The European Union's role in global cyber policy

On 8 November 2019, the EU Institute for Security Studies (EUISS) and the Finnish Presidency of the Council of the EU co-organised a conference in Brussels focusing on the European Union’s role in global cyber policy. The high-level conference brought together officials from EU Member States, EU institutions, as well as scholars from academia, think tanks and representatives of the private sector.

Ambassador Hanna Lehtinen – Representative of Finland to the Political and Security Committee – and Gustav Lindstrom – Director of the EU Institute for Security Studies – set the scene and underlined the importance of  European unity in the cybersecurity field. On this occasion, Dr Lindstrom announced the creation of a 'Reflection Group on the future of the EU’s cyber-diplomacy', a task-force of European scholars who will be deliver a blueprint for the EU’s Cyber Diplomacy Strategy by July 2020.

Throughout the day, high-level European officials addressed the audience with their remarks. Jyrki Katainen – Vice-President for Jobs, Growth, Investment and Competitiveness – stressed the need for cybersecurity as a “new fundamental infrastructure” to be developed. During his keynote speech, Julian Lepassar – ENISA’s Executive Director – recalled the EU’s role in setting gold standard for cybersecurity, and the importance of exchanging those experiences with partners. Along similar lines, Roberto Viola –Director-General of DG CONNECT – provided insights on developing an ecosystem for a thriving cyber industry. Commissioner for the Security Union Julian King reminded that the protection of European values should be the guiding light when setting standards in cyberspace.

In-depth discussions took place throughout the day in the form of thematic panels. The first panel – entitled 'Defending the rules-based order in cyberspace' – focused on the EU’s work towards conflict prevention, stability and cooperation in cyberspace in the light of increasing geopolitical competition and different visions of internet governance. Chaired by Joyce Hakmeh (Chatham House), panellists Mr. Andreas Geertsen (MFA of Denmark), Pawel Herczynski (EEAS), Xymena Kurowska (Central European University) and Ambassador Janne Taalas (MFA of Finland) discussed the role of the EU and its member states, as well as some concrete steps towards a more impactful EU global standing in cyberspace.

Topical issues such as the benefits and vulnerabilities of the digital age, the roll-out of 5G infrastructure, the protection of personal data, as well as the responses to significant attacks against European critical infrastructures were at the heart of the second panel, chaired by Patryk Pawlak (EUISS). In this framework, Henriette Geiger (European Commission), Carmen Gonsalves (MFA of The Netherlands), Wolfram von Heynitz (MFA of Germany) and Jarno Limnell (Aalto University) discussed the critical ingredients of resilience. The discussion focused both on the internal aspects and on external challenges, such as the EU’s ability to shape global cyberspace and to connect its cyber capacity-building engagements to the EU’s foreign and security policy.

The third panel – dedicated to building European cyber capabilities – delved into the current strengths and weaknesses concerning European cyber capabilities development. Matti Aksela (F-Secure), Antonio Missiroli (NATO), Peter Schneider (Nokia) and Max Smeets (ETH Zurich) – chaired by Isabel Skierka (Digital Society Institute) – discussed cyber public-private partnerships, the EU’s funding for research and development, cyber defence investments as well as the promotion of a sustainable skills and education base. The panel also discussed the prospects for a European strategic autonomy in the cyber domain.

The fourth panel of the day discussed the EU’s capacity to harness the potential presented by new digital technologies, especially Artificial Intelligence (AI). Cathrin Bauer-Bulst (European Commission),  Ludmila Georgieva (Google), Anna-Maria Osula (Guardtime) and Cecile Wendling (AXA Group Security) – chaired by Anni Hellman (Permanent Representation of Finland to the EU) – discussed the challenges of building cyber security mechanisms, global standards and norms that can meet fast evolving disruptive technologies such as, among others, block chain, AI, and quantum computing. Beyond the security concerns, the panel discussed to what extent disruptive technologies could be of use to counter cyber threats, and what the EU should to in this regard.

More than one hundred participants among EU officials and EU institutions, representatives from member states, scholars, think tanks and private companies engaged in the discussions. Cyber-related projects funded by the EU – such as the EU Cyber Direct, EU Cyber Net, FORTIKA and PoseID-on projects – showcased their activities and results throughout the day.