Free cookie consent management tool by TermsFeed Actualizare preferințe cookie-uri
Press Releases

ANCOM published a handbook on preventing and managing incidents that may affect communications networks

21.04.2016

 

”With a view to helping the providers of electronic communications networks and services, ANCOM has published a handbook offering guidelines on the  implementation of measures for improving the security and integrity of electronic communications networks and services, insofar as incident management is concerned”, declared Eduard Lovin, Executive Director of the Authority. The Handbook on the implementation of security measures in the incident management field is in line with the provisions of the ANCOM Decision no. 512/2013.
The functioning of communications networks and services may be affected by incidents caused by various factors, from power outages or massive snowfalls to cyberattacks. When such circumstances occur, the provision of electronic communications services may be interrupted for various periods, which could affect from tens to tens of thousands of users or even the whole subscribers base. Some of these incidents may be prevented, while their effect, if incidents though occur, may be mitigated by various measures.
 
Target audience
The Handbook is addressed to all the providers of public electronic communications networks or of publicly available electronic communications services, who are obliged by law to take all the necessary security measures in order to manage the risks posed on the security of electronic communications networks and services, so that to ensure a security level adequate to the identified risk and to prevent or to minimize the impact of security incidents on the users and on the interconnected networks.
 
Handbook contents
The handbook details the operators’ obligations with respect to incident management and offers them a series of examples for rendering incident management activities more efficient. Thus, the interested providers may find out more on the various approaches and best practices as regards the elaboration of incident management policies, on the organisation of security incident response teams, on the establishment of a workflow for effective incident management or on drawing up incident management procedures.
The providers may also use the handbook for finding information on certain measures for monitoring electronic communications networks and services and access to facilities, on incident detection and notification mechanisms, on the elements to be considered in establishing procedures or plans for communicating incident-related information to the subscribers, to the media, to other affected providers or to ANCOM.
The Handbook is available here
 
Security incidents
Within ANCOM’s Decision no. 512/2013, security incidents are defined as events that may directly or indirectly affect or pose a threat on the security and integrity of electronic communications networks and services. Moreover, incidents with significant impact are deemed those incidents that affect more than 5,000 connections, for at least 60 minutes. The providers have the obligation to report ANCOM incidents with significant impact, according to the reporting procedure established by the Authority’s decision. Based on these reports, ANCOM draws up, annually, a Report on the incidents that affected the security and integrity of electronic communications networks and services.  
 
Additional information

 

Further information on the security and integrity of electronic communications networks and services are available on ANCOM’s website, in the Security section.