Digital Agenda for Europe
A Europe 2020 Initiative

Can we speak of a gap regarding the way cybersecurity is approached in the EU and in the US?


Do you think that the EU could be considered lagging a step behind as per what concern its approach(es)? The approach to cybersecurity is quite different between Brussels and Washington. One of the main differences is that the United States opted for a voluntary-reporting mechanism, calling for voluntary sharing of information on cyberattacks between business and government.

In Europe, instead, the proposed legislation set out clear compulsory requirements for companies to comply with, notably concerning preparedness and maintenance of networks; moreover, the scope of companies called for action includes operators in critical sectors other than ICT (energy, transports, banking, and healthcare).

Which are the pros and cons of each approach? And what these differences and inconsistencies will mean for trade deals and companies?

28 users have voted.


Antonio Ramos's picture

Of course, there is a gap (at least, in my opinion). For example, through fedRAMP initiative US has tackled the risks of cloud service (once audit, use anytime). But, besides this I also think that with the proposed NIS Directive, EU could have a more advanced approach that any area in the World... But only, if we (all State Members) are able to have an unified approach that build up a true single market in Europe.

29 users have voted.
Prokopis Drogkaris's picture

I do agree with Mr. Ramos. There certainly is a gap. EU's approach is more advanced but until it is adopted and implemented at national level, our cybersecurity vigilance level will remain low

27 users have voted.