- Set a Joint Cyber Unit for improved information sharing within the EU
- Joint responses to cyberattacks and imposition of sanctions against hostile actors
- Systemic aggressive behaviour particularly by China, Russia and North Korea
The number of malicious cyber operations has risen in recent years ©ESA/Daniel Mesples©ESA/Daniel Mesples
MEPs call for a comprehensive set of measures and a coherent IT policy, as well as improved military cyber defence coordination, to strengthen EU cyber resilience.
A common cyber defence policy and substantial EU cooperation on cyber capabilities are among the key issues needed for the development of a deepened and enhanced European Defence Union, MEPs stress in a report adopted on Thursday by 591 votes in favour, 65 against and 26 abstentions.
Recalling that in her 2021 State of the Union speech, the Commission President underlined the need for an EU cyber defence policy (AM 1), MEPs insist that it is essential to overcome the current fragmentation and complexity of the EU’s overarching cyber architecture and to develop a common vision for achieving online security and stability.
Parliament recommends the creation of a Joint Cyber Unit to improvethe lack of information sharing among EU institutions, bodies and agencies and to foster a secure and rapid information network.
EU must become technologically independent and innovate and invest more
Pointing to the often “dual-use” (civil and military) nature of cyber capabilities , MEPs welcome the Commission’s action plan on synergies between civil, defence and space industries. Unlike other military domains, cyberspace infrastructure is mainly owned by private companies based largely outside the EU’s jurisdiction. This leads to EU countries becoming industrially and technologically dependent on third parties. MEPs therefore warn that the EU must become more technologically independent, innovating and investing more in cyber defence capabilities and personnel.
The report on cyber defensive capabilities also calls for joint and coordinated responses to cyberattacks , which also need to include NATO, so these responses can lead to the imposition of sanctions against hostile actors threatening Euro-Atlantic security interests. MEPs also express concern about the systemic aggressive behaviour demonstrated particularly by China, Russia and North Korea in cyberspace, including numerous cyberattacks against government institutions and private companies.
The report also mentions Pegasus spyware scandal as an example of how large numbers of journalists, human rights activists, elected representatives and other EU citizens have been spied on.
The rapporteur Urmas Paet (Renew, ET) said: “In the past few years, there has been a continuous growth in malicious cyber operations. The EU and its Member States must step up their defence capabilities in order to successfully respond to these cyber threats. Therefore it is of key importance to enhance cooperation between EU Member States and institutions, NATO, the US and with other strategic partners.”
- Committee on Foreign Affairs
- Adopted text can be found here, 07.10.2021
- Procedure file
- EP Research Service: EU cyber-defence capabilities, 30.09.2021
- EP Research Service: Recent cyber-attacks and the EU’s cybersecurity strategy for the digital decade, 02.06.2021
- EP Research Service: EU cyber sanctions: Moving beyond words, 25.09.2020