The cybersecurity strategy for the European Union and the European Agenda on security provide the overall strategic framework for the EU initiatives on cybersecurity and cybercrime. The Digital Single Market Strategy also recognises the importance of trust and security. By completing the Digital Single Market, the EU could boost its economy by almost €415 billion per year and create hundreds of thousands of new jobs. But for new connected technologies and services to take off Europeans need trust and confidence.
Tackling cybersecurity challenges together is one of the three emerging challenges identified in the mid-term review. The actions to be implemented are:
- by September 2017, the Commission will review the EU Cybersecurity Strategy and the mandate of the European Union Agency for Network and Information Security (ENISA), to align it to the new EU-wide framework on cybersecurity.
- to propose additional measures on cybersecurity standards, certification and labelling to make connected objects more cyber secure.
For more details, read the Communication.
What are the key objectives of the Commission in the field of cybersecurity?
- Increasing cybersecurity capabilities and cooperation
The aim is to bring cybersecurity capabilities at the same level of development in all the EU Member States and ensure that exchanges of information and cooperation are efficient, including at cross-border level. In this area, the Directive on security of network and information systems (the NIS Directive) is the main instrument supporting Europe's cyber resilience.
- Making the EU a strong player in cybersecurity
Europe needs to be more ambitious in nurturing its competitive advantage in the field of cybersecurity to ensure that European citizens, enterprises (including SMEs), public administrations have access to the latest digital security technology, which is interoperable, competitive, trustworthy and respects fundamental rights including the right to privacy. This should also help take advantage of the booming global cybersecurity market. To achieve this Europe needs to overcome the current cybersecurity market fragmentation and foster European cybersecurity industry. The Commission is working towards strengthening industrial capabilities in Europe.
- Mainstreaming cybersecurity in EU policies
The objective is to embed cybersecurity in the future EU policy initiatives from the start, in particular with regard to new technologies and emerging sectors such as connected cars, smart grids and the Internet of Things (loT).
Engaging with Stakeholders
The public-private network and information security NIS Platform was set up under the EU Cybersecurity Strategy in June 2013, with the aim of identifying good practices that organisations, across the value chain, can follow in order to tackle cybersecurity risks. A special focus of the Platform is to help SMEs tackle such risks.
ENISA and CERT-EU
These activities on network and information security are supported by the European Network and Information Security Agency, as well as by the Computer Emergency Response Team for the EU institutions (CERT-EU).
The EU is active in an EU-US Working Group on Cybersecurity and Cybercrime, as well as in other multilateral fora, such as the Organisation for Economic Co-operation and Development (OECD), the United Nations General Assembly (UNGA), the International Telecommunication Union (ITU), the Organisation for Security and Co-operation in Europe (OSCE), the World Summit on the Information Society (WSIS) and the Internet Governance Forum (IGF). Strengthened network and information security will also help better deter cybercrime. The European Cybercrime Centre is established within Europol and should act as the focal point for the fight against cybercrime in the EU.