In 2013, the Commission had presented a first strategy – which, however, has proven to be insufficient due to the growing number and increasingly dynamic cyber-attacks. With the strategy update, which is supposed to be announced at the EU Cybersecurity Conference in Tallinn, the Commission sheds more light on the consumers.
In particular, according to a leaked draft the Commission intends to foster the following:
- Increase security standards:EU-wide security standards are to be increased. Companies have to provide connected products with high security standards (security by design). Consumers should be able to better evaluate the safety of these products with the help of voluntary EU-wide certifications, which will be part of an EU certification and labelling framework. This is a step in the right direction: unsafe products have to disappear from the markets in the long term.
- Communication and information:According to the Commission, businesses and public authorities need to communicate more intensely and faster in order to better assess cyber risks. Only an open and trusting information policy can effectively mitigate cybercrime as an IW study shows. To this end, the Commission intends to set up a cybersecurity competence center – a long overdue and necessary step.
- Citizen awareness:Consumers are a vital part of cybersecurity. The Commission calls for cybersecurity to be a key component of vocational and academic training. Awareness campaigns are set up in order to help citizens develop their own cyber hygiene. This is an urgently needed initiative, because users eventually are the most effective firewall.
Cybersecurity is the safety belt of the digital society and essential for prosperity and peace in the EU. By supporting cybersecurity as a vital strategic interest of the EU financially and ideally, the Commission tries to keep pace with the dramatic development of internet crime. In order to succeed, however, responsibilities and resources have to be assigned quickly and clear deadlines for implementation should be set – otherwise the strategy could prove too weak once again.