6 Amendments of Victor NEGRESCU related to 2022/0085(COD)
Amendment 39 #
Proposal for a regulation
Recital 2
Recital 2
(2) The cyber threat landscape faced by Union institutions, bodies and agencies is in constant evolution. The tactics, techniques and procedures employed by threat actors are constantly evolving, while the prominent motives for such attacks change little, from stealing valuable undisclosed information to making money, manipulating public opinion or undermining digital infrastructure. The pace at which they conduct their cyberattacks keeps increasing, while their campaigns and methods are increasingly sophisticated and automated, targeting exposed attack surfaces that keep expanding and quickly exploiting vulnerabilities.
Amendment 41 #
Proposal for a regulation
Recital 4
Recital 4
(4) The Union institutions, bodies and agencies are attractive targets who face highly skilled and well-resourced threat actors as well as other threats. At the same time, the level and maturity of cyber resilience and the ability to detect and respond to malicious cyber activities varies significantly across those entities. It is thus necessary for the functioning of the European administration that the institutions, bodies and agencies of the Union achieve a high common level of cybersecurity through a cybersecurity baseline (a set of minimum cybersecurity rules with which network and information systems and their operators and users have to be compliant to minimise cybersecurity risks), information exchange and, collaboration, and cybersecurity education.
Amendment 50 #
Proposal for a regulation
Recital 19 a (new)
Recital 19 a (new)
(19a) In order to ensure a better implementation of cybersecurity measures and guidelines for Union institutions, bodies and agencies, and to consolidate a culture of cybersecurity therein, CERT- EU should also enhance cooperation with the European Cyber Cybersecurity Competence Network and Centre.
Amendment 73 #
Proposal for a regulation
Article 5 – paragraph 2
Article 5 – paragraph 2
2. The senior management of each Union institution, body and agency shall follow specific trainings on a regular basis to gain sufficient knowledge and skills in order to apprehend and assess cybersecurity risk and management practices and their impact on the operations of the organisation. In addition to such specific trainings and for the purpose of building and consolidating cybersecurity culture, Union officials and clerks shall participate in training programs on cybersecurity awareness.
Amendment 85 #
Proposal for a regulation
Article 11 – paragraph 1 – point a
Article 11 – paragraph 1 – point a
(a) issue a warning; where necessary in view of a compelling cybersecurity risk, the audience of the warning shall be restricted appropriately, through a commonly agreed upon methodology;
Amendment 93 #
Proposal for a regulation
Article 12 – paragraph 6
Article 12 – paragraph 6
6. CERT-EU may organise cybersecurity exercises or recommend participation in existing exercises, in close cooperation with the European Union Agency for Cybersecurity whenever applicable, to test the level of cybersecurity of the Union institutions, bodies and agencies. Moreover, through enhanced cooperation and joint programmes with the European Cyber Cybersecurity Competence Network and Centre, CERT- EU can support research and innovation and aid in strengthening the Union institutions, bodies and agencies’ cybersecurity capabilities.