Thursday, February 27, 2020

We need a genuine European Cybersecurity Agency

By Sir Julian King

The security threats we face, not only in Europe but around the world, are increasingly cross-border in nature. Those who seek to harm us pay little heed to the niceties of national boundaries or international law. Successfully tackling these crossborder threats requires a crossborder response. Our work on security in the European Union underscores the added value in enhanced cooperation. Security is first and foremost a national responsibility. But we also work with member-state authorities, providing the tools and support needed to help keep Europeans

safe from the threats posed by terrorism as well as organized and cybercrime.

In response to the series of deadly terror attacks on European soil in recent years, we have sought to deny terrorists their means to harm by restricting their movement and access to money, munitions and manpower. Along the way, we have strengthened our capacity to not only prevent attacks but improve our response when they do take place. This includes countering radicalization by working on the ground in our communities and by tackling terrorist content online. We have also made headway in improving how we protect our public spaces and our support for victims of terrorist attacks.

We are working to counter the fast-growing and evolving array of cyber and cyber-enabled threats we face. We are in the process of introducing a new EU Cybersecurity Act aimed at building our resilience, strengthening our deterrence and supporting member states in cyber defense. This includes creating a European Cybersecurity Agency with the authority to develop a new European certification scheme, coordinate the response to major incidents and institute a network of competence centers. Moreover, we must establish credible disincentives for those who may contemplate cyberattacks, including improving law enforcement access to electronic evidence.

We also need to tackle cyber-enabled threats, which include disinformation and the manipulation of data and behavior. This is particularly important in terms of election security and ensuring that our democratic processes are free, fair and open.

We have introduced a series of measures – with member states, the European Parliament and European political parties – to guard against cyberattacks, data abuse and disinformation. We want to reinforce cooperation with fact-checkers to call out disinformation. And we need internet companies to step up and make real progress on their commitments to tackling disinformation.

These commitments on the side of industry include improving how advertisements are placed online, strengthening transparency around sponsored content, rapidly identifying and deleting fake accounts, regulating the use of bots, promoting more effectively genuine narratives that are maliciously obscured and being more clear about the use of algorithms. Last month, we reported on the progress made by internet companies and while we acknowledge their efforts, they must go further and faster if they are the effect required before the European elections in May.

In Europe, we need to discuss whether we want to continue watching our own cutting-edge technologies sold off, one after another. We also need to consider how we might minimize the risk of a dominant supplier within a given sector emerging across the continent. Deepening European coordination would also allow our collective investment in artificial intelligence and other vital technologies, such as quantum computing and cryptography, to yield more than the sum of its parts.

These issues present challenges to national decision-making that will not be easy to resolve. Trying to protect everything will not work. We must determine what really matters in a digital ecosystem and whether greater transparency around suppliers, supply chains and foreign investment is enough to offset the security risks. It may be that certain elements of digital infrastructure are simply too critical to risk.

Wherever that discussion takes us, cooperation is clearly essential to our work on all these security challenges. The only way to tackle them successfully is to work together at several levels, including the European level. As threats evolve, we must strengthen and deepen our joint efforts to help keep Europe safe.

SIR JULIAN KING
is European commissioner for the Security Union.

Security Briefs