The construction of a more cyber resilient European Union (EU) took a remarkable step forward this past week as negotiators from the European Parliament and the European Council reached a provisional agreement on the proposed Cyber Solidarity Act.
Proposed last year, the Cyber Solidarity Act is composed of three key pillars that seek to crack the daunting challenge of detecting, preparing for, and responding to cybersecurity threats and incidents that shake up the security sphere. This structured approach signifies the bloc's “urgent need” to reinforce their ability to address these alarming threats from bad actors.
The next steps include receiving formal endorsement from both the Council and the Parliament, following which it will be reviewed and (if approved) adopted later this year.
When explaining this proposal, the European Commission expressed its concerns about the current geopolitical situation. It pointed at Russia's military aggression against Ukraine, which has been complemented by a series of hostile cyber operations, and called it a “game changer” for the perception and assessment of the EU’s collective cybersecurity crisis management preparedness.
Despite the undeniable potential for cross-border impacts perpetrated by cyber incidents, the Commission believes that there is currently an unacceptably “limited” amount of vital information being shared within the bloc, and between the bloc and its partners.
To counteract this dearth of information, the proposed Cyber Solidarity Act aims at setting up a European Cyber Shield — a network of national security operations centers, generously funded and designed to work in harmony with the existing computer security incident response teams (CSIRTs) network. This was initially suggested as a part of the bloc's 2020 cybersecurity strategy.
In addition, the Act proposes the establishment of an emergency mechanism for creating and funding a “cyber reserve,” drawing on certified private sector incident responders for deployment in times of need.
The Act also suggests a new review mechanism. Large-scale incidents can be requested for an in-depth analysis by the European Union Agency for Cybersecurity (ENISA), under the request of the Commission or national authorities. ENISA will identify important lessons learned from these incidents and make recommendations for improving cybersecurity strategies across the Union.
It is clear that the European Union is putting a huge focus on strengthening its cybersecurity infrastructure in the face of such rapidly-evolving cyber threats. The series of initiatives proposed in the Cyber Solidarity Act offer the promise of a more secure, robust, and responsive European digital landscape.
The world will undoubtedly be watching as the EU advances forward with a comprehensive cyber-protection structure. In the meantime, organizations can start taking steps now to improve their security defenses. Rejuvenating our cybersecurity landscape starts with properly equipped users. Businesses and individuals should not wait around for policies to change but can start investing in new-school security awareness training today. Training your users can make a world of difference in spotting and reporting the latest threats effectively.
This proactive approach and the ability to respond appropriately when faced with suspicious activity will be crucial in complementing national cybersecurity strategies, as everyone should play a part in staying safe. KnowBe4 empowers your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.
The Record has the full story.
New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn't a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4's security awareness training and simulated phishing platform and see how easy it can be!
