Last year, the European Network and Information Security Agency (ENISA) was asked “to assess the feasibility and explore various options on how a European Month of Network and Information Security [NIS] for All could become an effective instrument to raising awareness about NIS challenges.” It did so by producing a feasibility study that it published in November 2011. Broadly speaking the study suggested that a Security Month would be a good thing, but that the nature of the EU presented its own problems. “A roadmap should be developed to plan and coordinate the project,” concluded the study.
ENISA decided to propose a series of ‘security week pilots’ to be run by individual member states in 2012 and 2013. The process started with a call for an ‘expression of interest’ in organizing security weeks among the EU member states. From the response, four nations have been selected: Luxembourg, Portugal, Spain and Norway.
Details of Portugal’s, Spain’s and Norway’s security weeks have not yet been published.
Each pilot, says ENISA, will last for a maximum of one week “during which the Member State shall organize activities and events to raise information security awareness, mainly for the general public.” The Member States decide on the content and scope of the events, but ENISA will provide free materials, help develop awareness campaigns, and help identify potential speakers for the events.