On 5 July, the European Commission (“EC”) published a communication outlining measures to improve resilience to cyber incidents, improve cooperation and information sharing, and promote innovation and competition in the European cybersecurity industry.


The communication highlights the EC’s intention to take cooperation, knowledge, and capacity to the next level, particularly through the imminent introduction of the Network and Information Security Directive (“NIS Directive”), on which we reported in May. The EC announced it will publish a blueprint for the Cooperation Group (created by the NIS Directive) in early 2017, and proposes the creation of an ‘information hub’. Here, the member states, EU bodies, the European Union Agency for Network and Information Security (“ENISA”), and the Computer Emergency Response Team, will pool and share expertise and information on cybersecurity. Another NIS Directive initiative highlighted was the establishment of Computer Incident Response Teams in each member state. These will be responsible for conducting checks on key network infrastructures. The EC proposes to ensure the necessary conditions for these checks to take place.


The communication also proposes a move toward ENISA 2.0 by reviewing its mandate before 2018, alongside the establishment of a cybersecurity training platform. The communication provides a clear roadmap for the actions of the Commission in the field of cybersecurity in the months to come.