EU Cyber ​​Solidarity Act: Security Operations Center to the rescue!

The European Union (EU) is transforming itself into a digitally aware, safe and productive collective, with the aim of entering the 2030s as a relevant player in the digital sector.

One of the basic ideas of this transformation is Digital Decade Program, which has multiple targets and guidance for goals relevant to the digital space. Among these are ideas for essentially transforming the entire EU digital infrastructuretaking into account business prospects, government security, effectiveness, individual data privacy, and other safeguards.

Cyber ​​security is one of the areas that the EU considers important. With NIS2 Directiveit has leapt ahead, as its aim is to strengthen cyber resilience across the Union in response to the growing reliance of key sectors on digitization and their higher exposure to cyber threats.

Perhaps the most important development in this regard is the one proposed EU Cyber ​​Solidarity Act, which aims to strengthen Union by creating better detection, preparedness, and response to significant or large-scale cybersecurity incidents. This involves the creation of the European Cyber ​​Security Shield and the Cyber ​​Emergency Mechanism, employing a state-of-the-art National and cross-border Security Operations Center (SOC) tasked with detecting and acting on cyberthreats.

EU views on cybersecurity: A case for the ‘Brussels effect’?

The outcome of any policy-making by EU agencies is twofold – impacting the EU framework by issuing standards that all relevant stakeholders and countries must comply with, but these standards also often have a larger impact around the world because ‘ Brussels effect’, thus forming rules and technical standards globally.

For companies, it is often too expensive to maintain several different approaches to their lineup; hence, adopting something shared by almost the entire continent makes more sense than creating a specific standard for one country. By disseminating regulations that shape the international business environment, raising standards worldwide, and leading to a major Europeanization of many important aspects of global trade, the EU has succeeded in shaping policies in areas such as data and digital privacy, consumer health and safety, environmental protection, antitrust , and online hate speech.

In essence, companies end up complying with EU laws even outside the EU. The General Data Protection Regulation (GDPR), for example, already has a global effectwith large companies adopting it, creates more transparency and data security.

Since the EU doesn’t let sleeping dogs lie, the path to digital emancipation means major changes are in store for the cybersecurity sector, as evidenced by the aforementioned NIS2 Directive and the Cyber ​​Solidarity Act. For better or for worse, nation-states must have greater levels of oversight over their critical digital infrastructure and supply chains. And the EU will continue to invest in this area, enabling an environment that will help cybersecurity-focused businesses thrive, potentially setting new standards in the future – globally.

Multi-country project: Center for Security Operations

As an example of how the EU aims to address cyber threats within its member blocs, the European Union proposed the idea of ​​creating a network of Security Operations Centers (SOC), powered by AI and advanced data analytics to anticipate, detect and respond to cyber attacks at the national level. and EU.

Incident detection and response is an area that many cybersecurity providers have experience in, as they provide the necessary tools for Managed Security Service Providers (MSSPs) and enterprises to help them address the ever-fearing cyberthreats, whether through EDR, MDR (for those without internal expertise) or XDR (for those with internal experts).

The idea of ​​a SOC network for EUs is interesting, although the method of implementing it will be key in addressing any future threats. If we consider states as businesses, these SOCs can be very well served by MSSPs, as they usually provide such services to businesses 24/7. The EU has issued a call for expression of interest to select entities to host the required facilities and operations, provide funding and grants to SOC operators.

Collectively, in the case of multi-state cyberattacks, relying on SOC networks can make or break a country, and with countries around the world pushing for deeper national cybersecurity strategies in response to use of cyberspace for warfare, one can see why it would be relevant. In effect, interoperability between SOCs can create a huge safety net for national security, which can also add to enterprise security. How this will impact an MSP or MSSP is unclear, but the tools required may be familiar to anyone in the cybersecurity sector.

The benefits of SOC and its tools

Being an operation that provides 24/7 security, SOC employs some very important tools to protect their clients. SOC selects, operates, and maintains an organization’s cybersecurity technology and continuously analyzes threat data to improve security posture while unifying and coordinating enterprise security tools, practices, and response to incidents.

This results in better prevention and policies, faster threat detection, and more effective response to security threats without incurring higher costs. SOC can also increase customer confidence and strengthen business compliance with relevant privacy and industry regulations.

For a more technical perspective, SOC manages a variety of responsibilities, including maintaining relevant assets, conducting incident response planning, regular vulnerability assessments, keeping their clients up to date with the latest security solutions and technologies, and monitoring media channels to stay in the know. .

Similarly, monitoring, detection and response is also very relevant here, as it has to be done continuously, scanning the entire IT infrastructure, implementing security information and event management many times through modern XDR solutions as contained therein ESET PROTECTIONwhich provides telemetry and detailed monitoring, plus the ability to automate incident detection and response.

SOC also performs recovery after an attack, and ultimately, may also try to understand whether the incident signals a new cybersecurity trend that requires preparation and analysis. It is also the duty of the SOC to ensure that all applications, systems and security tools comply with data privacy regulations and policies such as the GDPR, because after an incident, the SOC must ensure that users, regulators and other parties are notified according to the regulations specified. , and that necessary incident data is retained for evidence and auditing.

New meta for European cybersecurity – new era for MSSP?

Predictions are based on what one thinks will happen in the future, based best on continuous observation of current events. With how the EU expands into the digital sovereign territory, cybersecurity will likely play a key role in acting as a safeguard to protect the EU’s core digital priorities as we progress. Progress has been scrutinized by the forces that try to hinder it, because such safeguards are necessary to ensure that progress in digital transition strategies remains unchallenged and secure.

For MSSPs this is a potential area of ​​interest, which they can best serve thanks to their digital cyber security expertise, with the EU likely to be willing to accept assistance and points of view from those who know how to act against digital threats, with national and cross border SOCs likely to be served by an experienced security provider.

And as technology develops and advances, it’s important to understand the implications, and the EU is acutely aware that it’s not just guns and armies that win wars, and wars themselves don’t need to be fought physically, as thanks to technology, cyberspace has become the de-facto battlefield in our time. For these and other purposes, digital decades must culminate in perpetual immortality European peacewhere the world of cybersecurity will be the ultimate hero.