Digital technologies and the Internet are the backbone of our society and economy; they are key enablers of prosperity and freedom. Network and information systems can be affected by incidents (human mistakes, natural events, technical failures or malicious attacks) that are becoming bigger, more frequent and more complex. A high level of network and information security across the EU is essential to ensure consumer confidence and to keep the online economy running. This will, in turn, preserve the well-functioning of the internal market and will boost growth and jobs.
The European Union’s Digital Agenda sees Internet trust and security as vital to a vibrant digital society, and sets out 14 actions to improve cybersecurity readiness. These include the establishment of a well-functioning network of CERTs (Computer Emergency Response Teams) at national level covering all of Europe; the organisation of cyber-incidents simulations and the support to EU-wide cybersecurity preparedness. Moreover, the policy on Critical Information Infrastructure Protection (CIIP) aims to strengthen the security and resilience of vital ICT infrastructure by stimulating and supporting the development of a high level of preparedness, security and resilience capabilities, both at national and at EU level.
To ensure a better Internet for kids, the Commission has adopted a number of initiatives including a European Strategy for a Better Internet for Children.
The Cybersecurity Strategy for the European Union and the Commission proposal for a Directive on Network and Information Security put forward legal measures and give incentives aiming at making the EU's online environment the most secure in the world. By strengthening preparedness, cross-border cooperation and information exchange, the proposed Directive enables citizens to reap the full benefits the digital environment offers. Moreover, it allows the public and private sector to trust digital networks' services at national and EU level. By setting incentives to foster investments, transparency and user awareness, the strategy will boost competitiveness, growth and jobs in the EU. As network and information systems are globally interconnected, cybersecurity has a global dimension too. The strategy addresses international cooperation as a key priority. Overall, this strategy and legislative proposal will help Europe put its own house in order and increase its international bearing.
The public-private network and information security NIS Platform was set up under the EU Cybersecurity Strategy in June 2013, with the aim of identifying good practices that organisations, across the value chain, can follow in order to tackle cybersecurity risks. A special focus of the Platform is to help SMEs tackle such risks.
These activities on network and information security are supported by the European Network and Information Security Agency, as well as by the Computer Emergency Response Team for the EU institutions (CERT-EU).
The EU is active in an EU-US Working Group on Cybersecurity and Cybercrime, as well as in other multilateral fora, such as the Organisation for Economic Co-operation and Development (OECD), the United Nations General Assembly (UNGA), the International Telecommunication Union (ITU), the Organisation for Security and Co-operation in Europe (OSCE), the World Summit on the Information Society (WSIS) and the Internet Governance Forum (IGF). Strengthened network and information security will also help better deter cybercrime. The European Cybercrime Centre is established within Europol and should act as the focal point for the fight against cybercrime in the EU.