Download eBook for Free

FormatFile SizeNotes
PDF file 3 MB

Use Adobe Acrobat Reader version 10 or higher for the best experience.

The European Commission published the European Union Cyber Security Strategy along with the accompanying proposal for a Network and Information Security (NIS) Directive in 2013. Since the proposal was published, the cybersecurity landscape has continued to evolve, leading to questions regarding the nature and seriousness of the cyberthreats faced by the European Union (EU), the capabilities of Member States to manage these threats and respond to incidents, and the effectiveness of these capabilities. At the time of writing, discussions about the content and scope of the proposed NIS Directive are continuing.

This study on cybersecurity has been commissioned by the European Parliament (EP) and has five objectives:

  1. To identify key cyberthreats facing the EU and the challenges associated with their identification.
  2. To identify the main cybersecurity capabilities in the EU.
  3. To identify the main cybersecurity capabilities in the United States (US).
  4. To assess the current state of transnational cooperation.
  5. To explore perceptions of the effectiveness of the current EU response.

The main theme in the authors' findings is that the existing cybersecurity measures in the EU are fragmented, largely due to gaps in operational capabilities as well as strategic priorities of Member States regarding cybersecurity. Whether the EU response to cybersecurity should adopt a formal and mandatory character is also debated. The authors suggest 5 policy options that the EP should consider in order to improve the EU's overall approach to cybersecurity.

Table of Contents

  • Chapter One

    Introduction

  • Chapter Two

    Mapping global cybersecurity threats: patterns and challenges

  • Chapter Three

    Cybersecurity capabilities in the European Union

  • Chapter Four

    Cybersecurity capabilities in the United States

  • Chapter Five

    Transnational cooperation in the fight against cybercrime

  • Chapter Six

    Effectiveness of the EU response

  • Chapter Seven

    Conclusions and Policy options

  • Annex

    Methodology

Research conducted by

The research described in this report was prepared for the European Parliament's Committee on Justice, Liberty and Home Affairs and conducted by RAND Europe.

This report is part of the RAND Corporation research report series. RAND reports present research findings and objective analysis that address the challenges facing the public and private sectors. All RAND reports undergo rigorous peer review to ensure high standards for research quality and objectivity.

Permission is given to duplicate this electronic document for personal use only, as long as it is unaltered and complete. Copies may not be duplicated for commercial purposes. Unauthorized posting of RAND PDFs to a non-RAND Web site is prohibited. RAND PDFs are protected under copyright law. For information on reprint and linking permissions, please visit the RAND Permissions page.

The RAND Corporation is a nonprofit institution that helps improve policy and decisionmaking through research and analysis. RAND's publications do not necessarily reflect the opinions of its research clients and sponsors.