EU adopts roadmap to better manage European cyber crises and incidents
The European Commission, together with Member States, has recently adopted a roadmap reflecting the urgent need to strengthen mechanisms for prevention, coordination and response to large-scale cyber crises, highlighting legislation such as the DORA Regulation or the NIS2 Directive.
EU objectives for improved cybersecurity
There is growing concern at EU level about the vulnerability of critical infrastructure, essential services and key operators to cyber attacks. In the current geopolitical context, marked by an increase in ransomware attacks, disinformation campaigns and cyber espionage, the EU seeks to ensure a faster, more coordinated and effective response to emergency situations.
Priority objectives include:
- Improving coordination between institutions in the field when serious cyber incidents occur.
- Agree escalation protocols so that local threats do not spill over to the EU level.
- Ensure public-private interoperability.
- Conduct drills, stress tests and early warning.
Roles of actors such as ENISA or EU-CyCLONe
The European Union Agency for Cybersecurity (ENISA) plays a key role in providing threat analysis, coordinating technical response to incidents and advising Member States on the development of response plans, as well as promoting pan-European simulation exercises, such as the biennial Cyber Europe exercise.
The EU Cyber Crisis Liaison Team Network (EU-CyCLONe) is the body in charge of intra-EU crisis management, acting as a liaison between the technical level (CSIRTs and ENISA) and the political-decisional level, so that major decisions are taken in a coordinated manner.
Does the implementation affect companies and operators?
The implementation of this roadmap has a clear impact on the private sector, and in a particularly relevant way on those entities affected by NIS2, being obliged to adopt cyber crisis management plans, notify serious incidents in due time and form to the competent authorities, actively cooperate in crisis drills and review their governance and compliance mechanisms.
This is expected to enable them not only to protect their own digital assets, but also to work in a coordinated manner across the EU.
This new step represents a firm step towards the resilience and coordination that the EU needs to address new digital threats. By defining clear roles, appropriate protocols and maximising public-private cooperation, the EU adopts a new prevention-reaction stance.
At Letslaw, our team of cybersecurity lawyers can help you comply with cybersecurity regulations.
Alberto Malo es abogado especialista en Propiedad Intelectual, Protección de Datos y Derecho de las Nuevas Tecnologías.
Desde 2017 asesora a empresas en materia de comercio electrónico, publicidad, esports, contratación de software y competencia desleal, tanto a nivel nacional como internacional. Es Delegado de Protección de Datos certificado por la AEPD – ENAC, miembro de DENAE y autor de artículos jurídicos en medios como Cinco Días o Lawyerpress. Formado en ICADE, cuenta con un doble máster en Acceso a la Abogacía y Propiedad Intelectual. Domina español, inglés y catalán.
