The European Council adopted conclusions inviting the European Union (EU) and the member states to further develop the cybersecurity crisis management framework, including by exploring the potential of a joint cyber unit. In its conclusions, the Council emphasized the need to consolidate existing networks and to establish a mapping of possible information-sharing gaps and needs within and across cyber communities. This should subsequently lead to an agreement on possible primary objectives and priorities of a potential joint cyber unit.
As per the communication from the European Council, a potential joint cyber unit would need to respect the competences, mandates, and legal powers of its possible future participants and any participation by member states would be of a voluntary nature. The Council calls for further reflection on individual elements of the recommendation on the joint cyber unit, including regarding the ideas of EU cybersecurity rapid reaction teams and an EU cybersecurity incident and crisis response plan. The Council also stressed the need to establish adequate working methods and governance to allow for participation of all member states in the deliberations, development, and effective decision-making processes. It invites EU and its member states to engage in further developing the EU cybersecurity crisis management framework by exploring the potential of a Joint Cyber Unit initiative, by setting and defining the process, including milestones and a timeline, as well as clarifying the aims and possible roles and responsibilities.
The European Council has an instrumental role in the policy-making and coordination function for further development of the EU cybersecurity crisis management framework and will monitor the progress and provide guidance for complementing this framework. The European Commission (EC) published its recommendation on building a Joint Cyber Unit on June 23, 2021, to tackle the rising number of serious cyber incidents impacting public services as well as the life of businesses and citizens across EU. Under this recommendation, the joint cyber unit would act as a platform bringing together resources and expertise from different cyber communities in the EU and its member states to effectively prevent, deter and respond to mass cyber incidents.
Keywords: Europe, EU, Banking, Insurance, Securities, Joint Cyber Unit, Cyber Risk, Regtech, European Council, EC
Previous ArticleEC Sets Out Work Program for 2022
The Australian Prudential Regulation Authority (APRA) found that Heritage Bank Limited had incorrectly reported capital because of weaknesses in operational risk and compliance frameworks, although the bank did not breach minimum prudential capital ratios at any point and remains well-capitalized.
The Office of the Superintendent of Financial Institutions (OSFI) released the annual report for 2020-2021.
The Australian Prudential Regulation Authority (APRA) released the final Prudential Practice Guide on management of climate change financial risks (CPG 229) for banks, insurers, and superannuation trustees.
The European Banking Authority (EBA) Single Rulebook Question and Answer (Q&A) tool updates for this month include answers to 10 questions.
The European Commission (EC) has adopted a package of measures related to the Capital Markets Union.
The European Council adopted its position on two proposals that are part of the digital finance package adopted by the European Commission in September 2020, with one of the proposals involving the regulation on markets in crypto-assets (MiCA) and the other involving the Digital Operational Resilience Act (DORA).
The Prudential Regulation Authority (PRA) is proposing, via the consultation paper CP21/21, to apply group provisions in the Operational Resilience Part of the PRA Rulebook (relevant for the Capital Requirements Regulation or CRR firms) to holding companies.
The Board of Governors of the Federal Reserve System (FED) published a report that summarizes banking conditions in the United States, along with the supervisory and regulatory activities of FED.
The European Banking Authority (EBA) published the final report on draft regulatory technical standards for the calculation of risk-weighted exposure amounts of collective investment undertakings or CIUs, in line with the Capital Requirements Regulation (CRR).
The Australian Prudential Regulation Authority (APRA) recently completed two pilot initiatives in its 2020-2024 Cyber Security Strategy, which was published in November 2020.