Communications Networks, Content and Technology
European Commission Directorate General

Cybersecurity & Trust

Cybersecurity & Trust

Trust & Security (Unit H.4)
Goal

To ensure a secure and trustworthy digital environment for the benefit of all EU citizens and businesses, and to promote a coherent international approach on cybersecurity.

Action

Implement the Cybersecurity Strategy for the European Union.Address the technological and industrial issues that derive from the Network and Information Security (NIS) policy of DG CONNECT, including the implementation of research and innovation agenda related to cybersecurity, privacy and trustworthy ICT.

Situation

The Cybersecurity Strategy is in its implementation phase, while the NIS Directive is under discussion in the European Parliament and the Council. Also, a public-private stakeholder platform is in place to support implementation of the NIS Directive, ENISA has a new mandate until 2020 and the EU institutions now have their own Computer Emergency Response Team (CERT-EU). On cybersecurity research, significant investment has been made, for example 350 M€ under FP7, allowing for future funding around the twin objectives of strengthening the European industrial base through uptake of research results, and providing financial incentives under Horizon 2020 to develop technological solutions for improved cybersecurity.This takes place against a background of unprecedented focus on cybersecurity and increasing instances of major security flaws and cyberattacks. In addition, new technological developments with a high impact, such as cloud computing and big data, are likely to create new security challenges that need to be addressed properly to allow for trustworthy market developments.

Mandate
The EU Cybersecurity Strategy aims to ensure strong and effective protection and promotion of citizens' rights so as to make the EU's online environment the safest in the world. It sets incentives to foster investments, transparency and user awareness, and addresses international cooperation as a key priority. The accompanying proposal for a Directive on Network and Information Security (NIS) aims to ensure a high common level of NIS across the EU, by improving national capabilities; strengthening cross-border cooperation; and requiring operators of critical infrastructure, key Internet enablers and public administrations to adopt appropriate risk management practices. The establishment of a cooperation mechanism at EU level would deliver coherent and coordinated prevention and response to cross-border NIS incidents and risks, while the requirements to carry out NIS risk management would create a strong incentive to assess security risks effectively and provide added value to the services offered. In DG Connect Unit H.4 participates in the governance of digital service infrastructure with unit H.3 as regards cyber security.

Input

Full-Time Equivalent: 
15.00
People: 
15.00 full-time equivalent (FTE)
Collaboration with other DGs or agencies:
Budget: 
€ 138 ml (years 2014-15)
Other: 

We envisage under the Horizon 2020 programme a spending of the order of € 138 ml (years 2014-15), both under H2020 Leadership in enabling and industrial technologies (LEIT) and Societal Challenge 7 on Secure societies.

Outputs

A competitive EU-based ICT Security Industry

  • Fostering the industrial and technological resources required to benefit from the Digital Single Market. Emergence of a European industry and market for secure ICT;
  • Fostering R&D investments and innovation and increase of the public and private spending on cybersecurity Research and Development (R&D);
  • Implementing the H2020 research and innovation programme for digital security objectives in LEIT and Societal Challenge 7 and running a coherent project portfolio meeting the industrial vision for ICT security in Europe.
  • Development and adoption of industry-led security standards, technical norms and security-by-design and privacy-by-design principles by ICT product manufacturers and service providers

Indicators

4266

• Number of publications in peer-reviewed high impact journals and number and quality of conference/workshops papers and proceedings

Target 5-10 per project

Number of new R&I projects launched

Target 30 new projects per year
Baseline 30 new projects per year
Current 60 ongoing projects

Number of adopted European standards in ICT security

Number of joint public-private publications

Target 5-10 per project

Number of close-to-market ICT security solutions pilots deployed

Target Up to 10 over the duration of the programme

• Patent applications and patents awarded in ICT security industrial technologies

Target 3 patent applications per 10 € million funding

Legislative Framework for Network and Information Security

  • Improved cyber resilience in the field of Network and Information Security for the public and private sectors and at national and EU level;
  • Minimum level of national capabilities in Member States, NIS national competent authorities will have to exchange information and to cooperate so as to counter NIS threats and incidents;
  • Assessment of cyber risks incurred by operators of critical infrastructure (such as energy, transport, banking, stock exchange, healthcare), key Internet enablers (e-commerce platforms, social networks, etc) and public administrations. Reporting to competent authorities incidents with a significant impact on core services provided.

Indicators

362

Adoption of the NIS Directive by Council and Parliament

Target Directive adopted by end 2014

• Number of Member States with an established NIS national competent authorities, a well-functioning Computer Emergency Response Teams (CERTs), an adopted national NIS strategy and a national NIS cooperation plan

Target 28
Baseline 0
Current 0

Transparency index in cybersecurity incident reporting

Target TBD
Baseline TBD
Current TBD

Number of completed actions in the European Cybersecurity Strategy

Perception of risk of cyber incident and cybercrime

Target TBD
Baseline TBD
Current TBD
Results/Impacts

A vivid ICT security market in Europe

·Providers of ICT security products and services will benefit from specific security measures, combined with a more harmonised EU approach. Demand for their products and services is bound to increase, leading to innovative products and economies of scale.·The EU economy will benefit as sectors that rely heavily on NIS will be supported to offer a more reliable service. Harmonised NIS requirements will lead to more consistent risk management measures and response and more systematic reporting of incidents. All of these should create more equal and stable conditions for anyone trying to compete in Europe’s Single Market.·Increased uptake of security solutions by the users (public administrations, private companies, citizens) and faster transfer of R&D results into ICT products and services.

Indicators

4273

• Share of Member States public spending in cybersecurity, privacy and trustworthy ICT related R&I

Target increase to 70% of the total public funding in Europe by 2020

Uptake of security solutions by users

Target reducing time-to-market from 7 to 5 years by 2020

Trust in Digital Life

·Citizens and consumers, however they define themselves, will have more trust in the technologies, services and systems they rely on day-to-day. This increased confidence will means a more inclusive cyberspace, and a digital economy that grows even faster, supporting our economic recovery.·Governments and businesses will be able to rely on digital networks and infrastructure to provide their essential services at home and across borders. Secure eCommerce platforms could bring more customers online and create new opportunities.·Citizens need to be safe online in order to express themselves freely. A more secure and resilient internet means their voices will be heard and protected more than happens today.

Indicators

383

Citizens and enterprises confidence about digital use (lead indicator)

Baseline 2012 Eurobarometer on Cybersecurity

Link to DG CONNECT's Top Level Targets

  • eCommerce Action Plan - Double the share of eCommerce in retail sales and of the internet sector in European GDP by 2015
  • DAE - 50 % of the population to buy online by 2015
  • DAE - 20 % of the population to buy online cross-border by 2015
  • DAE - 33 % of SMEs to make online sales by 2015
  • DAE - To double public investment in ICT R&D to € 11 bn by 2020