Wednesday

25th Jan 2017

EU cyber-security legislation on the horizon

The European Commission will propose binding EU legislation before the end of the year to help member states plug huge gaps in their cyber-security defences.

Speaking at a cyber-security debate organised by the Security & Defence Agenda in Brussels on Thursday (10 May), the commission said ill-equipped member states are totally unprepared for future cyber threats.

Dear EUobserver reader

Subscribe now for unrestricted access to EUobserver.

Sign up for 30 days' free trial, no obligation. Full subscription only 15 € / month or 150 € / year.

  1. Unlimited access on desktop and mobile
  2. All premium articles, analysis, commentary and investigations
  3. EUobserver archives

EUobserver is the only independent news media covering EU affairs in Brussels and all 28 member states.

♡ We value your support.

If you already have an account click here to login.

  • Cyber crime generates €388 billion illegal revenue annually worldwide. (Photo: *n3wjack's world in pixels)

"The level of preparedness across the EU is not high-enough," said Antoaneta Angelova-Krasteva, a commission information security network expert. Angelova-Krasteva voiced alarm at the increasing sophistication of threats and their number.

In the past four years, only 10 member states have or put in place or are in the process of developing cyber security strategies. Estonia was the first member state to publish a broad national cyber security strategy in 2008, followed by Finland, Slovakia and the Czech Republic.

In comparison, the United States published theirs in 2003 and it was updated in 2011.

"We are like in the 1940s when people had no idea about the power of the atom," warned Heli Tiirmaa-Klaar, a cyber security adviser at the European External Action Service.

An estimated 1 million viruses are introduced into circulation every year, while cyber-crime income - some €388 billion a year - far outweighs the risk of getting caught.

Among some innovations in member state protocols, security breach notifications - currently issued only in the telecoms industry - may in the future also apply to transport, water, food supply, energy and the financial banking sectors.

Such notifications were originally introduced in 2002 as part of a larger EU directive on privacy and electronic communications.

Digital agenda commissioner Neelie Kroes' spokesperson told EUobserver it is too early to provide details on the legislative proposal. But Kroes has already dropped hints on what such a strategy would look like.

At a speech delivered at a cyber-security Security and Defence Agenda dinner in February, she spoke of obliging private companies to notify authorities of cyber security breaches, incidents or attacks.

Her ideas reflect an MEP vote on Tuesday, calling on the commission to propose an EU framework for the notification of security breaches before the end of the year. Separately, the MEPs claim the EU is too far behind in international cooperation on cyber-security issues.

Meanwhile in Crete, the European network and information security agency (Enisa) aims to play an increasing role.

The agency is broadly tasked with building-up information security within the EU but its five-year mandate is set to expire in September 2013. Earlier this year, the European Parliament's committee on industry, research and energy voted to extend it to another seven years.

“It [cyber-security] is very much down to the individual countries. Different approaches are needed in different locations but we are recommending a common approach and a common bench mark," Enisa's Greame Cooper told EUobserver.

Troels Oerting, who heads the new cyber crime center at the EU's joint police agency Europol, envisions Enisa having a direct role in its work. But contacts did not elaborate on what such role would look like.

A Europol-based cyber centre should be operational early next year, with representatives from Interpol expected to sit on its governing board. For its part, Interpol is expected to launch its own cyber centre in Singapore sometime in 2015, said Oerting.

News in Brief

  1. VW's internal Dieselgate probe not yet done
  2. Israel defies EU policy with huge settlement expansion
  3. Martin Schulz to be candidate for German chancellor
  4. EU commission gives MEPs Dieselgate paper at last moment
  5. EU parliament committee backs EU-Canada deal
  6. UK MPs must vote on Brexit trigger, court rules
  7. Greek island mayors plead for the transfer of migrants
  8. Tzipi Livni cancels Brussels trip amid war crimes probe

Stakeholders' Highlights

  1. International Partnership for Human RightsKyrgyzstan: no Justice for Human Rights Defender Azimjan Askarov
  2. Dialogue PlatformThe Influence of Turkish Politics in Europe After the Coup Attempt
  3. World VisionEU Urged to do Better Ahead of Helsinki Conference on Syria
  4. Caritas EuropaEU States to Join Pope Francis’s Appeal to Care for Migrant Children
  5. UNICEFNumber of Unaccompanied Children Arriving by sea to Italy Doubles in 2016
  6. Nordic Council of Ministers"Nordic Matters" Help Forge Closer Bonds Between the UK and the Nordic Region
  7. Computers, Privacy & Data ProtectionThe age of Intelligent Machines: join the Conference on 25-27 January 2017
  8. Martens CentreNo Better way to Lift Your Monday Blues Than to Gloss Over our Political Cartoons
  9. Dialogue PlatformThe Gulen Movement: An Islamic Response to Terror as a Global Challenge
  10. European Free AllianceMinority Rights and Autonomy are a European Normality
  11. Swedish EnterprisesHow to Create EU Competitiveness Post-Brexit? Seminar on January 24th
  12. European Jewish CongressSchulz to be Awarded the European Medal for Tolerance for his Stand Against Populism

Latest News

  1. No Turkey-type migrant deal with Libya, says EU commission
  2. EU to Trump: Protectionism is 'doomed to fail'
  3. The French town that swung from socialist to far-right
  4. UK parliament must give Brexit approval, judges rule
  5. 'No indication' VW used EU loans to cheat
  6. Fillon promotes pro-Russia views in Berlin
  7. Dutch PM tells people to 'act normal, or go away'
  8. EU to step up effort against Russian and Islamist propaganda