Our Vision is to increase the security and trustworthiness of the information and communication technologies (ICT), networks, applications and services we depend on as individuals and as a society, while guaranteeing the respect of fundamental values and rights such as privacy. We want to seize the opportunity of the emergence of a market for secure, trustworthy and privacy preserving ICT to develop the industrial and technological resources in Europe and thereby contribute to the competitiveness of the European industry and the creation of jobs. Finally we want to maintain and further expand the European research excellence, competences and capabilities.
Our Priority is to address the technological and industrial issues that derive from the Network and Information Security (NIS) policy of DG CONNECT. This entails the alignment of the research agenda of the European Framework Programs for Research with the policy requirements, and in particular the implementation of research and innovation agendas related to cybersecurity, privacy and trustworthy ICT.
We currently envisage over 2014-2015 spending under the H2020 programme of the order of € 136 million. These are indicative figures to be confirmed by the budgetary process by the end of 2014.
We have made a significant investment at European level in R&D addressing cybersecurity, trustworthy ICT and privacy. For example, the total funding by the European Commission in the 7th Framework Program for Research (FP7), 2007 – 2012, is in the order of 350 M€. It has led to first class results with nevertheless an industrial uptake below expectations.
The last years of FP7 have seen a dramatic change in the ICT landscape. On one hand the cyberincidents and attacks on our ICT environment have increased in number, but also in severity. This has led to an increased awareness at political level, but also in the minds of the users, that the benefits brought by the widespread usage of ICT also bear a significant risk. On the other hand, the technology and services we use are evolving fast, leading to new usages we could not anticipate, like the appearance of social networks, or cloud computing. As a consequence the available security measures tend to be quickly outdated, if existing in the first place.
Faced with the increased vulnerability of our society, economy and citizens and acknowledging that the measures that are in place are insufficient to address this problem effectively, the political consensus emerged that something needs to be done. One answer is in the adoption of a legislative measure, i.e. the Directive on Network and Information Security adopted by the European Commission.
We thus now have the opportunity to address two objectives at the same time: a) fostering the uptake of the research results, thereby strengthening the European industrial base; b) supporting the implementation of the NIS policy objectives by providing financial incentives to develop technological solutions which may be adopted to better manage security risks and counter incidents.
As a consequence the upcoming research agendas of the European Framework Program for research will on one hand continue to support cutting edge ICT R&D, at a similar funding level than in FP7. On the other hand a similar amount will be allocated for the transfer of R&D results into innovation, in order to prove the viability of the security solutions and create lead markets.
The Framework Programme for Research H2020 (2014 – 2020) is the principal resource to be used.
The Leadership in Enabling Industrial Technologies (LEIT) pillar will address the upstream research issues related to the provision of cybersecurity, trustworthy ICT and privacy. This complements the innovation measures addressed in the Societal Challenge 'Secure Societies', where the focus is on the implementation and large scale practical demonstration of security solutions.
The expectation is to allocate 400 M€ to the cybersecurity, trustworthy ICT and privacy activities in LEIT, 450 M€ to the activities funded under the Societal Challenge 'Secure Societies'. (Disclaimer: the indicative budget is still subject to the adoption of H2020)
Information resources: Strategic Research Agendas produced by the 'Network and Information Security Platform', the European Networks of Excellence, stakeholder associations or fora, events and conferences.
Cybersecurity is an underlying issue for all ICT technologies and applications and is also addressed by CONNECT Directorates A and E, e.g. addressing security for cloud computing, the future internet, software development, or cyberphysical systems.
Cybersecurity is a cross-domain concern and does also directly contribute to other EU policies (e.g. mobility, energy, health, smart cities, privacy). There is a connection with DG HOME's policies "combating crime and terrorism" and "critical infrastructure protection", the defence and security industry policies of DG ENTR and DG MARKT.
Implementation of the strategic priorities identified in the Cybersecurity Strategy for the European Union related to R&D, the development of the industrial and technological resources for cybersecurity, and awareness raising (2013-2020):
|Target||selection of 30 new projects/year(2014-2020)|
EU-wide ICT-security certified products; adoption and recognition of security/privacy-by-design guidelines - 50% by 2020
|Target||50% of all ICT products should have ICT-security certification(2020)|
|Baseline||50% of the total public funding in Europe|
|Target||70% of the total public funding in Europe(by 2020)|
Increased uptake of security solutions by the users (public administrations, private companies, citizens) and faster transfer of R&D results into ICT products and services
|Target||Reducing time-to-market from 7 to 5 years.(2020)|