DIGITAL TRANSFORMATION COUNCIL organizează pe29 IANUARIE 2021, ORA 10:00 conferinţa online
BUCUREŞTI – HUB-UL CYBER AL UE,
TOTUL DESPRE ECCC
CEL MAI DE SUCCES PROIECT ROMÂNESC IT&C DIN 2021
- Centrul Cyber ECCC va atrage investiţii de peste 2 miliarde de euro, din fonduri europene
- Investiţiile totale care vor fi realizate prin ECCC vor ajunge la 4,5 miliarde de euro
- Punctele forte ale României: 83.840 angajaţi în IT&C; 118 companii (SSC, BPO, IT, R&D) în Bucureşti;
1,1 mld. euro investiţii atrase de către start-up-urile locale începând din 2013; nr. 1 în CEE la valoarea investiţiilor în start-up-uri locale
- Huburile de inovare digitală generează o creştere cu 13% a PIB-ului;
- Conectivitate de top la viteze foarte ridicate
În prima decadă a lunii decembrie din 2020, Ministerul Afacerilor Externe a anunţat public că Bucureştiul va găzdui Centrul Cyber al Uniunii Europene la Bucureşti, European Cybersecurity Competence Centre, câştigând o întrecere comunitară, la care au participat numeroase oraşe din ţări situate peste nivelul României la mai toate criteriile comunitare. O echipă de succes de la Bucureşti a reuşit să pună România pe harta digitală a Securităţii cibernetice europene. De aici vor decurge avantajele pe care industria IT&C autohtonă, dar şi cea comunitară, prin extensie, le vor avea: investiţii financiare, cercetare dezvoltare de top global, relocarea sediilor regionale ale unor mari jucători internaţionali la Bucureşti, oportunităţi de angajare a noi specialişti în securitate cibernetică, lobby pozitiv la nivel global.
SINTEZA DEZBATERILOR SPEAKERILOR DIN CONFERINȚĂ
|Ciprian||TELEMAN||Ministru||MINISTERUL CERCETĂRII, INOVĂRII ŞI DIGITALIZĂRII|
|Luminiţa||ODOBESCU||Ambasador||REPREZENTANŢA PERMANENTĂ A ROMÂNIEI LA UNIUNEA EUROPEANĂ|
|Dragoş||PREDA||Secretar de Stat||MINISTERUL TRANSPORTURILOR ȘI INFRASTRUCTURII|
|Marian||MURGULEŢ||Ex Secretar de Stat||CIO GUVERN|
|Anton Mugurel||ROG||Director General||CYBERINT|
|Svetlana||GOMBOŞ||Director||MINISTERUL INVESTIŢIILOR ŞI PROIECTELOR EUROPENE|
|Sergiu||ZAHARIA||Cyber Security Officer||HUAWEI|
|Vasile||VOICU||Senior Manager Cybersecurity||TELEKOM|
|Constantin||BURDUN||Director General Adjunct||CERTSIGN|
|Ion||VACIU||Moderator & Preşedinte||DIGITAL TRANSFORMATION COUNCIL|
|Roxana||ONEA||Redactor şef||REVISTA COMUNICAŢII Mobile|
PUNCTE DE INTERES
România intră în etapa de operaționalizare a Centrului CYBER al Uniunii Europene, găzduit la București
Ca urmare a deciziei votului statelor membre ale Uniunii Europene dat în decembrie anul trecut, România va găzdui viitorul Centru european de competențe industriale, tehnologice și de cercetare în domeniul securității cibernetice, Centrul CYBER al UE devenind astfel prima entitate europeană de pe teritoriul țării noastre. În cursa pentru găzduirea Centrului, țara noastră a concurat cu Belgia, Germania, Lituania, Luxemburg, Polonia și Spania.
Trecerea la etapa de pregătire a operaționalizării noului centru, atât la nivelul elaborării cadrului normativ, cât și din punct de vedere al administrării și resurselor financiare necesare, reprezintă o prioritate pentru Executiv, anunţă Ministerul Finanţelor.
Se înfiinţează GLI-CYBER, grup de lucru interinstituțional pentru operaționalizarea Centrului CYBER
În acest sens, sub coordonarea Ministerului Finanțelor și Ministerului Cercetării, Inovării și Digitalizării se va înființa GLI-CYBER, grup de lucru interinstituțional responsabil cu identificarea setului de măsuri, precum și cu elaborarea cadrului legislativ, necesar operaționalizării la București a Centrului de competențe industriale, tehnologice și de cercetare în materie de securitate cibernetică – Centrul CYBER.
“Voi duce la bun sfârșit instalarea primei agenții europene de pe teritoriul nostru, având privilegiul să fi fost desemnat anul trecut reprezentant special al Guvernului pentru pregătirea și promovarea candidaturii României în negocierile pentru noul sediu CYBER. Este o etapă firească de continuitate a eforturilor echipei care a pregătit candidatura României și care a făcut posibilă această victorie fără precedent pentru țara noastră. Suntem într-un dialog permanent cu reprezentanții Comisiei și lucrăm împreună la un calendar pentru operaționalizare”, a declarat Alexandru Nazare, ministrul Finanțelor.
Secretariatul tehnic al GLI-CYBER, care va avea rolul de Unitate de Operaționalizare a Centrului CYBER, va fi asigurat de reprezentanții Ministerului de Finanțe. Unitatea va asigura interfața dintre autoritățile și instituțiile din România și reprezentanții Comisiei Europene însărcinați cu operaționalizarea Centrului CYBER.
Obiectivele Centrul CYBER european
Crearea centrului CYBER și a rețelei de centre naționale va conduce la stimularea unui sprijin financiar sporit pentru cercetarea, inovarea, tehnologia și dezvoltarea industrială în domeniul securității cibernetice, în complementaritate cu structurile deja existente.
Prin această inițiativă se are în vedere construirea unui pol european de expertiză tehnologică în materie de securitate cibernetică, în special în domenii precum criptografia, serviciile de securitate a rețelelor informatice, detectarea intruziunilor, securitatea sistemelor, securitatea rețelelor, securitatea programelor informatice și a aplicațiilor sau aspectele umane și societale ale securității și ale protecției vieții private.
Centrul CYBER va reprezenta o structură cheie în contextul eforturilor de la nivel UE de configurare a unui ecosistem european în materie de securitate cibernetică, ce va avea un rol important în sprijinirea creării de legături între actorii publici și privați din domeniu, mediul academic și industria de profil din Uniune, asigurând, totodată, coordonarea între centrele naționale pentru securitate cibernetică din statele membre.
Totodată, Centrul va acționa pentru stimularea cercetării și inovării tehnologice în vederea consolidării securității cibernetice în cadrul Uniunii. Astfel, Centrul va reprezenta principalul organism de gestionare a fondurilor europene dedicate cercetării în domeniul securității cibernetice disponibile prin cele două programe de finanțare ale UE cu relevanță pentru sector – Europa Digitală și Orizont Europa.
ECCC – The New European Cybersecurity Competence Centre
to be located in Bucharest, Romania
On 9 December 2020, Bucharest, Romania was selected by representatives of the governments of the EU member states as the prospective seat of the new European Cybersecurity Industrial, Technology and Research Competence Centre.
The Cybersecurity Competence Centre will improve the coordination of research and innovation in cybersecurity in the EU. It will also be the EU’s main instrument for pooling investment in cybersecurity research, technology and industrial development.
The representatives of the governments of the 27 EU member states voted in the margins of a meeting of the EU ambassadors in the Council’s Permanent Representatives Committee (Coreper).
Negotiations with the European Parliament on the proposed regulation establishing the Centre are ongoing. The next trilogue meeting between the co-legislators is scheduled for 11 December 2020.
- Romania’s application for the ECCC
- Additional document accompanying Romania’s application
- Selection of the seat of the European Cybersecurity Industrial, Technology and Research Competence Centre (background information)
- Cybersecurity in Europe: stronger rules and better protection (background information)
Shaping Europe’s digital future
EU Cybersecurity Policy
All About Cybersecurity
- Policies | Blog posts | News | Events | Projects | Funding | Consultations | Reports and studies | Laws | Frequently Asked Questions |
Securing network and information systems in the European Union is essential. It safeguards our communication and data and keeps the online society and economy running. The European Union works on various fronts to promote cyber resilience.
- New cybersecurity Strategy
- Legislation and certification
- Investment: research, capacities, cyber centre and network
- Policy guidance: Blueprint, Joint Cyber Unit, 5G, elections
- Skills and awareness
- Cyber community: ENISA, ISACs, JRC, CSIRTs/ CERTs, ECSO, Women4Cyber
- Other cyber policy areas: cybercrime, cyber diplomacy, defence, support to third countries
On 16 December 2020, the European Commission and the High Representative of the Union for Foreign Affairs and Security Policy presented a new EU Cybersecurity Strategy.
The Strategy covers the security of essential services such as hospitals, energy grids and railways and ever-increasing number of connected objects in our homes, offices and factories, building collective capabilities to respond to major cyberattacks and working with partners around the world to ensure international security and stability in cyberspace. It outlines how a Joint Cyber Unit can ensure the most effective response to cyber threats using the collective resources and expertise available to the EU and Member States.
Legislation and certification
Cybersecurity threats are almost always cross-border, and a cyberattack on the critical facilities of one country can affect the EU as a whole. EU Member States therefore need to have strong governmental bodies that supervise cybersecurity in their country, especially in sectors that are critical for our societies, and to work together with their counterparts in other Member States by sharing information.
They agreed with the EU to ensure this by adopting the NIS Directive (Directive on security of Network and Information Systems), which all countries have now implemented. This Directive was reviewed at the end of 2020.
As a result of the review process, the proposal for a directive on measures for high common level of cybersecurity across the Union (NIS2 Directive) was presented by the Commission on 16 December 2020.
The Cybersecurity Act (in force since June 2019) strengthens the role of ENISA: the agency now has a permanent mandate, and got empowered to contribute to stepping up both operational cooperation and crisis management across the EU. It also has larger financial and human resources than before.
ENISA – the EU cybersecurity agency
ENISA (‘European Union Agency for Network and Information Security’) is the EU’s agency that deals with cybersecurity. It provide support to Member States, EU institutions and businesses in key areas, including the implementation of the NIS Directive.
Our digital lives can only work well if there is general public trust in the cybersecurity of IT products and services. Therefore, it is important that we can see that a product has been checked and certified to conform to high cybersecurity standards. At the moment, there are various of different security certification schemes for IT products around the EU. Having a single common scheme for certification would be easier and clearer for everyone.
The Commission is therefore working on an EU-wide certification framework, with ENISA at its heart. The Cybersecurity Act outlines the process for achieving this framework.
Investment: research, capacities, cyber centre and network
Cybersecurity is one of the Commission’s priorities in its response to the Coronavirus crisis, which saw increased cyberattacks during the lockdown. The Recovery Plan for Europe therefore includes additional investments in cybersecurity.
Support for research and innovation: Horizon H2020 and cPPP; Horizon Europe
Research into digital security is essential to reach innovative solutions that can protect us against the latest, most advanced cyber threats. That is why cybersecurity is an important part of the Commission’s research and innovation funding framework programmes, Horizon 2020 and its successor Horizon Europe.
As part of Horizon 2020, for the period 2014-2020, the Commission has been co-funding research and innovation into topics such as cybersecurity preparedness through cyber ranges and simulation, cybersecurity for small and medium enterprises, cybersecurity in the Electrical Power and Energy System, and cybersecurity and data protection in critical sectors. These topics fall under the cluster “Secure societies – Protecting the freedom and security of Europe and its citizens”.
In 2016, the H2020 contractual Public Private Partnership (cPPP) on Cybersecurity was established between the European Commission and the European Cyber Security Organisation (ECSO), an association consisting of members from cyber industry, academia, public administrations and more.
In Horizon Europe, for the period 2021-2027, cybersecurity is part of the ‘Civil Security for Society’ cluster. The Work Programme 2021-2022 is currently under preparation.
Support for cyber capacities and deployment
Our physical and digital infrastructures are very closely intertwined. Therefore, the Commission also invests in cybersecurity as part of its infrastructure investment funding programme, the Connecting Europe Facility (CEF), for the period 2014-2020. So far, CEF support has gone to Computer Security Incident Response Teams, operators of essential services (OES), digital service providers (DSPs), single points of contact (SPOC) and national competent authorities (NCAs). This enhances the cybersecurity capabilities and the cross-border collaboration within the EU, supporting the implementation of the EU Cybersecurity strategy.
The upcoming Digital Europe Programme, for the period 2021-2027, is an ambitious programme that is planned to invest €1.9 billion into cybersecurity capacity and the wide deployment of cybersecurity infrastructures and tools across the EU, for public administrations, businesses, and individuals.
Cybersecurity is also a part of InvestEU. InvestEU is a general programme that brings together many financial instruments and uses public investment to leverage further investment from the private sector. Its Strategic Investment Facility will support strategic ‘value chains’ in cybersecurity. It is an important part of the recovery package in response to the Coronavirus crisis.
Cybersecurity Competence Centre and Network; Atlas
To strengthen European cybersecurity capacity, the Commission proposed the creation of a new European Cybersecurity Industrial, Technology and Research Competence Centre and a network of national coordination centres. The proposed centre would pool expertise and align European development and deployment of cybersecurity technology. It would work with industry, the academic community and others to build a common agenda for investments into cybersecurity, and decide on funding priorities for research, development and roll-out of cybersecurity solutions (through the Horizon Europe and Digital Europe Programmes).
Currently, four pilot projects are running to lay the groundwork for the Competence Centre and Network. They involve more than 170 partners.
To have a better overview of cybersecurity expertise and capacity across the EU, the Commission has developped a comprehensive platform called the Cybersecurity Atlas.
Policy guidance: Blueprint, Joint Cyber Unit, 5G, elections
Blueprint for coordinated response to major cyber-attacks
The Commission’s blueprint for rapid emergency response provides a plan in case of a large scale cross-border cyber incident or crisis. It sets out the objectives and modes of cooperation between the Member States and EU Institutions in responding to such incidents and crises, and explains how existing Crisis Management mechanisms can make full use of existing cybersecurity entities at EU level.
Joint Cyber Unit
As a follow-up, Commission President von der Leyen has announced a proposal for an EU-wide Joint Cyber Unit. This initiative will aim at further coordinating cybersecurity operational capabilities across the EU.
Secure 5G deployment in the EU
5G networks are planned to be rolled out across the EU. They will offer huge benefits, but also have more potential entry points for attackers due to their less centralised architecture, more antennas and increased dependency on software. The EU Toolbox on 5G sets out measures to strengthen security requirements for 5G networks, apply relevant restrictions for suppliers considered high-risk, and ensure the diversification of vendors.
Securing the electoral process
Our European democracies have become increasingly digital: political campaigns take place online, and elections themselves often happen through electronic voting. The Commission therefore issued recommendations for the cybersecurity of elections for the European Parliament, published in September 2018 as part of a broader package of recommendations to support free and fair European elections. A month before the 2019 European elections, the European Parliament, EU Member States, the Commission and ENISA carried out a live test of their preparedness.
Skills and awareness
We can only ensure digital security if we have experts with the right knowledge and skills, and there are currently not enough. That is why the Commission does many things to stimulate the development of cybersecurity skills. For example, it prepared a call for coherent framework for teaching cybersecurity skills in university and professional education. The four pilot projects that prepare the Cybersecurity Competence Centre and Network by ECSO are currently working on this. There are also recurring initiatives meant directly for students, such as the yearly European Cyber Security Challenge.
Cybersecurity skills fall under the Commission’s general agenda on Digital Skills. They are also a part of the funding efforts under Horizon 2020, Horizon Europe and the Digital Europe Programme. An example is the funding for ‘cyber ranges’, which are live simulation environments of cyber threats for training.
The human factor is often the weak link in cybersecurity; someone clicking on a phishing link can have huge consequences. Therefore, the Commission raises awareness of cybersecurity and promotes best practices among the general public. For instance, once a year it organises the European Cyber Security Month together with ENISA.
ENISA, ISACs, JRC, CSIRTs/ CERTs, ECSO, Women4Cyber
ENISA – the EU cybersecurity agency
ENISA is the EU’s agency that deals with cybersecurity. It provide support to Member States, EU institutions and businesses in key areas, including the implementation of the NIS Directive.
The cybersecurity community in different sectors of the economy works together through Information Sharing and Analysis Centres (ISACs). Further developing ISACs both at EU level and at national level is a priority for the Commission. In collaboration with ENISA, it also promotes the establishment of new ISACs in sectors where there is none. The “Empowering EU ISACs consortium”, supervised by the Commission, provides legal, technical and organisational supports for ISACs.
The Joint Research Center (JRC) of the Commission is actively contributing to Cybersecurity in the EU. For example, the JRC has developed a Cybersecurity Taxonomy. This aligns the terminology used in cybersecurity so that we can have a clearer overview of cybersecurity capabilities in the EU.
The JRC also recently published a report that provides insights into the current EU cybersecurity landscape and its history, entitled “Cybersecurity – our digital anchor”.
Under the NIS Directive, EU Member States are required to ensure that they have well-functioning Computer Security Incident Response Teams (‘CSIRTs’), also known as Computer Emergency Response Teams (‘CERTs’). These teams provide deal with cybersecurity incidents and risks in practice. They cooperate with each other at EU level, and also work together with the private sector.
All types of operators of essential services and digital service providers have to be covered by designated CSIRTs.
The main CSIRTs’ tasks are:
- monitoring incidents at a national level
- providing early warning, alerts, announcements and other information about risks and incidents to relevant stakeholders
- responding to incidents
- providing dynamic risk and incident analysis and situational awareness
- participating in the CSIRTs network
The European Cybersecurity Organisation (ECSO) was created in 2016 in order to act as the Commission’s counterpart in a contractual public-private partnership covering Horizon 2020 in the years 2016 to 2020. The majority of ECSO’s 250 members belong either to the Cybersecurity industry or to research and academic institutions in the field. To a lesser degree, ECSO’s members also comprise public sector actors and demand-side industries.
Besides making recommendations on Horizon 2020, ECSO carries out various activities aiming at community building and industrial development at European level.
It is important to highlight the role of women in the cybersecurity community, who are underrepresented. That is why the Commission has set up the Women4Cyber Registry, in cooperation with ECSO’s Women4Cyber initiative. It makes it easier for media, event organisers and others to find the many talented women working in cybersecurity, so these women become more visible and prominent in the cyber community and the public debate.
Other cyber policy areas:
cybercrime, cyber diplomacy, defence, support to third countries
Ordinary criminals also make use of cyberattacks that threaten Europeans. That is why the Migration and Home Affairs department of the Commission monitors and updates EU law on cybercrime and supports law enforcement capacity, as further described on its webpage. The Commission also works together with the European Cybercrime Centre in Europol.
The EU is making efforts to protect itself against cyber threats from outside. As a part of this, the Commission works together with the European External Action Service and Member States on the implementation of a joint diplomatic response to malicious cyber activities (the ‘cyber diplomacy toolbox’). This response includes diplomatic cooperation and dialogue, preventative measures against cyberattacks, and sanctions against those involved in cyberattacks threatening the EU.
The Commission assists in decision-making on responding to external cyber threats wherever needed. It also directly funds the ongoing EU Cyber Diplomacy Support Initiative.
The EU cooperates on defence in cyberspace through the activities of the European Defence Agency, as well as ENISA, Europol and the Directorate-General in the Commission responsible for Defence Industry.
Cyber capacity building in third countries
The EU cooperates with other countries to help build up their capacity to defend against cybersecurity threats. The Commission supports various cybersecurity programmes in the Western Balkans and the six Eastern Partnership countries in the EU’s immediate neighbourhood, as well as in other countries worldwide through its International Cooperation and Development department.
Last update January 2020
Contact Roxana ONEA
General Secretary | Digital Transformation Council
tel. +40.722.691.564 | Bucharest | Romania
Eu Team Responsible: Cybersecurity Technology & Capacity Building (Unit H.1)