In the last decade, cybersecurity has swiftly turned into a strategic issue and became an important horizontal policy area in the EU, which is treated in this article as one of the four contemporary political empires. These days, the policy arguably encompasses both internal and external aspects, often making it difficult to assess the level of its actual effectiveness as well as outreach. Initially, the EU's introverted vision on the issue drove the policy to focus on cyber resilience and strategic autonomy. Evidently, the EU's strategic narrative that could assist it in leading the process of creating an open, free, stable and secure cyberspace in the digital decade, in the context of international security, is emerging. Thus, this contribution is to test the argument that the EU, utilizing an imperial paradigm (consciously or not), is gradually becoming a global steering power in cybersecurity. In this article, firstly, we identify and examine the process of formation of the EU's narratives about (its) cyber power. Secondly, we establish a discussion framework to highlight the methodological relevance of the imperial paradigm, cyber power Europe and Strategic Narrative Theory for a multidisciplinary debate on global geo-strategic redesign, in which the EU takes part. Thirdly, we look into bilateral and multilateral forums and processes that deal with cybersecurity and in which the EU participates, in order to understand more specifically how the EU is projecting its cyber-power narratives internationally and how cybersecurity-associated challenges impact current dynamics in other policy domains in the field of international relations.
Recibido: 20 noviembre 2020Aceptado: 18 mayo 2021
In: Kasper , A & Vernygora , V 2021 , ' The EU's cybersecurity : A strategic narrative of a cyber power or a confusing policy for a local common market? ' , Deusto Journal of European Studies , no. 65 , pp. 29-71 . https://doi.org/10.18543/ced-65-2021pp29-71
In this article, firstly, we identify and examine the process of formation of the EU's narratives about (its) cyber power. Secondly, we establish a discussion framework to highlight the methodological relevance of the imperial paradigm, cyber power Europe and strategic narrative theory for a multidisciplinary debate on global geo-strategic redesign, in which the EU takes part. Thirdly, we look into bilateral and multilateral forums and processes that deal with cybersecurity and in which the EU participates, in order to understand more specifically how the EU is projecting its cyber-power narratives internationally and how cybersecurity-associated challenges impact current dynamics in other policy domains in the field of international relations.
In: Kasper , A & Vernygora , V 2020 , Towards a 'Cyber Maastricht' : Two Steps Forward, One Step Back . in M Harwood , S Moncada & R Pace (eds) , The Future of the European Union : Demisting the debate . University of Malta , Malta , pp. 186-210 .
This chapter evaluates the EU's cybersecurity policy from four perspectives – neofunctionalism, liberal intergovernmentalism, post-functionalism, and the imperial paradigm. A search for a theory-based framework is performed to ensure that the analysis in this chapter is completed within a set of boundaries, and does not stray into speculation about the EU's prospective strategic steps. Using this contribution's findings and elaborations, a proposal on the policy-associated model is made. Having observed the empirical data, while analytically reflecting on actuality, it can be argued that a 'Cyber Maastricht' is long overdue.
Cybersicherheit hat sich, innerhalb der letzten zwei Jahrzehnte, zu einem horizontalen Politik-Bestandteil der Europäischen Union entwickelt. In relevanten Bereichen der Technologie, Politik und Recht werden Maßnahmen umgesetzt, um die EU gegen Cyber-Bedrohungen zu schützen. Es ist jedoch unklar, wo die Grenzen für Cybersicherheit liegen, da es keine vereinbarte und operative Definition gibt. In dem Paper wird die Frage gestellt, wie kohärent und koordiniert die rechtlichen Stellungnahmen der EU zu den Herausforderungen der Cybersicherheit sein können, wenn es keine gesetzten Grenzen der Cybersicherheit gibt. Ein ausbalancierter, regulatorischer Rahmen würde eine systematische Analyse der potenziellen Schäden erfordern, die durch einschlägige Maßnahmen behoben werden sollte, verstanden als Auswirkung von Maßnahmen zwischen verschiedenen Politikbereichen und deren Interaktion. So wurden die "Wannecry" Cyberangriffe untersucht, um die Art der Schäden zu ermitteln, die durch EU-Gesetze im Zusammenhang mit Cybersicherheit verhindert werden können, welche Elemente des Cyber-Ökosystems gesichert werden müssen und welche durch regulatorische Eingriffe gezielt angegangen werden können, sowie die wichtigsten Punkte der aktuellen und vorgeschlagenen EU-Rechtsrahmens, die für Cybersicherheit relevant sind, um einige Schlussfolgerungen über den Umfang, Art und die Ziele des neu entstehendes Bereiches der EU-Cybersicherheitsgesetze aufzuzeigen.
Over the last decades cybersecurity has become a cornerstone of European digital development. Alongside with the diffusion of information and communication technologies and the deepening (as well as widening) of the European Union, the initial narrow and sectoral data security policies have expanded into a comprehensive cybersecurity framework addressing issues from resilient infrastructure and technological sovereignty, through tackling cybercrime, to cyber defence capabilities and responsible state behaviour in cyberspace. In this complex web of interrelated policies a relative newcomer at the European Union (EU) level is cyber diplomacy. Sometimes also called public diplomacy 2.0, it factors into the cross-border connectivity of cyberspace and reflects a shift in international relations where the lines between external and internal policies, military and civilian domains are blurred. However, the term cyber diplomacy is fluid and it is not well understood which topics should be under its "umbrella", in particular in relation to cybersecurity, where it seems to be linked the most. This article aims to map existing and proposed instruments that make up the EU's arsenal in this broad context to answer the following questions: what is cyber diplomacy and how is it related to the EU cybersecurity? Is cyber diplomacy in the EU becoming something in its own right as a distinct set of tools to secure the EU policy objectives?
Durant les últimes dècades, la ciberseguretat s'ha convertit en una pedra angular del desenvolupament digital europeu. Juntament amb la difusió de les tecnologies de la informació i la comunicació, i l'aprofundiment (com també l'ampliació) de la Unió Europea, les polítiques de seguretat de dades sectorials i estretes inicials s'han expandit a un marc integral de seguretat cibernètica que aborda qüestions d'infraestructura resilient i sobirania tecnològica, mitjançant la lluita contra la ciberdelinqüència, a les capacitats de defensa cibernètica i al comportament estatal responsable en el ciberespai. En aquesta complexa xarxa de polítiques interrelacionades, un nouvingut en l'àmbit de la UE és la ciberdiplomàcia. De vegades també anomenada diplomàcia pública 2.0, té en compte la connectivitat transfronterera del ciberespai i reflecteix un canvi en les relacions internacionals en què les línies entre les polítiques externes i internes, els dominis militar i civil es difuminen. No obstant això, el terme ciberdiplomàcia és fluid i no es comprèn bé quins temes haurien de pertànyer al seu "paraigua", en particular en relació amb la ciberseguretat, a la qual sembla més vinculat. Aquest article té com a objectiu traçar un mapa dels instruments existents i proposats que formen l'arsenal de la UE en aquest ampli context per respondre les preguntes següents: què és la ciberdiplomàcia i com es relaciona amb la ciberseguretat de la UE? S'està convertint la ciberdiplomàcia a la UE en alguna cosa per dret propi com un conjunt diferent d'eines per assegurar els objectius polítics de la UE? ; Over the last decades cybersecurity has become a cornerstone of European digital development. Alongside with the diffusion of information and communication technologies and the deepening (as well as widening) of the European Union, the initial narrow and sectoral data security policies have expanded into a comprehensive cybersecurity framework addressing issues from resilient infrastructure and technological sovereignty, through tackling cybercrime, to cyber defence capabilities and responsible state behaviour in cyberspace. In this complex web of interrelated policies a relative newcomer at the European Union (EU) level is cyber diplomacy. Sometimes also called public diplomacy 2.0, it factors into the cross-border connectivity of cyberspace and reflects a shift in international relations where the lines between external and internal policies, military and civilian domains are blurred. However, the term cyber diplomacy is fluid and it is not well understood which topics should be under its "umbrella", in particular in relation to cybersecurity, where it seems to be linked the most. This article aims to map existing and proposed instruments that make up the EU's arsenal in this broad context to answer the following questions: what is cyber diplomacy and how is it related to the EU cybersecurity? Is cyber diplomacy in the EU becoming something in its own right as a distinct set of tools to secure the EU policy objectives? ; Durante las últimas décadas, la ciberseguridad se ha convertido en una piedra angular del desarrollo digital europeo. Junto con la difusión de las tecnologías de la información y la comunicación, y la profundización (así como la ampliación) de la Unión Europea, las políticas de seguridad de datos sectoriales y estrechas iniciales se han expandido a un marco integral de seguridad cibernética que aborda cuestiones de infraestructura resiliente y soberanía tecnológica, mediante la lucha contra la ciberdelincuencia, a las capacidades de defensa cibernética y al comportamiento estatal responsable en el ciberespacio. En esta compleja red de políticas interrelacionadas, un recién llegado en el ámbito de la UE es la ciberdiplomacia. A veces también llamada diplomacia pública 2.0, tiene en cuenta la conectividad transfronteriza del ciberespacio y refleja un cambio en las relaciones internacionales en las que las líneas entre las políticas externas e internas, los dominios militar y civil se difuminan. Sin embargo, el término ciberdiplomacia es fluido y no se comprende bien qué temas tendrían que pertenecer a su "paraguas", en particular en relación con la ciberseguridad, a la cual parece más vinculado. Este artículo tiene como objetivo trazar un mapa de los instrumentos existentes y propuestos que forman el arsenal de la UE en este amplio contexto para responder las preguntas siguientes: ¿qué es la ciberdiplomacia y cómo se relaciona con la ciberseguridad de la UE? ¿Se está convirtiendo la ciberdiplomacia en la UE en algo por derecho propio como un conjunto diferente de herramientas para asegurar los objetivos políticos de la UE?
In the last decade, the EU's policy on cybersecurity has changed significantly, both as to its referent objects and priority level. While the 2013 Cybersecurity Strategy focused almost exclusively on the importance of cybersecurity for the proper functioning of the single market, its 2017 version also contained an analysis of malicious cyber activities that threaten the political integrity of Member States and the EU as a whole. As the field's level of complexity grows and forward-looking initiatives are constantly being proposed in order to promote cyber resilience across the EU, it is increasingly challenging the Union in the process of coordinating and implementing the planned actions. Cybersecurity has also become a national security issue entangling private and public, external and internal, civilian, and military issues making it necessary, but very challenging to widen and deepen ties among stakeholders in the EU. Yet cybersecurity governance is fragmented at the EU level, and there is an evident lack of trust that prevents effective cooperation among stakeholders on crucial aspects of the process. This contribution argues that as a result, cybersecurity policy in the EU remains unsystematic and predominantly reactive in nature, addressing the issuespecific incidents that have already occurred, although in our technology-dependent societies more emphasis should be placed on prevention. Therefore, in a natural scholarly quest for explanations, this chapter focuses on the development and main elements of the EU's cybersecurity policy, followed by mapping the attitudes of cybersecurity stakeholders and their normative objectives in the context of EU integration in this domain. ; peer-reviewed
This chapter evaluates the EU's cybersecurity policy from four perspectives – neofunctionalism, liberal intergovernmentalism, post-functionalism, and the imperial paradigm. A search for a theory-based framework is performed to ensure that the analysis in this chapter is completed within a set of boundaries, and does not stray into speculation about the EU's prospective strategic steps. Using this contribution's findings and elaborations, a proposal on the policy-associated model is made. Having observed the empirical data, while analytically reflecting on actuality, it can be argued that a 'Cyber Maastricht' is long overdue. ; peer-reviewed