European Commission Proposes Cyber Solidarity Act — April 18, 2023
The proposal would create an EU-wide cyber reserve, new detection infrastructure, and coordinated response mechanisms for large-scale incidents.
Executive briefing: On the European Commission presented a proposal for a Cyber Solidarity Act. The regulation aims to strengthen the Union’s preparedness for significant cybersecurity incidents by funding cross-border detection capabilities and establishing a standing cyber emergency mechanism.
Key measures
- European Cybersecurity Shield. The act would finance national and cross-border Security Operations Centres (SOCs) equipped with advanced detection technologies.
- Cyber emergency mechanism. A coordinated response program would deploy a European cyber reserve of trusted private providers to support member states during major incidents.
- Incident review framework. Post-incident reports would capture lessons learned and recommend improvements to critical infrastructure resilience.
Control alignment guidance
- NIS2 operators. Entities designated as essential or important should monitor the regulation’s progress, as participation in SOC services could influence compliance obligations.
- Cross-border exercises. Align business continuity drills with the proposed EU-level emergency mechanism to streamline requests for assistance.
- Funding opportunities. Evaluate eligibility for Digital Europe Programme grants supporting detection infrastructures and training.
Operational recommendations
- Engage with national authorities to understand how the European Cybersecurity Shield might integrate with existing SOC or CERT capabilities.
- Update incident escalation procedures to include coordination steps with EU institutions and the proposed cyber reserve.
- Track legislative negotiations in Parliament and Council to anticipate timelines for regulatory compliance.