2.7 Cyber security in the EU
In 2017, the European Union (EU) introduced a new framework for cyber security in the EU. This included a new EU Cybersecurity Agency to improve the sharing of threat intelligence and knowledge, to organise and run pan-European cyber security exercises and to ensure that all serious incidents are fully reported. It would also implement an EU-wide certification framework to ensure that all products and services in the EU are secure from cyber-attack. It is also introducing measures to combat fraud and the counterfeiting of non-cash means of payment.
On 10 December 2018, the European Parliament, the Council of the EU and the Commission agreed on the Cybersecurity Act, which reinforces the mandate of the EU Agency for Cybersecurity, (European Union Agency for Network and Information and Security, ENISA) so as to better support Member States with tackling cyber security threats and attacks. The Act also establishes an EU framework for cybersecurity certification, boosting the cybersecurity of online services and consumer devices.
The text of the EU Cybersecurity Act is available here: https://eur-lex.europa.eu/ eli/ reg/ 2019/ 881/ oj [Tip: hold Ctrl and click a link to open it in a new tab. (Hide tip)] . An infographic of the act is available from: https://ec.europa.eu/ digital-single-market/ en/ news/ eu-cybersecurity-act-glance.
In the next section, you’ll be invited to find out about similar laws in a country of interest and share your results with other learners.