It is part of a move to intensify global efforts to fight cybercrime.
Digital agenda commissioner Neelie Kroes said that Europe needed to improve how it dealt with cybersecurity.
But firms are concerned that reporting online attacks and security breaches might damage their reputations.
The EU is keen that member states share information about attacks and shore up their cyber-defences.
Under the proposals, each country would have to appoint a Computer Emergency Response Team and create an authority to whom companies would report breaches.
These new bodies would decide whether to make the breaches public and whether to fine companies.