Companies should be forced to reveal details of when their computer systems have been breached, claims a European internet security body.

According to the European Network and Information Security Agency (ENISA), the EU would benefit from a system similar to US where reporting security breaches is mandatory.

The recommendation was made in ENISA's General Report 2007, which also highlights the need to increase the number of Computer Emergency Response Teams (Certs) that help countries combat distributed denial-of-service attacks and spam generated by hijacked botnet computers from eight to 14 EU states.

Andrea Pirotti, executive director of ENISA, said: "Europe must take security threats more seriously and invest more resources in NIS [network and information security]. Therefore, ENISA calls for the EU to introduce mandatory reporting on security breaches and incidents for business."

"The member states should undertake concerted efforts to reduce the imbalances in security levels, with more cross-border co-operation," he added.

See also: Facebook photos are a privacy threat