MPs attack performance of key European IT security agency

Commons committee says Enisa "lacks vision" and is in the wrong location

The EU IT security agency is in the wrong place, say MPs

The EU agency intended to play a key role ensuring the security and resilience of communication networks and information systems has been attacked by MPs for a "lack of vision, focus and flexibility" and its "inappropriate location" in the town of Heraklion on the Greek island of Crete.

A House of Commons European Committee report says the European Network and Information Security Agency (Enisa) is impaired by an "uneasy relationship" between its board and its executive, and cannot be relocated to a more central location - where it would be easier to attract top quality staff and influence other bodies - because the decision on where it was sited was political.

A letter from the Department for Business, Enterprise and Regulatory Reform (DBERR) said Brussels had made it clear " this is not an issue that can be addressed in the review process" and that the geographic difficulties would have to be managed by the agency.

All the European Commission was prepared to do was call for better air links.

DBERR said it "would not pretend that Crete would have featured in our thinking for a location" but it was a "clear decision of heads of state and government" that where it was located was a matter for Greece.

There were also problems caused because member states are wary of Enisa’s work impinging on national security, but the department said there was consensus it must move to a more outcome-based approach and waste less resources on red tape.

The committee backed the government's opposition to a proposal to increase the agency's staff "in order to reach the necessary critical mass" but said it was "lamentable" that the agency's location was "plainly off limits" when this was the main concern of a report evaluating its effectiveness.

Enisa’s job is to analyse current and emerging risks to the resilience of electronic communications and develop common methodologies to strengthen security, enhance awareness and co-operation.