EU looks to spending, diplomacy to up cyber security

CERT-LatestNews Security News ThreatsCybercrime ThreatsEconomic ThreatsStrategic Uncategorized
The EU wants to improve its capacity to attribute cyber attacks to those responsible.

The EU wants to improve its capacity to attribute cyber attacks to those responsible.

The European Commission wants to bolster cyber security in the EU by increasing investment in technology, setting stricter consumer safeguards and stepping up diplomacy to deter attacks by other nations, among other measures.

The commission is due to announce its proposals in a report later this month, a copy of which was obtained by Reuters yesterday. It also argues for greater national and law enforcement cooperation to halt incoming attacks.

The report calls for a short-term injection of additional EU spending to achieve both a critical mass of investment and overcome fragmentation within the region, calling a previous 2016 plan to spend €1.8 billion by 2020 a “first step”.

It cited public and private estimates that the impact of cyber crime on the EU rose fivefold between 2013 and 2017 and could rise another four times by 2019. Europol puts these losses at €265 billion per year.

In its report, the European Commission calls for increased technical capacity to investigate cyber attacks, as well as investment to promote a stronger regional cyber industry.

  See also

“In order to increase our chances of catching perpetrators, we need to improve our capacity to attribute cyber attacks to those responsible,” it says.

One specific issue it aims to address is to develop a European encryption capability using next-generation quantum technologies as a basis for secure digital identification systems, intellectual property protections and safe e-commerce.

The EU is looking to establish a “duty of care” principle for vendor product and software development in this arena and promised early in 2018 to put forward concrete proposals to give law enforcers cross-border access to electronic evidence.

Another proposal calls for the creation of a European Cybersecurity Research and Competence Centre to coordinate proposed solutions, part of plans to strengthen the existing European Union Agency for Network and Information Security.

The review, announced in May, is part of the EU’s mid-term course correction of its digital strategy. Some proposals must first be approved by member states and the European Parliament.

The report aims to develop a policy framework to galvanise all parties – the EU, member states, industry, as well as citizens – to build better resilience and bolster the EU’s response to cyber attacks.

“The framework constitutes a first step in developing signalling and reactive capacities at EU and member-state level with the aim of influencing the behaviour of potential aggressors,” it said of response to attacks by other nations.

Copyright 2017 Reuters Limited. All rights reserved. Republication and redistribution of Reuters content is expressly prohibited without the prior written consent of Reuters. Reuters shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Our comments policy does not allow anonymous postings. Read the policy here