The European Commission presented a couple of moths back its proposals on cybercrime in the EU, suggesting at the same time the establishment of an EU Cyber Security Agency, to be incorporated into the existing EU Network and Information Security Agency (ENISA) based in Heraklion, Crete.
With digital technologies being the backbone of the European economy, the European Commission notes that cybercrime is constantly increasing the risks of data theft, fraud or even the destabilization of governments. According to the Commission, the economic impact of cybercrime has increased fivefold over the last four years. Over the last year, more than 4,000 attacks involving ransomware were recorded each day and 80% of European businesses experienced at least one episode of cyber-security.
“No country can face the cyber security challenges alone. Commission initiatives reinforce cooperation so that EU Member States can cope with these challenges together” said Andrus Ansip, Commission’s Vice-President responsible for the digital single market. At the same wavelength, Commissioner for the Security Union Julian King stressed the need for cooperation between Member States, not only to strengthen their resilience to cyber-attacks but also to boost technological innovation. “I want the high standards of cyber security to become the new competitive advantage for our businesses”, said Mariya Gabriel, Commissioner for Digital Economy and Society.
In particular, with a view to building a “strong cyber-security” for the EU, the Commission proposes, inter alia, the following tools:
- The establishment of a European Cyber-Security Agency. Building on the existing European Network and Information Security Agency (ENISA) based in Heraklion, Crete, the new agency will have the permanent mandate to assist Member States in effectively deterring and responding to cyber-attacks. The new agency will enhance the EU’s readiness to react by organizing annual pan-European cyber security exercises and by ensuring better exchange of information and knowledge on threats, through the setting up of exchange and information centers.
- The introduction of a new European certification system that will ensure that digital products and services are safe to use. As consumers can now trust the food they consume thanks to EU food labels, new European cyber-security certificates will ensure the credibility of the billions of devices (IOT-enabled) upon which modern critical infrastructure (e.g energy networks and transport), as well as new consumer products such as connected cars, rely on. The issued cyber-security certificates will be recognized in all member states, reducing the administrative burden and the costs currently borne by businesses.