Since publishing the first European cybersecurity strategy in 2013, the EU has been continuously creating and updating the building blocks for a collaborative European cybersecurity framework, most notably the network and information security (NIS) directive and the general data protection regulation (GDPR). In December 2020, the European Commission has pushed those efforts to the next level, publishing a new version of the Cybersecurity strategy to be fit for growing cybersecurity concerns during the next “digital decade”.
Simultaneously, important legislative proposals have been made, including an updated NIS directive (NIS2) and a proposal directive for enhancing the resilience of critical entities. Those directive proposals build on the experience of the first years of common cybersecurity legislation in Europe, and addressing some of its shortcomings. For example, the main drivers stated in the NIS2 directive include:
- Transport, energy and health, telecommunications, finance, security, democratic processes, space and defence are heavily reliant on network and information systems that are increasingly interconnected
- The threat landscape is compounded by geopolitical tensions over the global and open Internet and over control of technologies across the whole supply chain
- The malicious targeting of critical infrastructure is a major global risk
- Concerns about security are a major disincentive to using online services
- The investigation of nearly all types of crime has a digital component
- Digital services and the finance sector are among the most frequent targets of cyberattacks, along with the public sector and manufacturing, yet cyber readiness and awareness among businesses and individuals remain low, and there is a major shortage of cybersecurity skills in the workforce
- The EU lacks collective situational awareness of cyber threats
- Improving cybersecurity is therefore essential for people to trust, use, and benefit from innovation, connectivity and automation, and for safeguarding fundamental rights and freedoms, including the rights to privacy and to the protection of personal data, and the freedom of expression and information
Most of those issues relate to a lack of awareness, a lack of collaboration and a lack of skills to adequately address cybersecurity problem.
CS-AWARE was from ground up designed and built to operate within the European cybersecurity framework. Awareness, collaboration and skill building within individual organizations is how CS-AWARE brings the benefits of the collaborative European cybersecurity framework to your organization. Fully in line with the upcoming changes to the European cybersecurity framework, CS-AWARE helps your organization to be fit for the next digital decade, and the cybersecurity problems that go along with it!
The CS-AWARE spin-out team.