What level of ambition for the EU approach to cybersecurity?

The case of the energy sector

With their necessary on-going digitalisation, energy (production, transport, storage, distribution) infrastructures are increasingly exposed to cyberattacks of growing complexity. Last year’ cyberattacks against (notably) the Ukrainian electricity system (with repercussions throughout the EU but also in Russia, the United States and Australia) intervened as a wake-up call for Europeans. With the issuance of a Cybersecurity package last September, the European Union is gradually defining a common approach. However, efforts and strategies remain mainly national, when the response to cyberattacks and the building of critical infrastructures’ cyber-resilience should be European, if not worldwide. In this context, the fragmentation of regulations along national lines appears as a major impediment to the development of European responses and a European autonomy.

Several policy questions then arise and need to be tackled properly, if the EU wants to design and implement a consistent, credible and efficient EU cybersecurity strategy:

• Given the current needs in terms of cybersecurity of the energy sector and infrastructures, re the current and proposed EU policy responses (Directive NIS, Commission’s Cybersecurity Package, etc.) sufficient to meet those long-lasting challenges? How could a future EU CyberSec agency help?
• Considering the strong interdependency between EU Member States on such issues, how can we assess the current degree of cooperation between Member States? How to ensure that all member states have the necessary tools and means to strengthen their cyber resilience and develop a local industry of cybersecurity?
• Given the importance of cybersecurity for the functioning of our societies and the development of the Digital Single Market, to what extent should it be considered as a determinant of Europe’s strategic autonomy? Under which conditions and through which partnerships should develop an industrial policy in favour of its Cybersecurity industry?

Confirmed speakers :

– Michal BONI, Member of the European Parliament
– Jakub BORATYNSKI, Head of the Cybersecurity and Digital Privacy Unit DG CONNECT, European Commission
– Rémy GARAUDE-VERDIER, Head of European Affairs, Enedis
– Luigi REBUFFI, Secretary General, European Cyber Security Organisation
– A representative of Microsoft EMEA