This morning, the European Commission released a Proposal for a Regulation addressing the EU’s cybersecurity industry as part of its next step towards a Digital Single Market, which is the EU’s strategy to ensure fair competition, consumer and data protection, and removal of copyright and geo-blocking issues for individuals participating in online activities and accessing online content. The Regulation would establish the European Cybersecurity Industrial, Technology and Research Competence Centre and the Network of National Coordination Centres in order to “equip Europe with the right tools to deal with an ever-changing cyber threat.” See their Fact Sheet here. The EU has various initiatives in place to address today’s current cyber threats, as well as the deterrence of future attacks. Specifically, it is working with member states to improve cybersecurity initiatives, EU-level cooperation, and risk prevention, and plans to establish an EU-wide certification framework to ensure products and services are cyber-secure. Today’s proposal carries these initiatives further by suggesting the creation of a Network of Competence Centres and a European Cybersecurity Industrial, Technology and Research Competence Centre “to develop and roll out the tools and technology needed to keep up with an ever-changing threat.” See Fact Sheet. The Commission is hoping that the creation of this Network will allow the many existing cybersecurity competence centres in the EU to pool and share information and expertise, help deploy EU cybersecurity products and solutions, and facilitate cooperation between industries and communities. The Network will unite existing member state centres and allow them to co-invest to drive research and innovation, and allow for additional investment and funding to improve the EU’s digital economy, and the Centre will aid in facilitating the work of the Network.
Under this framework, each EU member state will be responsible for nominating one national coordination centre which will essentially be that country’s leader and representative to the community; these local centres will carry out actions under the Regulation, as well as determine the distribution of funds on a local level. The Commission expects that creation of one, centralized framework will allow for increased coordination and exchange of expertise and knowledge, cost savings though co-investment, and opportunity for the EU to become a global leader in cybersecurity.