Computing recently ran a letter from “Lord Gaga” (ENISA is out for itself) commenting on your article on ENISA’s Proactive Detection of Network Security Incidents report (ENISA criticises local EU cyber security teams). We are concerned that the letter may have caused some confusion among your readers, and ENISA would like to take the opportunity to correct a number of misunderstandings and clarify the facts.

ENISA is 100 per cent behind data protection. ENISA consistently supports data protection, standing on the side of the citizen. There is no argument, implied or otherwise, against data protection in the Proactive Detection report or anywhere else. 

The letter expressed concern about the EU’s role in UK data protection. In fact, the UK Data Protection Act is based on EU law, so there is no discrepancy between the EU and the UK here.

ENISA supports the Members States’ Computer Emergency Response Teams (CERTs) to assist them in operating as effectively as possible. Identifying areas where there are challenges or difficulties is part of a process of improvement, working with Member States in support of their work to achieve higher levels of network and information security. 

The title of the original article does not represent the position given in our report, which supports the CERTs. 

Finally, to allay any concerns that your correspondent may have raised, we must point out that ENISA does not use a PR agency, and we very much welcome informed debate. 

Graeme Cooper, head of public affairs, European Network and Information Security Agency

If it weren’t so sickening it’d be funny: how many kicks in the teeth for the taxpayer (Hospital faces £375,000 ICO fine after data sold on eBay)?

Kicking #1: ordinary taxpayers have their data compromised by the NHS, a public-sector organisation. 

Kicking #2: the NHS gets fined by a public-sector quango for the data breach. The taxpayer picks up the bill. 

Kicking #3: hospital services deteriorate as vital cash is lost to fines. Maybe someone dies because doctors and nurses are being laid off.  

Kicking #4: the taxpayer picks up two sets of legal bills as the government in effect sues itself. 

The ICO’s decision to “focus on the health and criminal justice sectors” adds up to a decision to back off industry, the one place that might be able to afford to pay the fines. 

Jamal Housseini

I think the ICO is absolutely right to take the Brighton and Sussex General to task (Hospital faces £375,000 ICO fine after data sold on eBay). It’s totally unacceptable to make this kind of mistake. However, fining the hospital just doesn’t help. They are already stretched and will be forced to cut further corners. Sack the executive responsible – no bonus, no payoff, just dismissal for gross misconduct.

Eddie Humphries

So the European Commission’s Viviane Reding thinks that imposing an administrative burden will save costs (EC proposes overhaul of data protection legislation)? What planet was she speaking from?

While I have every sympathy for forced disclosure of data leaks – it’s a damn good idea – a 24-hour limit on disclosure simply won’t work. Imagine an employee leaves a disk in a taxi – how long before they work out that’s what happened? How long after that before they admit it, or, if it’s a copy, do they try to cover it up? If so, who’s guilty?

Tom Sweeney

I welcome the move from Michael Gove regarding the need to rethink the way that ICT is taught in schools in Britain (Gove to scrap ICT curriculum). Young people today have a relationship with technology and an affinity for computers and IT which is unique and vastly different to any other generation. It is essential to the future of the British economy that we address the shortcomings in ICT education and help school children and students to maximise their potential – failure to do this will result in a detrimental skills shortage for IT in the very near future. 

The government is taking significant action to cultivate a strong tech economy. In particular, look to the Tech City project in East London, which will create an environment for tech start-ups to grow and thrive. There is also Cisco’s own British Innovation Gateway (BIG) project, a five-year initiative, inspired by London 2012, to support growth of innovative SME tech companies and STEM (science, technology, engineering and maths) skills to build a brilliant future for Britain.

We need to build a creative, highly-skilled workforce that can drive these initiatives forward in the long term and enable continued future growth for IT. Without this, such initiatives will only deliver short-term benefits and never reach their full potential. For Britain to compete on a global scale in the tech sector, bold moves need to happen now.

Phil Smith, CEO, Cisco UK and Ireland