European Commission Vice President for the Digital Agenda
Brussels, 30th September
Most of you know me well enough by now to know that I prefer to speak directly. I’ve said on many occasions that growth of the digital economy and an ICT-enabled society is key to Europe having a sustainable future and to further improving Europeans' quality of life. That is the positive vision of the Digital Agenda for Europe.
However we must recognise there are some aspects of digital life that are unattractive and that we must also address: the more we use the networks, the more dependent on them we become. So we have to be also prepared for the worst: for example, a major black out, be it the result of a natural disaster, or a deliberate cyber-attack. This is what the measures adopted today by the Commission are about: being able to prevent, respond and react to any major disruption of our networks, in particular cyber-attacks, that could cause major economic and social damage.
If we want to get online the 150 million Europeans who have never used the internet, then they will need to trust the sites and services they are using. If we want our digital markets to grow, users need to feel comfortable spending online. If companies are to take advantage of all the potential benefits of 'cloud computing', they need to know their business secrets will not be intercepted. If we want to exploit the amazing potential of e-Health, people need to know their medical information is as safe online as it is offline. Some of the most damaging effects of this problem arise from the fear and mistrust cyber-criminals create in our online environments. It is this fear of cyber-crime that keeps millions of Europeans from making full use of the internet.
For this reason, trust and security is one of the six major themes of the Digital Agenda for Europe. And I am glad to say that all Commissioners who have a stake, like Cecilia Malmström with the cyber-crime, are tackling the issue together.
And we need this coordinated effort, for cyber-threats and cyber-crimes are moving targets. Cyber-criminals are never easy to stop – the digital world changes quickly and in most cases, it is very difficult, if not impossible, to get certainty on where the attacks come from. So we need to be both better prepared and to have stronger sanctions against cyber-criminals if we are to beat this threat. That is what today’s announcements are all about.
To anyone thinking that cyber-attacks are an abstract concept, I would say that for millions of people each year there are already direct practical consequences. When your money is quietly stolen from your bank account or your country is shut down – as happened to Estonia in 2007 – the threat suddenly becomes very real. That threat is also global in nature, because our networks are global. So it makes sense that only collaborative approaches will succeed in containing the threat.
Today the Commission is proposing to strengthen and modernise the European Network and Information Security Agency (ENISA), which is one of our key assets in our policy to European co-ordination on cyber-threats.
In practical terms the Commission's proposal means extending ENISA's mandate until 2017 and broadening ENISA's its tasks to give it the greater flexibility and capability required to address growing cyber-threats.
Under this proposal, ENISA would in particular be able to:
act as in interface between those who work on maintaining the security of our networks, and public authorities enforcers: the judiciary, the police, the data protection authorities.
meet urgent requests within a rapid timeframe;
assist Member States and EU institutions in developing an alert system that will continuously monitor the cyber security level in Europe
give EU institutions technical advice concerning the establishment of a Computer Emergency Response Team (CERT).
promote risk management and security good practices and standards for all kinds of electronic products, systems and services;
With this proposal ENISA will therefore be able to make a greater contribution to ensuring a safer online environment and I therefore call upon the European Parliament and the Council of Ministers to adopt this proposal as soon as possible.
In summary, today we are delivering on another Digital Agenda commitment: a stronger ENISA and more solid sanctions against cybercrime.
Once these reforms have been enacted, Europe’s governments, businesses and citizens will be more prepared, and better defended against cyber-threats.