Article
Building Management Systems
Critical Infrastructure
ICS Security Framework
Industries
Management & Strategy
Manufacturing
Medical
Mining, Oil & Gas
News
Regulation, Standards and Compliance
Risk Management
SOC & Incident Response
System Design & Architecture
Technology & Solutions
Threats & Attacks
Transport
Utilities: Energy & Power, Water, Waste

EU Council gets closer to setting up a joint cyber unit to boost cybersecurity crisis management framework

October 21, 2021
cybersecurity crisis

The European Union Council is set to adopt conclusions that will help further develop the EU cybersecurity crisis management framework, including by exploring the potential of a joint cyber unit, among the EU and its member states to tackle the rising number of serious cyber incidents impacting public services, as well as the life of businesses and citizens across the region.

In its conclusions, the Council emphasizes the need to consolidate existing networks and to establish a mapping of possible information-sharing gaps and needs within and across cyber communities, the agency said in a media statement on Tuesday. This should subsequently lead to an agreement on possible primary objectives and priorities of a potential joint cyber unit. It is an incremental, transparent, and inclusive process, which is essential to enhance trust.

Last December, the European Commission and the European External Action Service (EEAS) presented a new EU cybersecurity strategy. The strategy aims to strengthen Europe’s resilience against cyber threats and ensure that all citizens and businesses can fully benefit from trustworthy and reliable services and digital tools. The new strategy contains concrete proposals for deploying regulatory, investment, and policy instruments.

The European Commission is the EU’s politically independent executive arm, which is responsible for drawing up proposals for new European legislation and implementing the decisions of the European Parliament and the Council of the EU.

The Council adopted in March conclusions on the cybersecurity strategy, underlining that cybersecurity is essential for building a resilient, green, and digital Europe. EU ministers set as a key objective achieving strategic autonomy while preserving an open economy. This includes reinforcing the ability to make autonomous choices in the area of cybersecurity, to strengthen the EU’s digital leadership and strategic capacities.

The European Commission presented in June a recommendation on building a joint cyber unit to tackle the rising number of serious cyber incidents impacting public services, businesses, and citizens across the European Union. As part of this recommendation, the joint cyber unit would act as a platform bringing together resources and expertise from the different cyber communities in the EU and its member states to effectively prevent, deter and respond to mass cyber incidents.

The Council has been instrumental in the policy-making and coordination function regarding the further development of the EU cybersecurity crisis management framework and will monitor the progress and provide guidance for complementing this framework, the agency said. It has stressed the need to establish adequate working methods and governance to allow for the participation of all member states in the deliberations, development, and effective decision-making processes.

A potential joint cyber unit would need to respect the competencies, mandates, and legal powers of its possible future participants and any participation by member states would be voluntary by nature, the agency said. The Council calls for further reflection on individual elements of the recommendation on the joint cyber unit, including regarding the ideas of EU cybersecurity rapid reaction teams and an EU cybersecurity incident and crisis response plan.

The move by the European Union Council comes as Microsoft revealed that cybercrime, especially ransomware, remains a serious and growing plague as evidenced in this year’s Digital Defense Report, as nation-state actors mostly target victims with useful information, and cybercriminals target victims with money.

While attacks on critical infrastructure, like the ransomware attack on Colonial Pipeline, steal headlines, Microsoft said that the top five industries targeted in the past year based on ransomware engagements by its Detection and Response Team (DART) included consumer retail at 13 percent, financial services at 12 percent, manufacturing at 12 percent, government at 11 percent, and healthcare at 9 percent.

Governments around the world have taken various steps to deal with the rising cybersecurity threat level.

The US administration recently hosted 30 countries in a counter-ransomware event that focused on improving network resilience, addressing the abuse of financial mechanisms, and disrupting the ransomware ecosystem. The governments recognize the need for urgent action, common priorities, and complementary efforts to reduce the risk of ransomware. The representatives also noted that law enforcement and cybersecurity capacity can be significant limiting factors in a state’s ability to address cybercrime, diplomacy in the form of coordinated capacity building has the potential to serve as a force multiplier in the fight against ransomware.

Earlier this month, the Australian government announced its ‘Ransomware Action Plan’ that introduces criminal offenses, tougher penalties, and a mandatory reporting regime, as the administration takes action to protect individuals, businesses, and critical infrastructure from ransomware attacks.

The Ransomware Action Plan sets out the Australian government’s immediate strategic approach to tackle the threat posed by ransomware, and builds on the overarching cybersecurity architecture introduced in the 2016 and 2020 Cyber Security Strategies, and is designed around the framework of the ‘National Strategy to Fight Transnational, Serious and Organised Crime.’

Anna Ribeiro
Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with around 14 years of experience in the areas of security, data storage, virtualization and IoT. Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with around 14 years of experience in the areas of security, data storage, virtualization and IoT. Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with around 14 years of experience in the areas of security, data storage, virtualization and IoT. Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with around 14 years of experience in the areas of security, data storage, virtualization and IoT.

Related

communications sector
US GAO calls upon CISA to evaluate cybersecurity effectiveness within the communications sector
cyberattacks
CRS report analyzes US Congress’s understanding of cyberattacks
industrial cyber
DNV joins forces with Applied Risk to build cutting-edge industrial cyber security business
maritime sector
UNCTAD wants maritime sector to adopt measures that help reduce vulnerability to cyberattacks
annual review
Ransomware, supply chains emerge as attack vectors in UK’s cyber threat landscape, says annual review
Iranian government
Iranian government-sponsored APT hackers exploiting Microsoft Exchange, Fortinet vulnerabilities
OpenVPN
Claroty’s Team82 finds new attack concept targeting OpenVPN that could let hackers get into critical infrastructures
ransomware intrusions
House Committee on Oversight and Reform works towards cracking down on ransomware intrusions
water sector
Cybersecurity of water sector emerges as a weak link in US national infrastructure
CMMC program
DoD’s new CMMC program builds on previous framework, works towards improving DIB cybersecurity