On Tuesday, the EU agreed to the Cyber Solidarity Act, a new set of rules intending to make the EU more resilient and reactive to cyber threats via cooperation mechanisms.
An EU-wide cybersecurity alert system will be established to rapidly share information and will comprise of national cyber hubs which will be responsible for detecting and acting on cyber threats, helping authorities respond more effectively to major incidents.
The new regulation will allow for the creation of a cybersecurity emergency mechanism that will support:
- Preparedness actions, including testing entities in highly critical sectors, such as healthcare, transportation and energy.
- Shared financial assistance for impacted entities.
- A ‘cybersecurity reserve’ made up of incident response services from the private sector as well as associated partnering countries that are ready to intervene during a large-scale cybersecurity incident.
The EU Council and Parliament have also agreed to amend the 2019 Cybersecurity Act in order to establish European certification schemes for managed security services. This aims to boost the quality and comparability of these service providers and avoid fragmentation of the internal market.
Formal adoption of the provisional agreements will come once they have been endorsed by the Council and Parliament.
Emily Phelps, VP, Cyware had this comment:
“The Cyber Solidarity Act recognizes and addresses the critical nature for the EU to more effectively prepare, detect, and respond to cyber threats. Threat actors often work together, increasing the challenges nations and organizations face to defend against adversaries. These collaborative efforts to improve resiliency are an important step to protecting critical infrastructure, national security, and economic continuity.
Dave Ratner, CEO, HYAS follows with this comment:
“Sharing information the way that the EU Cyber Solidarity Act does is a great start and a good initiative — too many times the right information is not shared quickly enough. However, if the goal is to make everyone, especially critical infrastructure, truly proactive and cyber resilient then they need to do more than just share information about ‘what’s happened in the past’ and ‘what’s happening now’. They need to endorse the use of proactive threat intelligence capable of identifying what is going to happen, and mandate the implementation of cyber resiliency solutions like Protective DNS — which other governments are already recommending — that are capable of automatically identifying attacks in real-time and shutting them down.”
George McGregor, VP, Approov had this comment:
“The EU continues to flesh out the EU Cybersecurity Strategy laid out 4 years ago.
“The newly announced Cyber Solidarity Act is intended to drive readiness and cooperation and includes infrastructure investments and financial incentives. Because of this it will certainly prove less controversial than the Cyber Resiliency Act of 2023 which imposed strict breach reporting requirements on companies operating in the EU.
“Key, however, will be the effective execution of the work needed to implement this Act. For example, the creation of a “state-of-the-art” European Cybersecurity Alert System is certainly aspirational but could prove quite challenging to implement. Further information and regular updates on the status of the various projects required to implement the Act will be welcome as a next stage. “
By making sure that everyone shares info and plays nice in the metaphorical sandbox, it ensures that everyone is a lot safer. Thus I see this as a very good move by the EU and one that should be copied far and wide.
Like this:
Like Loading...
Related
This entry was posted on March 7, 2024 at 4:20 pm and is filed under Commentary with tags EU. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
EU’s ‘Cyber Solidarity Act’ creates a cooperative mechanism for effective defenses
On Tuesday, the EU agreed to the Cyber Solidarity Act, a new set of rules intending to make the EU more resilient and reactive to cyber threats via cooperation mechanisms.
An EU-wide cybersecurity alert system will be established to rapidly share information and will comprise of national cyber hubs which will be responsible for detecting and acting on cyber threats, helping authorities respond more effectively to major incidents.
The new regulation will allow for the creation of a cybersecurity emergency mechanism that will support:
The EU Council and Parliament have also agreed to amend the 2019 Cybersecurity Act in order to establish European certification schemes for managed security services. This aims to boost the quality and comparability of these service providers and avoid fragmentation of the internal market.
Formal adoption of the provisional agreements will come once they have been endorsed by the Council and Parliament.
Emily Phelps, VP, Cyware had this comment:
“The Cyber Solidarity Act recognizes and addresses the critical nature for the EU to more effectively prepare, detect, and respond to cyber threats. Threat actors often work together, increasing the challenges nations and organizations face to defend against adversaries. These collaborative efforts to improve resiliency are an important step to protecting critical infrastructure, national security, and economic continuity.
Dave Ratner, CEO, HYAS follows with this comment:
“Sharing information the way that the EU Cyber Solidarity Act does is a great start and a good initiative — too many times the right information is not shared quickly enough. However, if the goal is to make everyone, especially critical infrastructure, truly proactive and cyber resilient then they need to do more than just share information about ‘what’s happened in the past’ and ‘what’s happening now’. They need to endorse the use of proactive threat intelligence capable of identifying what is going to happen, and mandate the implementation of cyber resiliency solutions like Protective DNS — which other governments are already recommending — that are capable of automatically identifying attacks in real-time and shutting them down.”
George McGregor, VP, Approov had this comment:
“The EU continues to flesh out the EU Cybersecurity Strategy laid out 4 years ago.
“The newly announced Cyber Solidarity Act is intended to drive readiness and cooperation and includes infrastructure investments and financial incentives. Because of this it will certainly prove less controversial than the Cyber Resiliency Act of 2023 which imposed strict breach reporting requirements on companies operating in the EU.
“Key, however, will be the effective execution of the work needed to implement this Act. For example, the creation of a “state-of-the-art” European Cybersecurity Alert System is certainly aspirational but could prove quite challenging to implement. Further information and regular updates on the status of the various projects required to implement the Act will be welcome as a next stage. “
By making sure that everyone shares info and plays nice in the metaphorical sandbox, it ensures that everyone is a lot safer. Thus I see this as a very good move by the EU and one that should be copied far and wide.
Share this:
Like this:
Related
This entry was posted on March 7, 2024 at 4:20 pm and is filed under Commentary with tags EU. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.