For the 16th edition of the InCyber Forum, European Commissioner Thierry Breton looked back on the key stages in the construction of Europe's internal information landscape. A construction process in which regulation has played a central role.

“Thierry Breton isn’t a guest at ICF, he’s right at home!” General Marc Watin-Augouard, founder of the InCyber Forum, enthusiastically introduced Thierry Breton, European Commissioner for Internal Market, at the opening of the event’s 16th edition held in Lille on March 26–28, 2024. 

This year, the InCyber Forum was dedicated to the topic of artificial intelligence (“Ready for AI?”), which Thierry Breton did not hesitate to discuss. “The issue of cybersecurity in this era of artificial intelligence has brought Europe into the spotlight. For the past five years, my teams and I have worked to build an internal digital space that had been heavily fragmented, with 27 Member States, 27 digital borders, 27 sets of laws and national authorities. Of course, it wasn’t working,” he recalled.

Europe: the world’s largest digital market

Thierry Breton underscored his services’ efforts to establish a veritable single digital market through a series of regulations and directives. “Today, we have regulations to oversee this digital space: society with the DSA, competition with the DMA, data with the Data Act and artificial intelligence with the AI Act. These laws have been world firsts,” he added.

The European Commissioner for Internal Market also highlighted Europe’s attractiveness. The market comprises 450 million people, 1.5 times that of the United States, and Breton noted that there was nothing shocking about the world’s largest digital market organizing and structuring itself as it had over the past few years.

Europe’s digital space: a “contested” area that needs protection

Europe’s digital space, along with air, sea, space and cybersecurity, is one of the so-called contested spaces. “These are spaces whose borders aren’t established and are in flux. These must be protected in another environment, using means different from those on land,” said Thierry Breton.

To protect European businesses and citizens, Thierry Breton noted the NIS directive, which has been recently revised as NIS2. “This directive lays out much clearer rules, offers more appropriate tools and establishes a more robust surveillance over a modernized, wider scope. It lays the basis for something critical: increased cooperation. Specific instances of cooperation must be created in cybersecurity.”

IoT and the Cyber Resilience Act

The European Commissioner also discussed the paradigm shift caused by the Internet of Things (IoT). “In just a few years, we have gone from a relatively  well delimited attack surface with clearly identified data centers to a proliferation of products containing specific data processing capabilities. Refrigerators, hair dryers, connected vehicles: in terms of cybersecurity, each product is becoming a potential point of entry,” said Thierry Breton.

In light of this, legislation has been proposed in the form of the Cyber Resilience Act. The first regulation of its kind in Europe — and the world — allows each product that enters the European Union to be verified to ensure it respects a certain number of specifications and qualifications. “We may be the biggest continent for trade, and an open continent at that, but that doesn’t mean we must be the most naive. We now require those who want to benefit from our internal market to respect the rules, especially in terms of cybersecurity,” said Thierry Breton.

Europe’s single digital market: ready for a new wave of innovation

Thierry Breton then set out the prospects he sees for Europe’s digital market. “The market is very promising, where the same rules now apply to everyone. We will be able to benefit from the full depth of Europe and its 450 million citizens, without barriers. The fact that there is now just a single regulator and a single law will help to greatly free up the capacity for innovation, especially for start-ups.”

In his view, the lack of a single digital market partly explains why Europe missed the first wave of innovation in personal data processing, which lead to the rise of America’s tech giants. “We will be able to make the most of the second wave of innovation in creating relationships, making connections and using industrial data. It will be even more powerful than the first, which is why we absolutely had to undertake this uniformization work,” said Thierry Breton.

Reinforcing Europe’s sovereignty in cyberdefense

Lastly, Thierry Breton stressed the importance of Europe’s sovereignty in cyberdefense. “Europe must realize the power it has and take greater responsibility for its own security. Of course, we can’t do everything ourselves, but we must not be dependent on third countries whose political systems can change at every election. I don’t want our defense to be at stake every four years in the coin toss of US elections, for example,” he said.

For this, Europe’s defense cluster must be reinforced while maintaining the specifics of each Member State’s sovereignty. “This reinforcement entails the development and deployment of all our cyberdefense capabilities, with a boost to civilian-military cooperation, which is very important. We have created a corps of experts that we can mobilize. But having our own specialists is difficult: skilled people must be recruited and offered attractive salaries and career plans,” said Thierry Breton, in conclusion.

Stay tuned in real time
Subscribe to
the newsletter
By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.
Stay tuned in real time
Subscribe to
the newsletter
By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.