In June, we began a series entitled EU 2024-2029: Boosting competitiveness where we analyse Telefónica’s vision on how to strengthen competitiveness and better position the society and economy of the European Union (EU) on the global stage. Undoubtedly, competitiveness will be the central priority guiding the EU’s forthcoming policy and legislative initiatives in this period.
This new post (the seventh) focuses on resilience, cybersecurity and defence, issues that are in the spotlight following the Crowdstrike cyber incident that affected more than 8 million devices and many essential services, and the attack on transport infrastructure on the eve of the opening of the Olympic Games.
The first post analysed the current state of EU competitiveness, the second looked at the first axis of Telefónica’s proposed competitiveness strategy and the third focused on the second strategic axis, the importance of strengthening the telecommunications sector as a lever for society’s competitiveness. The fourth and fifth posts analysed how to drive the digital and green transitions, respectively. In the sixth post we addressed the last strategic axis “Managing geopolitical transition for a stronger EU on the world stage”, that we complete in this seventh post tackling resilience, cybersecurity and defence.
Defence and cybersecurity for resilience and future competitiveness
The Crowdstrike incident highlighted the importance of service resilience in a hyper-connected world. Resilience is the ability to cope with adversity and maintain business continuity. Improving cybersecurity is a necessary first step.
In an increasingly complex geopolitical landscape, hybrid strategies, cyber-attacks, and disinformation campaigns, among other threats, increasingly rely on emerging and sophisticated technologies. These developments pose significant challenges, in particular to the protection of individual rights, the business fabric, the functioning of democracy or Europe’s fundamental values. For example, in relation to the Olympics, FortiGuard Labs has seen an 80% to 90% increase in darknet activity targeting France from the second half of 2023 and into the first half of 2024.
Europeans have common interests in areas such as defence and cybersecurity. Other regions are already actively developing policies to improve their competitive position in these areas. These are strategic assets with high spill-over effects on the economy and society, which require better coordination and the means to fund and develop them effectively are needed. The sophistication of cyber-attacks and the continuous advances in technologies such as artificial intelligence, quantum computing and encryption, multiply the challenges and benefits of investing in the European development of these aspects.
And protecting the resilience of critical infrastructure and its supply chains is particularly important. It is a shared responsibility between the private and public sectors, and both must work together to mitigate risks and contain cyber threats. The International Chamber of Commerce’s (ICC) Cybersecurity Policy Brief, produced in collaboration with Telefónica and other stakeholders, offers concrete recommendations for businesses and policymakers in both national and international contexts, as well as suggestions for building effective public-private partnerships.
The role of telecom operators in cybersecurity and cyberdefence
Telecommunications operators play a crucial role in cyber security and cyber defence, not only because of their capabilities and their responsibility for the infrastructures that underpin most digital communications and services, but also for the proper functioning of the connectivity ecosystem that benefits all sectors of the economy and society.
This ecosystem comprises a wide range of interconnected and interoperable elements: devices, fixed and mobile networks, satellites, data centres and submarine cables, as well as platforms and applications. This ecosystem not only facilitates communications, digital services and technological development, but also strengthens a country’s cyber security and cyber defence capabilities.
This enables the protection of critical infrastructure as well as real-time monitoring, prevention, and effective response to threats. Telecommunications companies, such as Telefónica, are first-class partners for companies to build, enhance and manage cyber protection to increase their cyber resiliency. One example is the recent agreement between BBVA and Telefónica Tech to strengthen cyber security. In this context, the development of strong and sustainable companies in the telecoms sector is crucial.
Policies to increase resilience, cybersecurity and defence
At the end of June, the European Council adopted conclusions on the next institutional cycle and a roadmap for future work, including on security and defence and set out the strategic agenda for the next political cycle. Europe aims to enhance security and defence and strengthen European capabilities, increase societal resilience, invest substantially, reduce strategic dependencies, develop capabilities and strengthen the European Defence Technological and Industrial Base accordingly.
The EU must strengthen its cooperation with the private sector and work towards a common approach to deepen the improvement of European cyber resilience: strengthening cooperation against cybercrime; harmonising and coordinating regulations and their implementations (interplay); defining and monitoring new indicators on investment and specialised personnel; exploring new funding mechanisms and fiscal incentives; improving quality of cybersecurity rating agencies (or cyberrating) by regulating them in a similar way to credit rating agencies; and strengthening capacity building to address the shortage of cyber-professionals.
In particular, it is important to improve harmonisation, coherence, regulatory simplification, multi-stakeholder cooperation and the use of international standards as a framework, while avoiding overlapping or inconsistent regulation, aspects that could apply to the NIS2 directive implementing act recently consulted by the EU Commission, as Telefónica signalled in its response.
