The Council of the European Union announced today that it has officially adopted a new cybersecurity strategy.
The strategy, which looks ahead to the next decade, was presented to the council in December 2020 by the European Commission and the high representative for foreign affairs.
It contains a framework for how to defend businesses, organizations, and EU citizens from cyber-attacks and promote secure information systems. The strategy also outlines plans to make international cyberspace “open, free and secure,” according to the council.
“The conclusions note that cybersecurity is essential for building a resilient, green and digital Europe,” said the council in a statement released today.
“They set as a key objective achieving strategic autonomy while preserving an open economy. This includes reinforcing the ability to make autonomous choices in the area of cybersecurity, with the aim to strengthen the EU’s digital leadership and strategic capacities.”
The conclusions include a strong commitment by the council to swiftly complete the implementation of the EU 5G toolbox measures and to continue efforts to guarantee the security of 5G networks and the development of future network generations.
Actions laid out in the conclusions include the creation of a network of security operation centers across the Union to improve both threat detection and anticipation and the possible establishment of a cyber-intelligence working group to strengthen the EU Intelligence and Situation Centre (INTCEN).
Another proposed measure is the definition of a joint cyber unit that “would provide clear focus to the EU’s cybersecurity crisis management framework.”
Accelerating the adoption of key internet security standards is another action point listed in the conclusions. This step, which the council says will require “a joint effort,” is described as being “instrumental to increase the overall level of security and openness of the global internet while increasing the competitiveness of the EU industry.”
Other actions include addressing the need to support the development of strong encryption as a means of protecting fundamental rights and digital security, while simultaneously ensuring that law enforcement agencies and judicial authorities can exercise the offline and online powers that have been granted to them.