EU presents new cybersecurity strategy
By ECCT staff writers
The EU has announced a new EU cybersecurity strategy and new rules aimed to make physical and digital critical entities more resilient. According to a report in Europa, the EU’s official website, the European Commission and the High Representative of the Union for Foreign Affairs and Security Policy presented the strategy as a key component of shaping Europe's digital future, the recovery plan for Europe and the EU Security Union Strategy. The strategy will bolster Europe's collective resilience against cyber threats and help to ensure that all citizens and businesses can fully benefit from trustworthy and reliable services and digital tools. “Whether it is the connected devices, the electricity grid, or the banks, planes, public administrations and hospitals Europeans use or frequent, they deserve to do so with the assurance that they will be shielded from cyber threats,” according to the report.
The new strategy will also allow the EU to step up leadership on international norms and standards in cyberspace, and to strengthen cooperation with partners around the world to promote a global, open, stable and secure cyberspace, grounded in the rule of law, human rights, fundamental freedoms and democratic values.
Furthermore, the Commission is making proposals to address both cyber and physical resilience of critical entities and networks: a directive on measures for high common level of cybersecurity across the Union (revised NIS Directive or ‘NIS 2'), and a new directive on the resilience of critical entities. They cover a wide range of sectors and aim to address current and future online and offline risks, from cyberattacks to crime or natural disasters, in a coherent and complementary way.
The strategy aims to safeguard a global and open Internet, while at the same time offering safeguards, not only to ensure security but also to protect European values and the fundamental rights of everyone. Building upon the achievements of the past months and years, it contains concrete proposals for regulatory, investment and policy initiatives, in three areas of EU action: 1) Resilience, technological sovereignty and leadership; 2) Building operational capacity to prevent, deter and respond and 3) Advancing a global and open cyberspace through increased cooperation.