In his 2017 state of the union address, European Commission president Jean-Claude Juncker tackled cyber security.
He outlined new resources and tools to enable Europe to defend itself against cyber crime.
Here we take a look at The Commission's proposals, and the impact that cyber crime has on organisations within the European Union.
First, let's look at some figures...
The number of cyber attacks in the EU is on the rise. With on average 4000 ransomware attacks EACH DAY, a rise of 300% since 2015. The cost of cybercrime on the EU has risen five-fold from 2013 to 2017 and expected to rise 4x higher again by 2019.
But the high risk of being a victim of a cybercrime hasn't led to a correlation between the number of businesses adequately protecting themselves. Many companies still don't have adequate protection against cyber crime, and individuals don't know enough about the risks in order to protect themselves.
So what is the European Commission proposing?
A European Union Cybersecurity Agency
Adding powers to the European Agency for Network and Information Security (ENISA) through a Cybersecurity Agency that will improve the coordination across Member States, organisations and professional bodies. ENISA will be responsible for policy development across the EU, improve capabilities when responding to cyber crime, to educate Member States and European organisations on cybersecurity and to be an InfoHub on all things relating to cybersecurity.
An EU Framework for Cybersecurity Certification
Whilst it is true that some Member States have their own certification programs such as The Commercial Product Assurance (CPA) in the UK, these programs are not recognised by other Member States or non-EU countries. Therefore, the EU is looking to introduce an EU-wide certification scheme that will reduce the complexity and burden of security certification for tech manufacturers to allow for greater innovation whilst at the same time protecting consumers and business customers.
These developments will benefit both technology manufacturers creating IoT and connected devices, and Member States, businesses and consumers who use that technology. Increasing knowledge of the risks of cybercrime will help people to protect themselves. Standardized certification will reduce the financial and time burden of getting products to market legally.
Date published: 02/10/2017