Over the last five years, the European Union has increased the number of initiatives and tools to manage cybersecurity challenges at an unprecedented pace. The European Cybersecurity Act, which sets the new mandate of ENISA and the cybersecurity certification framework, but also the full implementation of the NIS Directive, the blueprint for rapid emergency response and the establishing of Cyber-research centres all over Europe are the major initiatives. The Parliament and the Council also contributed with ad hoc initiatives such as the framework for a joint EU diplomatic response to malicious cyber activities. Furthermore, the hybrid nature of cyber threats has triggered the inclusion of cyber defence aspects in European defence policy.
What are the challenges for moving from this wealth of policy initiatives to action and policy implementation? Is the structure of the new Commission tailored to manage cybersecurity effectively? How are the rapidly evolving threats landscape and the use of new technologies such as AI changing the approach to building cyber resilience? And, given the increasing growth of threats from nation states that are militarising cyberspace for political ends, what role should Europe play in current international initiatives such as the Paris call for trust and security in Cyberspace or the renewed effort from the United Nations to improve the world of cyber norms?
These and more questions will be raised and hopefully answered at our conference at CEPS on Thursday, 12 December 2019, which aims to make a significant contribution towards outlining the next steps of the European Union Cybersecurity.
More information will follow in due course.