Thibaut Kleiner, who serves in the cabinet of commissioner for the EU digital agenda Neelie Kroes, claims "there is a big discrepancy between the EU and other regions of the world" and believes the EU will miss out "on a huge opportunity for growth" unless it "steps up the game" with cyber security measures.
The proposed cyber security directive will require private sector businesses that are classified as "critical infrastructures" or "internet enablers", to report on breaches of security.
Social networks including Facebook and Twitter will fall within the scope of the directive and any major incident will have to be communicated to newly set up national authorities that deal with cyber security.
If measures are not put in place to prevent further security breaches, the national authorities will have the power to "name and shame" companies.
Kleiner explained: "The authority can inform the public about incidents and this is a very dissuasive tool because you don’t want your business reputation to be dented.
"We think this is already quite a powerful incentive for companies to take this exercise seriously."
Incidents can take many forms, including a malicious hack from individuals and governments, or a case of human error or negligence such as a company forgetting to make an upgrade to its software.
Measures are designed to prevent damage to the economy, with Kleiner citing the panic on Wall Street after hackers sent a message from the Associated Press Twitter account claiming Barack Obama had been injured in an explosion, as an example of the economic damage web security breaches can cause.
Kleiner believes the PRISM controversy, the
The European Commission is pushing for the directive to be approved before April 2014, ahead of the new European Parliament and once it has received approval, member states will need to transpose it into national law.