CYBERSECURITY

POLICIES
IN THE EU
PRESENTED BY DIGITAL MAVERICKS
GERTA SHKODRA
ALMA AMANKUL
GURKAWAL SINGH CLAIR
AHMED LABDIDI
 WHAT IS A
CYBERSECURITY?
Cybersecurity is crucial in protecting digital
systems, networks, and data from
unauthorized access, attacks, and damage.

The European Union plays an important role

in shaping and implementing cybersecurity
policies to address the evolving digital
threats.
HISTORICAL CONTEXT OF CYBERSECURITY CONCERNS IN EU
Early recognition of Cyber Threats (1990s): WannaCry Ransomware Attack (2017):
The 1990s saw the beginning of widespread The WannaCry attack, affecting numerous
internet use, leading to an increased awaraness organizations globally, underscored the
of potential cyber threats interconnected nature of cyber threats

GDPR Implementation (2018):

Rise of Cyber Attacks (2000s):
The General Data Protection Regulation (GDPR)
The early 2000s witnessed a surge in cyber
came into effect, setting high standards for
attacks globally, prompting the EU to focus on
data protection and privacy. GDPR reflected the
enhancing its cybersecurity capabilities
EU’s commitment to protect individuals data

European Cyber Security (2013): Increased Frequency of Cyber Incidents (2020s):

The EU responded to escalating cyber threats The 2020s saw a continued rise in cyber threats,

by unveiling its first comprehensive European with an emphasis advanced persistent threats

Cyber Security Strategy in 2013. This strategy (APTs) and ransomware attacks. The EU

aimed to strengthen cybersecurity capabilities responded by refining and expanding its

and establish a resilient digital transformation cybersecurity policies to address challanges

 Top cyber threats according
to EU Agency for
Cybersecurity

Ransomware attacks
60% of affected organisations paid ransom
demands.

Supply chain attacks

Supply chain incidents accounted for 17% of
intrusions in 2021 compared to less than 1% in
2020.

Internet threats- BGP (Border Gateway

Protocol) hijacking
As of June 2022, 15% of the internet infrastructure
in Ukraine has been destroyed by Russia.
EUROPEAN UNIONS APPROACH
6
TO CYBERSECURITY
5

4 Other approaches
include:
3 Public-Private
1) Research and
Partnerships Innovation
2 The Computer
Emergency Response Collaboration between Funding programs
public and private
1 EU Agency for Team for the EU
sectors to enhance 2)International
Cybersecurity (CERT-EU):
cybersecurity Cooperation
Cybersecurity (ENISA):
Strategy: Responding to and Joint efforts to establish
Initiatives to:
Legislation and Provides expertise and coordinating the international norms
Regulations: advice to EU member response to 1) Share threat
states and institutions cybersecurity incidents 3)Capacity Building
Strengthen overall intelligence
1) General Data Protection and Awareness:
resilience against cyber that affect EU and best practices
Regulation (GDPR) Promotes cooperation
threats institutions, bodies, and
Training programs and
agencies. 2) Promote a culture of
Data Protection awareness campaigns
Preventing, detecting, Develops guidelines and cybersecurity awareness
2) Network and and responding to best practices
Information Security cyber incidents.
Directive (NIS Directive):

Infrastructure Security
Measures
 CYBER SECURITY
STRATEGY 01.
“The EU Cybersecurity Strategy aims to build
resilience to cyber threats and ensure citizens

02.
and businesses benefit from trustworthy
digital technologies”

It contains concrete proposals for deploying

three principal instruments:
1) Regulatory
2) Investment
03.
3) Policy instruments
EUROPEAN UNION AGENCY FOR
CYBERSECURITY (ENISA)
(ENISA) stands as a vital institution within the EU,
dedicated to fortifying cybersecurity across member
states. Established in 2004, ENISA serves as a crucial hub
for expertise, guidance, and collaboration, contributing
significantly to the Union's cyber threats.

ENISA's presence and activities are instrumental in

harmonizing efforts, sharing knowledge, and fostering a
robust cybersecurity framework, crucial for safeguarding
the EU's digital infrastructure, economy, and citizens.
 ROLES OF ENISA
Threat
Advisory Standards
Capacity Intelligence
and and
Building and Risk
Expertise Certification
Assessment

Collaborative
Initiatives Joint Information Cyber
among EU Cyber Sharing Exercises
Member Units Platforms and Drills
States
INTERNATIONAL COOPERATION IN CYBERSECURITY
Facilitating international collaboration
between EU member states and non-EU
countries to combat cybercrime

Engaging with non-EU countries and

international organizations to promote global
cybersecurity capacity-building

Strengthening cooperation on cybersecurity

issues, information sharing, and responding
to cyber incidents
ENFORCEMENT MEASURES
Non-compliance with cybersecurity regulations can result in significant
fines imposed by regulatory authorities. The severity of penalties
often depends on the nature and impact of the violation.

Regulatory bodies may mandate public disclosure of security breaches

or instances of non-compliance. This transparency aims to hold
organizations accountable and raise awareness among the public.

In severe cases of non-compliance, regulatory authorities have the

power to suspend or revoke licenses, certifications, or permissions of
entities failing to meet cybersecurity standards.
CHALLENGES IN IMPLEMENTING
CYBERSECURITY POLICIES
Global shortage of
Continuous policy and
cybersecurity
defense updates
professionals

Integration of different Importance of employee

security tools awareness and training

Complexity of
Securing personal devices
compliance with
used for work
regulations
1 A centralized
overview of
spending is crucial
for transparency
and improved
coordination in
cybersecurity.

2
The EU's
general budget and
Member States' co-
funding are the
main sources of
cybersecurity
spending
3
The Commission
spent at least €1.4
billion
 The Commission’s
Joint Research
Centre has actively
participated in
developing a revised
research taxonomy
tailored to
encompass research
domains,
applications,
technologies, and
sectors that is used
to provide a
common reference
point and act as an
index for research
entities across
Europe
1 Quantum-Safe Cryptography

2 Joint Cyber Unit

3 Secure 5G Deployment in the EU

4 Securing the Electoral Process

5 Cybersecurity Skills Development

6 Blueprint for Coordinated Response to

Cyber Attacks
THANK
YOU !