The difference that the European Cybersecurity Month common effort can make


Dear Digital Champions, Young Advisors and National Cybersecurity Month coordinators,

      Thank you very much for having taken the time to join us for this webinar. The reason why we have initiated this webinar is to get the most out of the European Cybersecurity Month which is taking place in October this year, and to find people like you that are willing to shape it. The Cybersecurity Strategy of the EU was adopted a year ago by Vice-President Kroes together with High-Representative Ashton and Commissioner Malmström. The Strategy took a series of actions to address the cybersecurity of governments, businesses and citizens.

Let me first talk about the citizen angle.

Informing citizens about cybersecurity risks and making their on-line behaviour more secure is a great challenge for public and private actors alike. Therefore the Cybersecurity Strategy urges Member States, with the support of the European Network and Information Security Agency (ENISA), to organise a yearly cybersecurity month. October 2013 was the first fully-fledged European Cybersecurity Month, with almost all EU Member States participating actively.  And we are aiming to make it an attractive month for all EU countries to participate in this year.

 What have we learnt from last year's month?  ENISA colleagues will tell you more about it in a minute. But one of the main lessons learnt is that the we need the combined efforts of many actors of society: Governments, businesses, academia, NGOs, journalists etc. The aim of today is first of all to inform you about the European Cybersecurity Month and then to hear your views and to identify common opportunities between Digital Champions, Young Advisors and national European Cybersecurity Month coordinators. The second aim is to urge you to take an active part in shaping the debate on a topic that is very important to citizens today: the trust that they have in the on-line environment and the repercussions this has on the digital economy. Citizens are trying to come to terms with a situation, where they are aware that there are threats to their privacy and security on-line but do not know where to turn to for information, knowledge and tools to feel competent. Because cyber competent citizens is what we need. Otherwise the principle of a shared responsibility for cybersecurity between governments, businesses and individuals will not work. This gives me the opportunity to turn to the business angle. Because cyber competent citizens must be able to rely on businesses to provide user-friendly security solutions, for instance easily understandable prompt-up messages when internet, telephone and other media devices and connections are set up. But also when remote monitoring of the domestic heating system is set up. Citizens need to become cyber competent in an increasing number of areas. Cyber competent citizens should also be able rely on businesses to follow security-by-design and privacy-by-design approaches when designing apps and devices. Security solutions should be built-in and not add-on.

Having cyber responsible businesses is a precondition for cyber responsible citizens. Otherwise citizens will not be able to play the role that businesses expect and need. An example where close interaction between businesses and users is needed is the fight against botnets. Businesses set up the tools to clean infected computers, but citizens need to turn to help-centres and make use of them in order for them to be effective. The development of the digital economy is dependent on a trusted environment and the investments that businesses are ready to make to that end. An increased demand by citizens will in turn increase business investments into cybersecurity solutions and knowledge centres. Also start-ups and entrepreneurs need support, because security is not yet the first preoccupation when setting up a business. Nevertheless it is vital to pay attention to security since the level of security over a supply or value chain is only as strong as its weakest link.  Knowledge centres linking businesses, universities and the start-up community are needed in order to provide the appropriate support to entrepreneurs.  

And lastly a word on the government angle. Governments need to enhance their national capabilities and to cooperate more closely against cybersecurity risks to our digital networks, not only the Internet but also in the fields of energy, transport, health and banking.  A Directive on network and information security (NIS) was proposed as part of the EU Cybersecurity Strategy to enhance public and private capabilities and increase cooperation across the EU. The Directive is currently being discussed between the European Parliament and Council. The trusted environment for citizens and businesses is also fostered by the proposed Regulation on electronic identification and trust services for electronic transactions - (eIDAS)  and initiatives in the fields of cloud computing and Internet of Things, to mention a few.

 To conclude, I would like to convey a strong message of support by Vice President Kroes. She would hope to see that Digital Champions, Young Advisors and National Cybersecurity Month kick-start an interactive process that will last till October this year. A process where you shape the public debate and urge businesses to take their responsibility, as a precondition for the emergence of a new generation of cyber competent citizens and entrepreneurs.