Friday

23rd Feb 2018

Focus

EU to force firms to report major cyber attacks

  • It is the first time that EU-wide rules on cyber security are to be agreed (Photo: europarl.europa.eu)

Negotiators from the European Parliament and national governments have reached an agreement on new cyber-security rules, shortly before midnight on Monday (7 December).

Companies which fulfil certain essential societal functions will have to make sure that they can resist cyber attacks, and report digital security breaches to national authorities.

Thank you for reading EUobserver!

Subscribe now for a 30 day free trial.

  1. €150 per year
  2. or €15 per month
  3. Cancel anytime

EUobserver is an independent, not-for-profit news organization that publishes daily news reports, analysis, and investigations from Brussels and the EU member states. We are an indispensable news source for anyone who wants to know what is going on in the EU.

We are mainly funded by advertising and subscription revenues. As advertising revenues are falling fast, we depend on subscription revenues to support our journalism.

For group, corporate or student subscriptions, please contact us. See also our full Terms of Use.

If you already have an account click here to login.

It is the first time that EU-wide rules on cyber security are agreed.

The new EU directive will lay down the criteria to determine if a company qualifies as an “operator of essential service”, but member states will be responsible for identifying these key companies, the European Parliament said in a press release.

The sectors where such essential services will need to be guaranteed are: energy, transport, banking, financial market, health, and water supply.

In its press release, the EP also specified three American internet companies as likely to be falling under the new rules.

“In addition, some internet services providers, such as online marketplaces (e.g. eBay, Amazon), search engines (e.g. Google) and clouds, will also have to ensure the safety of their infrastructure and to report on major incidents,” the press release said.

The new directive will also put a “strategic cooperation group” in place where member states should “exchange information and best practices, draw up guidelines and assist member states in cyber security capacity building”.

A complete assessment of the deal, which was clinched behind closed doors in a so-called trilogue process, is not yet possible until the consolidated text of the compromise is published. This is expected to take a few days.

'Milestone'

But the lead negotiator on behalf of the members of the European Parliament (MEPs) already expressed satisfaction with the deal.

“Today, a milestone has been achieved: we have agreed on first ever EU-wide cyber security rules, which the parliament has advocated for years”, centre-right German MEP Andreas Schwab said.

The European Commission, which proposed the cyber security rules in February 2013, mediated the talks.

Digital affairs commissioner Guenther Oettinger said Tuesday (8 December) the new rules are “a major step in raising the level of cyber security in Europe”.

In a speech last month, Oettinger already signalled the importance of the first-ever pan-European cyber security rules.

“We are opening a European legal book”, he said at an annual event of the European Union Agency for Network and Information Security (Enisa) in Brussels.

The EU agency “will play an even more prominent role”, Oettinger had noted.

In an interview with EUobserver, Enisa's executive director Udo Helmbrecht said he expects a positive effect of one of the directive's main features, the obligation for companies that provide essential public services to report major incidents like a cyber attack.

“Putting obligation of reporting incidents will hopefully create a mechanism that people say: 'oh if I have to report something, then I also have to do something for prevention' and by this increasing IT security”, said Helmbrecht.

The deal still needs approval from the full house of the EP and from national governments.

EU to beef up cybersecurity agency

The Commission's president proposed to set up a European Cybersecurity Agency. The EU already has an agency for Network and Information Security.

Hohe Cyber-Bedrohung für Frankreichs Wahlen

Frankreichs Präsident Francois Hollande kündigt an, alle notwendigen Massnahmen zu treffen, um Cyberattacken vor den Präsidentschaftswahlen im April und Mai zu verhindern. Die politischen Parteien sind jedoch weiterhin anfällig.

Facebook promises more privacy ahead of new EU rules

Speaking in Brussels, Sheryl Sandberg, Facebook's chief operating officer, says the social media giant has "not done enough to stop the abuse of our technology." Her admission comes with new plans to wrestle with "bad content".

Column / Brussels Bytes

ECJ should rule against Austrian online censorship lawsuit

EU judges have an opportunity to make clear that no member state can decide what the rest of the world reads online, now that Austria's Supreme Court has referred the Glawischnig case to the European Court of Justice.

News in Brief

  1. May to unveil EU departure strategy next week
  2. Pregnant workers may be dismissed, EU court rules
  3. Romanian minister demands anti-corruption prosecutor fired
  4. Luxembourg and Ireland pay highest minimum wages
  5. Freedom of expression under threat in Spain, warn MEPs
  6. Report: EU to increase sanctions on Myanmar
  7. Juncker 'worried' by Italian elections
  8. EU migration to UK at lowest since 2012

Stakeholders' Highlights

  1. Aid & Trade LondonJoin Thousands of Stakeholders of the Global Aid Industry at Aid & Trade London
  2. Macedonian Human Rights Movement Int.European Free Alliance Joins MHRMI to End the Anti-Macedonian Name Negotiations
  3. Mission of China to the EUChina-EU Tourism Year to Promote Business and Mutual Ties
  4. European Jewish CongressAt “An End to Antisemitism!” Conference, Dr. Kantor Calls for Ambitious Solutions
  5. UNESDAA Year Ago UNESDA Members Pledged to Reduce Added Sugars in Soft Drinks by 10%
  6. International Partnership for Human RightsUzbekistan: Investigate Torture of Journalist
  7. CESICESI@Noon on ‘Digitalisation & Future of Work: Social Protection For All?’ - March 7
  8. UNICEFExecutive Director's Committment to Tackling Sexual Exploitation and Abuse of Children
  9. Nordic Council of MinistersState of the Nordic Region 2018: Facts, Figures and Rankings of the 74 Regions
  10. Mission of China to the EUDigital Economy Shaping China's Future, Over 30% of GDP
  11. Macedonian Human Rights Movement Int.Suing the Governments of Macedonia and Greece for Changing Macedonia's Name

Latest News

  1. EU leaders put 'Spitzenkandidat' on summit menu
  2. European far-right political party risks collapse
  3. The key budget issues on EU leaders' table
  4. EU leaders to kick off post-Brexit budget debate
  5. Greek government's steady steps to exit bailout programme
  6. Frontex: Europe's new law enforcement agency?
  7. Poland and Greece broke EU environment laws, rules court
  8. Dutch MPs vote on ending 'Ukraine-type' referendums

Stakeholders' Highlights

  1. Swedish EnterprisesHarnessing Globalization- at What Cost? Keynote Speaker Commissioner Malmström
  2. European Friends of ArmeniaSave The Date 28/02: “Nagorno-Karabakh & the EU: 1988-2018”
  3. European Heart NetworkSmart CAP is Triple Win for Economy, Environment and Health
  4. European Free AlllianceEFA Joined the Protest in Aiacciu to Solicit a Dialogue After the Elections
  5. EPSUDrinking Water Directive Step Forward but Human Right to Water Not Recognized
  6. European Gaming & Betting AssociationGambling Operators File Data Protection Complaint Against Payment Block in Norway
  7. European Jewish CongressEJC Expresses Deep Concern Over Proposed Holocaust Law in Poland
  8. CECEConstruction Industry Gets Together to Discuss the Digital Revolution @ the EU Industry Days
  9. Mission of China to the EUChina-EU Relations in the New Era
  10. European Free AlllianceEnd Discrimination of European Minorities - Sign the Minority Safepack Initiative
  11. Centre Maurits Coppieters“Diversity Shouldn’t Be Only a Slogan” Lorant Vincze (Fuen) Warns European Commission
  12. Dialogue PlatformWhat Can Christians Learn from a Global Islamic Movement?