The ability of Europe to defend itself against cyber attacks is being undermined by an inconsistent approach across member states that is leaving legal gaps that could be exploited.
The warning over the current state of affairs from the Business Software Alliance (BSA) comes just a week after the organisation published findings that made a clear link between illegal software and malware.
The latest contribution from the BSA has looked at the national laws and policies in all of the 28 EU Member States and measured them against a 25 point criteria that it believes are essential to promote better cyber security.
Although most countries do make cybersecurity a national priority there are major discrepiances around legal frameworks and the ability to fight back against criminals, making it an uneven picture across Europe.
The UK came out quite well when compared to its fellow Europeans with both the legal framework being fairly robust but also the ability to respond through bodies like the National Security Council.
The UK was also seen as leading the way when it came to encouraging public and private co-operation with collaboration between the two sectors more developed than in some other countries.
Four areas of focus
The BSA report encourages EU Member States to focus on four key elements of a strong legal cybersecurity framework:
• Construct and maintain a comprehensive legal and policy framework based on a national cybersecurity strategy that is complemented by sector-specific cybersecurity plans.
• Establish operational entities with clear responsibilities for operational computer security, emergency and incident response.
• Engender trust and work in partnership with the private sector, NGOs and international partners and allies.
• Foster education and awareness about cybersecurity risk and priorities.
“There is an uneven landscape when it comes to cyber protections across Europe. Most Member States acknowledge cybersecurity to be a priority, yet inconsistencies in their approach leave the entire Single Market vulnerable to threats,” said Thomas Boué, BSA’s director of policy – EMEA.
As a result rhe BSA is calling on the EU to beef up its approach to cuber security (see side panel) and work harder to present a united front to improve cyber security protection.
“The Network and Information Security Directive could help to establish a stronger foundational level of cybersecurity and cyber resilience if it focuses on aligning the preparedness of Europe’s most critical infrastructure and introduces harmonised reporting and information sharing processes throughout the Single Market," added Boué.