The European Commission desires to set international standards in cybersecurity and boost the effectiveness of Europe’s security capacities. The goal of the new “Horizon 2020” programme’s initiative is to establish and operate a cybersecurity competence network and develop a strategy for cybersecurity and data protection as European branches (industries). The Commission selected a total of four projects for the pilot, of which “CyberSec4Europe”, co-ordinated by business informatics expert Professor Kai Rannenberg from Goethe University in Frankfurt, comprises the most EU member states, and is concerned with domains that are relevant to every EU citizen such as banking, healthcare, identity management and smart cities.
CyberSec4Europe will build on existing structures such as “Trust in Digital Life” (TDL), the European Cyber Security Organisation (ECSO) and the Council of European Informatics Societies (CEPIS), and brings experts together from various disciplines. The 43 consortium partners from 20 European Union countries, as well as from Norway and Switzerland, include research establishments from enterprises such as Siemens or ATOS in addition to universities and research institutes. Within the next 42 months they will all collaborate to strengthen the research and innovation competence of the EU in cybersecurity.
The question of “governance” is of primary concern: How can data protection be regulated, who has authority in which areas? Seven key demonstration cases will be investigated to ensure a close connection to real-world situations. “We want to use these real-life examples to investigate where structures, regulations and technology are lacking,” says Professor Rannenberg. The Payment Service Directive 2 (PSD2) is one example. PSD2 is intended to make the switch to a new financial service provider easier for customers by enabling the new provider to access the necessary bank data through interfaces. But what can be done to protect customer data from unauthorised access?