On 6 March, the European Parliament and the Belgian Presidency of the Council of the European Union stroke a provisional political agreement to strengthen cybersecurity capacities in the EU, on the Cyber Solidarity Act, as well as on the targeted amendment to the Cyber Security Act (CSA), forming part of the so-called “Cyber Solidarity Package”
These two pieces of legislation hold particular significance for the Belgian Presidency of the Council of the EU, aligning closely with its stated priorities. The CCB welcomes these provisional agreements and emphasizes their contribution to reinforcing capacities to respond to large-scale cybersecurity incidents and promoting mutual solidarity among EU Member States, as well as fostering the emergence of trusted cybersecurity service providers, avoiding fragmentation of the internal market for managed security services. Moreover, the CCB as the national authority for cybersecurity in Belgium, actively supported the Belgian Presidency of the Council of the EU in realising its cybersecurity programme, by chairing relevant working groups, but also supporting negotiations on EU legislation in the cyber domain.
Cyber Solidarity Act
The Cyber Solidarity Act was presented in response to the Russia’s war of aggression against Ukraine, building upon the Nevers Call by Digital Ministers in March 2022. The Act comprises three key pillars: the creation of an EU Cybersecurity Alert System facilitating cross-border information sharing on cyber threats, a Cyber Emergency Mechanism for coordinated responses to large-scale incidents affecting entities operating in critical sectors, and an Incident Review Mechanism to glean insights from significant cyber events.
Cyber Security Act
The targeted amendment to the Cyber Security Act of 2019 introduces the possibility of developing European Certification Cybersecurity Schemes for Managed Security Services. Awaiting the regular review of the CSA, due by 28 June 2024, the provisional agreement also includes provisions for refining the procedures for preparing, adopting, and reviewing European cybersecurity certification schemes.
Following these provisional agreements, the texts will undergo further technical adjustments, as well as legal/linguistic review, before being presented to the Council and the European Parliament for adoption. These legislative strides mark a crucial advancement in the EU's ongoing efforts to safeguard its digital infrastructure and respond effectively to cyber threats.
