Updates

Cybersecurity

2018

The European Commission adopted an updated version of the EU cyber defence policy framework.  The purpose of the framework is to take into account the changing security challenges since the original framework of 2014. The updated framework identifies six priority areas for cyber defence: development of cyber defence capabilities, protection of the EU Common Security and Defence Policy (CSDP) communication and information networks, training and exercises, research and technology, civil-military cooperation and international cooperation. and clarifies the roles of the different European actors. It also clarifies the roles of European actors within these six areas, including EU member states, the European Commission, the European Defence Agency (EDA), the European External Action Service (EEAS), the European Security and Defence College (ESDC), the European Network and Information Security Agency (ENISA), the European Cybercrime Centre (EC3) and CERT-EU.

US President Trump signed the Cybersecurity and Infrastructure Security Agency Act of 2018 into law. The bill redesignates the Department of Homeland Security's (DHS) National Protection and Programs Directorate (NPPD) as the Cybersecurity and Infrastructure Security Agency (CISA). The new agency’s responsibilities will include ensuring cybersecurity and critical infrastructure security, coordinating with federal and non-federal entities, and DHS's responsibilities concerning chemical facility antiterrorism standards. It will consist of the Cybersecurity Division, the Infrastructure Security Division, and the Emergency Communications Division.

The Task Force was established on 30 October as a public-private partnership to develop recommendations on managing risks in the global ICT supply chain.  It goes within the DHS Cyber Supply Chain Risk Management Program which aims to develop supply chain risk management capabilities for federal civilian agencies; private sector critical infrastructure owners and operators; also for state, local, tribal and territorial governments. Currently the Task Force has 26 members form industry, 8 departments and agencies of the US government, including DHS, DoD, and Office of the Director of National Intelligence. The first step of the Task Force will be to conduct an analysis existing ecosystem of  industry and government supply chain initiatives to identify critical gaps.

On the sidelines of the 33rd ASEAN Summit in Singapore, the Economic Ministers of the delegate countries signed the ASEAN Agreement on e-Commerce, which is part of the implementation of the ASEAN Work Programme on Electronic Commerce 2017-2025. The agreement aims to facilitate cross-border e-commerce transactions and promote confidence in the use of e-commerce in the region to drive economic growth and social development. It comprises commitments on the fields of cybersecurity, data localization and data flows, ensuring that companies and consumers can easily access and move data across borders, without the need to “build expensive and unnecessarily redundant data centres in every market”. The agreement also contains provisions on online consumer protection, personal data protection alternative online dispute resolution mechanisms for e-commerce transactions. In parallel, the ASEAN summit also welcomed the endorsement of the ASEAN Digital Integration Framework, which identifies the economic benefits and challenges posed by digital integration for ASEAN and its Member States, with particular attention to MSMEs.

Sir Tim Berners-Lee launched a call to sign the ‘Contract for the Web’.  The contract appeals to governments, companies, and ‘netizens’ to improve Internet accessibility, privacy, confidentiality of user data, and to keep the Internet free and safe by respecting ‘civil discourse and human dignity’. The document has been already signed by representatives of 60 companies, including Google, Facebook, and governments. In Berners-Lee’s opinion, today we need new ‘clear and strict’ standards for those players who have enough influence to make the Internet better. The standards proposed in the contract will be finalised after consultations with governments and companies.

China has passed new regulation on cybersecurity inspections to come into effect 1 November. The regulation allows Chinese police to enforce the cybersecurity law with service providers via on-site and remote premises and networks inspections to ensure compliance, leading most likely to increased inspections of service providers in the future.

Pages

 

The GIP Digital Watch observatory is provided by

in partnership with

and members of the GIP Steering Committee



 

GIP Digital Watch is operated by

Scroll to Top