33 Amendments of Henna VIRKKUNEN related to 2020/2256(INI)
Amendment 19 #
Motion for a resolution
Recital C
Recital C
C. whereas conflicts can take place in all physical (land, air, sea and space) and virtual (cyber) domains, and may be amplified through elements of hybrid warfare, such as cyber-enabled disinformation campaigns, proxy wars, offensive and defensive use of cyber capabilities and strategic attacks on digital service providers to disrupt critical infrastructure as well as our democratic institutions;
Amendment 37 #
Motion for a resolution
Recital G
Recital G
G. whereas raising the level of cyber security within the EU is a necessary corollary to the success of Europe’s digital ambitions; as well as the security of its member states;
Amendment 51 #
Motion for a resolution
Recital J a (new)
Recital J a (new)
J a. whereas damaging cyberattacks can take place at any moment; whereas actors on both European and national levels should be encouraged to take necessary measures to maintain effective cyber defence capabilities even during peacetime;
Amendment 55 #
Motion for a resolution
Paragraph 1
Paragraph 1
1. Underlines that a common cyber defence policy and a substantial cyber defence capability are core elements for the development of the European Defence Union and require a complex mix of technical, strategic and operational abilities; stresses the urgent need to strengthen EU and the Member State cyber defence capabilities; underlines the key operational capabilities of detection, attribution, and incident response, and underlines in this regard the need of multi-domain-awareness monitoring schemes;
Amendment 67 #
Motion for a resolution
Paragraph 2
Paragraph 2
2. Recalls that the borderless nature of cyber space ands well as the substantial number of cyber-attacks make them a threatand increasing complexity of cyber-attacks requiringe intensified EU- NATO cooperation and a coordinated Union-level response, including common Member State support capabilities and Member State support for measures of the EU’s cyber diplomacy toolbox;
Amendment 77 #
Motion for a resolution
Paragraph 4
Paragraph 4
4. Calls on the EEAS to further developand the European Commission, in cooperation with the Member States to further develop comprehensive set of measures and a coherent IT security policy to strengthen cyber defence and resilience coordination; urges a cooperation strategy with the EU’s Computer Emergency Response Teams (CERT-EU) to protect networks used by all EU institutions bodies and agencies; improve information sharing on technical information, analysis and threat intelligence between Member States at EU-level that could enable collective attribution on EU-level; calls on the European Parliament to ensure its participation in CERT-EU results to ensured a level of IT security that will allow it to receive all the necessary classified and non-classified information to carry out its responsibilities under the Treaties, including as a result of the current process to replace the 2002 Inter- Institutional Agreement on access to information in the area of security and defence;
Amendment 82 #
Motion for a resolution
Paragraph 5
Paragraph 5
5. Notes the 2018 CDPF’s objective to setup an EU Military CERT-Network; calls on Member States to significantly increase classified information sharing, to develop a European rapid and secure network to counter cyber-attacks; welcomes the launch of Cyber Crises Liaison Organisation Network (CyCLONe) on 29 September 2020, which further improved ability for timely information sharing and situational awareness by closing the gap between EU’s technical and political levels; calls on the EU Member States to significantly increase classified information sharing, to develop a European rapid and secure network to counter cyber-attacks; also notes that an effective cyber defence capability requires a change from “Need- to-know” based culture of information sharing into a “Need-to-share” one;
Amendment 89 #
Motion for a resolution
Paragraph 6
Paragraph 6
6. Recalls that the 2018 EU Capability Development Priorities established in the framework of the Capability Development Plan (CDP) made cyber defence a key priority; welcomes the EDA’s projects to improve overall EU Member States efforts in this field; (i.e.“enabling capabilities for cyber responsive operations”); welcomes EDA for supporting Member States in developing their capabilities to improve cyber resilience, as the ability to detect, withstand and recover from any cyber attack ; takes note of different activities undertaken by Member Staktes note of the EDA’s CyDRE project, which should develop an enterprise architecturein the framework of EDA including by promoting best practices in system engineering framework for cyberspace operations, including scope, functionalities and requirements, based upon national and EU legislation to harmonize the design and development of national cyber defence capabilities following a shared vision through the ‘Cyber Defence Requirements Engineering’ (CyDRE) project;
Amendment 95 #
Motion for a resolution
Paragraph 7
Paragraph 7
7. Underlines thatWelcomes the Coordinated Annual Review on Defence (CARD) – a first fully fledged defence review at EU level, which is a key tool that supports ofthe overall coherence in Member States’ defence planningspending, defence planning and defence cooperation, and should contribute to promoting investment in defence cyberveloping cyber defence capabilities;
Amendment 103 #
Motion for a resolution
Paragraph 9
Paragraph 9
9. Welcomes the progress achieved by the Permanent Structured Cooperation (PESCO) Cyber Rapid Response Team; recalls that PESCO, including by implementing concrete projects such as Cyber Rapid Response Team and Mutual Assistance in Cybersecurity project; recalls that PESCO through the more binding commitments as well as different projects taken forward in PESCO framework offers excellent ways to speed up cyber security initiatives, such as through the Cyber Threats and Incident Response Information Sharing Platform and Cyber and Information Domain Coordination Centre;
Amendment 109 #
Motion for a resolution
Paragraph 9 a (new)
Paragraph 9 a (new)
9 a. Welcomes the Council’s Decision of 5 November 2020, allowing third countries (non-EU Member States) to join PESCO projects given that they can add value and meet political, substantive and legal conditions; invites EU Member States and non-EU Member States to participate in PESCO cyber related projects;
Amendment 117 #
Motion for a resolution
Paragraph 11
Paragraph 11
11. Welcomes the Council’s June 2019 framework, which allows targeted restrictive measures to deter and respond to cyber-attacks that constitute a threat to the EU or its Member States, including cyber- attacks against third countries or international organisations; welcomes the imposition of such restrictive measures in July 2020 and October 2020 as a credible step in strengthenimplementing the EU’s cyber diplomacy toolbox and strengthening EU’s cyber deterrence posture;
Amendment 125 #
Motion for a resolution
Paragraph 12
Paragraph 12
12. Welcomes the work led by ENISA involving the Member States and interested stakeholders to provide the EU with certification schemes for ICT products, services and processes in order to raise the overall level of cybersecurity within the digital single market; stresses the EU’s pivotal pioneering role in developing standards that shape the cybersecurity landscape, contribute to fair competition within the EU and on the global stage, and react to extraterritorial measures and security risks from third countries; also acknowledges the important role of ENISA in supporting research initiatives and other forms of co-operation aimed at enhancing cybersecurity;
Amendment 126 #
Motion for a resolution
Paragraph 12 a (new)
Paragraph 12 a (new)
12 a. Underlines the importance of investments in cyber-defence and cybersecurity capabilities with the aim to enhance EU’s and its Member States' resilience and strategic capacities, highlights in this regard the importance of Digital Europe Programme and Horizon Europe, especially its Civil Security for Society’cluster; notes the significance of relevant financial instruments available within the 2021- 2027 Multiannual Financial Framework (MFF) as well as in the Recovery and Resilience Facility (RRF);
Amendment 128 #
Motion for a resolution
Paragraph 12 b (new)
Paragraph 12 b (new)
12 b. Notes that the number of cyber- attacks has significantly increased during the Covid-19 pandemic and welcomes that the Recovery Plan for Europe foresees additional investments in cybersecurity;
Amendment 134 #
Motion for a resolution
Paragraph 14
Paragraph 14
14. Insists that the Strategic Compass should deepen the strategic culture in the cyber domain and remove any duplication of capabilities and mandates; stresses that it is essential to overcome the current fragmentation and complexity of the overall cyber architecture within the EU and to develop a common vision on how to achieve security and stability in cyberspace;
Amendment 137 #
Motion for a resolution
Paragraph 14 a (new)
Paragraph 14 a (new)
14 a. Recalls the importance of the EU cyber deterrence stance and the related issue of attribution to cyber-attacks as one of the key tools for strengthening EU and Member States' capabilities to deter and respond to malicious behavior in cyberspace; calls on the Council to use the EU’s cyber diplomacy toolbox, including restrictive measures, more often and in a coherent way; invites to consider joint public attribution of malicious cyber activities, including the option to create cyber-behavior reports under the auspices of the EEAS for specific actors to summarize state sponsored malicious cyber activities against Member States at EU-level; underlines the need to strengthen the European Union Intelligence and Situation Centre (EU INTCEN) capabilities to analyse and asses Member States information and intelligence on malicious cyber activities and incidents;
Amendment 150 #
Motion for a resolution
Paragraph 15
Paragraph 15
15. Stresses that fragmentation is accompanied by serious concerns over resources and staff at the EU level; urges the VP/HR and/or the Member States to significantly increase financial and personnel resources, in particular experts in cyberforensics; calls for further funding for CERT-EU and the creation of an EU ssupport Member States in establishing and strengthening Security oOperations centre Centres (SOCs) in order to build a network of SOCs across the EU;
Amendment 159 #
Motion for a resolution
Paragraph 16
Paragraph 16
16. Recalls that cyber defence has both military and civilian dimensions; calls on the VP/HR, therefore, to develop an integrated policy approach and close cooperation between the Military CEComputer Security Incident Response Teams CSIRT-s Network and CERT-EUthe foreseen Military CERT-Network;
Amendment 161 #
Motion for a resolution
Paragraph 16 a (new)
Paragraph 16 a (new)
16 a. Notes that successful integration of both military and civilian resources can only be ensured through training and exercises with all relevant stakeholders; highlights in this regard the NATO’s Locked Shields exercise, as one of the best examples of testing and improving Cyber Defence Capability, both civilian and military;
Amendment 165 #
Motion for a resolution
Paragraph 16 b (new)
Paragraph 16 b (new)
16 b. Stresses the importance of education to raise public awareness and to improve the skills of citizens to defend themselves against cybercriminal activity and cyberattacks;
Amendment 168 #
Motion for a resolution
Paragraph 17
Paragraph 17
17. Welcomes the joint communication by the VP/HR and the Commission entitled ‘The EU’s Cybersecurity Strategy for the Digital Decade’, which aims to enhance synergies and cooperation between civilian, defence and space cyber work; considers the strategy a milestone for strengthening the EU’s and Member States’ cyber resilience, thereby contributing to European strategic sovereigntystrengthening EU’s digital leadership and its strategic capacities;
Amendment 170 #
Motion for a resolution
Paragraph 17 a (new)
Paragraph 17 a (new)
17 a. Notes the important role the Joint Cyber Unit will play in protecting the EU from grave cross-border cyber-attacks, based on the concept of cross-sector information-sharing; underlines the importance of coordination in order to avoid the duplication of structures and responsibilities during the development;
Amendment 172 #
Motion for a resolution
Paragraph 17 b (new)
Paragraph 17 b (new)
17 b. Urges the Commission and the Member states to establish without delay Member States’ EU cyber intelligence working group within the EU intelligence and Situation Centre (INTCEN) to advance strategic intelligence cooperation on cyber threats and activities, as foreseen in “The EU’s Cybersecurity Strategy for the Digital Decade”;
Amendment 173 #
Motion for a resolution
Paragraph 17 c (new)
Paragraph 17 c (new)
17 c. Underlines the important role the new Cybersecurity Competence Centre in Bucharest will play and calls for its concrete role and competences to be identified as soon as possible;
Amendment 174 #
Motion for a resolution
Paragraph 18
Paragraph 18
18. Recalls that improving cyber defence capabilities also requires civilian network and information security expertise; welcomes the proposed revision of the Directive on security of network and information systems (NIS) and of current EU law, seeking to protect critical infrastructures, enhance supply chain security and the inclusion of regulated actors in the digital ecosystem; recalls that, on a national level, each EU Member State should have a dedicated policy towards cybersecurity supply chain risk management addressing, in particular, the question of trusted vendors; recalls that on EU level, existing platforms such as NIS Cooperation Group could be used to carry out coordinated security risk assessments of specific critical ICT services, systems or products supply chains, building on successful cooperation between the Member States on establishing 5G toolbox;
Amendment 179 #
Motion for a resolution
Paragraph 18 a (new)
Paragraph 18 a (new)
18 a. Underlines the importance of encryption and legal access to encrypted data; recalls that data encryption and the enhancement and widest possible use of such capabilities can make a significant contribution to the cyber security of states, societies and industry;
Amendment 183 #
Motion for a resolution
Paragraph 19
Paragraph 19
19. Welcomes the Commission’s Action Plan On Synergies between civil, defence and space industries, and recalls the close interdependence of these three sectors in cyber defence; notes that, differently from other military domains, cyber space is mainly owned by commercial entities based mostly outside the EU, which leads to industrial and technological dependencies on third parties; strongly believes that the EU needs to increase its technological sovereignty and innovation, investing in the use of new technologies in security and defence and IT security such as artificial intelligence (AI) and quantum computing; further underlines the relevance of a the new European Cybersecurity Industrial, Technology and Research Competence Centre;
Amendment 200 #
Motion for a resolution
Paragraph 21
Paragraph 21
21. Calls for enhanced mutual operational assistance between Member States; strongly emphasises the importance of furtherjoint exercises and scenario-based policy discussions on crisis management between Member States to increase interoperability and develop a common understanding of cyber defence, including on the mutual assistance clause (Article 42(7) of the TEU) in a hypothetical grave cyber attack scenario that amounts to a use of force or an armed attack; calls for increased coordination with NATO in this matter through participation in cyber exercises and joint training, such as the parallel and coordinated exercises (PACE); calls for such initiatives to strengthen the common understanding on the implementation procedures for mutual assistance and/or solidarity in line with Article 42(7) of the TEU and Article 222 of the TFEU, including with a specific objective of operationalising these procedures for cyber-attacks on the EU institutions or Member States;
Amendment 215 #
Motion for a resolution
Paragraph 22
Paragraph 22
22. Considers that EU-NATO cyber cooperation is crucial, as it enables and stroengthens formal attribution and thus the imposition of restrictive sanctionmeasures; notes that functioningeffective deterrence would be achieved if adversarieperpetrators were aware of the catalogue of possible countermeasures (based on the severity, scale, and target of the cyber- attacks);
Amendment 241 #
Motion for a resolution
Paragraph 25
Paragraph 25
25. Calls for closer coordination on cyber defence between Member States, the EU institutions, NATO, the United States and other strategic partners; underlines the urgent need of states for implementing the widely- recognised international normative framework for responsible state behaviour and to contribute to the ongoing discussion on the modalities of application of international law in cyberspace;
Amendment 254 #
Motion for a resolution
Paragraph 26 a (new)
Paragraph 26 a (new)
26 a. Welcomes the importance attributed to a global, open, free, stable and secure cyber space underlined by the 19 April 2021 EU Strategy for cooperation in the Indo-Pacific; calls for actively developing closer ties with likeminded democracies in the Indo- Pacific region, such as the United States, South Korea, Japan, India, Australia and Taiwan in order to share knowledge and experience as well as exchange information on countering cyber threat;
Amendment 255 #
Motion for a resolution
Paragraph 26 b (new)
Paragraph 26 b (new)
26 b. Underlines the importance of cooperation with other countries, particularly in the EU’s immediate neighbourhood, to help build up their capacity to defend against cybersecurity threats; commends the Commission’s support for cybersecurity programmes in the Western Balkans and the Eastern Partnership countries;