Nov 18, 2015
The European Commission published the European Union Cyber Security Strategy along with the accompanying proposal for a Network and Information Security (NIS) Directive in 2013. Since the proposal was published, the cybersecurity landscape has continued to evolve, leading to questions regarding the nature and seriousness of the cyberthreats faced by the European Union (EU), the capabilities of Member States to manage these threats and respond to incidents, and the effectiveness of these capabilities. At the time of writing, discussions about the content and scope of the proposed NIS Directive are continuing.
This study on cybersecurity has been commissioned by the European Parliament (EP) and has five objectives:
The main theme in the authors' findings is that the existing cybersecurity measures in the EU are fragmented, largely due to gaps in operational capabilities as well as strategic priorities of Member States regarding cybersecurity. Whether the EU response to cybersecurity should adopt a formal and mandatory character is also debated. The authors suggest 5 policy options that the EP should consider in order to improve the EU's overall approach to cybersecurity.
Mapping global cybersecurity threats: patterns and challenges
Cybersecurity capabilities in the European Union
Cybersecurity capabilities in the United States
Transnational cooperation in the fight against cybercrime
Effectiveness of the EU response
Conclusions and Policy options