How coherent is EU cybersecurity policy?

Author (Person) ,
Series Title
Series Details 16.01.18
Publication Date 16/01/2018
Content Type


The European Union aims to strengthen its cyber security rules in order to tackle the increasing threat posed by cyber attacks as well as to take advantage of the opportunities of the new digital age.

On 19-20 October 2017, the European Council asked for the adoption of a common approach to EU cyber security following the reform package proposed by the European Commission in September 2017.

This reform aims to build on the measures put in place by the cyber security strategy and its main pillar, the directive on security of network and information systems - the NIS directive.

The proposal sets out new initiatives such as:

+ building a stronger EU cyber security agency
+ introducing an EU-wide cyber security certification scheme
+ swiftly implementing the NIS directive.

EU leaders regard cyber security reform as one of the main ongoing aspects on the road to completing the EU digital single market. Recent security breaches at major companies and cyber-attacks such as the WannaCry ransomware attack have put cybersecurity firmly on the EU’s political agenda. But how coherent an actor is the EU in the field of cybersecurity?

Drawing on a recent study, Andre Barrinha and Helena Farrand-Carrapico write that there remains a lack of cohesion in EU cybersecurity policy, with the main responsibilities in cybersecurity governance remaining with the member states. It remains to be seen whether recent events will encourage EU states to cooperate more closely on the issue or whether stronger responses will be pursued by individual states at the national level.

Source Link
Related Links
Council of the European Union: Policies: Reform of cyber security in Europe

Subject Categories , ,
Countries / Regions