On December 16, 2020, the European Commission and the EU’s High Representative for Foreign Affairs and Security Policy presented a new EU Cybersecurity Strategy (the “Cybersecurity Strategy”).
The Cybersecurity Strategy came about after Regulation (EU) 2019/881, of April 17, 2019, on Cybersecurity came into force on April 17, 2019 as part of the accelerated digitalization of the business world due to the COVID-19 crisis. In 2020, 40% of EU workers started to work remotely. In this context, one in five have had security problems, and one in eight companies has suffered a cyber-attack in which information has been accessed, modified or deleted. Nonetheless, the greatest risks are expected for connected devices. The European Union predicts that the number of connected devices in its Member States will increase to 6.25 billion by 2025.
The Cybersecurity Strategy’s objective is, therefore, to protect the Digital Single Market from cyber-attacks, unifying the criteria used to strengthen that protection at European level. Its adoption will enhance security on digital platforms and digital devices, thus increasing stability among service providers and users.
The main action lines of the Cybersecurity Strategy are:
- increase the security of essential services and connected devices,
- strengthen collective responses to the main cyber-attacks, and
- cooperate globally with partners to guarantee international security and stability in cyberspace.
Specifically, under the first action line, the European Commission proposes reforming the rules on network and information systems security, to increase resilience to cyber-attacks in critical sectors such as hospitals, data centers and research labs.
Regarding the second action line, the European Commission is preparing a new joint IT unit to strengthen cooperation between those EU bodies and Member State authorities tasked with preventing, discouraging and responding to cyber-attacks.
Under the third action line, the EU will step up collaboration with its international partners. The aim is to strengthen and promote international security and stability in cyberspace, and to protect human rights and fundamental freedoms online. Therefore, there will be an enhanced dialog with third countries on cyber matters.
Over the coming months, the European Commission will continue to implement new measures to strengthen digital security, so now is the ideal time for companies to rethink their cybersecurity strategy and address the legal issues linked to adapting to the EU measures.
Authors: Carolina Urbano y Pedro Méndez de Vigo
Don’t miss our content
Subscribe