INSIGHT

On the international stage: Australia and the EU launch cyber security plans

By Gavin Smith, Valeska Bloch
Cybersecurity & Privacy Data Risk & Compliance Technology

In brief

In recent weeks, both Australia and the EU have unveiled their plans to address cyber security in an era of growing concern and uncertainty. On 13 September 2017, President of the European Commission, Jean-Claude Juncker, outlined the Union's intentions to intensify their efforts regarding cyber security. Following this, on 4 October 2017, Australia's Foreign Minister, Julie Bishop, launched the nation's first International Cyber Engagement Strategy at the Telstra offices in Sydney. The proximity of the two announcements demonstrates the growing global anxiety about the threat of cyber attacks and a realisation that prompt action is required to secure digital borders.

The European Union's Cybersecurity Package

Cyber-attacks can be more dangerous to the stability of democracies and economies than guns and tanks… Cyber-attacks know no borders and no one is immune. This is why, today, the Commission is proposing new tools, including a European Cybersecurity Agency, to help defend us against such attacks
- Jean-Claude Juncker, President of the European Commission, 13 September 2017

Europe's announcement comes as the Union looks to increase their resilience to cyber attacks and create an effective means of deterring potential cyber threats. Of particular note, President Juncker flagged the creation of an EU Cybersecurity Agency, which would build on the existing European Agency for Network and Information Security (ENISA).1 As ENISA's role is limited to that of an advisory body, the new agency is expected to receive a mandate with operational responsibilities. For example, the new agency is expected to help implement a European-wide cyber certification framework that would issue cyber security certificates recognisable across the member states, ensuring the security and trustworthiness of 'billions of devices' within the 'Internet of Things'.2

The European Cybersecurity Package revealed by President Juncker will also include:

  • the launch of a European Cybersecurity Research and Competence Centre in 2018 that will assist the EU in achieving 'technological autonomy';3 and
  • the broadening of Europe's legal framework to more effectively deal with cyber crime. These changes will be primarily directed at combatting fraud and counterfeit means of non-cash payment.4

Australia's international cyber engagement strategy

The release of Australia's first International Cyber Engagement Strategy sets out the government's approach to cyber affairs for the next three years.5 In contrast to the European Cybersecurity Package, which focusses specifically on cyber security, the Australian strategy is much broader and addresses a wide spectrum of engagement with the digital realm.

The strategy itself is divided into eight chapters, including:

  • Digital trade;
  • Cyber security;
  • Cybercrime;
  • International security & cyberspace;
  • Internet governance & cooperation;
  • Human rights & democracy online;
  • Technology for development; and
  • Comprehensive & coordinated cyber affairs.

On cyber security, the International Cyber Engagement Strategy presents no substantive legal or policy reform but reiterates existing national objectives and focuses on developing regional cyber security capability and Australia's cyber security industry. For example, the strategy includes a commitment to establish a Pacific Cyber Security Operational Network (PaCSON), which will involve the sharing of 'tools, techniques and ideas' relating to cyber security in the pacific region.6 Despite the heavy regional focus, at first glance it appears that the regional components of the strategy are more of a relationship building and information sharing exercise rather than an entirely collaborative approach to cyber operations.

Footnotes

  1. Bart Hoogeveen, Breaking down the EU's new plans on cyber-security.
  2. European Commission Press Release, State of the Union 2017 – Cybersecurity: Commission scales up EU's response to cyber-attacks (19 September 2017).
  3. Bart Hoogeveen, Breaking down the EU's new plans on cyber-security.
  4. European Commission Press Release, State of the Union 2017 – Cybersecurity: Commission scales up EU's response to cyber-attacks (19 September 2017).
  5. Tobias Feakin, Australia's International Cyber Engagement Strategy: consequences in cyberspace (4 October 2017).
  6. Department of Foreign Affairs and Trade, Australia's International Cyber Engagement Strategy: Cyber Security.