The Strategic Compass adopted on 21st March is an important document in cyber security and cyber defence. It sets out a detailed framework of specific actions to be undertaken by the EU in the coming years. It also clearly sets out the EU's position in the new geopolitical context created by the war in Ukraine. It will have important implications for business, especially in terms of the broad lines of investment and research to be implemented by the EU.

• On 21st March 2022, the European Council formally approved the Strategic Compass at a time of radical change in the global geopolitical paradigm.
• It is an ambitious action plan to strengthen the EU's security and defence policy until 2030 in a clear sign that the situation calls for a move towards hard power approaches that have not been a priority for the EU until now.
• The aim of the Strategic Compass is to strengthen the EU's capabilities to protect its citizens and contribute to international peace and security.
• This should be complementary to NATO, which remains the basis for the collective defence of its members.
• The document presents concrete and implementable proposals, with a very precise timetable.
• It is built around four pillars: acting, investing, working in partnership and ensuring security.

SPECIFIC ACTIONS IDENTIFIED IN THE SPHERE OF CYBERSPACE

The setting up of an EU cyber defence policy that will boost research and innovation and provide a stimulus to the EU's industrial base. It will also promote education and training.

Establish a determination to combat, with immediate and long-term responses, risk actors that seek to impede secure and open access to cyberspace for the EU and its partners.

Improving cyber security, which will increase the effectiveness and security of efforts on the ground, in the air, at sea and in outer space.

Intensive use of new technologies, in particular quantum computing, artificial intelligence and data intelligence, to achieve comparative advantages.

Boosting intelligence analysis capabilities.

The establishment of an EU Joint Information Unit to strengthen the common situational awareness of and cooperation between EU institutions and Member States.

Develop a set of hybrid threat response tools and teams capable of responding quickly and decisively to state-backed cyber-attacks on critical infrastructure.

Further develop the cyber diplomacy toolbox, in particular preventive measures and sanctions against external actors for malicious cyber activities against the Union and its Member States.

Create instruments against manipulation of information and interference by foreign agents.

Provide incentives to encourage Member States to participate in collaborative capacity development projects.

Jointly invest in strategic support elements and new generation capabilities, in particular: strategic transport, force protection, medical, cyber defence and satellite communication assets, and intelligence, surveillance and reconnaissance capabilities.

Adoption of additional criteria and rules on the protection of EU classified information and sensitive non-classified information to facilitate secure exchanges with Member States.

Increase interoperability and information sharing through cooperation between military computer emergency response teams.

Understanding cyber defence as a fundamental guarantee in the priority area of enhancing military mobility as an essential support element.

Launch the European Cybersecurity Competence Centre to develop a strong industrial and technological cybersecurity ecosystem in Europe and to support companies specialised in cybersecurity.

You can download the full PDF file here.

For more information you may contact:

Vicente Moret

Of Counsel | Litigation Law