Security in cyberspace requires a comprehensive EU approach
Cybersecurity is an increasingly important front for both individual member states and the EU as a whole. We must be united in our stance, writes Turo Mattila
During our term, we will work on 5G network security with a view to agreeing among Member States on common mitigating measures to deal with the security risks associated with 5G, in line with the Commission’s recommendation from last March.
We will also continue to work on establishing the European Cybersecurity Competence Centre and Network. This will ensure that EU funding on cybersecurity during the next Multiannual Financial Framework is used as efficiently as possible.
If there is a need to react jointly to harmful cyber activities against Member States or the EU, our presidency stands ready to lead the negotiations on how to use the EU Cyber-Diplomacy Toolbox – including the possibility of imposing restrictive measures of the new EU cyber sanctions regime that entered into force in May.
More generally, our work needs to be guided by a comprehensive approach on security: This means strong coordination and coherence in our action across all policy fields relevant for our security.
In addition to what it is we do, our presidency pays a lot of attention on how we do it. As security policy has become an increasingly high-priority issue for the EU in recent years, it is important to make sure that we have the right kind of organisational structure and working methods in place.
Hybrid threats come in many forms and are constantly evolving, but they remain a permanent element of our security environment.
We therefore need to be committed to building our resilience in the long term, as well as the capabilities to react quickly together to counter them when needed.
EU Member States are responsible for their security; it is a national competence. However, EU members have shown a strong interest in greater cooperation on the EU level for issues such as defence, cybersecurity, and countering hybrid threats.
Our security environment has changed significantly in recent years as a result of, for example, the illegal annexation of Crimea by Russia and the war in Eastern Ukraine.
“We have only recently understood that what happens in cyberspace is an inseparable part of our security and what this requires of us”
Aggressive operations by foreign intelligence services in the territory of EU member states have highlighted that threats to our shared security come in many forms.
Cyberattacks such as NotPetya and WannaCry caused significant damage to both citizens and private companies as well as public service providers throughout Europe.
Malign activities, which are often defined as hybrid threats due to their multidimensional nature, are not limited by national borders.
Hybrid influencing often aims at undermining the unity of the EU and the people’s trust in the European institutions. All this calls for cooperation, in order to strengthen our resilience and defend our shared interests and values.
The EU has an important role to play in supporting national e orts through legislation, security-related funding through the Multiannual Financial Framework (MFF) and in showing the unity of member states in defending our democratic systems and citizens.
An important element of the EU’s cybersecurity work is our diplomatic e orts in the UN and other multilateral fora.
We are seeking to strengthen the commitment of the international community to the principles of an open, safe and secure internet, responsible state behaviour and the applicability of international law in cyberspace.
“We are seeking to strengthen the commitment of the international community to the principles of an open, safe and secure internet, responsible state behaviour and the applicability of international law in cyberspace”
Member States are united in promoting these principles, and our unity will prove vital in building broad support for them as possible, at a time when the rules-based international order is facing significant pressures.
The EU adopted its first cybersecurity strategy in 2013, shortly before we started to see more serious real-life examples of threats in cyberspace.
Although most EU countries already have established national cyber-security authorities and drafted national cyber strategies, we have only recently understood that what happens in cyberspace is an inseparable part of our security and what this requires of us.
In short, we need to work for the security of our citizens, societies and state institutions just as strongly in cyberspace as we do elsewhere.
Cyber threats underline the importance of improved information sharing, situational awareness and decision-making capabilities on the EU level.
An important way of increasing our security in cyberspace in the long term is to invest in research that supports the development of world-class cybersecurity products, services and solutions in Europe. This will be vital for our current and future competitiveness and security.
Europe’s cloud infrastructure providers support the EU’s intentions to crack down on online terrorist content, however policymakers are targeting the wrong players, explains Alban Schmutz.
Europe and Huawei share common values, writes Abraham Liu.
Europe is more than just one of Huawei's most important markets, writes Abraham Liu.