Brussels (Brussels Morning) The EU’s dated rules on cybersecurity are about to be revamped with a joint unit on national security plus another to handle incidents. The European Commission unveiled the strategy on 16 December in a bid to strengthen the bloc’s digital resilience.
The news arrived a few days after the European Medicines Agency (EMA) experienced a cyber-attack when regulatory submissions of the COVID-19 vaccine were hacked.
As digital technology advances and takes over almost all facets of daily life, the Commission came up with reactive measures to risks from the digital world.
Some of the most prominent threats highlighted by the EU Agency for Cybersecurity (ENISA) include malware, web-based attacks, phishing, web application attacks and identity theft.
“The time of innocence is over. We know that we are a target”, Commission Vice-President Margaritis Schinas said during the press conference, “We need to modernize, reinforce, and adapt”.
Cybersecurity units
The Commission says it will digitally transform societies and economies by investing in infrastructure and skills capable of safeguarding the digital realm.
That includes an “EU-wide Cyber Shield”, connecting national security authorities through the use of artificial intelligence and machine learning to boost situational awareness and detect early signs of attacks.
The EU’s new strategy also foresees a cyber unit to respond to incidents and threats and improve cooperation between member states and organisations like NATO.
“The digital transformation is accelerating, but it can only succeed if people and businesses can trust that the connected products and services — on which they rely — are secure,” said Competition Commissioner Margrethe Vestager.
“We need to strengthen security in the digital world. I, therefore, welcome the EU Cybersecurity Strategy. It is essential to cooperate better among member states and be more resilient to cyber-attacks”, said the Austrian minister for the EU, Karoline Edtstadler.
Critical infrastructures
The new strategy aims to build in joint resilience against cyber threats while ensuring that “citizens and businesses can fully benefit from trustworthy and reliable services and digital tools”, says the Commission.
The strategy also details proposed legislation to deal with critical entities covering ten sectors, including energy, transport, banking, financial market infrastructures, health, drinking water, water waste, digital infrastructure, public administration and space.
“Cyber attacks are part of our reality. Just like we do in the physical world, we need to protect our democratic institutions, our public services, our hospitals and our industry”, expressed the Internal Market Commissioner Thierry Breton on Twitter.
The Commission will also secure that the next generation of 5G networks are secure and it urged member states to complete the implementation of the EU’s recommendations on 5G.
Next Steps
Further examinations of the proposed legislation are still to happen between the Parliament and the Council.
As soon as the proposals are agreed and adopted, EU countries have 18 months to implement them.
An agreement is expected in the early months of 2021.