The European Union Adopts A Cyber Security Strategy

The European Union Council has formally adopted the March  2021 conclusions on the EU's cyber security strategy which was presented to the Commission in 2020. It contains a framework for how to defend businesses, organisations and EU citizens from cyber attacks and to promote secure information systems. 
 
The connclusions set a key objective of achieving strategic autonomy while preserving an open economy. This includes reinforcing the ability to make autonomous choices in the area of cyber security, with the aim to strengthen the EU's digital leadership and strategic capacities.
 
 
"The conclusions note that cyber security is essential for building a resilient, green and digital Europe," said the council in a statement. The strategy specifiaclly calls for a number of importabt new measures:- 
 
  • Creating a joint cyber unit focused on the EU's cybersecurity crisis management framework;
  • Accelerating the uptake of key internet security standards;
  • Developing strong encryption while protecting fundamental rights and supporting law enforcement and judicial authorities;
  • Preventing and countering cyberattacks that might affect supply chains, critical infrastructure and essential services;
  • Establishing a cyber intelligence working group to strengthen the EU's Intelligence and Situation Center, which is responsible for sharing classified information with its member states;
  • Establishing EU external cyber capacity by strengthening cooperation with international organizations and partner countries to increase cyber resilience.
  • The strategy also outlines plans to make international cyberspace "open, free and secure," according to the council.
  • The plan endorses the following measures in an effort to forward the bloc’s cyber leadership:
  • “strong encryption and threat information sharing”
  • “security operation centers across the EU to monitor for attacks”
  • “a joint cyber unit focused on the EU's cybersecurity crisis      management framework”
  • “a security standard for 5G technology”
  • “key internet security standards”
  • “countering cyberattacks that might affect supply chains [and] critical infrastructure”
  • “a cyber intelligence working group to strengthen the EU's Intelligence and Situation Center”
  • “strengthening cooperation with international organizations and partner countries”
 
The Report also stresses the need to "raise more awareness on cyber issues at the political and strategic decision-making levels by providing decision-makers with relevant knowledge and information and the need to enhance the awareness of general public and promote cyber hygiene.” 
 
The conclusions include a strong commitment by the council to swiftly complete the implementation of the EU 5G toolbox measures and to continue efforts to guarantee the security of 5G networks and the development of future network generations.
 
Actions laid out in the conclusions include the creation of a network of security operation centres across the Union to improve both threat detection and anticipation and the possible establishment of a cyber intelligence working group to strengthen the EU Intelligence and Situation Centre (INTCEN). 
 
Another proposed measure is the definition of a joint cyber unit that "would provide clear focus to the EU's cybersecurity crisis management framework."
 
Accelerating the adoption of key Internet security standards is another action point listed in the conclusions. This step, which the council says will require "a joint effort," is described as being "instrumental to increase the overall level of security and openness of the global Internet while increasing the competitiveness of the EU industry." Other actions include addressing the need to support the development of strong encryption as a means of protecting fundamental rights and digital security, while simultaneously ensuring that law enforcement agencies and judicial authorities can exercise the offline and online powers that have been granted to them. 
 
In order to ensure the development, implementation and monitoring of the proposals presented in the cyber security strategy, the Council encourages the Commission and the High Representative to establish a detailed implementation plan. The Council will also monitor the progress in the implementation of the conclusions through an action plan which will be regularly reviewed and updated.
 
EU Council:      GovInfoSecurity:        EU Council:     The CyberWire:          Infosecurity Magazine:
 
You Might Also Read: 
 
The Impact Of Brexit On British Cyber Security:
 
 
« Employees Hired & Fired By Algorithm
Your Employee's Cyber Awareness Is Critical »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Riverbed Technology

Riverbed Technology

The Riverbed Network and Application Performance Platform enables organizations to visualize, optimize, accelerate and remediate the performance of any network for any application.

IMS Networks

IMS Networks

IMS Networks specializes in the design and management of high criticality networks and telecoms services including network security and Managed Security Services.

Logz.io

Logz.io

Logz.io is an AI-powered log analysis platform that offers the open source ELK Stack as a enterprise-grade cloud service with machine learning technology.

OGiTiX

OGiTiX

OGiTiX Software AG is a German software manufacturer specializing in Identity and Access Management.

DataProtect

DataProtect

DataProtect is a specialized information security company providing consultancy, information management, integration and training services.

NESECO

NESECO

NESECO is an IT security integration and consulting firm providing security products, solutions, support, consulting, and training services.

Sanderson Recruitment

Sanderson Recruitment

Sanderson is a recruitment company providing expert recruitment services in areas including Cyber & Information Security.

Xilinx

Xilinx

Xilinx is the inventor of the FPGA, programmable SoCs, and now, the ACAP. We are building the Adaptable, Intelligent World.

Center for Cyber & Homeland Security (CCHS)

Center for Cyber & Homeland Security (CCHS)

The Center for Cyber and Homeland Security at Auburn University is a nonpartisan think tank that works to develop innovative strategies to address current and future threats to the United States.

Conduent

Conduent

Conduent delivers mission-critical technology services and solutions on behalf of businesses and governments. Solution areas include digital risk and compliance.

Highland Capital Partners

Highland Capital Partners

Highland Capital Partners is an early stage venture capital firm focused on category-defining businesses in consumer and enterprise technology, including cybersecurity.

Inceptus

Inceptus

Inceptus is a next generation Managed Security Service Provider (MSSP). We are dedicated to keeping our customers safe, secure and protected while doing business on the Internet.

Netsurion

Netsurion

Netsurion powers secure and agile networks for highly distributed and small-to-medium enterprises and the IT providers that serve them.

AiCULUS

AiCULUS

AiCULUS is a global technology company that specializes in API security and Risk Management products.

Electrosoft Services

Electrosoft Services

Electrosoft provide mature, innovative technology-based services and solutions to power critical IT programs and keep our nation safe from cybersecurity attacks.

Valtix

Valtix

Valtix is the first and only multi-cloud network security platform delivered as a service that enables cloud teams to meet the most stringent security requirements in a cloud-first & simple way.