In our daily lives, we rely onkey online and offline infrastructure to travel, work or benefit from essential public services. Attacks on such infrastructures can cause huge disruptions.
As our economy and society increasingly move online, cybersecurity becomes an issue of strategic importance. Disruptions to one critical infrastructure can have an immediate knock-out effect on operations in others. Homes, banks, financial services and businesses can be badly affected by cyber-attacks.
The rise in use of technologies during the COVID-19 pandemic brought with it a steep increase in malicious attacks that attempted to capitalise on the shift to digital home-working. As a consequence, essential health services were disrupted at a time of most intense pressure. The EU needs to make sure that its capabilities keep pace with reality.
As shown by recent terrorist attacks, public spaces (like transport hubs and places of worship) are particularly vulnerable due to their open and accessible nature. This calls for both stronger physical protection of such places and adequate detection systems, without undermining citizens’ freedoms.
The Joint Cyber Unit, proposed by the Commission, aims at bringing together resources and expertise available to the EU and its Member States to effectively prevent, deter and respond to mass cyber incidents and crises. Cybersecurity communities, including civilian, law enforcement, diplomatic and cyber defence communities, as well as private sector partners, too often operate separately. With the Joint Cyber Unit, they will have a virtual and physical platform of cooperation: relevant EU institutions, bodies and agencies together with the Member States will build progressively a European platform for solidarity, secure and rapid operational and technical cooperation and assistance to counter large-scale cyberattacks.
The Commission is proposing to build the Joint Cyber Unit through a gradual and transparent process in four steps, in co-ownership with the Member States and the different entities active in the field. The aim is that the Joint Cyber Unit will move to the operational phase by 30 June 2022 and that it will be fully established one year later, by 30 June 2023.
ENISA is helping to put in place the concrete steps to implement new cybersecurity policies. A local office in Brussels will be established and is designed to foster cooperation with other EU institutions, agencies and bodies.