Security and Law Book contents
- Frontmatter
- Contents
- List of Contributors
- Chapter 1 Introduction: Security and Law in a Digitizing World
- Chapter 2 Safety, Security and Ethics
- Chapter 3 National and Public Security within and beyond the Police Directive
- Chapter 4 Criminal Profiling and Non-Discrimination: On Firm Grounds for the Digital Era?
- Chapter 5 Operationalization of Information Security through Compliance with Directive 2016/680 in Law Enforcement Technology and Practice
- Chapter 6 Protecting Human Rights through a Global Encryption Provision
- Chapter 7 Identity Management and Security
- Chapter 8 Towards an Obligation to Secure Connected and Automated Vehicles “by Design”?
- Chapter 9 The Cybersecurity Requirements for Operators of Essential Services under the NIS Directive – An Analysis of Potential Liability Issues from an EU, German and UK Perspective
- Chapter 10 The ‘by Design’ Turn in EU Cybersecurity Law: Emergence, Challenges and Ways Forward
- Chapter 11 Promoting Coherence in the EU Cybersecurity Strategy
- Chapter 12 Challenges of the Cyber Sanctions Regime under the Common Foreign and Security Policy (CFSP)
- Chapter 13 International (Cyber)security of the Global Aviation Critical Infrastructure as a Community Interest
- Cumulative Bibliography
- Miscellaneous Endmatter
Chapter 11 - Promoting Coherence in the EU Cybersecurity Strategy
Published online by Cambridge University Press: 23 January 2020
- Frontmatter
- Contents
- List of Contributors
- Chapter 1 Introduction: Security and Law in a Digitizing World
- Chapter 2 Safety, Security and Ethics
- Chapter 3 National and Public Security within and beyond the Police Directive
- Chapter 4 Criminal Profiling and Non-Discrimination: On Firm Grounds for the Digital Era?
- Chapter 5 Operationalization of Information Security through Compliance with Directive 2016/680 in Law Enforcement Technology and Practice
- Chapter 6 Protecting Human Rights through a Global Encryption Provision
- Chapter 7 Identity Management and Security
- Chapter 8 Towards an Obligation to Secure Connected and Automated Vehicles “by Design”?
- Chapter 9 The Cybersecurity Requirements for Operators of Essential Services under the NIS Directive – An Analysis of Potential Liability Issues from an EU, German and UK Perspective
- Chapter 10 The ‘by Design’ Turn in EU Cybersecurity Law: Emergence, Challenges and Ways Forward
- Chapter 11 Promoting Coherence in the EU Cybersecurity Strategy
- Chapter 12 Challenges of the Cyber Sanctions Regime under the Common Foreign and Security Policy (CFSP)
- Chapter 13 International (Cyber)security of the Global Aviation Critical Infrastructure as a Community Interest
- Cumulative Bibliography
- Miscellaneous Endmatter
Summary
INTRODUCTION
According to Accenture, in 2019, each private company experienced, on average, 145 (cyber)security breaches, an increase of 11% in respect to 2017. The average cost of cybercrime for an organisation increased from 1.4 million to 13.0 million dollars. The economic impact of such attacks and their cross-border nature require collective action. Aware of the necessity to develop joint actions to address the technical and operational cybersecurity challenges, EU policymakers have started developing legislative initiatives with the intent of establishing a secure and trustworthy environment within the EU area. Nevertheless, the initial cybersecurity legislative initiatives developed at the EU level have not declared by the EU itself to be entirely coherent so far.
Considering this, this chapter is divided into two complementary sections to describe and assess the coherence of an EU cybersecurity framework. To do so, in the first part of this chapter, a comprehensive overview of the different interpretations that have been developed on the concept of coherence will be provided. Indeed, when it comes to defining what should be considered coherent action at the EU level, there is no clear, unique interpretation of such terminology. According to the context, policy or legally, the concept of coherence has been differently interpreted. Nevertheless, the latest legislative initiatives have demonstrated a positive change in this trend. Additionally, the key elements and actors that characterise the legislative development of EU cybersecurity initiatives are briefly described, namely, the EU cybersecurity agency ENISA and the role of public-private partnerships in the development of EU cybersecurity.
Subsequently, once having provided an overview of such crucial elements, the second part of the research aims to interpret the evolution of EU cybersecurity legislative initiatives. The chapter concludes by offering several normative reflections on the EU cybersecurity strategy that has been developed so far.
THE CONCEPT OF COHERENCE
Article 349, Treaty on the Functioning of the European Union (TFEU) states that the Council should adopt measures coherent with the Union legal order. Also considering these provisions and the way the European Union has been structured according to its Treaties, Gauttier has defined coherence as “the principle of action and organisation”, interpreting it from a policy-organisational perspective. In the EU, this concept can be found in primary law (Article 249 TFEU and 13 Treaty of the European Union-TEU), but regardless of the multiple references, it remains challenging to substantiate.
- Type
- Chapter
- Information
- Security and LawLegal and Ethical Aspects of Public Security, Cyber Security and Critical Infrastructure Security, pp. 253 - 276Publisher: IntersentiaPrint publication year: 2019