ENISA reprieved for three years
The European Network and Information Security Agency (ENISA), which was due for closure next year, is likely to be granted a reprieve of three years. The telecoms ministers of the member states have agreed the extension, although the decision still has to be ratified by the European Parliament.
A data gatherer, analytical and advisory body, ENISA has been funded by the European Commission as a centre of excellence in network and information security (NIS). Four years of planning and development preceded it going live in September 2005, since when it has conducted three programmes of work at an average annual expenditure of €6.6M. Its achievements have included a 2006 step-by-step manual on how to set up a computer emergency response team (CERT) and advisory services to member states at the rate of around one application per month throughout 2007. The focus for 2008 is improving the resilience of the public infrastructure, plus measures to support microbusiness and increasing co-operation between member states.
ENISA has sometimes been charged with incapacity to respond to incidents, but such response was never part of its official remit. It has provided valuable contributions to NIS by co-ordinating informing and structuring the efforts of front-line agencies across Europe. The close down from which the agency has been reprieved was the outcome of a planned review that took place in 2007, but the time scale within which ENISA had to prove its worth was very short for the scale of the task. There appear to be similarities at a policy level with the fate of the late UK National High Tech Crime Unit, which was dismantled just as it was beginning to demonstrate its true value – from a mere 10 cases in year one to a total of over 70 investigations leading to 172 arrests by the time it was slated for closure four years later. Nevertheless it was closed, and a succession of proposals followed for subsuming its functions into new agencies with ever decreasing specialist focus on high tech crime.
The typical four to five year operational life cycle allowed agencies such as ENISA is probably just not long enough for their true effectiveness to show itself. Officially the three year extension in this case is to allow time for the agency to evolve into an appropriate successor organisation rather than just cease to exist. However, it has been suggested that the Estonian DDoS attacks of 2007 may have influenced the decision to let ENISA continue operating.