Proposed national computer emergency response teams would deal with reported breaches

EU may make companies report cyberattacks

New rules proposed by the European Union (EU) could require more than 40,000 firms to report known cyber attacks, as part of a move to co-ordinate the fight against cyber criminals.

Currently, many companies that fall victim to cyber crime do not report incidents to security agencies for fear of damaging their reputations.

The EU wants this to change, however, and is pushing for companies to share information about attacks and shore up their cyber defences.

Energy providers, banks and hospitals would all fall under the new legislation proposed by EU digital agenda commissioner Neelie Kroes.

Under the new proposals, EU member states would be required to appoint a Computer Emergency Response Team to deal with reported breaches.

Each team would have the power to determine whether or not breaches should be made public and fine companies failing to meet their data security obligations.

According to the EU, just one in four European companies has a regularly-reviewed, formal information and communication technology security policy.