It’s tutorial time! Today the students of our EU and Global Cybersecurity Fundamentals course in the ECPC Advanced Master in Privacy, Cybersecurity and Data Management will be requested to discuss the EU Cybersecurity Strategy and the relevant legal framework, isolating the fundamental elements, policy objectives, scope and legal obligations for the relevant stakeholders. 

The new EU Cybersecurity Strategy was presented on 16 December 2020 by the Commission and the High Representative of the Union for Foreign Affairs and Security Policy. The Strategy “aims to safeguard a global and open Internet, while at the same time offering safeguards, not only to ensure security but also to protect European values and the fundamental rights of everyone”. Cybersecurity is therefore a key EU priority, given that the Strategy is part of multiple initiatives, namely, the EU Security Union Strategy 2020-2025, the Recovery Plan for Europe, Shaping Europe’s Digital Future, the Global Strategy for the EU’s Foreign and Security Policy, and the European Council Strategic Agenda 2019-2024. 

There are also multiple geopolitical aspects that must also be taken into consideration in order to adequately understand the Strategy and its ratio, as we discussed on Monday. Indeed, there is both a push to improve cooperation between Member States and internationally in order to ensure an open Internet on a global basis and to lessen geopolitical tensions and promote the creation of a strong and resilient cyberspace in the EU.

Students will use clear language (not legalese!) in their presentations, fueled by a careful review the literature and insights provided in my lecture this past Monday. The ultimate goal is for the students to have a clear picture of the actual EU legal and policy framework with specific reference to cybersecurity and the forthcoming proposals and strategies in this context, also in the light of European data protection and global cybersecurity evolutions.

Let’s go!