In April, the European Commission put forward a proposal for the EU Cyber Solidarity Law, a multi-billion dollar plan to boost cybersecurity capabilities in EU member states. A comment from Peter Sandkuijl, VP Sales Engineering EMEA at Check Point Software Technologies.
The plan aims to help build a large-scale, comprehensive European cyber defense program. The law states that the EU Cyber Solidarity Act will strengthen solidarity at Union level to better detect serious cybersecurity incidents and large-scale cybersecurity incidents. It will also help improve preparedness and response by creating a European cyber defense shield and a comprehensive cyber contingency mechanism.
Planned: European cyber protection shield
Cybersecurity is finally being recognized as a technology that is an integral part of people's lives and not just a matter of IT. This means that vulnerabilities are researched, and if they are critical vulnerabilities or risks, they must be addressed. As the war in Ukraine began and energy became a factor, EU countries began to understand where their dependencies lay. Most EU members have realized that even the most basic things like energy are not unique to their countries. Even if this were the case, there is now more dependency on member states than ever before.
For this reason, a minimum level of safety standards that are checked and controlled is recommended. The energy sector is not so familiar with the very latest technologies, but still relies on them. If the EU wants to better secure critical infrastructure, a lot has to be done. It's not just about cyber security, physical attacks that can lead to domino effects should also be considered when considering critical infrastructure security.
EU: Focus on connected critical infrastructure
For the rapid and effective detection of major cyber threats, the EU Commission is now proposing the establishment of a "European Cyber Shield", a pan-European infrastructure consisting of Security Operations Centers (SOC) throughout the EU. Such a sign is best viewed as a starting point where information sharing is formalized and procedures for sharing information, including warnings, are documented.
This is not new and should be done at many more levels, such as intelligence. The past has shown that exchanging information is not so easy due to the complexity and sensitivity of the matters involved. After all, a cyber incident affecting a national power grid is a national security matter that is always treated with the utmost caution and secrecy, and often for very good reasons.
The lack of skilled workers will make the start difficult
Finding staff for such an institution will be very difficult. The market is overheating and we already have too few qualified employees in the EU. As these jobs are not the highest paying and running a SOC is a 24/7 operation this is going to be a real challenge. Recruitment will likely be about finding talent and training them on an iterative cycle as the industry poaches these people as soon as they are spotted.
Do you have a moment?
Take a few minutes for our 2023 user survey and help make B2B-CYBER-SECURITY.de better!You only have to answer 10 questions and you have an immediate chance to win prizes from Kaspersky, ESET and Bitdefender.
Here you go directly to the survey
The technology of both cybersecurity and the OT industry transcends countries and borders. The approach can be quite uniform and defined by processes and procedures. Translation into the respective national language is standard in the industry and does not differ from the way we work today.
Cybersecurity reserve for support
In addition, the EU wants to build a new cyber security reserve. Organizations can support this and act as intermediaries between the information sources, with their knowledge of how the process works and their cybersecurity skills (for example). This will be more of a long-term project, as the "giving back" element must also eventually address an issue that is important to the company providing the resources.
The reserve would operate more like a community, with selected members and their participation as an individual contribution. Or organizational value comes from being involved in policy making, gaining more insight and potentially being a reference.
More at the EU Commission
About check point Check Point Software Technologies GmbH (www.checkpoint.com/de) is a leading provider of cybersecurity solutions for public administrations and companies worldwide. The solutions protect customers from cyberattacks with an industry leading detection rate for malware, ransomware and other types of attacks. Check Point offers a multi-level security architecture that protects company information in cloud environments, networks and on mobile devices, as well as the most comprehensive and intuitive “one point of control” security management system. Check Point protects over 100.000 businesses of all sizes.