In the world of cyberspace the attributes of diversity and inclusiveness poses a high value. The internet was created and developed based on the multistakeholder model. Just like we need various actors involved in order to enhance an interoperable, open and interconnected Internet, we must also involve all stakeholders from all European Union (EU) countries to build a solid system of European cybersecurity.
Currently one of the main EU priorities is to shape and develop the Digital Single Market (DSM), the foundation of European economic and societal well-being. This endeavour is strongly related to the fourth industrial revolution (Industry 4.0) based on automation and data exchange in manufacturing technologies. Modern countries who desire to play an important role in the global economy must follow this new economic trend.
The precondition of developing the DSM and the success of Industry 4.0 is to ensure a robust level of cybersecurity. A European system of cybersecurity cannot work efficiently and effectively without engaging all member states. Unfortunately, the current level of cybersecurity is unequal among European countries. This has been confirmed by the NIS Directive, which aims to provide a high common level of security of network and information systems across the Union.
What is more, cybersecurity needs to be understood in a broad sense of the meaning. It is not only a technical issue. This is a strategic challenge that requires the engagement of all national resources, both domestic and external. Cybersecurity encompasses national security, economic decisions, legal activities, diplomatic involvement, private-public strategies and other policy aspects. Mature players understand the complexity and multidimensionality of cybersecurity, and the take a holistic approach to meet the challenge. This is what differentiates them from less advanced entities.
The European Union needs equal “cybersecurity maturity” among all the players otherwise it will fail as a whole, both in terms of security and in terms of economic development. Due to the unique nature of the countries in the region, very tense current geopolitical situation in Ukraine and historical influences, getting the countries from Central and Eastern Europe (the CEE region) strongly cooperating in the issue of cybersecurity is even more pressing of an issue then it would be otherwise.
Currently the engagement of the countries from the CEE region is not optimal. Even though the technical community from the region is very active and advanced, being at the forefront of world’s specialists, greater political involvement at the EU level is essential. One exception from this assessment is Estonia, which is a leader on the global scale in terms of their involvement in cybersecurity issues. But Estonia alone is not enough. Even though Estonia possesses excellent expertise and cyber knowledge, due to the scale and size of the country, society and economy, it does not represent all the unique virtues and experience from which other players may benefit. More industrialized countries may have on the one hand a greater need and on the other hand greater expertise in developing solutions in the area of cybersecurity for industrial control systems, something that determines the functioning of more industrial economies. The Estonian economy is built around service industries, which means that cybersecurity priorities and fields of expertise are a little bit different. Therefore, we need skills and specific ways of looking at cybersecurity which come from countries that represent a diverse profile. The CEE region can play this role. However, in order to do that their political activity must increase.
How do the CEE region’s political activities stand currently? Let’s take a look at the one of the most important EU initiatives related to cybersecurity. On July 5th the European Commission and the European Cyber Security Organisation (ECSO) signed a cybersecurity Private-Public Partnership which aimed to foster European cybersecurity innovation processes and provide the EU with secure and trustworthy products, services and software. This provides a great opportunity for all European companies to develop their portfolios of cybersecurity solutions and to compete with the global players. Meanwhile, looking at the countries engaged in the ECSO, there is a visible underrepresentation of entities from the CEE region. For example, Poland is a country of 38 million people yet is represented by only three actors (including the Ministry of Digitization) among the total of 134 members of ECSO. For comparison, as many as 22 players come from Spain. Hungary has one representative (SME), Slovakia has three (two public entities and an IT association) and the Czech Republic has one entity (a public entity). This is a waste of the potential and unique cyber expertise that can come from the CEE.
This is not only a problem for the entities from the region. This is also something that should worry the rest of Europe. Only together, with countries that may contribute their specific and unique knowledge, experience and perspective are we strong as a whole. Europe cannot afford to not use all the powers and resources that it has. BREXIT is the loss of one of the one of the strongest element in the whole chain. We must not squander other chances.
One of the main aims of initiatives like the European Cybersecurity Forum – CYBERSEC is to create an impulse for the region, but also for the rest of the EU, to work together in a very inclusive manner to build a cohesive European cybersecurity ecosystem. By bringing together decision-makers, entrepreneurs, civil society and academia we hope to catalyse new cybersecurity initiatives, partnerships. This platform serves as an essential tool for building these new ways of cooperation.
All stakeholders, whither in industry, politics, or academia, must understand that engagement in the development of European security pose not only challenges, but also great opportunities for them. This is win-win strategy for everyone. If Europe wants to compete effectively on a global scale while ensuring its own cybersecurity, it needs to stay united, and involve every single asset in the process.
Joanna ŚWIĄTKOWSKA is CYBERSEC Programme Director, Chief Editor of the European Cybersecurity Journal, and Senior Research Fellow of the Kosciuszko Institute, Poland
More on the European Cybersecurity Forum – http://cybersecforum.eu/
More on the European Cybersecurity Journal – http://cybersecforum.eu/en/about-ecj/