Mirage News
Mirage News
World
 Date Time

EU Commission Hails Agreement on Cyber Solidarity Act

European Commission

The Commission welcomes the political agreement reached last night between the European Parliament and the Council on the Cyber Solidarity Act, proposed by the Commission in April 2023.

The Cyber Solidarity Act will strengthen solidarity at EU level to better detect, prepare and respond to cyberthreats and incidents. It comes at a crucial time for EU cybersecurity, as the cyber threat landscape in the EU continues to be impacted by geopolitical events.

The Cyber Solidarity Act includes three actions:

Firstly, the setting up of a European Cybersecurity Alert System, consisting of a network of National and Cross-border Cyber Hubs, which will leverage state-of-the-art tools and infrastructures, such as Artificial Intelligence and advanced data analytics, to swiftly detect cyber threats and incidents. This infrastructure will provide real-time situational awareness to authorities and other relevant entities, enabling them to effectively respond to such threats and incidents. In April 2023, two Member State consortia were formed to jointly procure and receive grants to operate and launch a pilot phase of such tools and infrastructures under the Digital Europe Programme.

Secondly, the Act also creates a Cybersecurity Emergency Mechanism that will enhance preparedness and response capabilities to significant and large-scale cyber incidents. The mechanism will support three main areas:

  1. Preparedness actions: to coordinate preparedness testing of entities operating in critical sectors, including health or energy, for potential vulnerabilities.
  2. A new EU Cybersecurity Reserve: to consist of incident response services from trusted providers ready to intervene at the request of Member States, European Union institutions, bodies or agencies or a third country associated to this specific action under the Digital Europe Programme, in case of significant or large-scale cybersecurity incidents.
  3. Financial support for mutual assistance: to support one Member State providing technical assistance to another Member State affected by a significant or large-scale cybersecurity incident.

Thirdly, the proposal also establishes a European Cybersecurity Incident Review Mechanism to review and assess significant or large-scale incidents after they have occurred with the aim of providing recommendations to improve the EU's cybersecurity standing.

The European Parliament and the Council also reached an agreement on the amendment to the Cybersecurity Act. This amendment opens up the possibility of adopting European certification schemes for managed security services. It will help provide a framework for establishing trusted providers in the EU Cybersecurity Reserve under the Cyber Solidarity Act.

Managed security services play an important role in preventing and responding to cybersecurity incidents. However, they are also themselves a target for malicious actors who seek to gain access to the sensitive environments of their clients. The certification of such services will strengthen cybersecurity across the Union, promoting trust and transparency in the supply chain. This is crucial for businesses and critical infrastructure operators, who will have a clear benchmark when procuring cybersecurity services.

Next Steps

The agreement reached yesterday evening is now subject to formal approval by the European Parliament and the Council. Once formally adopted, the Cyber Solidarity Act will enter into force on the 20th day following its publication in the Official Journal.

The Cyber Solidarity Act will increase funding for Cybersecurity actions under Digital Europe Programme for the period 2025-2027.

Background

With the proposed EU Cyber Solidarity Act, the Commission responds to Member States' calls to strengthen EU cyber resilience, and delivers on its commitment expressed in the 2022 Joint Cyber Defence Communication to prepare an EU Cyber Solidarity Initiative.

The Cyber Solidarity Act is one building block towards this goal, along with the Cyber Resilience Act and the NIS2 Directive. It builds on the 2020 EU Cybersecurity Strategy and the 2020 EU Security Union Strategy.

Alongside the Cyber Solidarity Act, the Commission published a proposal for a targeted amendment to the Cybersecurity Act to allow for the adoption of European cybersecurity certification schemes for managed security services.

The Commission also announced the Communication on the Cybersecurity Skills Academy, to close the cybersecurity talent gap as part of the 2023 European year of Skills. The Academy will bring together various existing initiatives aimed at promoting cybersecurity skills and will make them available on an online platform, thereby increasing their visibility and boosting the number of skilled cybersecurity professionals in the EU.

/Public Release. This material from the originating organization/author(s) might be of the point-in-time nature, and edited for clarity, style and length. Mirage.News does not take institutional positions or sides, and all views, positions, and conclusions expressed herein are solely those of the author(s).View in full here.
Tags: , , , , , , , , , , , , , , , ,

You might also like

Cognitive Offloading: How Technology Changing Our Brains
Shedding Light on Blue Light: Impact on Sleep & Health
Microbiome & Mental Health: How Bacteria Affects Brain
Astronomy in Ancient Cultures: Early Star Interpretations
Physics of Time Travel: A Scientific Perspective
Albinism: The Science Behind the Lack of Color