EU adopts blueprint to better manage European cyber crises and incidents
Telecom ministers adopted today the EU Blueprint for cyber crisis management, which gives guidance for the EU’s response to large-scale cybersecurity incidents or cyber crises.
Today, we take a decisive step forward in strengthening Europe’s cybersecurity resilience. The EU Blueprint for cyber crisis management clarifies how member states can detect, respond to, recover and learn from large-scale cybersecurity incidents and cyber crises that could affect the whole EU. The EU Blueprint shows our clear commitment to a safer, more resilient and better prepared Europe – an important priority of the Polish Presidency.
– Krzysztof Gawkowski, Deputy Prime Minister, Minister of Digital Affairs
The EU Cyber Blueprint is an important guideline for member states to enhance their preparedness, detection capabilities and response to cyber security incidents, while building on the foundations laid by the 2017 Cybersecurity Blueprint and taking on board important recently adopted legislation such as the NIS2 directive and the Cyber Solidarity Act.
The EU Cyber Blueprint aims to tackle an increasingly complex cyber threat landscape by strengthening existing EU networks, fostering cooperation between member states and actors involved, and overcoming hurdles that may exist.
Essentials of the EU Cyber Blueprint
The EU Cyber Blueprint highlights the importance of digital technology and global connectivity as the backbone of the EU’s economic growth and competitiveness. However, an increasingly interconnected and digital society also increases the risks of cybersecurity incidents and cyberattacks. Hybrid campaigns and cyberattacks can directly affect the EU’s security, economy and society.
While member states have the primary responsibility in managing cybersecurity incidents and cyber crises, large-scale incidents could cause such a level of disruption that it exceeds a member state’s capacity to respond, or they can have an impact on several member states.
As such an incident could evolve in a fully-fledged crisis, affecting the functioning of the EU’s internal market or posing serious public security and safety risks, cooperation at technical, operational and political level is essential for effective crisis management for this kind of incidents.
To identify concretely what large-scale incidents or a Union-level cyber crises are, the EU Cyber Blueprint provides a clear explanation when the crisis framework should be triggered and what the roles of the relevant Union level networks, its actors and mechanisms are (such as ENISA, the EU’s Agency for Cybersecurity or EU-CyCLONe, the European cyber crisis liaison organisation network). The text also points to the importance of coordination of public communication before, during and after crisis incidents.
The EU Cyber Blueprint highlights the importance of civilian-military cooperation in the context of cyber-crisis management, including with NATO, through enhanced information-sharing mechanisms where possible and when needed.
Finally, the EU Cyber Blueprint also contains chapters on recovery, while trying to enhance the exchange of lessons learned between member states.
Background
Since 2017, the threat landscape and the EU’s cybersecurity framework changed significantly with several instruments considering cybersecurity management, such as the NIS2 directive or the Cyber Solidarity Act. This required changing the 2017 Blueprint.
The discussions on the EU Cyber Blueprint were intensified during the Polish Presidency, including during the informal TTE Council on 4-5 March in Warsaw, which was entirely dedicated to the issue of cybersecurity.
