AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

The European Union adopts a new regulation to strengthen cybersecurity

The political agreement establishes the creation of a security framework to protect EU data, networks and decision-making processes, with the strengthening of the mandate of CERT-EU

This pill is also available in Italian language

The Commission expresses its satisfaction with the political agreement obtained between the European Parliament and the EU Council on the Regulation, proposed by the Commission itself, which establishes measures for a high common level of cybersecurity in the institutions, bodies, offices and agencies of the 'Union. The negotiations are now concluded, paving the way for the final approval of the legal text by the European Parliament and the Council.

The cybersecurity framework

In March 2022, the Commission announced the proposal for cybersecurity regulation. This will establish a framework for cybersecurity governance, risk management and control across EU entities, with a new Interinstitutional Cybersecurity Council charged with monitoring its implementation. It will also extend the mandate of the Computer Emergency Response Team for EU institutions, bodies, offices and agencies (CERT-EU), transforming it into a hub for threat intelligence, information exchange and incident response coordination, a central advisory body and a service provider. CERT-EU will be renamed 'Cybersecurity Service of Union Institutions, Bodies, Offices and Agencies' to reflect its new mandate, while keeping the short name CERT-EU for reasons of recognisability.

Key elements and next steps

Key elements of the proposal for all EU institutions, bodies, offices and agencies include: a framework for cybersecurity governance, risk management and control; regular maturity assessments; the implementation of cybersecurity measures that address the identified risks; the preparation of a plan to improve their cybersecurity; and sharing incident information with CERT-EU without undue delay. Once the text is finalised, the European Parliament and the Council will need to formally adopt the new Regulation before it can enter into force. Union entities will then have to comply with the obligations and meet the deadlines specified in the text. This will help ensure higher levels of cybersecurity in the EU administration and be better prepared to face future challenges.

Background and alignment with existing policies

In March 2021, the Council of the European Union underlined the importance of a robust and coherent security framework to protect all EU personnel, data, communication networks, information systems and decision-making processes. This can only be achieved through enhanced resilience and a better security culture of the EU institutions, bodies, offices and agencies. Following the European Union Security Strategy and the EU Cybersecurity Strategy, the Cybersecurity Regulation will ensure consistency with current EU cybersecurity policies, in full alignment with current European legislation, including the Directive on measures for a high common level of cybersecurity across the Union ('NIS 2'), with which this legislation is in line in terms of principles and level of ambition, respecting the specificities of Union entities, the Cybersecurity Act and Commission Recommendation on coordinated response to large-scale cybersecurity incidents and crises.

Follow us on Facebook for more pills like this

06/26/2023 15:07

Marco Verro

Complementary pills

Regulatory framework and personal data protection: reflections and developmentsEDPB considerations on the Data Privacy Framework: strengths and areas for improvement

Towards collaborative cybersecurity: the future with the EU's Joint Cyber UnitAxis Communications Sales Engineer Donato Testa Highlights Potential of Coordinated Cyber Security Strategies in Joint Cyber Unit Era

Last pills

Italy's success in cybersecurityHow Italy achieved excellence in global cybersecurity: strategies, collaborations, and international successes

IntelBroker alleged breach of Deloitte systemsServer exposed: how Deloitte's security may have been compromised by a cyber attack

Vo1d infections on Android TV boxes: how to protect your devicesLearn the essential measures to protect your Android TV boxes from the dreaded Vo1d malware and keep your devices safe from cyber threats

Hacker attack in Lebanon: Hezbollah under fireTechnological shock and injuries: cyber warfare hits Hezbollah in Lebanon