EU proposes Joint Cyber Unit to tackle wave of cyberattacks

23 Jun 2021

Image: © Grecaud Paul/Stock.adobe.com

The coordinated unit would see member states and EU bodies respond to attacks together and share resources.

The European Commission has proposed a Joint Cyber Unit to address increasing concern around cyberattacks.

The proposal comes weeks after the crippling ransomware attack on the HSE and several high-profile attacks in the US.

Under the proposed unit, the EU wants to bring member states’ resources together to prevent and respond to cyberattacks in a more rapid fashion.

The Joint Cyber Unit will provide a virtual and physical platform for EU institutions and agencies to collaborate with member states and share resources through secure channels. It will serve as part of the EU Cybersecurity Incident and Crisis Response Plan.

If brought to fruition, the Joint Cyber Unit would allow for protocols for mutual assistance between member states and EU bodies and for national and cross-border monitoring and detection. This is intended to create an environment where member states quickly respond to threats and share details in real-time with their counterparts in Europe.

Margrethe Vestager, executive vice-president for a Europe Fit for the Digital Age, said “responding to threats in a coordinated manner is paramount”.

The European Commission said it wishes to establish the unit on a phased basis over four steps. The plan is to be operational by June 2022 and fully established by June 2023.

ENISA, the EU’s cybersecurity agency, will lead the efforts, which will be funded through the Digital Europe Programme. The Commission indicated that further funds could come from the European Defence Fund.

This is not the first time that the European Commission has proposed the idea of a coordinated cyber unit across Europe. It floated the idea in 2019 but recent events such as the wild spread of ransomware have fuelled the proposal once again.

“The Joint Cyber Unit is a building block to protect ourselves from growing and increasingly complex cyber threats,” said Thierry Breton, commissioner for the internal market.

“We have set clear milestones and timelines that will allow us – together with member states – to concretely improve crisis management cooperation in the EU, detect threats and react faster. It is the operational arm of the European Cyber Shield.”

Separately, the EU is amending the Network and Information Security (NIS) directive, which governs the cybersecurity protocols for essential services such as public transport and healthcare.

Jonathan Keane is a freelance business and technology journalist based in Dublin

editorial@siliconrepublic.com