EUROPEAN EXPERIENCE OF PUBLIC-PRIVATE PARTNERSHIP IN THE FIELD OF CYBERSECURITY: APPROACHES TO CONSTRUCTION AND LEGAL FRAMEWORK

Keywords: cybersecurity, cyber threats, European public-private partnership strategy, public- private partnership projects, EU Directive on network and information security, Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection

Abstract

The article analyzes the EU initiatives on public-private partnership in the field of cybersecurity, making a cross-cutting emphasis on facilitating the access of small and medium-sized businesses operating in the field of cybersecurity to the new markets.

The priority directions of the private and public sector cooperation strategy in the field of cyber security have been explored; the conflicts, difficulties and point of differences of participants’ interests, as well as possible ways of cooperation have been outlined. European efforts to create platforms for securing cybersecurity in various sectors as well as the inclusion of research centers and other stakeholders in this process are considered.The complexity of the situation regarding the balance of protection of objects of critical infrastructure in democratic societies has been analyzed in the context of the digital interdependence and interpenetration of ICTs and industrial control systems. Article looks at the European Commission initiative to create a coordination mechanism for Member States to counterpart with the private sector for threats and cyber-attacks prevention, thereby promoting strategic cooperation and information exchange, while maintaining a level of trust among the participants in the process. The Commission also launched a public-private platform at the EU level, the so-called Network and Information Security (NIS) Public-Private Platform to identify effective cybersecurity practices to facilitate further implementation of the Directive.

It is noted that despite the importance of public-private partnership for all participants in the process, a number of private European companies are delaying the implementation of legislation in this area. One of the key stumbling blocks is the question of trust and control and the disclosure of sensitive corporate information.

References

1. Goldsmith, S., & Eggers, W. D. (2009). Governing by Network: The New Shape of the Public Sector. Washington, DC: Brookings Institution Press. www.brookings.edu. Retrieved from: https://www.brookings.edu/wp-content/ uploads/2016/07/governingbynetwork_chapter.pdf (viewed 07.03.2019) [in English].

2. The Directive on Security of Network and Information Systems (NIS Directive). (n. d.). ec.europa.eu. Retrieved from: https://ec.europa.eu/digital-single-market/en/news/directive-security-network-and-information-systems-nis- directive (viewed 07.03.2019) [in English].

3. Digital single market. Bringing down barriers to unlock online opportunities. (n. d.). ec.europa.eu. Retrieved from: https://ec.europa.eu/commission/priorities/digital-single-market/ (viewed 07.03.2019) [in English].

4. Strategic Research Agenda Final v0.96. (n. d.). eur-lex.europa.eu. Retrieved from: http://eur-lex.europa.eu/ procedure/EN/202369 (viewed 07.03.2019) [in English].

5. Directive (EU) 2016/1148 of the European Parliament and of the Council. (2016). eur-lex.europa.eu. Retrieved from: http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=uriserv:OJ.L_.2016.194.01.0001.01.ENG&toc=OJ:L: 2016:194:TOC (viewed 07.03.2019) [in English].

6. Стійкість і безпека комунікаційної інфраструктури, мереж і послуг. (n. d.). goo.gl. Retrieved from: https://goo.gl/mK4irQ (viewed 07.03.2019) [in Ukrainian].

7. Regulation (EC) No 460/2004 of the European Parliament and of the Council of 10 March 2004 establishing the European Network and Information Security Agency. (2004). eur-lex.europa.eu. Retrieved from: http://eur-lex. europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:32004R0460:EN:HTML (viewed 07.03.2019) [in English].

8. REGULATION OF THE EUROPEAN PARLIAMENT AND THE COUNCIL concerning the European Network and Information Security Agency (ENISA). (2010). ec.europa.eu. Retrieved from: http://ec.europa.eu/smart- regulation/impact/ia_carried_out/docs/ia_2010/sec_2010_1126_en.pdf (viewed 07.03.2019) [in English].

9. Council Directive 2008/114/EC as of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection. (2008). eur-lex.europa.eu. Retrieved from: http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex%3A32008L0114 (viewed 07.03.2019) [in English].

10. Study on synergies between the civilian and the defence cybersecurity markets. (n. d.). goo.gl. Retrieved from: https://goo.gl/uLXE43 (viewed 07.03.2019) [in English].

11. Cybersecurity Partnerships: A New Era of Public-Private Collaboration. (n. d.). www.lawandsecurity.org. Retrieved from: http://www.lawandsecurity.org/wp-content/uploads/2016/08/Cybersecurity.Partnerships-1.pdf (viewed 07.03.2019) [in English].

12. Germano, Judith H. (2009). Public-Private Partnerships are no silver bullet: An expanded governance model for Critical Infrastructure Protection. International Journal of Critical Infrastructure Protection. Vol. 2. Issue 4. (Pp. 179– 187). www.sciencedirect.com. Retrieved from: http://www.sciencedirect.com/science/article/pii/S1874548209000274 (viewed 07.03.2019) [in English].

13. Cybersecurity Strategy of the European Union: An Open, Safe and Secure Cyberspace. (n. d.). scholarcommons.usf.edu. Retrieved from: http://scholarcommons.usf.edu/cgi/viewcontent.cgi?article=1478&context=jss (viewed 07.03.2019) [in English].

14. Public Private Partnership on Cybersecurity. (2015). ec.europa.eu. Retrieved from: http://ec.europa.eu/smart- regulation/roadmaps/docs/2015_cnect_004_cybersecurity_en.pdf (viewed 07.03.2019) [in English].

15. ARNAUD Aurelie European Cybersecurity Industry Leaders Recommendations on Cybersecurity for Europe. (n. d.). ec.europa.eu. Retrieved from: http://ec.europa.eu/newsroom/dae/document.cfm?action=display&doc_ id=13326 (viewed 07.03.2019) [in English].

16. Strengthening Europe’s Cyber Resilience System and Fostering a Competitive and Innovative Cybersecurity Industry. (n. d.). eur-lex.europa.eu. Retrieved from: https://eur-lex.europa.eu/legal-content/en/TXT/?uri=CELEX% 3A52016DC0410 (viewed 07.03.2019) [in English].
Published
2019-07-02
How to Cite
Boiko, V. (2019). EUROPEAN EXPERIENCE OF PUBLIC-PRIVATE PARTNERSHIP IN THE FIELD OF CYBERSECURITY: APPROACHES TO CONSTRUCTION AND LEGAL FRAMEWORK. Strategic Priorities, 49(1), 28-36. Retrieved from https://niss-priority.com/index.php/journal/article/view/235