EU Cybersecurity Strategy for the Digital

by Fran Howarth
Copyright May, 2021 Faulk ner Information Services. All rights reserved.

Inside this report …

Proposed Action Under the Strategy
Resource File


[return to top of report]

The European Union (EU) Cybersecurity Strategy for the Digital Decade has been developed to increase cyber
resilience in the face of increasingly advanced cyber threats and ensure that digital technologies are trustworthy.
According to the European Commission, a new strategy is needed because:

Critical services for citizens and businesses are now delivered digitally.
The IoT is proliferating and is estimated to currently encompass some 25 billion connected devices. One-
quarter of these are in Europe.
Cyber attacks are increasing. For example, DDoS attacks have increased recently by 241 percent.
The Covid-19 pandemic has increased dependency on digital technologies considerably. In early 2020, 40
percent of EU workers were working remotely.
The pandemic has expanded the attack surface. In particular, hospitals and vaccine distribution chains
have been targeted.
Two in five digital technology users in the US have experienced security-related problems and one in eight
businesses have been effected by cyber attacks.
Cyberspace is becoming a political battleground, with authoritarian regimes damaging the open global
Internet and trying to dominate international bodies and norm setting.
Cybersecurity is essential for the success of digital transformation initiatives.

The EU is now in position to drive the development of norms and standards for cybersecurity, especially for
essential services and for guarding critical infrastructures, as well as the development and application of new
technologies. The European Commission has now made cybersecurity one of its top priorities and has placed it at
the heart of a digital and connected Europe.

The EU’s new strategy covers the security of essential services that include hospitals, energy grids, railways and
connected objects that are increasingly being deployed in homes, offices and factories. It includes the
establishment of a joint cyber unit to more effectively respond to cyber threats using the collective resources and
expertise that are available.

To support this strategy, spending levels are being boosted over the coming seven years. The budget is reported
to be 4.5 billion euros. This is quadruple previous levels of investment.

Proposed Action Under the Strategy

[return to top of report]

Resilience, Technological Sovereignty and Leadership

The European Commission proposes to reform rules on the security of network and information systems through a
revised directive on network and information systems (NIS directive). The first NIS directive came into force in
2016, aiming to achieve a common high level of security of network and information systems across the EU. The
revised directive, NIS 2, aims to increase the level of cyber resilience of sectors seen as critical, including:

Energy grids
Data centers
Public administrations
Research labs
The manufacturing of critical medical devices and medicines

“The Commission also proposes to launch a network of Security Operations Centers across the EU, powered by
artificial intelligence (AI), which will constitute a real “cybersecurity shield” for the EU, able to detect signs of a
cyber attack early enough and to enable proactive action, before damage occurs. Additional measures will include
dedicated support to small and medium-sized businesses (SMEs), under the Digital Innovation Hubs, as well as
increased efforts to up skill the workforce, attract and retain the best cybersecurity talent and invest in research
and innovation that is open, competitive and based on excellence.”

Operational Capacity to Prevent, Deter and Respond

In order to strengthen cooperation between EU bodies and member state cybersecurity authorities, a Joint Cyber
Unit is being established that will include representatives from the civilian, law enforcement, diplomatic and cyber
defense communities. There are proposals to strengthen the EU Cyber Diplomacy Toolbox, which includes a wide
and diverse collection of instruments for a joint EU diplomatic response, including the imposition of sanctions for
malicious cyber activities, taking into account the need for proportionality in any response. The intention is to
translate the provisions within the toolbox into a foreign policy instrument.

As part of its efforts in cyber diplomacy, the EU is looking to achieve three further objectives:

Provide guidance on the application of human rights and fundamental freedoms online.
Provide better protection for children against sexual abuse and exploitation.
The setting of objectives in the international standardization processes.

The EU also aims to further enhance cooperation in cyber defense activities and develop more advanced cyber
defense capabilities.

Cooperation to Advance a Global and Open Cyberspace

This action area looks beyond the EU to advance cooperation with international partners in the UN and other
relevant parties. It aims to promote international security and stability in cyberspace and to protect human rights
and fundamental freedoms online. It will expand on the EU Cyber Diplomacy Toolbox to create an EU External
Cyber Capacity Building Agenda and will form an EU Cyber Diplomacy Network around the world.

Under the EU Cybersecurity Strategy, member states are being encouraged to complete implementation of the
EU 5G Toolbox. ENISA and the European Commission published a report in October 2019 that identifies the main
threats, threat actors, most sensitive assets, main technical vulnerabilities, and gaps in the legal and policy
framework that covers suppliers of information and communications technologies equipment. According to a
progress report of July 2020, most member states are on track in terms of implementing the recommended

measures, and implementation should be fully completed in the second quarter of 2021. It is hoped that this will
help in the development of secure networks in the future, especially 6G.

Also involving networks, a new approach to the DNS system is envisioned. As part of the plan, the development of
an alternative European service called DNS4EU is planned.

The EU Cybersecurity Strategy includes a focus on tackling cyber crime, including continued cooperation
between ENISA and Europol. The European Commission has laid out an action plan to enhance the digital
capacity of law enforcement, looking to identify the skills and tools that will be needed. Europol is central to this

European Cyber Agora

In March 2021, Microsoft launched a new multi-stakeholder initiative that aims to advance European perspectives
on global cybersecurity. Those stakeholders include:

The EU Cyber Direct Programme
The German Marshall Fund of the US
Carnegie Europe
Leiden University
The Cyber Policy Institute
Chatham House
The University of Ljubljana
The Information Security Administration of the Republic of Slovenia
The EU’s CYDIPLO network

Known as the European Cyber Agora, it is intended as a forum for providing regular structured exchanges between
EU institutions, member states, the private sector, academia and civil society. The Cyber Agora aims to ensure
the enhanced participation of Europe in global cyber affairs. It will hold workshops covering such topics as:

The 5G toolbox
Cybersecurity aspects of digital sovereignty
The link between healthcare and cybersecurity
European views on emerging technologies

What’s Next

The European Commission will implement the EU Cybersecurity Strategy over the coming months, monitoring
progress from reports rendered by EU member states and ENISA, and will report progress made to the European
Parliament and the Council of the European Union.


[return to top of report]

IBM recommends that organizations should prepare for the EU Cybersecurity Strategy and its new directives with
the following measures:

Verify if your organization is part of the extended scope.
Identify how cybersecurity detection and notification processes can be improved.
Review supply chain security and vendor relationships.
Ensure that the basic principles of the EU Cybersecurity Strategy and its new directives are included in

your organization’s risk management processes.1

Resource File

[return to top of report]

Cyber Agora:
European Commission:


1 Koen Van Impe. “Cyber Resilience Strategy Changes You Should Know in the EU’s Digital Decade.” Security
Intelligence | IBM. February 18, 2021.

About the Author

[return to top of report]

Fran Howarth is a principal analyst with Bloor Research, a European IT research company and consultancy and
is also a frequent blogger. Her current main areas of focus are network and endpoint security, security intelligence
and analytics, information governance and data security, advanced threat protection and identity management.
She has worked as an analyst and consultant for more than 25 years and is a long standing contributor to
Faulkner’s Security Management Practices publication. She may be reached via e-mail at [email protected]

Site content copyright 2021, Faulkner Information Services. All rights reserved.
Return to Security Management Practices Home

mailto:[email protected]

Place your order
(550 words)

Approximate price: $22

Calculate the price of your order

550 words
We'll send you the first draft for approval by September 11, 2018 at 10:52 AM
Total price:
The price is based on these factors:
Academic level
Number of pages
Basic features
  • Free title page and bibliography
  • Unlimited revisions
  • Plagiarism-free guarantee
  • Money-back guarantee
  • 24/7 support
On-demand options
  • Writer’s samples
  • Part-by-part delivery
  • Overnight delivery
  • Copies of used sources
  • Expert Proofreading
Paper format
  • 275 words per page
  • 12 pt Arial/Times New Roman
  • Double line spacing
  • Any citation style (APA, MLA, Chicago/Turabian, Harvard)

Our guarantees

Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.

Money-back guarantee

You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.

Read more

Zero-plagiarism guarantee

Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.

Read more

Free-revision policy

Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.

Read more

Privacy policy

Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.

Read more

Fair-cooperation guarantee

By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.

Read more
error: Content is protected !!
Open chat
You can contact our live agent via WhatsApp! Via + 1 929 473-0077

Feel free to ask questions, clarifications, or discounts available when placing an order.

Order your essay today and save 30% with the discount code GURUH