EU Commission plans Cyber Center in a hurry
In order to secure the decisions of democratic bodies with regard to Russia’s war of aggression, the EU Commission is planning its own office for monitoring virtual space.
The EU Commission sees itself as “an urgent need to improve the EU Commission’s ability to monitor IT threats, events and incidents and assess their potential impact on critical infrastructure”. Specifically, with regard to the ongoing “hybrid threat of Russia’s attack on Ukraine”, it is feared that an outsider could try to influence the decisions of democratic bodies. This is to be prevented by setting up an EU cybersecurity situational awareness and analysis centre.
Quick order with a budget of 22 million euros
Due to urgency, the tender of 25 October 2022 ran only until November 14, 2022 – not even three weeks, half the usual minimum range. The quick order is to run for 48 months and has been budgeted at 22 million euros. Whoever is awarded the contract is said to have programmed a dashboard within a week of the start of the contract, which is intended to support the EU Commission in collecting, analyzing and displaying data on IT incidents and threats in real time. This dashboard should eventually become part of a virtual situation center.
In the next step, the contractor should support the construction of a physical situation center. At least ten desks, a meeting room and redundant telephone lines are required. Once the Cyber Center is fully operational, it aims to provide remedial action against threats, security breaches and incidents that affect critical infrastructure.
A report is only due in the 27th month of the four-year contract period. This should list existing and planned IT security institutions, describe their structure and capabilities, evaluate cooperation and interoperability and make suggestions for improvement. In addition, the contractor must provide at least four IT system architects to implement these recommendations – Cyber Centre.
Why another Cyber Centre?
Within the European IT security scene, the step taken by the EU Commission towards its own cyber center is seen as an expression of a claim to power – after all, existing institutions such as Enisa (European Union Agency for Cybersecurity) and Cyclone (Cyber Crisis Liaison Organization Network) or CERT-EU (Computer Emergency Response Team of the European Union) can be supported with additional funds instead of setting up another, related facility. With CERT-EU, however, the European Parliament has a lot of influence and with Enisa and Cyclone the member states – less the EU Commission – EU Commission plans Cyber Center in a hurry.
Source: heise.de