An EU agency that promotes information security best practices has been given an extended spell of life, telecoms ministers decided on Thursday.

ENISA, the European Network and Information Security Agency, has been given a new three-year mandate, extending its operations until 2012. The agency was set up in 2004 with a five-year mandate to act as a centre of excellence for internet security. The agency works alongside EU-institutions, members states and the private sector to develop and promote best practices in cybersecurity.

The cyber attack that took out the internet infrastructure of Estonia last year have underlined the importance of this role. A meeting involving 27 telecoms minister in Luxembourg last week agreed to extend's ENISA remit by three years. The European Parliament is scheduled to formally approve the move next week (17 June).

ENISA is based in Crete, employs 50 staff and has a modest budget of €8m a year. In recent months the agency has stepped up efforts to raise its profile, for example by staging a press conference for European journalists in Brussels last month.

Andrea Pirotti, ENISA's executive director, said the need for its work will extend far beyond 2012. "The need for secure networks, systems and services will certainly not suddenly disappear in 2012. Following the EU parliamentary elections in 2009 and the establishment of a new European Commission, this extension allows for the necessary time to reflect thoroughly upon the activities of ENISA 'post-2012'," he said. ®

Related stories

• Russian cybercrooks turn on Georgia (11 August 2008)
• DDoS attack floors Georgia prez website (21 July 2008)
• Spam DDoS assault cuts off south Pacific state (25 June 2008)
• EU security agency warns over insecure printing (4 June 2008)
• EU agency declares war on botnets (28 May 2008)
• Make vendors liable for exploits (10 March 2008)
• European Cyber security agency is go (21 November 2003)