Cybersecurity is becoming a top priority. Indeed, it now concerns many areas: health, transport, economy, privacy … The directive on network and information systems security of 6 July 2016, the so-called NIS Directive, should establish at the level of the European Union the foundations for future effective cooperation.
Cyber-crime constantly increasing
According to a study published by Lloyd’s in July 2017, the cost of a global cyber attack could reach 100 billion euro (equivalent to twice the losses caused by Hurricane Sandy). From viruses to ransomware (data encryption software), cyberattacks have a multitude of forms, which complicates the fight against cyber-crime. A report on the spectrum of these threats has been published by the European Union Agency for Network and Information Security (ENISA).
For example, several companies have recently suffered from these attacks, the latest Uber or cdiscount, generating financial consequences estimated at 400 billion euro per year for the global economy. It seems that 69% of companies are not aware of their exposure to cyber-risks.
To counter this problem, ENISA should have its prerogatives extended, notably to promote the harmonisation of cybersecurity certifications at Union level and the proper application of the RIS Directive. Each member state should also designate reference authorities for the fight against cyber threats (eg National Agency for Information Systems Security, ANSSI in France). Europol should also play a leading role in the fight against cyber-crime, particularly against fraud.
Projects to strengthen cybersecurity
In parallel with the implementation of the General Data Protection Regulation (GDPR), which the CNIL will monitor the correct application in France, the European Commission has made a series of proposals to strengthen cybersecurity and cyber-resilience ( ability of a system to function after being attacked).
As a result, in September 2017, the Commission announced its intention to create a network of cybersecurity centers. This network should be established through public-private partnerships through a call for proposals. These research centers should also address other topics such as artificial intelligence (AI), blockchain, etc. As part of the Horizon 2020 programme, a pilot project for the creation of a first center should be launched in 2018 for a budget of 50 million euro. The deadline for submitting applications to submit a pilot proposal is 29 May 2018.
A second call for proposals is also expected to fund projects to improve business digital security, data protection and critical sectors, in particular the energy sector.
Will the European Union be able to set up a network capable of protecting its economy and its administrations? In the era of big data and connected objects, this question will probably be at the heart of European concerns, especially as the risk of digital terrorism adds to the protection of privacy (see the next regulation on e-privacy).