New Step from the EU for Cyber Security: Cyber Solidarity Act
European Commission (Commission) adopted on 18 April 2023 a proposal for an EU Cyber Solidarity Act (Act) to strengthen cybersecurity practices in European Union (EU). The Act includes regulations for the effective collaboration of EU member states in the field of cybersecurity. The Commission has already implemented some legal arrangements in the field of cyber security. Among these regulations, the “EU Cyber Resilience Act”, which entered into force last september, and the “NIS2 Directive”, which aims to harmonise the implementation of cybersecurity regulations in member states, are noteworthy. You can find our TFP September 2022 issue where we evaluated the EU Cyber Resilience Act here and our TFP January 2023 issue where we evaluated the NIS2 Directive here.
The Act includes the establishment of a Cyber Emergency Mechanism in order to increase EU’s capacity to prepare for and respond to cyber-attacks. In addition, it aims to better detect and respond to significant or large-scale cyber security incidents by creating a European Cybersecurity Shield. In this context, the Commission proposes the establishment of a European Cyber Security Shield consisting of national and cross-border Security Operation Centres across the EU. In addition, the Act also includes the establishment of a Cyber Security Incident Review Mechanism to strengthen the EU’s posture against cyber-attacks by evaluating these incidents after significant or large-scale cyber security incidents occur.
As it can be seen, the EU is drawing the legal framework of end-to-end cyber security with a holistic approach. The next step in the EU’s roadmap is expected to be the announcement of the implementation principles of the Act expected.
You can reach the full text of the Act here.