to preserve economic welfare is necessary both in financial and information sectors.

    2. Re:Finally. by Anonymous Coward · · Score: 2, Insightful

      Yeah right. I see companies intentionally cutting corners on every point trying to save money "getting things done". If they can get away with it, they will. The industrial sector is the worst. Please go visit your local urgent care facility and see how many people have lost fingers on a daily basis because some boss wants to "get things done" while bypassing safeties on machines.

    3. Re:Finally. by Anonymous Coward · · Score: 1

      oh for christ sake, most companies are just trying to get stuff done, not intentionally choosing to have exploits.

      No fucking shit, sherlock. That's THE POINT of regulation, is companies get busy 'doing stuff' and ignore health, safety and security consequences. Can you drive your car into the back of someone else's can you say "oh sorry officer, I was just trying to get stuff done, I didn't mean any harm!" and get off? No? Did you bother to knock even 2 brain cells together before typing this?

    4. Re:Finally. by AlphaBro · · Score: 1

      Your misuse of the word "exploit" ("vulnerability" was what you were looking for) shows how much you know about the topic. If companies output low quality code, they should be punished for putting their users at risk. It doesn't matter if they are "just trying to get stuff done".

    5. Re:Finally. by Opportunist · · Score: 4, Interesting

      This has nothing to do with "getting stuff done" and everything with not wanting to spend money on something that doesn't make them money. Do you think the chemical industry was too keen on buying those protection suits and air filtering for their workers? I mean, why bother, if one of them gets killed by chlorine gas, there's plenty of unemployed out there who're happy for getting a job.

      They're not intentionally choosing to have exploits. They just intentionally choose to not give a shit because it's cheaper and increases the profit. Corporations are not "evil". They don't dump oil into the sea because they want to poison the fishes, they do it 'cause it saves them money.

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    6. Re:Finally. by AmiMoJo · · Score: 2

      Corporations are not "evil". They don't dump oil into the sea because they want to poison the fishes, they do it 'cause it saves them money.

      That fits the definition of "evil" in my book.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    7. Re:Finally. by dave420 · · Score: 2

      Apart from the fact it has everything to do with cyber security and nothing to do with worming its way into the lives of every European. Protection of the people was exactly what people had in mind when signing up for the EU. Or are you really that ignorant of the EU? Amazing.

    8. Re:Finally. by dave420 · · Score: 1

      You can read the entire proposal to find out what they intend to enact. This is how this stuff works. It's true, the bureaucrats are not tech-savvy, which is why they consult industry to find out about these things. I can't believe this needs to be explained to you. How you can argue against the EU when they have enacted some of the most stringent privacy laws the world has ever seen - designed precisely to protect users from the large companies desperate to harvest their data for nefarious purposes, is also beyond me. It's almost as if it's not the EU but your own imagined version of it that you are annoyed with. Did you accidentally get the EU and the Empire mixed up in your head?

    9. Re: Finally. by dave420 · · Score: 1

      Ooooh I get it now. You have no idea what the EU does, how it consists of elected members from the member states, what "sovereignty" means, or the function of the EU courts. And yet here you are, proudly (yet anonymously - rather telling) proclaiming to the whole world that you simply don't understand it, and that you pine for earlier days where your nostalgia and bizarre sense of patriotism can skip merrily down country lanes while Dame Vera Lynn serenades you.

      I hate to break it to you, but why "we" are in the EU to begin with has absolutely nothing to do with this. We can't turn back the time to 1975 and have a do-over. What we do know, however, is that the recovery of Britain since then is due in part to its EU membership. We do know with incredible certainty that Britain's manufacturing industry and seat of the world's financial capital are entirely due to being in the EU. Countries are entirely sovereign as they still have the last say in adopting the regulations - they can choose to not do so if they wish, at the expense of the benefits adopting them brings. This is really basic stuff and it seems you don't understand one iota of it.

      Your ignorance is astounding.

    10. Re:Finally. by Opportunist · · Score: 1

      It's not the comic-book mustache-twirling super-villain evil who does "evil" for the sake of being evil.

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    11. Re:Finally. by Coren22 · · Score: 1

      You know, it really isn't hard to find the information about what is happening.

      https://ec.europa.eu/digital-s...

      You could have found that in about 10 seconds on Google, but instead you spent that amount of time railing at dave420 for not feeding you like an infant.

      --
      APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
    12. Re:Finally. by Coren22 · · Score: 1

      https://slashdot.org/comments....
      You lose the argument when you have to agree with yourself to look like others agreeing with you. Keep the tactic up, it just makes you look like a lonely person defending their mental illness.

      https://slashdot.org/comments....
      Get the treatment you so desperately need APK before it is too late!

      https://slashdot.org/comments....
      Your arguments have been refuted so much that there is no point in refuting them again, I will keep linking to it until you get it. You have lost the argument. Good night sir.

      --
      APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
  3. Brexit by manu0601 · · Score: 2

    Will it apply to UK?

    1. Re:Brexit by serviscope_minor · · Score: 2

      Depends when it's passed.

      The referendum voted for Brexit, but that was not a binding referendum. That means the government can wait as long as it likes to actually leave (or in fact not), during which time we're a fully paid up member of the EU with all the rights and all the responsibilities which includes implementing any new legislation.

      And even it we do leave after it, a lot of our general legislation on all sorts of things comes via Europe. The government will then have to decide what to scrap, what to keep and what to modify. I suspect most of it will just be kept as-is since it needs to be there in some form and it would be far too much work with no political capital to amend obscure laws just because.

      --
      SJW n. One who posts facts.
    2. Re: Brexit by Anonymous Coward · · Score: 1

      TTIP will take care of that. Soon the EU will just be a market and nothing more. Any attempt at regulation will be met by economy-killing lawsuits but, really, no resistance is expected. There will be the usual hand-wringing, denial and rage, but the new status quo will be accepted. There is no other choice. Economy is too important to let politicians and plebes touch it.

    3. Re:Brexit by Coisiche · · Score: 1

      I suspect most of it will just be kept as-is

      Yeah, 'cos our MPs would never favour the wants of their corporate chums over the needs of the general public.

      But then most of the leg work is going to be done by unknown civil servants (probably aided by highly paid consultants since the civil service is going to be struggling to meet the deadlines) with parliament just rubber stamping it and maybe a few MPs throwing in suggested amendments. I don't think it's going to go smoothly.

    4. Re:Brexit by AmiMoJo · · Score: 1

      It's even more complex than that. It will likely take decades to figure out which bits of "EU" legislation we want to repeal, and since most of what people call "EU" regulation is actually only remotely related to being in the EU it's not even clear what proportion that accounts for. Best guess is around 15% of our laws.

      However, it also depends on if we stay in the Single Market. If we do we will probably have to accept rules like this. That would be the best outcome for everyone - We get the benefit of the market, a stable economy and the rules that protect us (the electorate I mean), it discourages other EU members from leaving and the EU gets to power ahead without us trying to drag them backwards.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    5. Re: Brexit by Anonymous Coward · · Score: 1

      That's why I said TTIP will take care of that. It specifically gives corporations the power to sue governments for loss of revenue. Which means governments and yes, that includes the EU, better wise up.

    6. Re:Brexit by phantomfive · · Score: 1

      It depends what agreements the UK makes with the EU if/when it exits

      --
      "First they came for the slanderers and i said nothing."
    7. Re:Brexit by manu0601 · · Score: 1

      The main reason people voted for leaving EU is because they don't like cheap Polish workers (...) The other possible benefits was mostly just excuses to not sound racists

      One may refuse to have foreign workers operating on foreign labor laws, without being actually racist.

  4. Re:That's nice by Opportunist · · Score: 1

    Probably nothing. The EU is maybe inefficient and busying itself with trivial matters, but there are limits on HOW trivial a matter may be before even the EU says "Call someone who gives a shit".

    We leave that to countries that don't want to tackle their real problems, so making up some new ones that they can then get worked up about is necessary to distract the people.

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  5. Re:Yet another example of EU overreach by Plammox · · Score: 2

    Economic integration requires common legislation. At least the bureaucrats were recruited based on skill based selection procedures. Most probably, they are better qualified than the populist idiots in the national parliaments.

  6. Re:Yet another example of EU overreach by lordholm · · Score: 2

    What everyone signed up for was in-fact an ever closing union, with intent of forming a proper political union. In the case of the UK, political union was heavily debated in the 1975. Although many people claim that they where deceived and they never discussed the political union, looking at the records of what was said during the 1975 referendum campaigns, and the debates in the UK parliament, it is clear that this is utter bullshit.

    --
    "Civis Europaeus sum!"
  7. Re: Yet another example of EU overreach by TechnoCore · · Score: 1

    Skill based selection procedures. Not 'who', mr annonomous covard. Can't have direct voting for complex questions, since populistic clowns will the run the show, making the vote into and about something totally different.

  8. Re:Yet another example of EU overreach by dave420 · · Score: 1

    I guess you don't know that in the British parliament members from different parties are elected, and then those people select the prime minister? Either the EU and the UK are not democracies, or they both are. Pick one.

    It doesn't particularly help your case when you don't know what "democracy" or "socialism" mean.

  9. Re:Yet another example of EU overreach by Plammox · · Score: 1

    What? The European parliament *is* elected by the people and they have the final say over what the European Commission legislates. The head of the European Commission is appointed by the Council of Europe which is composed of (surprise, surprise) the governments of the respective European member states. The European Commissioners even have to be approved by the European Parliament.

    Where is the democratic deficit in that?

    Moreover, European officials are told to leave their national special interests at the door and work for the European people as a whole.

  10. Re:Yet another example of EU overreach by pjt33 · · Score: 1

    I guess you don't know that in the British parliament members from different parties are elected, and then those people select the prime minister?

    Nonsense. In the British parliament members from different parties are elected, and then the monarch invites someone who she thinks can command the support of a majority of them to be PM.

  11. Re:Yet another example of EU overreach by Plammox · · Score: 1

    Dear Coward Anonymous: Please point out where I am lying. In the meantime, have a look at this video. I think Alan Moore's vision of a totalitarian Britain would agree with you.

  12. Re:Security+Web pros agree w/ me (not you) by Coren22 · · Score: 1

    Are you sure you don't suffer from Down's Syndrome? You are quoting a comment about Macs having hosts files and your software not working for Mac, by linking to comments by security researchers about how good hosts files are. This all in response to a post that completely thrashes every one of your arguments, including whatever you are trying to claim here.

    Perhaps you should get your head checked, as it looks like you don't even understand basic conversation techniques.

    Also, insulting me doesn't cause you to somehow win an argument that you have already lost. No matter how many time you try to claim I have a "ASSBURGER mental defective brain", it won't make you suddenly win an argument. Also, calling me offtopic when I am responding directly to what you posted is a joke, that means you have identified that YOU are the offtopic one, so why should I care if you think I am offtopic, you can see I didn't get down-modded for it.

    So, EAT YOUR WORDS. You have failed to make your point, you have failed to justify why your solution is needed, you have failed to refute any of my points, and you still haven't addressed the massive speed loss of using your solution.

    Keep tilting at those windmills Quixote, I am sure they will surrender eventually.

    --
    APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
  13. Re:Security+Web pros agree w/ me (not you) by Coren22 · · Score: 1

    Everything typed in the comment above agrees with what I said. I said APK's software doesn't run on Macs, I never said hosts files don't function on Macs.

    --
    APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
  14. Re:Security+Web pros agree w/ me (not you) by Coren22 · · Score: 1

    APK, you are putting words in my mouth.

    https://en.wikipedia.org/wiki/...

    I NEVER typed that hosts files don't work. I never said hosts files don't work. You are arguing with a straw man of your own manufacture, not anything you can quote from me.

    --
    APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
  15. Re:Security+Web pros agree w/ me (not you) by Coren22 · · Score: 1

    Um, then you have the reading comprehension of a toddler. No, nowhere in there does it say hosts don't work on Mac.

    --
    APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
  16. Re:Coren22 you're an undereducated imbecile by Coren22 · · Score: 1

    Aww, did poor diddums get insulted that he made a serious reading mistake?

    I have already answered everything in this post at least five times before, I will leave you wanting yet again, as I rather like my job and wouldn't want to lose it just to prove you wrong. Also, it is not necessary for me to prove my experience and prove myself more credentialed than you to prove you wrong on your points. As I have given the citations for my answers, their credentials is what you have to beat.

    Since you can't even understand basic English, why do you suddenly think you are so much better than me?
     

    --
    APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
  17. Re:Coren22 you're an undereducated imbecile by Coren22 · · Score: 1

    I did, and you responded to the post about it just now.

    I have a job, clearly one better than yours as you seem to live in your mom's basement, while I own my own house and drive a nice car.

    --
    APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
  18. Re:Coren22 you're an undereducated imbecile by Coren22 · · Score: 1

    Why should I prove anything to you? You have never proven the same, and your examples of your abilities would have you fired from my office, so I can't imagine that you ever worked professionally in security or programming.

    So, you can feel free to prove your experience in programming, but I won't prove my security or job experience, which you already know. I can't give company proprietary information.

    --
    APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
  19. Re:Coren22 you're an undereducated imbecile by Coren22 · · Score: 1

    Yup, totally. APK can prove he wrote a piece of software that is proven shit, and can prove he wrote a document collected from many other people's work about how to setup Windows 2000. That totally equates to proving himself incompetent. Thank you for playing, you fail.

    Quit defending yourself APK, no one thinks this is some random third party also posting anonymously, but using the exact same arguments you use.

    Also, what I do for a living has nothing to do with the arguments I make, as I don't try to appeal to authority like you do APK, I prove you wrong without showing my credentials, and as you have never shown yours, why should I show mine?

    --
    APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?