March 22, 2022
Written by Foo Yun Chee
BRUSSELS (Reuters) – EU countries must create a framework for managing cybersecurity risks in EU institutions, the European Commission said on Tuesday amid concerns about the rise of cyber attacks that could disrupt key actions and steal confidential information.
The proposal is part of a package of draft EU executive rules called the “Cyber Security Regulation”, which also aims to set up a Cyber Security Council to monitor compliance with the new rules.
“In a connected environment, one cybersecurity incident can affect an entire organization. That is why it is very important to create a strong shield against cyber threats and incidents that could impair our ability to act, ”said Budget Commissioner Johannes Hahn in a statement.
Under the draft rules, all EU institutions, bodies and agencies will have to identify cybersecurity risks, create a plan to improve their cybersecurity, conduct regular assessments and share details of incidents.
The Commission also proposed information security regulation that would create a minimum set of rules and standards for all EU institutions.
Governments have been warning for weeks that Russia or its allies could carry out cyber attacks in retaliation for sanctions, forcing banks to tighten monitoring, scenario planning and create additional personnel in the event of growing hostile activity.
Earlier this month, EU ministers called for a cyber security emergency response fund to combat large-scale cyber attacks.
(Report by Fu Yun Chi; edited by Mark Potter)