But what exactly does that mean? In order to better understand the European Union´s work in this policy area, the AEGIS Project carried out an analysis of the cybersecurity and privacy landscape in the region. The “Cybersecurity and Privacy Landscape in Europe” report maps the current key technological, market, policy and regulatory aspects of cybersecurity in the EU and cross analyzes them with those in the United States.
Importance of analyzing the European landscape
This analysis is important for many reasons. First, it provides a comprehensive picture of the entire cybersecurity and privacy landscape in the EU from a number of different perspectives, including strategic, policy and regulatory. This includes analyzing the strengths and weaknesses of the European cybersecurity and privacy market.
Secondly, the report examines cybersecurity technologies using the taxonomy defined by the EU Joint Research Centre, the European Cyber Security Organisation (ECSO) and other key stakeholders. AEGIS project members also described the current state of the art in basic technologies and emerging threats in cybersecurity and privacy from a European perspective.
In particular, the analysis details the implication of the most recent disruptive changes induced by the digital transformation of society, taking into account the evolution of threats Europe is facing. The threats are broken down into the following categories: cybersecurity and privacy technical domains; ICT technology domains; and application domains.
While cybersecurity and data privacy issues have been identified as top priorities by the EU and its Member States and Associated Countries, which has resulted in a relevant effort in terms of various initiatives, the pace of technological advancements and market evolutions is such that threat containment activities are responsive rather than preventative.
Many of the proposed changes can be very disruptive; thus their impacted scope is not completely understood. For example, the impact on SMEs in relation to the fulfilment of GDPR requirements can be quite burdensome.
In terms of threats, including phishing, ransomware, etc., actors remain active and dangerous. They have been active for many years and are far from being eradicated. In fact, new technologies are appearing in the European landscape from unexpected directions, which can be utilized for good but also potentially by bad actors (e.g. Blockchain).
Moreover, the European landscape suffers a high degree of fragmentation both at a policy and regulatory level. Most of its productive lifeblood environment is represented by SMEs that are generally not very mature or ready to face cyber menaces.
The European landscape also faces challenges in many relevant segments of the ICT market; however, there are notable exceptions, where there is a lack of technology giants and innovation hubs. In this market, the technological and industrial leadership of EU-based enterprises is not recognized. Additionally, there are many examples of successful European startups that have been acquired by non-EU enterprises.
In order to deal with the fragmentation of the EU cybersecurity and privacy market, it is important to focus on collaboration and knowledge sharing. The objective is to generate adequate milieu and supporting links from both organizational and cultural standpoints.
Finally, it is impossible to cover cybersecurity and privacy in the EU without mentioning external threats. Monitoring and controlling these external threat actors is the responsibility of the EU, Member States and Associated Countries. Nonetheless, the EU´s overall cyber resilience could be seriously threatened by the fact that they are not all equally involved in the policy and decision-making process Therefore, a stronger coordination among European actors and a common industry development policy, with related investments, in such a context is highly advisable.
Read the “Cybersecurity and Privacy Landscape in Europe” in full here.
The header image in this publication is courtesy of LIBER Europe. It has been adapted to fit this page.