On 7 November 2017, Prof. Dr. Udo Helmbrecht, Executive Director of the EU Cybersecurity Agency ENISA, reiterated the importance of cybersecurity in Europe in a public hearing in the European Parliament on ‘Security challenges and best practices in the Internet of Things (IoT) environment’, chaired by MEP Dita Charanzova.
“President Juncker’s State of the Union Address, the publication of the new European cybersecurity strategy 2017 and the Cybersecurity Act – which includes a proposal for regulating certification – have clearly shown us that our political leaders are committed to building the future wealth of the EU by leveraging the opportunities of the Digital Society.
The European Parliament, together with the EU institutions, the Member States, civil society and industry need to work together, to address all challenges and put in place policies to ensure that our economy is ready to embrace emerging technologies and benefit from the economic and social opportunities from the deployment of IoT”, said Prof. Helmbrecht in the opening of his speech.
He continued: “New technologies are changing the cyber-landscape. The IoT is now being deployed with an estimated 20 billion devices expected to be deployed before 2020."
In 2016, the EU cybersecurity market was estimated at EUR 20.1 billion and compares favourably with the cybersecurity market of other global regions. However, the Compound Annual Growth Rate (CAGR) of the EU market is 6%, whereas the average growth rate is around 8%, and is growing slower than all other major regions.
We see an increase in monetisation of cybercrime, crime as a service and targeted attacks. According to ENISA’s ‘Threat landscape’ report, in 2016, ransomware was the primary element for the manifestation of monetization of the activities of cyber-criminals, with an estimated loss of USD 1 billion for the entire year 2016. More recently, the ransomware campaign, which became known as the WannaCry Outburst, caused chaos due to its massive distribution, affecting more than 150 countries and infecting over 230.000 systems.
Cyber-space can be used for sabotage, espionage and warfare. Hybrid warfare is evolving without necessary using the words ‘war’ in describing the attacks."
Prof. Dr. Helmbrecht also made a firm statement: “Unless Europe substantially improves its approach to cybersecurity, the risk of a significant impact on our lives continues to increase. However, cybersecurity should not only be seen as a negative obstacle but as an opportunity to promote a new generation of products and services that are made and/or delivered in Europe, with security by design as a central component of the products and services.”
ENISA’s Executive Director spoke about the current process of strengthening the Agency through the EU Commission’s proposal, which is now being considered by the Council of the EU and the European Parliament. He also emphasised that the Network and Information Security Directive, which comes into force in 2018, places requirements on operators of essential services and digital service providers to have a minimum level of cybersecurity in their networks and to report on certain levels of incidents.
Executive Director Helmbrecht concluded the hearing by stating: “Our job is to maximise opportunities whilst keeping the risks under control. As the EU Cybersecurity Agency, ENISA will support this process and will work together with policy makers and industry to make sure that cybersecurity is an enabler of, and not a barrier to, economic progress.”
The full speech of Prof. Dr. Helmbrecht is available here.