15 Amendments of Johan NISSINEN related to 2023/0109(COD)
Amendment 76 #
Proposal for a regulation
Article 1 – paragraph 1 – introductory part
Article 1 – paragraph 1 – introductory part
1. This Regulation lays down measures to strengthen capacities in the Union to detect, prepare for and respond to cybersecurity threats and incidents, while respecting that national security, including in the cyber domain, remains the sole responsibility of each Member State, as noted in article 4(2) TEU, in particular through the following actions:
Amendment 80 #
Proposal for a regulation
Article 1 – paragraph 2 – point a
Article 1 – paragraph 2 – point a
(a) to strengthen voluntary common Union detection and situational awareness of cyber threats and incidents thus allowing to reinforce the competitive position of industry and services sectors in the Union across the digital economy and contribute to the Union’s technological sovereignty in the area of cybersecurity;
Amendment 81 #
Proposal for a regulation
Article 1 – paragraph 2 – point b
Article 1 – paragraph 2 – point b
(b) to reinforce preparedness of entities operating in critical and highly critical sectors across the Union and strengthen svolidarityuntary cooperation by developing common response capacities against significant or large-scale cybersecurity incidents, including by making Union cybersecurity incident response support available for third countries associated to the Digital Europe Programme (‘DEP’);
Amendment 84 #
Proposal for a regulation
Article 1 – paragraph 3
Article 1 – paragraph 3
3. This Regulation is without prejudice to the Member States’ primary responsibility for national security, public security, and the prevention, investigation, detection and prosecution of criminal offences and avoids unnecessary duplication with existing initiatives.
Amendment 89 #
Proposal for a regulation
Article 2 – paragraph 1 – point 1
Article 2 – paragraph 1 – point 1
(1) ‘Cross-border Security Operations Centre’ (“Cross-border SOC”) means a multi-country platform, that brings together in a coordinated network structure national SOCs from at least three Member States who form a Hosting Consortium, and that is designed to prevent cyber threats and incidents and to support the production of high-quality intelligence, notably through the voluntary exchange of data from various sources, public and private, as well as through the sharing of state-of-the-art tools and jointly developing cyber detection, analysis, and prevention and protection capabilities in a trusted environment;
Amendment 102 #
Proposal for a regulation
Article 3 – paragraph 2 – subparagraph 1 – point a
Article 3 – paragraph 2 – subparagraph 1 – point a
(a) pool and share data on cyber threats and incidents from various sources through voluntary sharing of information from cross-border SOCs;
Amendment 124 #
Proposal for a regulation
Article 6 – paragraph 1 – introductory part
Article 6 – paragraph 1 – introductory part
1. Members of a Hosting Consortium shallmay exchange relevant information among themselves within the Cross-border SOC including information relating to cyber threats, near misses, vulnerabilities, techniques and procedures, indicators of compromise, adversarial tactics, threat- actor-specific information, cybersecurity alerts and recommendations regarding the configuration of cybersecurity tools to detect cyber attacks, where such information sharing:
Amendment 128 #
Proposal for a regulation
Article 6 – paragraph 2 – point a
Article 6 – paragraph 2 – point a
(a) a commitment to share a significant amount ofvoluntarily share data referred to in paragraph 1, and the conditions under which that information is to be exchanged;
Amendment 143 #
Proposal for a regulation
Article 8 – paragraph 1
Article 8 – paragraph 1
1. Member States participating in the European Cyber Shield shall ensure a high level of confidentiality, data security and physical security of the European Cyber Shield infrastructure, and shall ensure that the infrastructure shall be adequately managed and controlled in such a way as to protect it from threats and to ensure its security and that of the systems, including that of data exchanged through the infrastructure.
Amendment 147 #
Proposal for a regulation
Article 9 – paragraph 1
Article 9 – paragraph 1
1. A Cyber Emergency Mechanism is established to improve the Union’s resilience to major cybersecurity threats and prepare for and mitigate, in a spirit of solidarity, the short-term impact of significant and large-scale cybersecurity incidents (the ‘Mechanism’), at the explicit request of the Member State(s) concerned.
Amendment 149 #
Proposal for a regulation
Article 10 – paragraph 1 – point b
Article 10 – paragraph 1 – point b
(b) response actions, supporting response to and immediate recovery from significant and large-scale cybersecurity incidents, to be provided by trusted providers participating in the EU Cybersecurity Reserve established under Article 12, at the explicit request of the Member State(s) concerned;
Amendment 155 #
Proposal for a regulation
Article 12 – paragraph 1
Article 12 – paragraph 1
1. An EU Cybersecurity Reserve shall be established, in order to assist users referred to in paragraph 3, in responding or providing support for responding to significant or large-scale cybersecurity incidents, and immediate recovery from such incidents, at the explicit request of the Member State(s) concerned and without prejudice to the specific character of the security and defence policy of certain Member States.
Amendment 157 #
Proposal for a regulation
Article 12 – paragraph 2
Article 12 – paragraph 2
2. The EU Cybersecurity Reserve shall consist of incident response services from trusted providers selected in accordance with the criteria laid down in Article 16. The Reserve shall include pre- committed services. The services shall be deployable in all Member States. The EU Cybersecurity Reserve does not limit the need to allow countries to monitor and assess their own needs.
Amendment 189 #
1. In procurement procedures for the purpose of establishing the EU Cybersecurity Reserve, the contracting authority shall act in accordance with the principles laid down in the Regulation (EU, Euratom) 2018/1046, without prejudice to the Member States’ primary responsibility for national security, and in accordance with the following principles:
Amendment 206 #
Proposal for a regulation
Article 18 – paragraph 4
Article 18 – paragraph 4
4. Where appropriate, the report shall draw non-legally binding voluntary recommendations to improve the Union’s cyber posture.