US and EU infosec authorities pen intel-sharing pact
As Cyber Solidarity Act edges closer to full adoption in Europe
The US Cybersecurity and Infrastructure Security Agency (CISA) has signed a working arrangement with its EU counterparts to increase cross-border information sharing and more to tackle criminals.
The European Union Agency for Cybersecurity (ENISA) said today the arrangement cements the existing tie-up and opens doors for possible new types of cooperations.
Namely, the two will work on sharing best practices for incident reporting and threat intelligence on "basic cyber threats."
"This new working arrangement is an evolution and consolidation of the effective cooperation with our US counterpart," said Juhan Lepassaar, executive director at ENISA. "The structured collaboration will address some of our common challenges in the cyber threat landscape."
The exchange of best practices will also apply to legislation as both the US and EU continue to embed contemporary cybersecurity principles in law, such as the EU's efforts with the NIS2 Directive and Cyber Resilience Act.
Approaches to tech legislation and regulation have not always aligned between the US and EU, with data protection and more recently AI providing two of the more obvious examples.
However, a more joined-up approach to cybersecurity is shared among all corners of the industry and one both the US and EU have made strides in developing over the years.
That unified approach was again on display in today's announcement, which promises a more systematic process for sharing threat intelligence between the two agencies – a practice that's long been championed in the industry as threats continue to affect organizations across the world.
Efforts to build frameworks for alliances across the industry include agreements both between national security agencies like CISA and ENISA, and with private sector organizations too.
CISA has its Joint Cyber Defense Collaborative (JCDC), for example. The public-private group aims to develop high degrees of threat awareness and preparedness by using insights from different types of organizations.
It also has established cybersecurity deals with ENISA, and the equivalent agencies from the Five Eyes and Quad diplomatic alliances.
The understanding is that an increased awareness of the threat landscape, grown through sharing information from as many reliable sources as possible, will hasten detection and mitigation efforts.
"CISA leads the United States' effort to understand, manage, and reduce risk to cyber and physical infrastructure," said director Jen Easterly. "In today's highly complex and borderless cyber threat landscape, collaboration remains key to everything we do.
"CISA's working arrangement with ENISA signifies a new chapter in our collective resilience. Together we will enhance cybersecurity awareness, fortify capacity-building initiatives, and foster a robust environment for knowledge sharing and best practice exchanges, ensuring a safer digital landscape for our citizens."
- Dump C++ and in Rust you should trust, Five Eyes agencies urge
- A year on, CISA realizes debunked vuln actually a dud and removes it from must-patch list
- CISA details twin attacks on federal servers via unpatched ColdFusion flaw
- US warns Iranian terrorist crew broke into 'multiple' US water facilities
The working agreement will also see the US participate more as a third country in EU-wide cybersecurity training exercises, as well as the promotion of awareness tools and programs.
Cyber Solidarity Act edges closer to full adoption
Also announced on Thursday was the adoption of the draft report for the EU's Cyber Solidarity Act, another legislative proposal making its way through European Parliament that aims to strengthen the bloc's defensive capabilities.
It too is rooted in the idea that alliances equate to better cyber defenses and among its key objectives is the establishment of a European Cyber Shield – a network of all national security operation centers (SOCs) and cross-border SOCs to improve the detection and analysis of threats.
The threat intelligence analyzed and shared between all nations carries the ambition of improving the response times to cyberattacks. If an attack is observed in one nation, the others will be alerted and work together to develop mitigations that will limit the attack's effectiveness.
"Strengthening cooperation will be key to guaranteeing cybersecurity in the EU," said Lina Gálvez Muñoz, rapporteur and vice president of the Industry, Research, and Energy committee, and lead MEP on the proposal.
"This proposal comes from the need to increase cooperation between member states and strengthen EU capacity to be better prepared for cyberattacks, which are increasing in number, intensity and regularity throughout the EU. These are often targeted at local, regional or national critical infrastructure, affecting citizens directly.
"To be more resilient, a common European response is urgently needed, based on stronger cooperation at the European level, beyond the national. Cybercrime has no borders and it is increasing exponentially."
With the report adopted by the committee, a decision will be made in mid-December during a plenary session in Strasbourg as to when trilogue discussions begin. ®