Cyber security protects internet-connected devices such as hardware, software, and data from various online threats. Cyber security ensures that the public relies on public services and government organizations. Business requires cyber security to safeguard their data, intellectual property, and money.
The European Union’s response to cyber security challenges
Critical industries such as transportation, energy, health care, and finance have increasingly relied on digital technologies to run their core operations. While digitalization provides enormous opportunities and solutions to many of Europe’s challenges, particularly during the COVID-19 crisis, it also exposes the economy and society to cyber threats.
Join The European Business Briefing
New subscribers this quarter are entered into a draw to win a Rolex Submariner. Join 40,000+ founders, investors and executives who read EBM every day.
SubscribeCyberattacks and cybercrime are becoming more common and sophisticated across Europe. This trend is expected to continue, as 22.3 billion devices worldwide are expected to be linked to the Internet of Things by 2024.
A stronger cybersecurity response to create open and secure cyberspace can increase citizens’ trust in digital tools and services.
Europe’s cyber resilience
The Council adopted judgments on the cybersecurity strategy on March 22, 2021, emphasizing the importance of cybersecurity in building a resilient, green, and digital Europe. The EU ministers identified achieving strategic autonomy while maintaining an open economy as a key goal. It includes strengthening the ability to make autonomous cybersecurity decisions to strengthen the EU’s digital leadership and strategic capabilities.
The EVU is working on two legislative proposals to address the online and offline risks of the present and future:
- an updated directive to improve network and information system security
- a new directive on critical entity resilience
EU Cybersecurity Act
The EU Cybersecurity Act went into effect in June 2019 and included the following provisions:
- a European-wide certification scheme
- a new and expanded mandate for the EU Agency for Cybersecurity
With the cybersecurity act, the EU has also introduced a single EU-wide certification framework to:
- Build trust
- Increase the cybersecurity market’s growth
- Ease trade across the EU
EU fight against cybercrime
Cybercrime takes many forms, and many common crimes are supported by the internet. Criminals, for example, can:
- Malware can be used to gain control of personal devices.
- To commit online fraud, steal or compromise personal data and intellectual property.
- illegal content via the internet and social media platforms
- sell illegal goods and hacking services on the ‘darknet.’
- Some types of cybercrime, such as online child sexual exploitation, cause significant harm to their victims.
Countering non-cash payment fraud
Fraud and counterfeiting involving non-cash payment methods pose a serious threat to EU security and generate significant revenue for organized crime. Furthermore, this type of fraud weakens consumer confidence in the security of digital technologies.
The EU adopted new rules to combat non-cash payment fraud in April 2019. Member states should apply the new rules in 2021.
Improving the safety of children online
The European Commission aims to propose new legislation to prevent online child sexual exploitation and abuse. Negotiators from the Council and the European Parliament reached a provisional agreement in May 2021 on temporary measures that will allow providers of electronic communications services such as web-based email and messaging services to continue to detect, remove, and report child sexual abuse online, as well as anti-grooming, until permanent legislation is in place. The regulations went into effect in August 2021 and will expire in 2024.
Justice and law enforcement
Other aspects of the fight against cybercrime and crime in general that are acknowledged by EU rules and policies include access to e-evidence, encryption, and data retention.
Boosting cyber diplomacy
The European Union and its member states strongly advocate for an open, free, stable, and secure cyberspace in which human rights, fundamental freedoms, and the rule of law are fully respected to ensure social stability, economic growth, prosperity, and integrity of free and democratic societies.
The EU makes significant efforts to protect itself from cyber threats in third countries, particularly through a joint diplomatic response known as the ‘cyber diplomacy toolbox.’ This response includes diplomatic cooperation, dialogue, cyberattack prevention measures, and sanctions.
The European Commission and EEAS cybersecurity strategy, adopted in December 2020, strengthens the EU’s diplomatic response to cyberattacks.
Cooperation in cyber defense
Like land, sea, air, and space, cyberspace is regarded as the fifth domain of warfare and is essential to military operations. It is a broad domain that includes everything from information and communication networks, infrastructure, and the data they support, to computer systems, processors, and controllers.
The European Union (EU) collaborates on cyberspace defense through the European Defence Agency (EDA), in collaboration with the EU cybersecurity agency and Europol. The EDA assists member countries in developing a skilled military cyber-defense workforce while ensuring the availability of proactive and reactive cyber-defense technology.
Cybersecurity of critical infrastructure
- Connected devices, which include machines, sensors, and networks that comprise the Internet of Things (IoT), will play an important role in shaping Europe’s digital future, as will their security. In December 2020, the Council adopted conclusions recognizing the increased use of internet-connected consumer and industrial products and the associated new risks to privacy, information security, and cybersecurity.
- 5G networks are critical for digital communication and critical industries such as energy, transportation, banking, and health care. Assuring the strength of 5G networks is thus critical to our society.
With global 5G revenues expected to reach €225 billion by 2025, 5G is a critical asset for Europe to compete in the global market, and its cybersecurity is critical for ensuring the Union’s strategic autonomy.
In January 2020, the EU agreed on a toolbox to identify and provide guidance on a possible common set of measures to mitigate the main cybersecurity risks of 5G networks.
