The cybersecurity Law doesn’t contain articles meaning that it would intrude into private life of citizens, as erroneously are circulating data on various communication channels, on Friday told a specialist conference the chief of the Cyberint Centre with the Romanian Intelligence Service (SRI), Florin Cosmoiu.
“We need a legal framework to be created, and we are talking of the cybersecurity Law, which is at its second attempt. (…) I have to say that, as far as I learned, many people talk about it without even reading it. This law includes nothing of what it is circulated in the public space (…) This law has two major goals: to create responsibilities for the owners of cyber infrastructures, legal entities – public or private companies, and the management of the cybersecurity incidents, respectively. The reporting of a cyberattack to the CERT-RO will have a preventive role. CERT-RO will inform the potential victims of the possibility of a similar attack. The rest, everything that was posted on the Internet that the law is intruding into the privacy, it’s not true. This law doesn’t include such articles referring to harming the citizens’ private life. Should anybody finds anything of this kind in this law, they must address the initiator, so the mistake be amended,” said Cosmoiu.
On Thursday, Cosmoiu had declared that the management of crisis situations on a cyber attack is very difficult in Romania.
“Institutions and procedures, methods should be established to respond to incidents of cybersecurity and crisis situations. As for the response to cybersecurity incidents, Romania has created the CERT-RO, but the management of the crisis situations is very difficult. Let’s not forget that in 2007 massive attacks occurred in Estonia, where a cyber war was stirred and I don’t know whether we are ready or not for such a challenge. Let me remind you the year 2008 in Georgia, where ahead of the land attack, the armed attack, the classic war was preceded by a cyber war. We must consider these aspects,” said Cosmoiu.
According to him, a higher cybersecurity cannot be ensured by an institution; it should be approached as a whole, by both the public institutions and the private milieu in Romania.
“In order to increase capabilities, a cybersecurity market should be developed, to define the standards and make them work by correct principles,” the SRI official explained.
Reprezentatives of public authorities and bodies, among whom the minister of Communications, Marius Bostan alongside the IT&C services and infrastructure providers and of companies in charge with personal data processing participate on Friday in a ‘Cybersecurity – Threats. Legislative measures and enforcement’ conference in Bucharest.
Communications’ Minister Bostan: A public-private partnership extremely important in the development of cybersecurity
A public-private partnership is extremely important in the development of cybersecurity, the Communications Minister, Marius Bostan told the same specialist conference.
“Cybersecurity should be the matter of the state bodies, the administration and the commercial companies, which is why a public-private partnership is very important. It is important for the future to have the framework for the insurance companies in this field. This will help very much to a normal development and to downsizing risks or to recovering some money that could be lost. Unfortunately, a responsible policy within the cyber structures doesn’t exist currently and this is why a legal framework is paramount. The government plays an important role in this respect,” said Marius Bostan.
The cybersecurity draft law might be approved next week and then the document will go through the normal circuit endorsement among other ministries, added Bostan.