maxkabakov - Fotolia
Cyber threats are “border blind”, so the best way to deal with them is to better coordinate the response, according to Julian King, European commissioner for the security union.
“We need to do that both internationally and at a European level, which is what we are doing,” he told the cyber threat intelligence track at the Security and Counter Terror Expo in London.
King said the European Commission (EC) was working to support member states and their agencies in cyber security, and working with the private sector to improve resilience and build deterrence against the growing cyber threat.
“In the past year we have seen increased demand from member states for help in guarding against cyber threats,” he said.
Although authorities of member states and the private sector are at the front line, King said there were things that could and should be done together at the European level to help and support member states and work with the private sector.
In September 2017, the EC published a package of proposals that were grouped around resilience, deterrence, and international cooperation and defence.
“We are going to follow up with a series of legislative, practical and organisational steps over the next few months on those three themes,” said King.
Build cross-border resilience
In terms of resilience, he said the EC was reinforcing a European Union-wide cyber security agency, with increased resources and capacity of Enisa so that it could better support those member states that want help and support on cyber security, especially those with a less advanced cyber defence capability.
The agency will work with member states to ensure they do implement all that they have agreed and undertaken to implement around network security. “We want to ensure that not only critical infrastructure is covered, but also other sectors such as the finance and public sectors, particularly that there are arrangements in place to respond to incidents and that they work,” said King.
“We also want to exercise how we respond to big, cross-border incidents,” he said, adding that the EC had published a roadmap for member states on how that could be achieved, and now has to put that into practice.
The EC wants to encourage the incorporation of security into all networks, devices and platforms. “While we can’t impose that easily, we can encourage it through a voluntary scheme, to start with, of standards and certification for different sectors, involving industry at every step, that works internationally to make connected devices more secure by design,” said King.
Deter cyber attackers
The EC is also planning to address the cyber security skills gap, which some estimates put at hundreds of thousands of qualified cyber security experts across Europe by 2020.
“We want to work with the private sector and education to see how we can fill that skills gap, and support research and development through a public-private partnership for cyber security research that is going to mobilise €1.8bn of funding between now and 2020,” said King.
“While I am proud of that, the US spent around $17bn in cyber security research in the past year alone, so what we are doing in Europe is not yet commensurate with the scale of the threat, and we want to work to develop that,” he said.
Resilience is important, but not enough on its own, said King. “You also have to deter people from attacking you in the first place, and there we want to have a broad concept of deterrence. Although we partner very closely with Nato in this regard, we see cooperation with the private sector as key to boosting detection, traceability and prosecution,” he said.
King said the EC was planning to promote discussions about the architecture of the internet. “We would like to see greater take-up of IPV6 so that attackers can’t hide thousands of devices behind one IP address, so there is greater transparency.
“We want to boost the capacity of law enforcement, in particular in the civil and military space, to be able to go after cyber crime, and that means using the expertise that we do have in Europol to help those law enforcement authorities across the EU who are less developed in fighting cyber crime to raise their game to hold cyber criminals more effectively to account,” he said.
One of the biggest barriers to successful prosecution, said King, is the lack of quick and easy access to evidence: “We want to change that, and in the next few weeks, we will be coming forward with proposals for discussions with member states about increasing the ease of access and the speed of access to electronic evidence.”
Collaborate to cut cyber crime
International cooperation remains very important, said King. To that end, he said the EU foreign ministers have agreed a “diplomatic toolbox” or framework in which they will discuss responding to large-scale cyber attacks with a range of measures, up to and including serious economic sanctions.
The EC has also come forward with a series of proposals for increasing our defence-related capability and funding defence-related capability development. “All these initiatives have cyber as a central theme, and as we develop those initiatives over the coming months, we will clearly have a focus on the need to make sure that we are dealing with the cyber dimension of the defence threat,” said King.
Julian King, European commissioner
In the light of increasing attempts to manipulate and influence opinion through information leaks and so-called “fake news”, he said the EC wants to have a wider debate about how to deal with those behavioural cyber challenges as well.
“There’s a particular problem around the use of the internet to propagate pretty poisonous propaganda and incitement to terrorist attacks, with quite of lot of the terror effort migrating online,” said King. In response, the EC wants to work with the online platforms in the private sector to get better at spotting and taking down that kind of material and using automated means to stop it going up in the first place.
“Where something is drawn to the attention of platform providers by law enforcement, we would like to see it be taken down within an hour, and we want the platforms to more proactively and systematically use automated systems to block and remove this content,” he said.
The EC wants the bigger platforms to help smaller organisations prevent this content from migrating to other platforms by supporting the whole of the ecosystem. “We want all of the platforms to work more closely with law enforcement than they have in the past so that if something is identified as illegal or terror-related and taken down, that should be shared with law enforcement to follow up,” said King.
In conclusion, he reiterated the importance of collaboration and a coordinated response at a national, regional and international level.