Strategy sets out common EU approach to securing digital networks, preventing online crime and protecting consumers.
Crime on the internet is increasing rapidly. Computer viruses, network breaches, and cyber-crime can lead to substantial financial losses, erode trust in online services and cause major damage to the EU’s economy.
Unless we do more to protect critical digital networks, public safety and national security could also come under threat. It’s a global problem calling for a common approach – online criminals can attack from anywhere.
Around 38% of European internet users have changed their behaviour because of cyber-security concerns: 18% are less likely to buy goods online and 15% are less likely to use online banking according to a recent survey .
To reverse this trend the Commission has launched a comprehensive strategy to defend the EU’s digital networks and protect consumers from cyber-crime. A common approach would help make critical networks more resilient to attack and drastically reduce online crime.
Getting other countries onboard would also increase security in the EU and protect citizens. EU countries would work more closely together to promote cyber-security globally by advocating the application of existing international laws in cyberspace and helping other nations become more cyber-secure.
In line with this strategy the Commission is also proposing EU countries, internet providers and vulnerable business sectors take steps to secure critical digital networks.
All EU governments would become responsible for preventing and responding to threats to digital networks. All would have to meet common standards on cyber-security and increase cooperation in combating cyber-crime.
E-commerce service providers and businesses in the energy, transport, banking and healthcare sectors would have to improve network security. Current EU law requiring the reporting of online security incidents would be extended to cover all major internet services and public administrations.
For example, under current law, regular telecoms providers have to report security incidents while voice-over-IP (VOIP) services, like internet telephone calls such as Skype, do not. The new measures would close such loopholes by requiring VOIP services to also report incidents.