Building a stronger and more secure digital Europe

To further the European Union’s values of freedom and democracy and enable the digital economy to grow safely, the EU is committed to providing the world’s most secure online environment.

ACT

Joint communication to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions - Cybersecurity Strategy of the European Union: An open, Safe and Secure Cyberspace (JOIN(2013) 1 final of 7.2.2013)

SUMMARY

To further the European Union’s values of freedom and democracy and enable the digital economy to grow safely, the EU is committed to providing the world’s most secure online environment.

WHAT DOES THE JOINT COMMUNICATION DO?

It sets out the EU’s cyber security strategy, providing for:

• partnerships with the private sector and non-governmental organisations or interest groups,
• concrete action to protect and promote citizens’ rights.

It was published alongside a proposal for a directive on network and information security.

KEY POINTS

Cybersecurity policy within the EU and internationally should be governed by 5 principles:

• 1.

  the EU’s core principles (which must apply equally in the digital and physical worlds);

• 2.

  the protection of fundamental rights, freedom of expression, privacy and personal data;

• 3.

  the right of the general public to safe internet access and an unrestricted flow of information;

• 4.

  democratic and efficient governance, including all sectors of society;

• 5.

  joint responsibility for ensuring security.

The strategy is based on 5 priorities:

• enable systems and domains to manage cyber-attacks or failures,
• drastically reduce cybercrime,
• develop cyberdefence policy and capabilities related to the Common Security and Defence Policy (CSDP),
• develop industrial and technological resources for cybersecurity,
• establish a coherent international cyberspace policy for the European Union and promote core EU values.

Taking into account the international nature of cyberspace, the strategy requires bodies at EU and national levels to take responsibility, work together and liaise with industry and academia. These bodies include the competent EU and national authorities for:

• Network Information Security (ENISA/NIS),
• Computer Emergency Response Teams (CERT-EU/CERT),
• law enforcement (Europol Cybercrime Centre - EC3 and Eurojust),
• defence (European Defence Agency).

The strategy also includes engaging in dialogue with international bodies such as the Council of Europe, NATO and the United Nations.

For more information, see ‘Cybersecurity’on the European Commission's website.

last update 14.09.2015