On 16 December 2020, the European Commission launched the EU’s new Cybersecurity Strategy for the Digital Decade, seeking to bolster Europe’s cyber resilience and step up the EU’s leadership in cybersecurity regulation.
The announcement could not have come at a better time, just days after a cyberattack against the European Medicines Agency exposed sensitive information on two Covid-19 vaccines and at a moment when the SolarWinds breach unravels into possibly the most consequential cyber incident ever, affecting businesses across all sectors, public administrations and governments worldwide. “The time of innocence is over. We know that we are a target,” Commission Vice-President Margaritis Schinas told reporters when presenting the proposals last week.
In addition to announcing a number of investment and policy instruments, including the set-up of a ‘EU Cyber Shield’ (a European early detection system powered by artificial intelligence) and a ‘Joint Cyber Unit’ to respond collectively to cyber incidents and threats, the new strategy anticipates significant regulatory change. The highlights of the proposed regulatory package, which will affect many…