Abstract
European nations are subject to continuously increasing number and severity of cyber-attacks. In this essay we firstly examine the developments in cybersecurity and cyber-defence in Europe and particularly the European Union. The EU Cybersecurity Strategy is analysed. This is done in conjunction to the broader European Information and Communications Technology (ICT) agenda, as well as the Common Security and Defence Policy (CSDP), and related policies for cybercrime and intelligence. We identify common elements and especially the tendency towards more cooperation at various levels. This has spillover effects at international organizations as NATO and United Nation. The principal European Institutions associated to Cybersecurity are assessed. Except institutions the Defence and Security industry in Europe and the main challenges that faces are examined. The main hypothesis is if these policies and institutions can provide sufficient cybersecurity and cyber-defence. We conclude that Europe is on the right direction regarding cybersecurity and cyber-defence but it is questionable if these policies and institutions are backed by enough infrastructure and investment. Cooperation is crucial and can yield significant benefits. In that sense institutional overlap should be avoided and better coordination, sharing and pooling of resources, appropriate investment and infrastructure could significant mitigate risks in cyberspace and increase welfare.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
“Agreement between the European Union and the North Atlantic Treaty Organization on the Security
of Information,” PESC 599, COSDP 463 (Brussels: 18 December 2002).
- 2.
Article 31, Lisbon Treaty.
- 3.
Article 21, paragraph 2, Lisbon Treaty.
- 4.
Article 25, (c), Lisbon Treaty.
- 5.
Article 21, paragraph 3, Lisbon Treaty.
- 6.
Article 24, paragraph 1, Lisbon Treaty.
- 7.
Ibid., pp. 82-83.
- 8.
Article 21, Lisbon Treaty.
- 9.
“Membership includes all formal members of international organisations, looking at various membership configurations that institutions offer states – such as the Partnership for Peace (PfP) in NATO. What matters is whether the state is included in the formal decision-making process. Mandate is understood as the tasks and functions that the institutions have subscribed to in their treaties, strategies and other constitutive and operational texts. Overlapping mandates imply that member states are subject to similar commitments. In the case of crisis management, the mandate can reach from low to high intensity crisis management operations or just elements of crisis management. Resources include the common and pooled resources of each institution. It stresses the fact that the existence of multiple institutions in one policy field increases the relative scarcity of resources.” In Hofman (2011). Also see Hofmann (2009).
- 10.
The EDA’s exact mission: ‘EDA’s mission is to support the Council and the Member States in their effort to improve the’European Union’s defence capabilities for the Common Security and Defence Policy (CSDP). This means running and supporting cooperative European defence projects; supporting research and technology development; boosting the European defence technological and industrial base; and providing a forum for European Ministries of Defence. EDA is one of the youngest European Union Agencies. It works on the basis of a new approach, tailored to the military needs of tomorrow, providing different and often innovative solutions. EDA and its participating Member States have launched important projects such as helicopters availability, the European Air Transport Fleet or the insertion of Unmanned Aircraft Systems into normal airspace, to name but a few. EDA is pragmatic, cost effective and results oriented. It offers multinational solutions for capability improvement in a time where defence budget constraints foster the need for cooperation.’ It can be observed that it is primarily a cooperative institution in which all EU member states, but Denmark, participate. http://www.eda.europa.eu/Aboutus/Whatwedo/Missionandfunctions
- 11.
For example, the European Defence Agency supports the council and member states, while ENISA consults with the European Parliament regarding cybersecurity.
- 12.
Inefficiencies from transaction costs, opportunity, cost of time, and sub-optimal policies resulting from the complexity of decision making.
- 13.
- 14.
This argument is analyzed later by using welfare economics and game theory.
- 15.
It should be added that EC3 is expected to be fully operation by 2015. http://www.loc.gov/lawweb/servlet/lloc_news?disp3_l205403457_text
- 16.
“The Pentagon has approved a major expansion of its cybersecurity force over the next several years, increasing its size more than fivefold to bolster the nation’s ability to defend critical computer systems and conduct offensive computer operations against foreign adversaries, according to U.S. officials.
The move, requested by the head of the Defense Department’s Cyber Command, is part of an effort to turn an organization that has focused largely on defensive measures into the equivalent of an Internet-era fighting force. The command, made up of about 900 personnel, will expand to include 4,900 troops and civilians” (Nakashima 2013).
- 17.
IT industries are developed in other countries, most notably China.
References
Aalto P (2003) Revisiting the Security/Identity Puzzle in Russo-Estonian Relations. Journal of Peace Research 40(5):573–591
Agromaniz J (2012) A rhetorical spill-over? Exploring the link between the European Union Common Security and Defence Policy (CSDP) and the External Dimension in EU Counterterrorism. European Foreign Affairs Review 2(1):35–52
Aldrich R (2004) Transatlantic intelligence and security cooperation. International Affairs 80(4):731–753
Barros C (2002) Small countries and the consolidation of the European defence industry: Portugal as a case study. Defence and Peace Economics 13(4):311–319
Batora J (2009) European defence agency: a flashpoint of institutional logics. West European Politics 32(6):1075–1098
BBC News (17 May 2007) Estonia hit by ‘Moscow cyber war’, BBC News Channel. http://news.bbc.co.uk/1/hi/world/europe/6665145.stm. Accessed 29 Nov 2013
Bickerton CJ et al (2011) Security co-operation beyond the nation-state: The EU’s common security and defence policy. Journal of Common Market Studies 49(1):1–21
Block L (2008) Combating organized crime in Europe: practicalities of police cooperation. Policing 2(1):74–81
Bruggeman W (2001) International Law enforcement co-operation: a critical assessment. European Journal on Criminal Policy and Research 9(3):283–290
Cameron D (25 November 2011) Government publishes cyber security strategy. Prime Minister’s Office, 10 Downing Street. https://www.gov.uk/government/news/government-publishes-cyber-security-strategy. Accessed 29 Nov 2013
Capaccio T (10 June 2013) Pentagon five-year cybersecurity plan seeks $23 billion. Bloomberg. http://www.bloomberg.com/news/2013-06-10/pentagon-five-year-cybersecurity-plan-seeks-23-billion.html. Accessed 29 Nov 2013
Chatterton M (2001) Reflections on international police cooperation: putting police cooperation in its place—an organizational perspective. In: Koenig D, Das D (eds) International police cooperation: a world perspective. Lexington, Lanham
Clough C (2004) Quid Pro Quo: The Challenges of International Strategic Intelligence Cooperation. International Journal of Intelligence and CounterIntelligence 17(4):601–613
Commission of the European Communities (30 March 2009) Protecting Europe from large scale cyber-attacks and disruptions: enhancing preparedness, security and resilience. http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=COM:2009:0149:FIN:EN:PDF. Accessed 29 Nov 2013
Cooper R (2004) Actors and witnesses. In: Gnesetto N (ed) EU security and defence: the first five years (1999–2004). Institute for Security Studies of the EU, Paris
Cornish P, Edwards G (2001) Beyond the EU/NATO dichotomy: the beginnings of the European strategic culture. International Affairs 77(3):587–603
Croft A (05 July 2015) EU threatens to suspend data-sharing with US over spying reports. Reuters. http://www.reuters.com/article/2013/07/05/usa-security-eu-idUSL5N0FB1YY20130705. Accessed 29 Nov 2013
Croft A (30 May 2013) Ministers to meet to review NATO's cyber defences. Reuters. http://uk.reuters.com/article/2013/05/30/net-us-nato-cybersecurity-idUSBRE94T0Z220130530. Accessed 29 Nov 2013
Cross M (2010) Co-operation by committee: the EU military committee and the committee on the civilian crisis management (Occasional Paper 82). EU Institute for Security Studies, Paris
De Bruijne M (2006) Networked reliability: institutional fragmentation and the reliability of service provision in critical infrastructures. Doctoral Thesis, TU Delft, Delft University of Technology
Deflem M (2002) Policing world society: historical foundations of international police cooperation. Oxford University Press, Oxford
DW (03 July 2013) Germany fears NSA stole industrial secrets. Economy. http://www.dw.de/germany-fears-nsa-stole-industrial-secrets/a-16925289. Accessed 29 Nov 2013
EC (2013a) Cybersecurity strategy of the European Union, Improved coordination at the EU level. http://eeas.europa.eu/policies/eu-cyber-security/cybsec_comm_en.pdf, p. 10. Accessed 29 Nov 2013
EC (2013b) Cybersecurity strategy of the European Union, Improved coordination at the EU level. http://eeas.europa.eu/policies/eu-cyber-security/cybsec_comm_en.pdf, p. 14. Accessed 29 Nov 2013
EEAS (2013) EU Cyber Security Strategy. http://eeas.europa.eu/policies/eu-cyber-security/index_en.htm. Accessed 29 Nov 2013
Europa (26 April 2010) Common foreign and security policy. http://europa.eu/legislation_summaries/institutional_affairs/treaties/lisbon_treaty/ai0025_en.htm. Accessed 29 Nov 2013
European Commission (n.d.a) Digital agenda for Europe. http://ec.europa.eu/digital-agenda/digital-agenda-europe. Accessed 29 Nov 2013
European Commission (n.d.b). Digital agenda for Europe. https://ec.europa.eu/digital-agenda/node/54369. Accessed 29 Nov 2013
European Commission (n.d.c) Digital agenda for Europe, http://ec.europa.eu/digital-agenda/en/pillar-iii-trust-security/action-32-strengthen-fight-against-cybercrime-and-cyber-attacks. Accessed 29 Nov 2013
European Commission (n.d.d) Digital Agenda for Europe, http://ec.europa.eu/dgs/home-affairs/what-we-do/policies/police-cooperation/prum-decision/index_en.htm. Accessed 29 Nov 2013
European Defence Agency (2013) Cyber defence. Fact Sheet. EDA
European Defence Agency (n.d.) Homepage. http://www.eda.europa.eu/. Accessed 29 Nov 2013
European Union Agency for Network and Information Security (n.d.) Activities, http://www.enisa.europa.eu/about-enisa/activities. Accessed 29 Nov 2013
Europol (2013a) Europols priorities. https://www.europol.europa.eu/content/page/europol%E2%80%99s-priorities-145. Accessed 29 Nov 2013
Europol (2013b) Changing legal basis: steps to becoming an EU agency. https://www.europol.europa.eu/content/page/becoming-eu-agency-1859. Accessed 29 Nov 2013
Europol (2013c) A collective EU response to cybercrime. https://www.europol.europa.eu/ec3. Accessed 29 Nov 2013
Europol (2013d). Joining forces to catch the criminals. https://www.europol.europa.eu/ec3/joining-forces. Accessed 29 Nov 2013
Europol (2013e) Mandate. https://www.europol.europa.eu/content/page/mandate-119. Accessed 29 Nov 2013
Europol (2013f) Staff statistics. https://www.europol.europa.eu/content/page/staff-statistics-159. Accessed 29 Nov 2013
Finn P (19 May 2007) Cyber Attacks on Estonia Typify a new battle tactic. Washington Post. http://www.washingtonpost.com/wp-dyn/content/article/2007/05/18/AR2007051802122.html. Accessed 29 Nov 2013
Friedrichs J (2008) Fighting terrorism and drugs: Europe and international police cooperation. Routledge, New York
Gervi G et al (2009) European security and defence policy: the first 10 years (1999-2009). The European Institute for Security Studies, Paris
Greenwald G (28 January 2013). Pentagon's new massive expansion of 'cyber-security' unit is about everything except defense. The Guardian. http://www.theguardian.com/commentisfree/2013/jan/28/pentagon-cyber-security-expansion-stuxnet. Accessed 29 Nov 2013
Guay T, Callum R (2002) The Transformation and future prospects of Europe’s Defence Industry. International Affairs 78(4):757–776
Hartley K (2010) The future of European defence policy: an economic perspective. Defence and Peace Economics 14(2):107–115
Hill C (1993) The capacity-expectations gap, or conceptualizing Europe’s international role. Journal of Common Market Studies 31(3):306–328
Hoffmann S (1966) Obstinate or obsolete? The fate of the nation state and the case of Western Europe. Daedalus 95(Summer):892–908
Hofman S (2011) Why institutional overlap matters: CSDP in the European security architecture. JCMS: Journal of Common Market Studies, Special Issue: Security Cooperation beyond the Nation State: The EU’s Common Security and Defence Policy 49(1):101–120
Hofmann S (2009) Overlapping institutions in the realm of international security: the case of NATO and ESDP. Perspective on Politics 7(1):45–52
Howorth J (2012) Decision making in security and defense policy: towards supranational inter-governmentalism? Cooperation and Conflict 47(4):433–453
InHope (16 Dec 2011) Europol—‘Operation Icarus’—has identified 269 suspects and 112 suspects have been arrested in 22 countries. http://www.inhope.org/gns/news-and-events/news/11-12-16/Europol_-_Operation_Icarus_has_identified_269_suspects_and_112_suspects_have_been_arrested_in_22_countries.aspx. Accessed 29 Nov 2013
Jenik A (2009) Cyberwar in Estonia and The Middle East. Network Security 2009(4):4–6
Kierkegaard S (2008) The Prüm decision—an uncontrolled fishing expedition in ‘Big Brother’ Europe. Computer Law & Security Review 24(3):243–252
Lander S (2004) International intelligence cooperation: an inside perspective. Cambridge Review of International Affairs 17(3):481–493
Lannin P, Mardiste D (2008) Estonia wary of new cyber attacks. Reuters, April 7th
Lefebvre S (2011) The difficulties and dilemmas of international intelligence cooperation. International Journal of Intelligence and Counter Intelligence 16(4):527–542
Markusen A (2008) The economics of defence industry mergers and J c divestitures. Economic Affairs 17(4):28–32
Moravcsik A (1993) Preferences and Power in the European Community: A Liberal Intergovernmentalist Approach. JCMS: Journal of Common Market Studies 31(4):473–524
Mueller R (April 06 2011) Statement before the house committee on appropriations, subcommittee on commerce, justice, science, and related agencies. http://www.fbi.gov/news/testimony/fbi-budget-for-fiscal-year-2012. Accessed 29 Nov 2013
Nakashima E (27 January 2013) Pentagon to boost cybersecurity force. Washington Post. http://articles.washingtonpost.com/2013-01-27/world/36583575_1_cyber-protection-forces-cyber-command-cybersecurity. Accessed 29 Nov 2013
NATO (Nov 2010) Strategic concept. http://www.nato.int/strategic-concept/pdf/Strat_Concept_web_en.pdf. Accessed 29 Nov 2013
North Atlantic Treaty Organisation (04 June 2013) Defence Ministers make progress on cyber protection. http://www.nato.int/cps/en/natolive/news_101143.htm Accessed 29 Nov 2013
Raustiala K, Victor D (2004) The regime complex for plant genetic resources. International Organization 58(2):277–309
Reuters (30 June 2007) Attack on Estonia puts cyber security on EU agenda. June 30th. http://www.reuters.com/article/2007/06/30/us-eu-digital-idUSL3044463420070630. Accessed 29 Nov 2013
Reuters (30 June 2007) Attack on Estonia puts cyber security on EU agenda. http://in.reuters.com/article/2008/04/07/idINIndia-32902120080407. Accessed 29 Nov 2013. http://www.reuters.com/article/2007/06/30/us-eu-digital-idUSL3044463420070630. Accessed 29 Nov 2013
Rial N (14 February 2013) European cybercrime centre dismantles its first criminal network. New Europe Online. http://www.neurope.eu/article/european-cybercrime-centre-dismantles-its-first-criminal-network. Accessed 29 Nov 2013
Santiago M (2000) Europol and police cooperation in Europe. Edwin Mellen, New York
Satola D, Judy H (2010) Towards a dynamic approach to enhancing international cooperation and collaboration in cybersecurity legal frameworks: reflections on the proceedings of the workshop on cybersecurity legal issues at the 2010 United Nations Internet Governance Forum. Wm Mitchell L Rev. 37, pp. 1745
Simms J (2006) Foreign intelligence liaison: devils, deals, and details. International Journal of Intelligence and CounterIntelligence 19(2):195–217
Skinner S (2002) Third pillar treaty provisions on police cooperation: has the EU bitten off more than it can chew? Colum J Eur L 8:203
Slaughter A (2004) A new world order. Princeton University Press, Princeton, NJ
Smith E (2003) Effects based operations. Applying network centric warfare in peace, crisis, and war. Office of the assistant secretary of defense, Washington DC Command and Control Research Program (CCRP)
Stetter S (2004) Cross-pillar politics: functional unity and institutional fragmentation of EU foreign policies. Journal of European Public Policy 11(4):720–739
Svendsen A (2008) The globalization of intelligence since 9/11: frameworks and operational parameters. Cambridge Review of International Affairs 21(1):129–144
Tak P (2000) Bottlenecks in international police and judicial cooperations in the EU. European Journal of Crime, Criminal Law and Criminal Justice 8(4):343–360
Thurner P, Binder M (2008) European Union transgovernmental networks: The emergence of a new political space beyond the nation-state? European Journal of Political Research 48(1):80–106
Traynor I, Osborne L, Doward J. (30 June 2013) Key US-EU trade pact under threat after more NSA spying allegations. The Guardian. http://www.guardian.co.uk/world/2013/jun/30/nsa-spying-europe-claims-us-eu-trade. Accessed 29 Nov 2013
Wamala F (2011) The ITU National Cybersecurity Strategy Guide. International Telecommunications Union
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer Science+Business Media New York
About this chapter
Cite this chapter
Petratos, P. (2014). Cybersecurity in Europe: Cooperation and Investment. In: Carayannis, E., Campbell, D., Efthymiopoulos, M. (eds) Cyber-Development, Cyber-Democracy and Cyber-Defense. Springer, New York, NY. https://doi.org/10.1007/978-1-4939-1028-1_11
Download citation
DOI: https://doi.org/10.1007/978-1-4939-1028-1_11
Published:
Publisher Name: Springer, New York, NY
Print ISBN: 978-1-4939-1027-4
Online ISBN: 978-1-4939-1028-1
eBook Packages: Humanities, Social Sciences and LawPolitical Science and International Studies (R0)