Check against delivery!
Cyberspace is like the physical world. It offers great opportunities, politically and economically, but unfortunately, it is also a space where state and non-state actors breach the rule of law, misuse technology to advance their political agendas. The threat is real, it evolves constantly and it becomes everyday more important.
Last year, 2019, there were 450 incidents involving European critical infrastructures, including the finance and energy sector. With the [coronavirus] pandemic the threat has become more prominent. Only last week, the European Medicines Agency was attacked.
With this new Cybersecurity Strategy that we are putting forward, we want to increase the chances to better protect governments, citizens and businesses from cyber threats and secure an open and stable Internet.
I will focus specially on the external [action] dimension as it corresponds to the High Representative for Foreign [Affairs] and Security Policy and I let my colleagues the Vice-President [for Promoting the European Way of Life, Margaritis] Schinas and Commissioner [for Internal Market] Thierry Breton to go deeper in the subject.
From the external [action] point of view, there are 20 new concrete proposals across five policy sectors, in order to contribute to make Europe stronger in the cyberspace.
First, we take forward a proposal for a Programme of Action within the United Nations to advance discussions on responsible state behaviour in cyberspace. Second, we will strengthen our ability to prevent, deter and respond to malicious behaviour in cyberspace.
For that, we will establish a cyber-intelligence working group within our European Union’s Intelligence Centre.
Third, we will work to ensure cyber defence cooperation, including between European Military Computer Emergency Response Teams (MilCERTs) and, among the Permanent Structured Cooperation (PESCO) project, the Cyber Rapid Response Teams should be fully operational. Also [see how] our CSDP missions can contribute to it.
Fourth, we will increase our work with third countries, regional and international organisations as well as with civil society and the private sector. We will set-up a Cyber Diplomacy Network through our Delegations.
Finally, we will provide more practical support to our partners, where necessary, to increase their cyber resilience. Our civilian missions will also contribute to that.
Do not forget that we already have a sanctions regime that has been used and it will be reinforced. We have used it two times, in July and in October, targeting 8 individuals and 4 entities.
I think it is going to bring a global, open, stable and secure cyberspace on the way that, I am sure, my colleagues will explain better than I.
Link to the video: https://audiovisual.ec.europa.eu/en/video/I-200387
Q. It is mentioned in the Strategy that you, High Representative, are going to make a proposal to further define the cyber deterrence posture of the European Union. So, what specifically do you have in mind? What kind of counter attacks could the European Union do under its own rules to deter malicious actors? And then, of course, is this a specific role you see for the European Union or just for Member States? And the other question in that same field: Which additional restrictive measures under the cyber diplomacy toolbox are you willing to consider?
We have already a cyber sanctions regime. We have used it. As I said, there are currently eight persons, two entities and two bodies designated. This regime allows us to target persons and entities. I think this is a threat to the Union and to the Member States, regardless of their nationality or location. So, an answer at the level of the European Union has to be provided.
For sure, Member States can develop their own capacities. But, we, at the European Union institutions, want to give an European Union approach. This is going to be much more effective, because this is a global threat that affects all of us at the same time and coordination in the answer is very important.
It is the Council who has to decide on the future listings of the sanctions. And we want to propose the Council to take decisions by qualified majority. It is possible. I do not know if they will be ready to adopt this decision, but it would be a way of strengthening our capacity to react, to deter. Because unanimity – as you can imagine, we have good experiences on that – is difficult to implement. But there are no news on the way we want to present the sanctions. We are going to use the same regime that we already have, but passing to qualified majority if Member States agree on that.
Link to the video: https://audiovisual.ec.europa.eu/en/video/I-200388