New Public-Private Partnership on Cybersecurity is Expected to Trigger €1.8 Billion of Investment by 2020
The European Commission today announced plans to improve cross-border cooperation ‘between all actors and sectors active in cybersecurity’, and to boost the European cybersecurity industry. Both activities are considered important in the development of the EC’s Digital Single Market (DSM) strategy.
As it stands, Britain will not be a part of the DSM post Brexit. In a separate announcement, European Council President Donald Tusk said Tuesday, EU leaders have “made it clear that access to the single market means acceptance of all four freedoms, including the freedom of movement… We will not sell off our freedoms and there will be no single market ‘a la carte’.”
The cross-border cooperation will come from the new Network and Information Security Directive that is expected to be adopted by the European Parliament on June 6, 2016. It will include a network of CERT teams across Europe, and a new ‘Cooperation Group’ designed to promote information sharing and mutual cooperation between the different member states.
‘The Commission will propose how to enhance cross-border cooperation in case of a major cyber-incident,’ says the announcement. This sort of work is normally undertaken by the European Union Agency for Network and Information Security (ENISA). However, since ENISA’s mandate has to be re-evaluated by June 2018, the EC has also announced that it will bring forward that evaluation.
“Europe needs high quality, affordable and interoperable cybersecurity products and services,” commented Gunther Oettinger, Commissioner for the Digital Economy and Society. “There is a major opportunity for our cybersecurity industry to compete in a fast-growing global market. We call on Member States and all cybersecurity bodies to strengthen cooperation and pool their knowledge, information and expertise to increase Europe’s cyber resilience. The milestone partnership on cybersecurity signed today with the industry is a major step.”
The second part of the announcement is not new in direction, but new in specifics. Back in May 2015 the DSM included the proposal for a public-private partnership on cyber security. It’s purpose is to stimulate European competitiveness and help overcome cyber security fragmentation through innovation, and to help align the demand and supply sectors for cyber security products and solutions.
Today the Commission announced that it will invest €450 million in this partnership, and encourage private industry to bring the total investment to €1.8 billion. The purpose is to provide more accessible funds for the successful new European cyber security start-up companies who need to scale up their operations.
Part of the initiative to help new companies to grow is consideration for a new EU certification framework. Right now different member states might require different cyber security certifications, making it more difficult for a new company to expand beyond its national borders. “An ICT vendor might therefore need to undergo several certification processes in order to sell in several Member States,” says the announcement. “It is possible that an ICT product or service designed to fulfill cybersecurity requirements in one Member State would not be considered to fulfill similar requirements in another. This is why the Commission will consider options for an EU ICT security certification framework.”
The dual purpose of today’s announcement is to improve cyber security throughout the European Union; and to assist in the development of a thriving cyber security industry.