A Sting Exclusive: “Stronger Cybersecurity for a safer EU against cybercrime and cyber threats”, by MEP Dalli

MEP dalli 2019

Ms. Miriam Dalli, Malta’s prominent MEP for S&D, the Progressive Alliance of Socialists and Democrats

This article was exclusively written and published for The European Sting by Ms. Miriam Dalli, Malta’s prominent MEP for S&D, the Progressive Alliance of Socialists and Democrats. The opinions expressed in this article belong to our distinguished writer.

More protection in a digital world without borders.The Internet. No need for an introduction but definitely a need for an explanation. With the European Parliament elections just a few months away, a Eurobarometer study on democracy and elections has exposed an increasing number of EU citizens who are concerned about the manipulation of elections through cyberattacks and malicious interventions.

The fears are not unfounded: there are hacks, leaks, fake news, the misuse of Big Data mining projects. This means that citizens are not only concerned that they fall victim to cybercrime, but there are fears about possible interference with elections. For example, 86% of Europeans feel increasingly exposed to the risk of cybercrime. 61% of Europeans worry that elections can be manipulated through cyberattacks. 59% are concerned about foreign actors and criminal groups influencing elections. The latter were described by the European Commission as “the dark forces that would like to manipulate what [citizens] read, think and ultimately vote for.”

Against this background, 70% of citizens in Europe use the internet every day – to communicate, to entertain, to shop, to learn, to work and to invest. Whilst offering a world of opportunities, the borderless digital environment brings with it challenges that, if unaddressed, will continue to pose serious threats.

We have witnessed this through phishing attacks – where credit or debit card data is stolen to make unauthorised bank transactions or purchases online. In 2016, Uber suffered a massive breach that exposed data from 57 million customers and drivers. In 2017, the WannaCry attack struck 200,000 computers across 150 countries, targeting Microsoft Windows operating systems. It had disrupted systems such as the UK’s national health service and the German rail infrastructure.

In essence, the past years have seen a flourishing of cyber-crime and cyber-attacks. In the face of these challenges, I have always argued the EU needs to equip itself in two ways: first by ensuring that the Member States and the EU as a whole have the right security tools in place and secondly by using innovation to combat this phenomena. Private companies have, for many years, engaged with “White Hat hackers” who help companies identify security gaps in their programming before these are exploited by those who hack for malicious purposes.

Given the vast amount of young people who are learning coding and computer science, it is crucial to engage these communities and bring them on the right side of the fight against Cybercrime. These upcoming young, talented people are a great resource that we must utilise.

It must be emphasised that the Union has been proactive in dealing with cyber-crime, mostly through the enactment of legislation and encouraging Member States and authorities to support cross-border cooperation. However, as experts would tend to agree, Europe’s ability to prevent cyber-attacks lags behind the offensive cyber capabilities of other major third countries. The EU has indeed been criticised for “waking up too late” to this threat.

There are perhaps several reasons for this, including that obtaining digital evidence in cross-border cases is still difficult, both within Europe and outside.

Just before the end of 2018, the European Commission, Council and Parliament reached an agreement on the EU’s Cybersecurity Act in a bid to strengthen the bloc’s cybersecurity efforts. The measures approved will see more resources and greater responsibility afforded to the EU’s cybersecurity agency, ENISA, as well as establishing a certification framework that will set cybersecurity standards for products during the design and development stage.

To deal with cyber-attacks and to build strong cybersecurity in the EU, the Cybersecurity Act includes a permanent mandate for ENISA. Under the new cybersecurity certification framework, this agency has a stronger basis to assist Member States to effectively respond to cyberattacks with a greater role in cooperation and coordination at Union level. As an independent centre of expertise, ENISA will also help promote high level of awareness of citizens and business but also assist EU institutions and Member States in policy development and implementation.

What has been hailed as a ground-breaking development is the creation of a framework for European Cybersecurity Certificates for products, processes and services that will be valid throughout the EU. It is the first internal market law that takes up the challenge of enhancing the security of connected products, Internet of Things devices as well as critical infrastructure. According to the Commission, the creation of such a cybersecurity certification framework would incorporate security features in the early stages of their technical design and development. It would also enable users to ascertain the level of security assurance and ensures that these security features are independently verified.

What this would concretely mean for citizens and businesses is that thanks to these new rules, users will be able to trust the devices because they can choose products which are cyber secure.

The critical challenge lies in making sure that pre-empting and combating threats to cybersecurity should not come at the expense of the user’s experience and their privacy. Safety and security should not deter ease-of-use. Public-private cooperation in this scenario could help address these challenges.

As a Union, we have to recognise our strengths – primarily based on the fact that our internal market approach has the ability to bring people together: the institutions, the Member States, the industry players and the relevant stakeholders. The EU therefore should continue investing in this strength and in proactive measures that can address cyber security challenges that lie ahead of us.

Speak your Mind Here

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: