July 22, 2019

July 22, 2019

Subscribe to Latest Legal News and Analysis

European Commission issues a new EU Cybersecurity Strategy

On 13 September 2017, the President of the European Commission, Jean Claude Juncker, announced during his State of the Union address the intention to propose new legislative measures that will boost the cybersecurity resilience within the EU. Following the President’s speech, the European Commission published the following initiatives:

Overall, these initiatives seek to remedy the current fragmentation of Member States’ policies and cybersecurity approaches by increasing the capabilities, preparedness and available resources for Member States and businesses.

The proposed Cybersecurity Act Regulation is divided into two pillars:

  • the first pillar focuses on the powers and organizational evaluation of the EU Agency for Network and Information Security (“ENISA”);

  • the second pillar proposes a framework of European Cybersecurity Certification Schemes (“ECCS”) for Information and Communications Technology (“ICT”) products and services.

The proposed Regulation expands ENISA’s mandate to an independent cybersecurity center, which would assist the EU Institutions, EU bodies and Member States in developing and implementing cybersecurity policies. Moreover, ENISA will have additional obligations related to, among other things, capacity building, operational cooperation, cybersecurity certification and international cooperation. The European Commission will be evaluating ENISA’s performance every five years following the entry into force of the draft Regulation.

The Framework establishing the ECCS has been proposed to ensure transparency of ICT products and services, which include connected devices (such as hardware, software and connected cars), and to create a voluntary pan-European certification scheme per industry sector (such as the transport, energy and health sector). ICT products and services should comply with specified requirements to ensure availability, authenticity, integrity and confidentiality of stored, transmitted or processed data. A European Cybersecurity Certification Body shall be created to assist the European Commission with this Framework and to monitor the ECCS’ functioning in cooperation with ENISA.

The two co-legislators, the European Parliament and Council, will now deliberate on these initiatives.

The Commission will present its proposal on Cybersecurity on Tuesday 19 September 2017.

© Copyright 2019 Squire Patton Boggs (US) LLP


About this Author

Monika Kuschewsky, Information Privacy, Squire Patton Boggs Law FIrm

Monika Kuschewsky is a German Rechtsanwältin and qualified as a Certified Information Privacy Professional/Europe (CIPP/E) and Betrieblicher Datenschutzbeauftragter (German company data protection officer) (GDDcert.). Monika is the general editor of Data Protection & Privacy − International Series, now in its 3rd edition.

+322 627 11 11
Christina Economides, Squire Patton Boggs Law Firm, Public Policy Advisor
Public Policy Advisor

Christina is an advisor in the firm's public policy practice in Brussels in coordination with the public policy international group.

Christina's former positions include an International Recruitment Consultant for a Netherlands-based recruiment agency, EU Public Affairs Consultant for Afore Consulting (a Brussels-based consultancy with a focus in financial services), running the Secretariat of the European Payment Institutions Federation, Policy Officer for the British Chamber of Commerce in Belgium and Assistant for Ioannis Kasoulides cabinet at the European Parliament in Brussels.


  • Being in charge of the recruitment process for multilingual professionals in the Netherlands.
  • Monitoring the legislative developments at EU level on a number of financial services and technology subject matters.
  • Being the account manager and provide public affairs and strategy support to clients from the financial services sector.
  • Providing daily regulatory updates, drafting strategy papers and assessment reports to clients on several legislative and non-legislative matters.
  • Liaising with EU officials to gather intelligence on legislative matters.
  • Running the Secretariat of the European Payment Institutions Federation (EPIF) and being responsible for the day-to-day administrative operation of the association including communication with its members, managing the association’s website and recruitment process as well as responding to enquiries by third parties.
  • Drafting all the materials for the regular EPIF meetings such as the board, technical committee and the general meetings.
  • Drafting strategy papers on the standard setting aspect of payments covered through the European Payments Council and the Euro Retail Payments Board chaired by the European Central Bank.
  • Being responsible for conceptualizing and organizing events, workshops, briefing lunch/dinners and outreach meetings with EU policy makers for the members of EPIF and the British Chamber in the fields of financial services, competition, trade and innovation.
  • Producing briefings, reports and speeches for Mr Ioannis Kasoulides, former Member of the European Parliament (EP) and current Minister of Foreign Affairs in Cyprus.