Activities of Evžen TOŠENOVSKÝ related to 2023/0109(COD)
Shadow reports (1)
REPORT on the proposal for a regulation of the European Parliament and of the Council laying down measures to strengthen solidarity and capacities in the Union to detect, prepare for and respond to cybersecurity threats and incidents
Amendments (67)
Amendment 46 #
Proposal for a regulation
Title 1
Title 1
Proposal for aREGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCILlaying down measures to strengthen solidarity and capacities in the Union to detect, prepare for and respond to cybersecurity threats and incidents (Cyber Solidarity Act)
Amendment 77 #
Proposal for a regulation
Article 1 – paragraph 1 – point a
Article 1 – paragraph 1 – point a
(a) the deployment of a pan-European infrastructurestrenghtening of Computer security incident response teams (CSIRTs), referred to in Article 10 of Directive (EU) 2022/2555, and of the CSIRTs Network referred to in Article 15 of Directive (EU) 2022/2555, and deployment of Security Operations Centres (‘European Cyber Shield’SOCs) to build and enhance national and common detection and situational awareness capabilities (‘European Cyber Shield’);
Amendment 78 #
Proposal for a regulation
Article 1 – paragraph 1 – point c
Article 1 – paragraph 1 – point c
Amendment 82 #
Proposal for a regulation
Article 1 – paragraph 2 – point c
Article 1 – paragraph 2 – point c
Amendment 85 #
Proposal for a regulation
Article 1 – paragraph 3
Article 1 – paragraph 3
3. This Regulation is without prejudice to the Member States’ primary responsibility forexclusive competence in national security, public security, and the prevention, investigation, detection and prosecution of criminal offences.
Amendment 87 #
Proposal for a regulation
Article 2 – paragraph 1 – point 1
Article 2 – paragraph 1 – point 1
Amendment 91 #
Proposal for a regulation
Article 2 – paragraph 1 – point 1 a (new)
Article 2 – paragraph 1 – point 1 a (new)
(1a) ‘Security Operations Centre’ (“SOC”) means a centre, set up by private and public entities or national authorities, constantly monitoring and analysing the communication networks and computer systems to detect intrusions and anomalies in real time.
Amendment 93 #
Proposal for a regulation
Article 2 – paragraph 1 – point 2
Article 2 – paragraph 1 – point 2
(2) ‘public body’ means a body governed by public lawadministration entity’ means a public administration entity as defined in Article 2((1)6, point (4),35), of Directive 2014/24/EU of the European Parliament and the Council30 ; _________________ 30 Directive 2014/24/EU of the European Parliament and of the Council of 26 February 2014 on public procurement and repealing Directive 2004/18/EC (OJ L 94 28.3.2014, p. 65).(EU) 2022/2555;
Amendment 94 #
Proposal for a regulation
Article 2 – paragraph 1 – point 3
Article 2 – paragraph 1 – point 3
Amendment 95 #
Proposal for a regulation
Article 2 – paragraph 1 – point 5 a (new)
Article 2 – paragraph 1 – point 5 a (new)
(5a) ‘incident handling’ means a incident handling as defined in Article 6, point (8), of Directive (EU) 2022/2555;
Amendment 96 #
Proposal for a regulation
Article 2 – paragraph 1 – point 5 b (new)
Article 2 – paragraph 1 – point 5 b (new)
(5b) ‘risk’ means a risk as defined in Article 6, point (9), of Directive (EU) 2022/2555;
Amendment 97 #
Proposal for a regulation
Article 2 – paragraph 1 – point 6 a (new)
Article 2 – paragraph 1 – point 6 a (new)
(6a) ‘significant cyber threat’ means a cyber threat as defined in Article 6, point (11), of Directive (EU) 2022/2555;
Amendment 98 #
Proposal for a regulation
Article 2 – paragraph 1 – point 9
Article 2 – paragraph 1 – point 9
Amendment 99 #
Proposal for a regulation
Article 2 – paragraph 1 – point 10
Article 2 – paragraph 1 – point 10
Amendment 100 #
Proposal for a regulation
Article 2 – paragraph 1 – point 11
Article 2 – paragraph 1 – point 11
(11) ‘trusted managed security service providers’ means managed security service providers as defined in Article 6, point (40), of Directive (EU) 2022/2555 selected to be included in the EU Cybersecurity Reserve in accordance with Article 16 of this Regulation.
Amendment 103 #
Proposal for a regulation
Article 3 – paragraph 2 – subparagraph 1 – point a
Article 3 – paragraph 2 – subparagraph 1 – point a
(a) pool and share data on cyber threats and incidents from various sources through cross-border SOCs both at national and EU level;
Amendment 107 #
Proposal for a regulation
Article 4 – title
Article 4 – title
Amendment 108 #
Proposal for a regulation
Article 4 – paragraph 1 – subparagraph 1
Article 4 – paragraph 1 – subparagraph 1
In order to participacontribute into the European Cyber Shield, each Member State shall designate at least one of its Computer security incident response National SOC. The National SOC shall be a public bodyteams (CSIRTs), referred to in Article 10 of Directive (EU) 2022/2555, as a Information Sharing and Analysis Centre (ISAC).
Amendment 109 #
Proposal for a regulation
Article 4 – paragraph 1 – subparagraph 1 a (new)
Article 4 – paragraph 1 – subparagraph 1 a (new)
Private and public organisations or national authorities, particularly entities operating in critical or highly critical sectors, shall be encouraged to establish and operate their autonomous or shared SOCs.
Amendment 111 #
Proposal for a regulation
Article 4 – paragraph 1 – subparagraph 2
Article 4 – paragraph 1 – subparagraph 2
It shall have the capacity to act as a reference point and gateway toprimarily to SOCs established by private and public entities or national authorities, other CSIRTs of the same Member State, coordinator for the management of large- scale cybersecurity incidents and crises, as well as for other public and private organisations at national level for collecting and analysing information on cybersecurity threats and incidents, and contributing to a Cross-border SOC, where relevant, sharing those information with other members of the CSIRTs network. It shall be equipped with state-of- the-art technologies capable of detecting, aggregating, and analysing data relevant to cybersecurity threats and incidents.
Amendment 113 #
Proposal for a regulation
Article 4 – paragraph 2
Article 4 – paragraph 2
Amendment 115 #
Amendment 116 #
Proposal for a regulation
Article 5 – title
Article 5 – title
Amendment 117 #
Proposal for a regulation
Article 5 – paragraph 1
Article 5 – paragraph 1
Amendment 118 #
Proposal for a regulation
Article 5 – paragraph 2
Article 5 – paragraph 2
2. Following a call for expression of interest, a Hosting Consortium shallCSIRTs-ISACs may be selected by the ECCC to participate in a joint procurement of tools and infrastructures with the ECCC. The ECCC may award to the Hosting ConsortiumCSIRTs-ISACs a grant to fund the operation of the tools and infrastructures. The Union financial contribution shall cover up to 75% of the acquisition costs of the tools and infrastructures, and up to 50% of the operation costs, with the remaining costs to be covered by the Hosting ConsortiumCSIRTs-ISACs. Before launching the procedure for the acquisition of the tools and infrastructures, the ECCC and the Hosting Consortiumparticipating CSIRT-ISAC shall conclude a hosting and usage agreement regulating the usage of the tools and infrastructures, including their usage by other CSIRTs and SOCs in that Member State.
Amendment 121 #
Proposal for a regulation
Article 5 – paragraph 3
Article 5 – paragraph 3
Amendment 122 #
Proposal for a regulation
Article 5 – paragraph 4
Article 5 – paragraph 4
Amendment 123 #
Proposal for a regulation
Article 6 – title
Article 6 – title
Amendment 125 #
Proposal for a regulation
Article 6 – paragraph 1 – introductory part
Article 6 – paragraph 1 – introductory part
1. Members of a Hosting ConsortiumCSIRTs-ISACs and other CSIRTs shall exchange relevant information among themselves within the Cross-border SOCSIRTs Network, including information relating to cyber threats, near misses, vulnerabilities, techniques and procedures, indicators of compromise, adversarial tactics, threat- actor-specific information, cybersecurity alerts and recommendations regarding the configuration of cybersecurity tools to detect cyber attacks, where such information sharing:
Amendment 127 #
Proposal for a regulation
Article 6 – paragraph 2 – introductory part
Article 6 – paragraph 2 – introductory part
2. The written consortium agreement referred to in Article 5(3) shallinformation and intelligence sharing agreement among CSIRTs-ISACs, or where relevant, other CSIRTs, may establish:
Amendment 130 #
Proposal for a regulation
Article 6 – paragraph 3
Article 6 – paragraph 3
Amendment 133 #
Proposal for a regulation
Article 6 – paragraph 4
Article 6 – paragraph 4
Amendment 139 #
Proposal for a regulation
Article 7 – paragraph 1
Article 7 – paragraph 1
1. Where the Cross-border SOSIRTs-ISACs obtain information relating to a potential or ongoing large-scale cybersecurity incident, they shall provide relevant information to EU=-CyCLONe, and the CSIRTs network and the Commission, in view of their respective crisis management roles in accordance with Directive (EU) 2022/2555 without undue delay.
Amendment 140 #
Proposal for a regulation
Article 7 – paragraph 2
Article 7 – paragraph 2
Amendment 144 #
Proposal for a regulation
Article 8 – paragraph 3
Article 8 – paragraph 3
Amendment 148 #
Proposal for a regulation
Article 9 – paragraph 1
Article 9 – paragraph 1
1. A Cyber Emergency Mechanism is established to improve the Union’s resilience to majorsignificant cybersecurity threats and prepare for and mitigate, in a spirit of solidarity, the short-term impact of significant and large-scale cybersecurity incidents (the ‘Mechanism’).
Amendment 150 #
Proposal for a regulation
Article 10 – paragraph 1 – point b
Article 10 – paragraph 1 – point b
(b) response actions, supporting response to and immediate recovery from significant and large-scale cybersecurity incidents, to be provided by trusted managed security service providers participating in the EU Cybersecurity Reserve established under Article 12;
Amendment 152 #
Proposal for a regulation
Article 11 – paragraph 1
Article 11 – paragraph 1
1. For the purpose of supporting the coordinated preparedness testing of entities referred to in Article 10(1), point (a), across the Union, the Commission, after consulting the NIS Cooperation Group and ENISA, shall identify the sectors, or sub- sectors, concerned, from the Sectors of High Criticality listed in Annex I to Directive (EU) 2022/2555 from which entities may be subject to the voluntary coordinated preparedness testing, taking into account existing and planned coordinated risk assessments and resilience testing at Union level.
Amendment 158 #
2. The EU Cybersecurity Reserve shall consist of incident response services from trusted managed security service providers selected in accordance with the criteria laid down in Article 16. The Reserve shall include pre- committed services. The services shall bemay be, upon request, deployable in all Member States.
Amendment 159 #
Proposal for a regulation
Article 12 – paragraph 3 – point b
Article 12 – paragraph 3 – point b
(b) Union institutions, bodies and agenciesThird countries refferred to in Article 17 of this Regulation.
Amendment 160 #
Proposal for a regulation
Article 12 – paragraph 4
Article 12 – paragraph 4
4. Users referred to in paragraph 3, point (a), shallmay, upon request use the services from the EU Cybersecurity Reserve in order to respond or support response to and immediate recovery from significant or large-scale incidents affecting entities operating in critical or highly critical sectors.
Amendment 162 #
Proposal for a regulation
Article 12 – paragraph 5
Article 12 – paragraph 5
5. The Commission shall have overall responsibility for the implementation of the EU Cybersecurity Reserve. The Commission in cooperation with ENISA shall determine the priorities and evolution of the EU Cybersecurity Reserve, in line with the requirements of the users referred to in paragraph 3, and shall supervise its implementation, and ensure complementarity, consistency, synergies and links with other support actions under this Regulation as well as other Union actions and programmes.
Amendment 163 #
Proposal for a regulation
Article 12 – paragraph 6
Article 12 – paragraph 6
Amendment 166 #
Proposal for a regulation
Article 12 – paragraph 7
Article 12 – paragraph 7
7. In order to support the Commission in establishing the EU Cybersecurity Reserve, ENISA shall prepare a mapping of the services needed, after consulting Member States and the Commission. ENISA shall prepare a similar mapping, after consulting the Commission, to identify the needs of third countries eligible for support from the EU Cybersecurity Reserve pursuant to Article 17. The Commission, where relevant, shall consult the High Representative. Representative and inform the Council about the needs of third countries.
Amendment 169 #
Proposal for a regulation
Article 13 – paragraph 5 – point a
Article 13 – paragraph 5 – point a
(a) appropriate information regarding thetype of affected entity and potential impacts of the incident and the planned use of the requested support, including an indication of the estimated needs;
Amendment 170 #
Proposal for a regulation
Article 13 – paragraph 5 – point b
Article 13 – paragraph 5 – point b
(b) informationgeneral about measures taken to mitigate the incident for which the support is requested, as referred to in paragraph 2;
Amendment 171 #
Proposal for a regulation
Article 13 – paragraph 5 – point c
Article 13 – paragraph 5 – point c
(c) information about other forms of support available to the affected entity, including contractual arrangements in place for incident response and immediate recovery services, as well as insurance contracts potentially covering such type of incident.
Amendment 172 #
Proposal for a regulation
Article 13 – paragraph 7
Article 13 – paragraph 7
Amendment 174 #
Proposal for a regulation
Article 14 – paragraph 1
Article 14 – paragraph 1
1. Requests for support from the EU Cybersecurity Reserve, shall be assessed by the Commission, with the support of ENISA or as defined in contribution agreements under Article 12(6), and a responseand its decision shall be transmitted to the users referred to in Article 12(3) without delayundue delay and in any event within 24 hours.
Amendment 179 #
Proposal for a regulation
Article 14 – paragraph 5
Article 14 – paragraph 5
Amendment 183 #
Proposal for a regulation
Article 14 – paragraph 6
Article 14 – paragraph 6
6. Within one month from the end of the support action, the users shall provide Commission and ENISA, ENISA, CSIRTs Network and, where relevant, EU-CyCLONe with a summary report about the service provided, results achieved and the lessons learned. When the user is from a third country as set out in Article 17, such report shall be shared with the High Representative.
Amendment 185 #
Proposal for a regulation
Article 14 – paragraph 7
Article 14 – paragraph 7
7. The Commission shall report at least twice a year to the NIS Cooperation Group about the use and the results of the support, on a regular basis.
Amendment 186 #
Proposal for a regulation
Article 15 – title
Article 15 – title
Coordination of the Cyber Emergency Mechanism with crisis management mechanisms
Amendment 187 #
Proposal for a regulation
Article 15 – paragraph 3
Article 15 – paragraph 3
3. In consultation with the High Representative, support under the Cyber Emergency Mechanism may complement assistance provided in the context of the Common Foreign and Security Policy and Common Security and Defence Policy, including through the Cyber Rapid Response Teams. It may also complement or contribute to assistance provided by one Member State to another Member State in the context of Article 42(7) of the Treaty on the European Union.
Amendment 188 #
Proposal for a regulation
Article 16 – title
Article 16 – title
Trusted managed security service providers
Amendment 190 #
Proposal for a regulation
Article 16 – paragraph 1 – point a
Article 16 – paragraph 1 – point a
(a) ensure the EU Cybersecurity Reserve includes services that may be deployed in all Member States and third countries in accordance with Article 17 of this Regulation, taking into account in particular national requirements for the provision of such services, including certification or accreditation;
Amendment 192 #
Proposal for a regulation
Article 16 – paragraph 1 – point c
Article 16 – paragraph 1 – point c
(c) ensure that the EU Cybersecurity Reserve brings EU added value, by contributinges to the objectives set out in Article 3 of Regulation (EU) 2021/694, including promoting the development of cybersecurity skills in the EU.
Amendment 195 #
Proposal for a regulation
Article 16 – paragraph 2 – point h
Article 16 – paragraph 2 – point h
(h) the provider shall be able to provide the service within a short timeframe in the Member State(s) or third countries where it can deliver the service;
Amendment 196 #
Proposal for a regulation
Article 16 – paragraph 2 – point i
Article 16 – paragraph 2 – point i
(i) the provider shall be able to provide the service in the local language of the Member State(s) or third countries where it can deliver the service; or in one of the working languages of the EU institutions;
Amendment 198 #
Proposal for a regulation
Article 16 – paragraph 2 – point j
Article 16 – paragraph 2 – point j
(j) once an EUuropean cybersecurity certification scheme for managed security service pursuant to Regulation (EU) 2019/881 is in place, the provider shall be certified in accordance with that scheme.
Amendment 201 #
Proposal for a regulation
Article 17 – paragraph 6
Article 17 – paragraph 6
6. The Commission shall without undue delay notify the Council and coordinate with the High Representative about the requests received and the implementation of the support granted to third countries from the EU Cybersecurity Reserve.
Amendment 202 #
Proposal for a regulation
Article 18
Article 18
Amendment 207 #
Proposal for a regulation
Article 19 – paragraph 1 – point 1 – point a – point 1
Article 19 – paragraph 1 – point 1 – point a – point 1
Regulation (EU) 2021/694
Article 1 paragraph 1 – point (aa)
Article 1 paragraph 1 – point (aa)
(aa) support the development of an EU Cyber Shield, including the development, deployment and operation of National and Cross-border SOCs platformCSIRTs- ISACs and SOCs that contribute to situational awareness in the Union and to enhancing the cyber threat intelligence capacities of the Union;
Amendment 209 #
Proposal for a regulation
Article 19 – paragraph 1 – point 5
Article 19 – paragraph 1 – point 5
Regulation (EU) 2021/694
Article 19
Article 19
Support in the form of grants may be awarded directly by the ECCC without a call for proposals to the National SOCSIRTs-ISACs referred to in Article 4 of Regulation XXXX and the Hosting Consortium referred to in Article 5 of Regulation XXXX, in accordance with Article 195(1), point (d) of the Financial Regulation.
Amendment 212 #
Proposal for a regulation
Article 20 – paragraph 1
Article 20 – paragraph 1
By [four years after the date of application of this Regulation], the Commission shall submit a report on the evaluation and review of this Regulation to the European Parliament and to the Council. The report shall be accompanied, where necessary, by a legislative proposal.
Amendment 215 #
Proposal for a regulation
Annex I – paragraph 1 – point 1
Annex I – paragraph 1 – point 1
Regulation (EU) 2021/694
Annex I – chapter "Specific Objective 3 – Cybersercurity and Trust"
Annex I – chapter "Specific Objective 3 – Cybersercurity and Trust"
1. Co-investment with Member States in advanced cybersecurity equipment, infrastructures and knowhow that are essential to protect critical infrastructures and the Digital Single Market at large. Such co-investment could include investments in quantum facilities and data resources for cybersecurity, situational awareness in cyberspace including Nnational SOCs and Cross-borderCSIRTs and SOCs forming the European Cyber Shield, as well as other tools to be made available to public and private sector across Europe.
Amendment 216 #
Proposal for a regulation
Annex I – paragraph 1 – point 1
Annex I – paragraph 1 – point 1
Regulation (EU) 2021/694
Annex I – chapter "Specific Objective 3 – Cybersercurity and Trust"
Annex I – chapter "Specific Objective 3 – Cybersercurity and Trust"
5. Promoting solidarity among Member States in preparing for and responding to significant cybersecurity incidents through deployment of cybersecurity services across borders, including support for mutual assistance between public authorities and the establishment of a reserve of trusted cybersecuritymanaged security service providers at Union level.;