Ladies and Gentlemen,
I’d like to thank the organisers and in particular director Frank Cilluffo for inviting me.
Cyber security is now an issue on everyone’s mind. It provokes a lot of debate and everybody agree that we have to do more. But it is our job to make sure that those commitments are translated into action.
Benjamin Franklin once coined the phrase “well done is better than well said”. When it comes to cyber security I could not agree more.
The EU and the US face similar challenges. We see that organised crime groups are getting stronger. State-sponsored attacks are also a growing problem, as is the threat from non-state actors.
And, in some ways even more worrying, are dangerous discussions taking place where some countries – Russia and China included – advocate international regulation which would curb the open and free nature of the internet.
That’s why I am here in Washington this week following an invitation from Secretary Janet Napolitano and Attorney General Eric Holder, to discuss how the EU and the US can further deepen our cooperation on cyber security and cybercrime to keep the Internet open, free and secure.
I say deepen the cooperation because a lot has already been done.
The establishment of an EU-US Working Group on Cyber security and Cybercrime at the Summit in November 2010 was our first step to identify common strategic goals and concrete actions.
We have had some early successes, such as the first Cyber Atlantic exercise in 2011, which kicked off a ground-breaking programme of joint cyber-attack exercises that will culminate in a fully-fledged EU-US cyber security exercise next year.
Furthermore, we have been successful in jointly pushing for more countries around the world to ratify the Budapest convention on cybercrime to make it the global instrument.
Another important achievement was the launch last December of a Global Alliance against Child Sexual abuse online. During the past decade we have seen an unprecedented expansion in the despicable market for child abuse images.
Given the magnitude of the problem, Attorney General Eric Holder and I felt it was crucial to engage with Interior and Justice Ministers around the world to share our commitments to fight this heinous crime.
The Global Alliance now consists of 50 countries from Norway to Nigeria, from the Netherlands to New Zealand. And we are expecting the number of participating countries to continue to rise.
In many ways the most important way to measure our cooperation is through our operational success. And we have been effective. By working together, US and EU Law Enforcement Agencies have had success in arresting and prosecuting criminals for cybercrimes from credit card fraud to Child sexual abuse online.
Alongside its cooperation with the US, the EU has spent the last few years doing our own homework to make cyberspace more secure.
We took inspiration from the US, as well as several EU member states which had produced cyber security strategies, and adopted a proposal for an EU cyber security strategy this February.
Our strategy was a close cooperation with my colleagues Neelie Kroes responsible for the Digital Agenda and Catherine Ashton responsible for Foreign policy. The strategy fills two roles. It shows the direction for future work and it provides a basis for greater cooperation between the different actors.
In order to explain a little about the EU’s approach here, it is worth saying something about how our method for the strategy differs slightly to that used in the US. Whilst the US has opted to appoint a cyber-tsar, in light of the way the actors fit together in the EU we have gone for joint leadership.
We hope the EU strategy will enable a step-change in how we ensure cyber security. It is based around three main elements:
1. Drastically reducing cybercrime, I will expand on this point shortly;
2. Enhancing our cyber security resilience and response capabilities. This will require new legislation on companies reporting cyber-attacks. We must also improve the security of critical information exchange in both public and private sectors in EU member states, and indeed between the sectors.
3. Supporting the use of Internet as a freedom tool and for building capacities around the world. An EU cyber defence component will also be developed.
While all three elements of the strategy are equally important I would like come back to say a little more about reducing cybercrime and improving the EU’s ability to fight cybercrime.
Three months ago I inaugurated the European Cybercrime Centre – EC3 – in the Netherlands.
The EC3 will strive to be the European focal point in the fight against cybercrime, equipped with state-of-the-art technology and a strong team of highly-qualified personnel. Here to read more.