52 Amendments of Urmas PAET related to 2018/2004(INI)
Amendment 1 #
Motion for a resolution
Citation 13 a (new)
Citation 13 a (new)
- having regard to Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union,
Amendment 2 #
Motion for a resolution
Citation 13 b (new)
Citation 13 b (new)
- having regard to the work of the Global Commission on the Stability of Cyberspace,
Amendment 6 #
Motion for a resolution
Citation 17 a (new)
Citation 17 a (new)
- having regard to the Commission's Proposal for a Regulation of the European Parliament and of the Council on ENISA, the "EU Cybersecurity Agency", and repealing Regulation (EU) 526/2013, and on Information and Communication Technology cybersecurity certification (''Cybersecurity Act'') of 13 September 2017,
Amendment 22 #
Motion for a resolution
Recital A a (new)
Recital A a (new)
Aa. whereas cyber defence is of importance for the military, but more generally it is important for governments, industries, consumers and citizens as cyber incidents have a strong economic and societal impact;
Amendment 33 #
Motion for a resolution
Recital B
Recital B
B. whereas several Member States have invested substantially in setting up well-staffed cyber commands to meet these new challenges and improve cyber resilience; whereas cyber defence is an activity that can best be tackled cooperatively as its operational domain recognises neither national nor organisational boundaries;
Amendment 34 #
Motion for a resolution
Recital B
Recital B
B. whereas several Member States have invested substantially in setting up well-staffed cyber commands to meet these new challenges; whereas cyber defence is an activity that can best be tackled cooperatively as its operational domain recognises neither national nor organisational boundaries; whereas the majority of knowledge about operating and securing data systems, software and networks is overwhelmingly in the hands of private companies, which creates fundamental governance and security questions about the ability of states to defend their citizens;
Amendment 37 #
Motion for a resolution
Recital B
Recital B
B. whereas several Member States have invested substantially in setting up well-staffed cyber commands to meet these new challenges; however much more needs to be done; whereas cyber defence is an activity that can best be tackled cooperatively as its operational domain recognises neither national nor organisational boundaries;
Amendment 49 #
Motion for a resolution
Recital C
Recital C
C. whereas while cyber defence remains a core competence of the Member States, the EU has a vital role to play in ensuring that these new endeavours are closely coordinated from the start to avoid the inefficiencies that mark many traditional defence efforts; whereas a substantial cyber defence capability is a necessary part of the development of the European Defence Union; whereas the protection of our network and information security is a core competence of the European Union and should be an essential part of the European Digital Single Market;
Amendment 52 #
Motion for a resolution
Recital D
Recital D
D. whereas the EU has contributed in improving Member States cyber defence capabilities, both through dual-use research and, projects coordinated by the European Defence Agency (EDA) and in improving Member States cyber resilience, through support provided by the EU Cyber Security Agency (ENISA);
Amendment 59 #
Motion for a resolution
Recital F a (new)
Recital F a (new)
Fa. whereas among the seventeen projects selected for PESCO, two projects are in the field of cyber defence;
Amendment 65 #
Motion for a resolution
Recital G a (new)
Recital G a (new)
Ga. whereas the European Defence Fund (EDF) needs to support the global competitiveness and innovativeness of the European defence industry by investing in digital and cyber technologies as well as provide opportunities for SMEs and start- up companies to participate in order to facilitate development of smart solutions;
Amendment 66 #
Motion for a resolution
Recital H
Recital H
H. whereas the EDA has launched a number of projects to meet Member States’ need for cyber defence capability development, including on education and training such as the Cyber Defence Training & Exercises Coordination Platform (CD TEXP), Demand Pooling for Cyber Defence Training and Exercise support by the private sector (DePoCyTE) and the Cyber Ranges project;
Amendment 68 #
Motion for a resolution
Recital H a (new)
Recital H a (new)
Ha. whereas there are other ongoing EU projects in the area of situational awareness, malware detection and information sharing (Malware Information Sharing Platform (MISP), Multi-Agent System For Advanced persistent threat Detection (MASFAD));
Amendment 73 #
Motion for a resolution
Recital J
Recital J
J. whereas the EU and NATO have agreed to a broad agenda of cooperation in the EU-NATO Joint Declaration of 8 July 2016; whereas four out of forty two proposals for closer cooperation concern cyber security and defence, with further proposals aiming at hybrid threats more broadly; whereas this has been complemented by a further proposal regarding cyber security and defence on 5 December 2017;
Amendment 75 #
Motion for a resolution
Recital J a (new)
Recital J a (new)
Ja. whereas CSDP missions and operations like all modern organisations are deeply reliant on functioning IT systems; whereas cyber threats to CSDP missions and operations can exist at different layers ranging from the tactical layer (CSDP mission and operation) and operational layer (EU networks), to a broader global IT infrastructure;
Amendment 84 #
Motion for a resolution
Recital M
Recital M
M. whereas the UN Group of Governmental Experts on Information Security (UNGGE) has concluded its last round of deliberation; whereas even though it failed to arrive at a consensus report this timein 2017, the 2015 and 2013 agreements still apply, in that international law, in particular the Charter of the United Nations, is applicable and essential to maintaining peace and stability, and to promoting an open, secure, peaceful and accessible cyberspace; whereas the European Union should actively engage in norm-setting initiatives that promote responsible state behaviour in cyberspace outside the UN when the UN GGE process is dormant;
Amendment 85 #
Motion for a resolution
Recital M
Recital M
M. whereas the UN Group of Governmental Experts on Information Security (UNGGE) has concluded its last round of deliberation; whereas even though it faiwas not abled to arrive atproduce a consensus report this time, the 2015 and 2013 agreements still apply, including that international law, and in particular the Charter of the United Nations, is applicable and is essential to maintaining peace and stability, and to promoting an open, secure, peaceful and accessible cyberspaceICT environment;
Amendment 93 #
Motion for a resolution
Recital O
Recital O
O. whereas different non-state and state actors – Russia, China and North Korea, among others – have been involved in malicious cyber activities in pursuit of political, economic or security objectives that include attacks on critical infrastructure, cyber-espionage, disinformation campaigns and limiting access to the internet (such as Wannacry, NonPetya); whereas such activities could constitute wrongful acts under international law and could lead to a joint EU response, such as using the EU cyber diplomacy toolboxframework for a joint EU diplomatic response to malicious cyber activities;
Amendment 94 #
Motion for a resolution
Recital O
Recital O
O. whereas different state actors – Russia, China, Iran and North Korea, among others – have been involved in malicious cyber activities in pursuit of political, economic or security objectives that include attacks on critical infrastructure (such as Wannacry, NonPetya), cyber-espionage, disinformation campaigns and limiting access to the internet (such as Wannacry, NonPetya); whereas such activities could constitute wrongful acts under international law and cshould lead to a joint EU response, such as usingincluding the use of restrictive measures as envisaged by the EU cyber diplomacy toolbox;
Amendment 102 #
Motion for a resolution
Recital O a (new)
Recital O a (new)
Oa. whereas cyber security technologies ("dual-use" technologies) are relevant to the military and civilian domains and offer many opportunities to develop synergies between civilian and military actors in a number of areas, such as for example encryption, security and vulnerability management tools, intrusion detection and prevention systems;
Amendment 105 #
Motion for a resolution
Recital O b (new)
Recital O b (new)
Ob. whereas the cyber commands established by several Member States can make a substantial contribution to the protection of vital civilian infrastructure and whereas cyber defence related knowledge is often equally useful in the civilian domain;
Amendment 116 #
Motion for a resolution
Paragraph 1
Paragraph 1
1. Commends the work done by the EDAU and the Commissionits Member States in the field of cyber defence; notes in particular the EDA projects on cyber ranges, the Cyber Defence Strategic Research Agenda and the development of deployable cyber situation awareness packages for headquarters;
Amendment 123 #
Motion for a resolution
Paragraph 2
Paragraph 2
2. Welcomes the cyber projects to be launched in the framework of PESCO, namely an information-sharing platform for cyber incidents and acyber rapid response team fors in cyber incidentssecurity;
Amendment 128 #
Motion for a resolution
Paragraph 3
Paragraph 3
3. Recognises that many Member States consider possession of their own cyber defence capabilities to be at the core of their national security strategy and to constitute an essential part of their national sovereignty; stresses, however, that – as with other military branches, and also owingdue to the borderless nature of cyberspace – the scale required for truly comprehensive and effective forces ensuring the strategic autonomy of the EU in cyberspace is beyond the reach of any single Member State;
Amendment 136 #
Motion for a resolution
Paragraph 3
Paragraph 3
3. Recognises that many Member States consider possession of their own cyber defence capabilities to be at the core of their national security strategy and to constitute an essential part of their national sovereignty; stresses, however, that – as with other military branches, and also owing to the borderless nature of cyberspace – the scale required for truly comprehensive and effective forces is beyond the reach of any single Member State; welcomes in this regard the proposed permanent mandate and strengthened role for ENISA;
Amendment 137 #
Motion for a resolution
Paragraph 3
Paragraph 3
3. Recognises that many Member States consider possession of their own cyber defence capabilities to be at the core of their national security strategy and to constitute an essential part of their national sovereignty; stresses, however, that – as with other military branches, and also owing to the borderless nature of cyberspace – the scale and knowledge required for truly comprehensive and effective forces is beyond the reach of any single Member State;
Amendment 157 #
Motion for a resolution
Paragraph 5 a (new)
Paragraph 5 a (new)
5a. Urges the Members States to increase financial and personal resources, in particular forensic experts, in order to improve the attribution of cyber attacks;
Amendment 173 #
Motion for a resolution
Paragraph 8 a (new)
Paragraph 8 a (new)
8a. Stresses that all CSDP mission and operation planning needs to be accompanied by a thorough assessment of the cyber threat landscape; notes that the threat taxonomy prepared by the European Union Agency for Network and Information Security (ENISA) provides a suitable template for such an assessment; recommends the creation of cyber- resilience assessment capability for CSDP HQs;
Amendment 180 #
Motion for a resolution
Paragraph 10
Paragraph 10
10. Strongly supports the Military Erasmus initiative aimed at enhancing the interoperability of the armed forces of the Member States through an increased exchange of young officers; believes however that exchanges for training and education in the field of cyber defence should go beyond this initiative and include military personnel from all ranks and students from all academic institutions with educational programs in cyber security; stresses that there is a need for more experts in the cyber defence domain; calls on theacademic institutions and military academies to pay more attention to, and create more possibilities in, the field of cyber defence education and training;
Amendment 186 #
Motion for a resolution
Paragraph 10
Paragraph 10
10. Strongly supports the Military Erasmus initiative aimed at enhancing the interoperability of the armed forces of the Member States through an increased exchange of young officers and other military personnel; stresses that there is a need for more experts in the cyber defence domain; calls on the military academies to pay more attention to, and create more possibilities in, the field of cyber defence education; welcomes the introduction by France, with the support of Portugal and Belgium, of an EU pilot module on cyber defence; encourages Member States to foresee the necessary means in their budgets to increase their pool of cyber security experts;
Amendment 188 #
Motion for a resolution
Paragraph 10 a (new)
Paragraph 10 a (new)
10a. Calls on all Member States to sufficiently and proactively inform, raise awareness and advise companies, schools and citizens about cyber security and the main actual digital threats; welcomes in this regard cyber guides as a tool to guide citizens and organizations towards a better cyber security strategy, to boost cyber security knowledge and improve cyber resilience across the board;
Amendment 191 #
Motion for a resolution
Paragraph 10 b (new)
Paragraph 10 b (new)
10b. Notes that, given the need for more specialised personnel, the focus of the Member States should not only be on recruitment of competent armed forces personnel, but also on the retention of needed specialists;
Amendment 192 #
Motion for a resolution
Paragraph 11
Paragraph 11
Amendment 195 #
Motion for a resolution
Paragraph 11 a (new)
Paragraph 11 a (new)
11a. Strongly encourages the development of the Cyber Defence Education, Training and Exercise and Evaluation Platform, within the ESDC, with a view to upscaling the training and education opportunities within the Member States;
Amendment 204 #
Motion for a resolution
Paragraph 14
Paragraph 14
14. Strongly encourages the development of a collaborative platform, the planned Cyber Defence Education, Training and Exercise Coordination Platform, within the ESDC with a view to facilitating the pooling and sharing of training and exercises; cCalls on the EDA to launch the Cyber Defence Training and Exercise Coordination Platform to support the Cyber Ranges Federation as soon as possible;
Amendment 218 #
Motion for a resolution
Paragraph 15
Paragraph 15
15. Calls for identifying new initiatives to further cooperation between EU and NATO, taking into account as well the possibilities of cooperating within the NATO Cooperative Cyber Defence Centre of Excellence and the NATO Communications and Information (NCI) Academy; welcomes the recent creation of the European Centre of Excellence for Countering Hybrid Threats; urges all relevant institutions to regularly meet to discuss their activities in order to avoid overlaps and encourage a coordinated approach towards cyber defence;
Amendment 226 #
Motion for a resolution
Paragraph 16
Paragraph 16
16. Is convinced that increased cooperation between EU and NATO is vital in the area of cyber defence; calls, therefore, on both organisations to increase their operational cooperation and coordination, and to expand their joint capacity-building efforts, in particular joint training for cyber defence staff; considers it vital that the EU and NATO step up the sharing of intelligence in order to enable the formal attribution of cyberattacks and consequently enable the imposition of restrictive sanctions to those responsible for cyberattacks;
Amendment 227 #
Motion for a resolution
Paragraph 16
Paragraph 16
16. Is convinced that increased cooperation between EU and NATO is vital in the area of cyber defence; calls, therefore, on both organisations to increase their operational cooperation and coordination, and to expand their joint capacity-building efforts, in particular joint training for cyber defence staff; urges both organisations to cooperate more closely also on the cyber aspects of crisis management;
Amendment 228 #
Motion for a resolution
Paragraph 16 a (new)
Paragraph 16 a (new)
16a. Welcomes the exchange of concepts to integrate cyber defence requirements and standards into planning and conduct of missions and operations to foster interoperability and expresses the hope that this will be followed up by more operational cooperation on ensuring the cyber defence of respective missions and synchronisation of operational approaches;
Amendment 232 #
Motion for a resolution
Paragraph 17
Paragraph 17
17. Welcomes the arrangement between the EU’s Computer Emergency Response Team (CERT-EU) and the NATO Computer Incident Response Capability (NCIRC) aimed at facilitating the exchange of information, logistical support and the sharing of best practices; stresses that it is important to encourage information exchanges between CERTs-EU and NCIRC and to work towards increasing the level of trust;
Amendment 241 #
Motion for a resolution
Paragraph 20 a (new)
Paragraph 20 a (new)
20a. Notes the ongoing work on the Proposal for a Regulation revising ENISA Regulation (No 526/2013) and laying down a European ICT security certification and labelling framework; calls on ENISA to sign an agreement with NATO to increase their practical cooperation, including the sharing of information and participation in cyber defence exercises;
Amendment 244 #
Motion for a resolution
Paragraph 21
Paragraph 21
21. Regrets that, after several months of negotiations, the 2016-2017 UN Group of Governmental Experts fai(UNGGE) was not abled to adopt aproduce a new consensus report; recalls, however, that that as recognized by the 2013 report, international law applies to cyberspace and that the 2013 and 2015 UNGGE reports still provide relevant guidelines, in particular as regards lists a set of norms of responsible state behaviour including the prohibition for states to conduct or knowingly support cyber activities contrary to their obligations under international rules;
Amendment 249 #
Motion for a resolution
Paragraph 21 a (new)
Paragraph 21 a (new)
21a. Notes in this regard the importance of article 2(4) of the UN Charter States, which calls on states to refrain from the threat or use of force against the political independence of any state; believes that this includes a prohibition to pursue or knowingly support coercive cyber operations intended to disrupt the technical infrastructure essential to the conduct of official participative procedures in another state, including elections and referenda;
Amendment 250 #
Motion for a resolution
Paragraph 22
Paragraph 22
22. Notes the relevance of the Tallinn Manual 2.0 in this context as an excellent basis for a debate on howand offering analysis how existing international law can be appliesd to cyberspace; notes that it is now time for the Member States to start analysing and applying what the experts have stated in the Tallinn Manual;
Amendment 255 #
Motion for a resolution
Paragraph 22
Paragraph 22
22. Notes the relevance of the Tallinn Manual 2.0 in this context as an excellent basis for a debate on how international law applies to cyberspace; notes that it is now time for the Member States to start analysing and applying what the experts have stated in the Tallinn Manual; notes in particular that any offensive use of cyber capabilities should be based on international law;
Amendment 263 #
Motion for a resolution
Paragraph 23
Paragraph 23
23. Confirms its full commitment to an open, free, stable and secure cyberspace, which respects the core values of democracy, human rights and the rule of law, and where international disputes are settled by peaceful means; calls on the Member States to promote further implementation of the common and comprehensive EU approach to cyber diplomacy; strongly supports the development and implementation of voluntary, non-binding norms of responsible state behaviour in cyberspace and regional confidence building measures;
Amendment 264 #
Motion for a resolution
Paragraph 23
Paragraph 23
23. Confirms its full commitment to an open, free, stable and secure cyberspace, which respects the core values of democracy, human rights and the rule of law, and where international disputes are settled by peaceful means; calls on the Member States to promote further implementation of the common and comprehensive EU approach to cyber diplomacy; strongly supports the development of voluntary, non-binding norms of responsible state behaviour in cyberspace; Supports in this context the work of the Global Commission on the Stability of Cyberspace to develop proposals for norms and policies to enhance international security and stability and guide responsible state and non-state behaviour in cyberspace; endorses the proposal that state and non- state actors should not conduct or knowingly allow activity that intentionally and substantially damages the general availability or integrity of the public core of the Internet, and therefore the stability of cyberspace;
Amendment 271 #
Motion for a resolution
Paragraph 24 a (new)
Paragraph 24 a (new)
24a. Welcomes the adoption by the Council of the framework for joint EU diplomatic responses to malicious cyber activities, the so-called EU Cyber Diplomacy Toolbox; supports the possibility for the EU to take restrictive measures against adversaries attacking its Member States in cyberspace, including a possible imposition of sanctions;
Amendment 285 #
Motion for a resolution
Paragraph 26
Paragraph 26
26. Calls on all stakeholders to reinforce knowledge transfer partnerships, implement appropriate business models and develop trust between companies and defence and civilian end-users, as well as to improve the transfer of academic knowledge into practical solutions, in order to create synergies and port solutions between the civilian and military markets – in essence a single market for cybersecurity and cyber security products;
Amendment 295 #
Motion for a resolution
Paragraph 27 a (new)
Paragraph 27 a (new)
27a. Encourages the Commission to integrate cyber defence elements into the Network of European Cybersecurity Competence and Research Centers, also in view of providing sufficient resources to dual use cyber capabilities and technologies within the next Multiannual Financial Framework;
Amendment 300 #
Motion for a resolution
Paragraph 28
Paragraph 28
28. Notes that the protection of public and other civilian critical infrastructure assets is becoming a vital defence task that should form part of the remit of national cyber commands; stresses that this will require a level of trust, and the closest possible cooperation, between military actors and the affected industries, and urges all stakeholders to take this into account in their planning processes;
Amendment 306 #
Motion for a resolution
Paragraph 28 a (new)
Paragraph 28 a (new)
28a. Encourages close cooperation between EU agencies such as EDA, ENISA, the European Cybercrime Centre in a cross-sectoral approach in order to promote synergies and avoid overlapping;