The European Union is seeking to help Member States prevent and respond to cyberattacks more effectively. Its new package of sweeping cybersecurity measures is designed to equip Europe with the tools it needs. The Commission announced that it was working on a label for businesses and reforming ENISA, the current European Union Agency for Network and Information Security.
“In the past three years, we have made progress in keeping Europeans safe online. But Europe is still not well equipped when it comes to cyberattacks. This is why, today, the Commission is proposing new tools […] to help defend us against such attacks,” declared Jean-Claude Juncker, President of the European Commission.
In 2016, there were more than 4000 ransomware attacks across the world, a 300% increase since 2015, the Commission stated in a press release. 80% of businesses in Europe were affected by the attacks, the EC claims. That’s why urgent action is needed. Especially given that the economic impact of cybercrime increased five-fold between 2013 and 2017, and it is expected to quadruple by 2019.
A stronger cybersecurity agency
The European Commission intends to boost the Union’s resilience and ability to respond to cyberattacks by strengthening ENISA, the agency responsible for network and information security. Its 2017 budget of €11.2 million is expected to be doubled by 2021. The agency’s workforce will also be increased from 80 to 120 employees. Its primary purpose will be to foster a more meaningful collaboration between national cybersecurity centers.
“No country can face cybersecurity challenges alone. Our initiatives strengthen cooperation so that EU countries can tackle these challenges together. We also propose new measures to boost investment in innovation and promote cyberhygiene,” said Andrus Ansip, Vice-President for the Digital Single Market.
The Commission stated that the reformed agency will better prepare the EU for attacks by organizing yearly pan-European cybersecurity exercises and ensuring that knowledge and intelligence of threats are better shared, with the setting up of information and sharing analysis centers.
Anticipating the risks associated with connected objects
The Commission recognizes how connected objects now form a major part of our day-to-day lives. ENISA will help to put in place and implement the EU-wide certification framework to ensure that products and services meet all the applicable requirements in terms of cybersecurity.
“Just as consumers can trust what they eat thanks to EU food labels, new European cybersecurity certificates will ensure the trustworthiness of the billions of devices (« Internet of Things ») which drive today’s critical infrastructures, such as energy and transport networks, but also new consumer devices, such as connected cars,” Brussels said.