Cyber Defense, the EU raises the bar: strengthened role for Cert and off to Strategic Compass

Two “packages” for greater infrastructure protection also thanks to artificial intelligence and satellites. From cyber diplomacy to countering fake news: the scope of action is ever wider. A European space strategy is coming 22 Mar 2022

The European Union has put pen to paper its response to the new international security crises with the Strategic Compass approved by the EU Council. The war in Ukraine raises the level of attention on defense investments and strengthens them with new technologies, from artificial intelligence to satellite communications. The will to control supply chains to improve technological sovereignty is confirmed. The European Commission has also entered the field, which has proposed new rules to establish common measures on cybersecurity and information security in EU institutions, bodies and agencies. The proposal aims to strengthen the resilience and response capacities of these individuals with respect to cyber incidents and threats, as well as to ensure the resilience and security of the EU public administration in a context of growing malicious cyber activities in the global landscape. .

Index of topics • Strategic compass: the four pillars of EU defense • A new regulation for cybersecurity • Central role for Cert-Ue • Information security: take smart working into account

Strategic compass: the four pillars of EU defense The Strategic Compass of the EU (Strategic Compass) is the action plan to strengthen the European defense and security policy between now and 2030. The objective, the Council note reads, is to make the EU more capable of providing security, both to its citizens and internationally for the maintenance of peace. Russia’s invasion of Ukraine has made Europe’s action even more urgent. A stronger European Union in defense is complementary to the role of NATO, which remains the foundation stone of the collective defense of its members.

Four pillars of action: "act, invest, partner, secure". In the "Act" area of action, the European Union will establish, among other things, an EU Rapid Response Force composed of a maximum of 5,000 soldiers for different types of crises and will be able to deploy, within 30 days of the occurrence of a crisis, 200 fully equipped joint security and defense mission experts, including for complex environments. Joint civilian and military security missions will be strengthened. In support of the partners, full use will be made of the European peace facility. The analysis and intelligence capabilities will be enhanced in the "Secure" area. A Hybrid toolbox and Response Teams will be developed to respond to different types of hybrid threats. The Cyber diplomatic toolbox will be further developed and an EU Cyber defense policy created to be ready to react to cyberattacks. A toolbox will also be developed to combat the manipulation of information by foreign actors (Foreign information manipulation and interference toolbox). Finally, an EU Space strategy for security and defense will be developed. In the field of investment, Member States will be able to significantly increase their defense spending to match their common ambition to reduce gaps in critical military and civilian capability. The development of cooperative projects and investment in next-generation capacity to operate by land, sea, air, space and cyberspace will be encouraged. Finally, the EU will strengthen strategic cooperation with allies. A new regulation for cybersecurity The cybersecurity regulation that the European Commission has separately proposed will introduce a risk management, governance and control framework in the cybersecurity sector. Brussels calls for all EU institutions, bodies and agencies to have a governance, management and control framework for risks in the cybersecurity sector; implement a baseline for cybersecurity measures to address identified risks; share information relating to accidents without delay with the Cert-Ue. The Commission also proposes to set up a new inter institutional committee for cybersecurity to guide and monitor the implementation of the regulation and to guide the Cert-Eu. Central role for Cert-Ue The key element of the proposed regulation on cybersecurity is the strengthening of the Cert-EU. The new regulation will expand the mandate of the IT emergency response team of EU institutions, bodies and agencies (Cert-Eu), which will act as an intelligence platform relating to threats, cybersecurity information exchange and incident response coordination, as a central advisory body and service provider. Indeed, Brussels asks to rename the Cert-EU from "IT emergency response team" to a "cybersecurity center" in line with developments in the Member States and globally, while maintaining the Cert-EU abbreviation for the recognition of the name. . Information security: take smart working into account The proposed regulation on information security will create a minimum set of rules and standards on information security for all EU institutions, bodies and agencies. These new rules will provide a stable ground for a secure exchange of information between EU institutions, bodies and agencies and with Member States, based on standardized practices and measures to protect information flows. Key elements of the proposed regulation on information security are: governance to promote cooperation between all EU institutions, bodies and agencies, in particular an inter institutional coordination group for information security; a common approach to categorizing information; a more modern information security policy that takes into account digital transformation and remote working; greater compatibility between relevant systems and devices.

COMMENT:

Everyone must be convinced that the best weapons must be adopted in a war, and not limited to the skirmishes between this and that arms manufacturer. Everyone must be convinced that the RSA public and private key encryption system is outdated and easily intercepted as we describe in other pages of this site. It is difficult to understand for those who consider it the TOP of cryptography. I remember when I was in elementary school they explained to me that the Italian alphabet was made up of 21 letters. Later it became 26 letters like the English one, with the addition of J K X Y W. Now no one remembers the 21 letter alphabet anymore. In the field of cryptography, on the other hand, people consider what they have studied to be fundamental and are opposed to any progress. It is as if the supporters of the Italian alphabet of 21 letters waged war and found subterfuges to express the letters J K X Y W. In cybersecurity, nostalgics consider themselves pundits and have brand-persuasion. But then the war is won by the hackers. Read our solutions on other pages of the site. Leave a comment or fill out the contact form for further explanations.

artificial intelligence