EU begins to take cybersecurity seriously; ENISA should act operationally (interview)
Under the influence of the Polish Presidency, the European Union has begun to take cybersecurity seriously, but ENISA needs to change its nature from regulatory and executive to strictly operational, Deputy Prime Minister and Minister of Digital Affairs Krzysztof Gawkowski told PAP Biznes on the sidelines of the EU Digital Summit.
"First of all, I am very pleased that cybersecurity has become a key issue for Europe during the Polish presidency. From the perspective of the last 18 months, since I have been in government, I know very well that it is not easy to change the European course, and everything indicates that we have achieved success in this field. All the more so because cybersecurity was not the mental basis for thinking about the future in the Union," Deputy Prime Minister Gawkowski told PAP Biznes.
"Previously, the EU's digital transformation was based mainly on thinking about how to implement legislation and introduce new regulations, rather than how to protect member states from attacks. That is why the adoption of the European plan to counter cyber incidents, the European Cyber Blueprint, is a huge achievement for us," he explained.
The Deputy Prime Minister pointed out that the member states agreed that, in addition to the proper implementation of digital changes, another key direction is to protect the citizens of the Old Continent from the negative effects of rapidly advancing digitalisation.
"During the Digital Summit, we held a dialogue on broadening the thinking on digital security, not only in terms of cybersecurity, but also in terms of the security of digital transformation and the protection of citizens," he said.
He added that the Polish Presidency also emphasised issues related to artificial intelligence and technological sovereignty, and in particular raised the issue of securing its security. Other key issues in the Prime Minister's assessment were cloud computing and the security and development plan for the semiconductor sector in the EU.
POLAND'S NATIONAL CYBERSECURITY SYSTEM KSC IS NOT ONLY ABOUT REGULATION, BUT ALSO ABOUT SECURING PUBLIC INSTITUTIONS AND BUSINESSES AGAINST, AMONG OTHER THINGS, DATA LEAKS.
"Unfortunately, the previous government worked for four years on amending the KSC and, in fact, achieved nothing. From the very beginning, our priority was the high implementation conditions, which, as key elements of the system, indicated the designation of high-risk suppliers and the security of the 5G network," said the Deputy Prime Minister.
"We are aware that there are many voices in the market that do not like this law, but we are dealing with a bill that is finally supposed to put a stop to various types of data leaks and coherently manage all elements of cybersecurity - from healthcare, through infrastructure, administration, the military, transport and the digital economy," he added.
The Deputy Prime Minister assessed that Poland is well aware of the threats present in its cyberspace
"The threats that are most dangerous to Poland today are attacks coming from the Russian Federation. We identify attacks on critical infrastructure as well as those aimed at spreading disinformation and interfering with national public sentiment, with the aim of causing panic," he said.
"That is why, during the CEE Digital Summit, a summit of the Baltic states was held, during which we made member states aware that today's attacks are directed at Poland and Moldova, which is not a member of the Union, but is also the target of disinformation campaigns, and in six months' time, other countries will be targeted," he added.
He pointed out that this is precisely why Poland is urging the next presidency, which will be Denmark, to continue the process started six months ago and to also focus on cybersecurity responsibility in its priorities.
"We also talked a lot about the need to limit the influence of Big Tech in good implementations in the DSA, about counteracting disinformation and supporting digital hygiene processes in building digital competences," he said.
He also pointed out that from Poland's perspective, it is important for ENISA (the European Union Agency for Cybersecurity) to change its character from strictly regulatory and executive to operational.
"We need organisations that are operational in nature in order to counteract threats in all possible areas, i.e. to respond to cyber threats with prevention and at the same time to take swift action immediately after an incident," he underlined.
THE WEIMAR TRIANGLE SHOWS THAT POLAND IS A EUROPEAN LEADER IN DIGITALISATION
"The establishment of the Weimar Triangle in the digital sphere with France and Germany is a response to the question of who in Europe will set the pace for the most important changes in digitalisation today," Gawkowski pointed out.
"During the first meeting, which took place in Luxembourg, we first declared our joint cooperation, but working groups were also formed in specific areas of cooperation and cybersecurity, as well as digital services, with an emphasis on simplifying the law so as not to over-regulate the European Union and cooperation in areas such as artificial intelligence," Gawkowski pointed out.
The Deputy Prime Minister outlined the planned consultations on the implementation of AI regulations.
"Secondly, we agreed that we would present joint positions at various meetings and committees on how the implementation of artificial intelligence and the law governing it should look like – what the regulations and new frameworks should look like, which will be subject to consultation in Europe," he said.
"Today, these three countries have the greatest digital potential in Europe, and this should also be a driving force for the Union," he added.
mcb/ han/
