The European Union has taken significant steps to enhance cyber incident response and recovery through the implementation of the ‘cyber solidarity act’.
Description
The European Union has approved measures to establish an EU-wide infrastructure with cyber hubs across member states, as outlined in the ‘cyber solidarity act’ [3]. These hubs will share information [3], detect and respond to cyber threats during major incidents [3], aiming to reduce the time taken to detect sophisticated attacks from 190 days to a few hours [3]. The act also includes the establishment of a cybersecurity alert system and a cybersecurity emergency mechanism to support preparedness actions and mutual financial assistance [1] [2]. Additionally, amendments to the EU’s Cyber Security Act introduce European certification schemes for managed security services to improve quality and prevent fragmentation within the EU [3]. The European Commission is seeking feedback on the functioning of the EU’s Cybersecurity Agency ENISA as part of a review of the Cyber Security Act [3], with amendments expected to ease compliance for SMEs by providing more financial and technical support and addressing skills gap challenges. The Cyber Solidarity Rules will come into force once endorsed by the Council and Parliament [1] [2], with a vote scheduled for the 22-25 April plenary session in Strasbourg [3]. The EU has also conducted supply chain cyber-attack simulations and the European Central Bank will test over 100 European banks on their cyber-attack response and recovery capabilities [1] [2].
Conclusion
These measures will have a significant impact on enhancing cyber incident response and recovery capabilities within the European Union. By establishing a coordinated infrastructure and implementing certification schemes, the EU aims to improve the quality of managed security services and reduce the time taken to detect and respond to cyber threats. The review of the Cyber Security Act and the amendments expected to ease compliance for SMEs will further strengthen cybersecurity measures. The simulations and tests conducted by the EU and the European Central Bank will help identify vulnerabilities and improve the overall cyber resilience of European banks.
References
[1] https://ciso2ciso.com/eu-agrees-cyber-solidarity-act-to-bolster-incident-response-and-recovery-source-www-infosecurity-magazine-com/
[2] https://www.infosecurity-magazine.com/news/eu-cyber-solidarity-incident/
[3] https://www.euronews.com/next/2024/03/06/lawmakers-and-capitals-back-cyber-hubs-to-detect-large-security-incidents
