The EU is stepping up its capacity to protect Europe against ever-increasing cyber threats by creating a new structure to pool and network its expertise in cybersecurity research, technology and industrial development.
Today, the Council's Permanent Representatives Committee granted the Romanian presidency a mandate to start talks with the European Parliament on establishing a top knowledge base for cybersecurity called the European Cybersecurity Industrial, Technology and Research Centre and setting up a Network of National Coordination Centres. Together, these structures will help secure the digital single market and increase the EU's autonomy in the area of cybersecurity.
It is in the EU's strategic interest to ensure we have the capacities and capabilities needed to protect our networks and digital services. Structured pooling and sharing of research capacities and rolling out of innovative cybersecurity solutions will give a real push to the competitiveness of the EU's cybersecurity industry in relation to global players.
Alexandru Petrescu, Minister for Communications and Information Society of Romania, President of the Council
The Cybersecurity Industrial, Technology and Research Centre will enhance the coordination of research and innovation in the field of cybersecurity. It will also be the EU's main instrument to pool investment in cybersecurity research, technology and industrial development.
The Cybersecurity Competence Network will consist of National Coordination Centres designated by member states. The national centres will either possess or have access to technological expertise in cybersecurity, for example in areas such as cryptography, intrusion detection or human aspects of security.
The Centre, in cooperation with the Network, will act as an implementation mechanism for cybersecurity-related financial support from the Horizon Europe and Digital Europe programmes. Together, they will help increase the competitiveness of the EU's cybersecurity industry and turn cybersecurity into a competitive advantage for other EU industries.
Funding for these centres will be provided mainly from the Digital Europe and Horizon Europe programmes, with the possibility of voluntary contributions by member states.
The proposal also creates a third structure, a Cybersecurity Competence Community, to bring together the main stakeholders to enhance and spread cybersecurity expertise across the EU. Its members will include, among others, industry, academic and non-profit research organisations, public entities dealing with operational and technical matters, and, where relevant, actors from other sectors facing cybersecurity challenges.
The Centre will be established for the period of 1 January 2021 to 31 December 2029. After that it will be wound up, unless decided otherwise through a review of the relevant regulation.
The EU also has a European Agency for Network and Information Security (ENISA), which will be upgraded into a permanent EU Agency for Cybersecurity when the draft Cybersecurity Act is formally adopted this spring. The activities of the new European Cybersecurity Industrial, Technology and Research Centre will be complementary to ENISA's tasks without duplicating any of them.
Negotiations between the Council and the European Parliament to agree on the final text will kick off this evening.