Last month, the European Commission released a report on “Resilience, Deterrence and Defence: Building strong cybersecurity for the EU”. GRI examines the strengths and weaknesses of this proposed strategy.
The strategy is based on three principles: building greater resistance against cyber vulnerabilities, deterring cyber attacks against member states and increasing cooperation at the European and international level. In order to meet these goals, the first reform proposed by the Commission is to transform the European Agency for Network and Information Security (ENISA) into a permanent, independent structure which would assist EU institutions and Member States in developing and implementing cybersecurity policies and cooperation.
New certification scheme
A strengthened ENISA would enable improved intelligence sharing and facilitate the organization of cybersecurity exercises on a European level, as well as providing member states with operational assistance in the event of cyber attacks. The Commission is also planning to double the Agency’s annual budget to 23 million euro, and increase its workforce.
The revision of ENISA is however not the only component of the Commission’s cybersecurity strategy. Further plans for a new European certification scheme are underway to ensure the safety of several ICT products and services. Other proposed measures include the creation of a Cybersecurity Emergency Fund to support member states that have fallen victim to cyber attacks, and a European Cybersecurity Research and Competence Center aimed at training and recruiting experts in the field to complement efforts at the national level.
Finally, the European Commission aims to develop more effective law enforcement responses to cybercrime by focusing on detection and prosecution of offences such as fraud and counterfeiting of non-cash means of payment. It is now up to the European Parliament and Council to approve these initiatives, and determine their implementation.
Source: Global Risk Insights