How the EU is Taking the Lead on Global Cybersecurity
For many years now, the US has been seen as the natural leader in the global fight against cybercrime. No other nation has the same access to resources and skills that the US does, giving them an instant advantage over everyone else. However, it now looks as if the EU could be about to usurp the US’ role, and there is reason for US businesses to be concerned about these developments.
The EU has already taken the initiative in establishing minimum competency requirements for anyone who works as an operator of an essential service or who provides digital services. The bloc recently introduced the EU Cybersecurity Act, which established a permanent body to oversee information and cybersecurity within the EU.
An Ongoing Commitment
Once the EU has decided to implement a new policy or set of regulations, the next stage is to ensure that the funding is available to make them a reality. The cybersecurity act that the EU has just signed into law has an entire chapter dedicated to the funding of the information security agency. Funding will come from a combination of the EU central budget, donations by individual member states, and EU delegation agreements. The current budget for the agency is 17 million Euros, with a projected budget of 21.8 million for 2020.
It will be the responsibility of this new agency to maintain the security of critical EU infrastructure, as well as spearheading the fight against organized cybercrime. Over the last several decades, the EU has watched while the US IT sector has grown and evolved to the point where it substantiates a large portion of the US economy. Needless to say, the EU would like to be able to replicate the American approach.
The Cybersecurity Act is likely only the opening move in a much wider effort by the EU to safeguard national infrastructure projects as well as protect the EU-wide economy and political stability. The Cybersecurity Act specifically states that the EU regards its network and information systems as being critical to stability and security on the continent.
Competing with the US
The ultimate goal of the EU is to develop cybersecurity capabilities to rival those of the US. Not only is the US the home of many of the world’s most important tech and cybersecurity businesses and people, but students who are eager to learn about cybersecurity have a number of options open to them. For example, students can study an MS cybersecurity online from anywhere in the US. In order to compete effectively with them, the EU is seeking to develop closer relationships between central government and individual universities and other organizations to offer tailored cybersecurity courses.
During the 2018 EU State of the Union address, the EU announced that it would seek to establish a network of cybersecurity competence centers. These would be used to help speed along the development of new cybersecurity techniques and would help to make the EU much more competitive as an entity in the field of cybersecurity.
The EU has earned its reputation for strong consumer protections, offering customers protection against the very worst corporate excesses and empowering its citizens to take a stand when they have been wronged by a private business. The introduction of GDPR across the EU solidified the EU commitment to privacy and data security, putting the onus on businesses rather than users to ensure that their data protection policies are up to scratch.
Even before the introduction of GDPR, the EU Data Protection Directive, which came into force in 1995, already set the gold standard for data protection to which all other organizations aspired. Those were the first data protection regulations that were applied to any and all data in the EU, regardless of its purpose of ultimate destination.
The United States has chosen to leave decisions regarding data security and privacy in the hands of individual states. This approach has elicited a mixed response, with the general consensus being that the EU’s protections are much more robust and are much better for individual consumers. So far, despite rumors of impending regulations, the US has failed to follow suit.
As well as establishing a centralized EU-wide body to oversee data and information security, individual EU member states also have their own regulatory bodies to deal with domestic issues. Were the US to adopt a similar model - state regulators backed up by a federal body - it could completely alter the data privacy landscape in America for the better.
This article does not necessarily reflect the opinions of the editors or management of EconoTimes.
Tesla Cybertruck update: Is Elon Musk's futuristic pickup truck joining the 'Cyberpunk 2077' vehicle lineup?