Striving towards a more effective approach to cybersecurity in Europe: ENISA

The DSM (Digital Single market) which took place on the 12th December in Brussels provided an excellent forum for the seven presentations made during the plenary session on the hottest topics on the scene, among which cloud data, free movement of data and cybersecurity risk.

Today, sectors that are crucial to the economy such as energy, transportation, finance and health are massively reliant on network and information systems (NIS) to get business done. Yet, while today the Internet of Things and digital technologies have to be at the centre of any robust economic system, the other side of the coin is the vulnerability that these introduce in terms of cybercrime. Cyberattacks are proliferating, with their sophistication, frequency and impact only expected to increase, placing both essential services and democratic processes at danger.

During the meeting some weaknesses in the system that need to be addressed for a more efficient cybersecurity strategy were highlighted:

  • Fragmentation of dedicated policies across different member states.
  • Low awareness of the risk among citizens and businesses.
  • Lack of resources among EU Institutions and Agencies to fight cybercrime
  • Scarce knowledge and familiarity with the ICT products and services that the latter have purchased.

These issues hinder the overall cyber resilience of the EU and proper operation of the internal market. Hence, a brand-new strategy to tackle cybersecurity has been identified, specifically based on the following pillars:

  • A switch from a reactive to a proactive approach;
  • Improved resilience by boosting the technologies and skills necessary for safer, single-market EU cybersecurity;
  • More effective monitoring, detection and tracking of those responsible for cyber attacks;
  • Strengthening cyber defense weapons through a more integrated international co-operation on cybersecurity

The main objective is to fully engage all of the main players in the field to give cybersecurity due and critical priority: EU institutions, Member States, industry players, individual professionals and researchers.

The brand new role of ENISA

New threats dictate more powerful cooperation, coordination and the capacity to meet cyber challenges head on. As such, The European Union Agency for Network and Information Security (ENISA) will have the following agenda at heart:

  • Promote certification & contribute to the cybersecurity certification framework;
  • Increase cybersecurity capabilities at an EU level to complement MSs action
  • Foster co-operation & coordination at Union level
  • Support capacity building & preparedness
  • Promote high-level awareness among citizens & businesses
  • Assist EU Institutions and MSs in appropriate policy development & implementation
  • Become an independent centre of expertise

ICT Cybersecurity Certification

An extremely innovative proposal brought to the table during the DSM meeting was the adoption of a voluntary European cybersecurity certification framework. This novel approach should serve to enable the creation of tailored EU cybersecurity certification schemes for ICT products and services, valid across the entire EU. This new regulation will grant a more harmonized EU landscape, as once a European scheme is in place, member states will not be allowed to introduce new national schemes. Plus, existing national schemes covering the same product/service will cease to be applicable.

Conclusions

The stakeholders joining the forum thoroughly welcomed these objectives which will set to reinforce Enisa’s role and create an acknowledged, European ICT security certification framework. Finally, there is joint consensus to achieve a completely operational EU agency with a permanent mandate, fully equipped with the necessary tools and charged with clear goals in order to successfully meet present and future cybersecurity challenges.

 

News

UNICORN’s Validation Contest now open for participation!

UNICORN project is looking for SMEs and start-ups to test and validate the UNICORN platform by developing their own software or use-cases. The selected participants will receive 10.000€ funding each (find here a template for the contract)

Events

13/12/2018 to 14/12/2018
Call for Papers: Halfway Through the Digital Single Market Strategy: “Bedrock of Trust” or illusion?

Call for Papers

The Law Faculty of the University of Lille cordially invites junior and senior researchers to participate in a conference held as part of the Horizon 2020 project “TRUESSEC.eu”, on the 13th and 14th December 2018. The conference will be hosted by the Law Faculty.

17/01/2019
Reinforcing Cyber Security in the EU: Building Coordinated Security, Confidence and Capability in the Cyber Domain

With 315 million Europeans using the internet each day, the provision of critical services and the functioning of a modern economy are now entirely dependent upon the robustness and safety of cyberspace and its infrastructure. Cyber security attacks are a growing source of threat and concern, while also representing a growing economic opportunity for Europe, with the market predicted to be worth over $100 Billion by 2018 (European Commission). Moreover, cyber attacks in the EU are constantly growing in both their frequency (quintuplicate between 2013 and 2017) and sophistication.