skip to main content
European Commission Logo
en English
Newsroom

Overview    News

EU announces its new policy on cyber defence

On 10 November, the Commission and the High Representative put forward a Joint Communication on an EU Cyber Defence policy to address the deteriorating security environment following Russia's aggression against Ukraine and to boost the EU's capacity to protect its citizens and infrastructure.

Text + Virtual Loick + Hand shake + A group of professionals in front of a laptop
European Commission

date:  10/11/2022

The cyber domain is increasingly contested and the number of cyber-attacks against the EU and its Member States continues to grow. The Russian attack on the KA-SAT satellite network which disrupted communication across several public authorities as well as the Ukrainian armed forces is an example of how much civilian and defence players rely on the same critical infrastructure. This reinforces the need to secure such critical infrastructure.  

To protect its armed forces, citizens, as well as the EU's civilian and military crisis management missions and operations, the EU needs to boost cooperation and investments in cyber defence to enhance its ability to prevent, detect, deter, recover, and defend against cyber-attacks.  

The need for a review of the EU's cyber defence policy framework was noted in the 2020 EU Cybersecurity Strategy. Furthermore, President von der Leyen called for the development of a European Cyber Defence Policy in her 2021 State of the Union address. The Strategic Compass for Security and Defence approved by the Council in March this year called for an EU Cyber Defence Policy by 2022. In May, in the Council conclusions on the development of the European Union's cyber posture, Member States invited the High Representative together with the Commission to table an ambitious proposal for an EU Cyber Defence Policy in 2022. 

 

The EU Policy on Cyber Defence is built around four pillars that cover a wide range of initiatives that will help the EU and Member States:  

  • Act together for a stronger EU cyber defence: The EU will reinforce its coordination mechanisms among national and EU cyber defence players, to increase information exchange and cooperation between military and civilian cybersecurity communities, and further support military CSDP missions and operations.  
  • Secure the EU defence ecosystem: Even non-critical software components can be used to carry out cyber-attacks on companies or governments, including in the defence sector. This calls for further work on cybersecurity standardisation and certification to secure both military and civilian domains.  
  • Invest in cyber defence capabilities: Member States need to significantly increase investments in modern military cyber defence capabilities in a collaborative manner, using the cooperation platforms and funding mechanisms available at the EU level, such as PESCO, the European Defence Fund, as well as Horizon Europe and the Digital Europe Programme.
  • Partner to address common challenges: Building on existing security and defence as well as cyber dialogues with partner countries, the EU will seek to set up tailored partnerships in the area of cyber defence.  

 

For More Information 

Joint Communication on the EU Policy on Cyber Defence

Question and Answers on the EU Policy on Cyber Defence

Factsheet on the EU Policy on Cyber Defence

Factsheet on the new EU Cybersecurity Strategy 

Council conclusions on the development of the European Union's cyber posture 

Joint Communication on defence investment gaps 

Proposal for a Cyber Resilience Act 

Factsheet on Cybersecurity: EU External Action 

Cyber defence activities of the European Defence Agency  

European Security Union 

More on Cybersecurity 

More on the NIS Directive