The European Council and negotiators from the European Parliament reached on Tuesday night a provisional agreement on the proposed Cyber Solidarity Act, which aims to strengthen member states’ resilience in the face of increasing digital threats.
The Cyber Solidarity Act was proposed last year, featuring three pillars intended to address “the urgent need” for the bloc to be able to “detect, prepare for and respond to cybersecurity threats and incidents.”
The negotiated text will next be formally endorsed by the Council and Parliament before being reviewed and adopted later this year.
Explaining its proposal, the European Commission stated: “Russia’s military aggression against Ukraine was preceded and is being accompanied by a strategy of hostile cyber operations, which is a game changer for the perception and assessment of the EU’s collective cybersecurity crisis management preparedness and a call for urgent action.”
According to the Commission, despite the potential cross-border impacts of cyber incidents there is currently a “limited” amount of relevant information sharing.
To address this, the Cyber Solidarity Act will create and fund a federated network of national security operations centers called the European Cyber Shield — first proposed in the bloc’s 2020 cybersecurity strategy — alongside an emergency mechanism creating and funding a “cyber reserve” of certified private sector incident responders.
The European Cyber Shield is intended to be complementary to the existing computer security incident response teams (CSIRTs) network.
The Act also proposes a new review mechanism that would have the European Union Agency for Cybersecurity (ENISA) formally analyze large-scale incidents on the request of the Commission or national authorities to identify lessons learned and make recommendations to improve cybersecurity across the Union.
Recorded Future
Intelligence Cloud.