The European Union Agency for Cybersecurity (ENISA) has released a report which examines digital strategic autonomy in the EU and suggests future research directions.
Digital strategic autonomy can be defined as the ability of Europe to source products and services designed to meet the EU’s specific needs and values, while avoiding being subject to the influence of the outside world. In the digital world, such needs may encompass hardware, software or algorithms, manufactured as products and/or services, which should comply with the EU values, and thus preserve a fair digital ecosystem while respecting privacy and digital rights.
To ensure the sourcing of such products and/or services complies with the EU’s needs and values, the EU has the option to self-produce them autonomously, or in the case where products and services are acquired from third countries, to certify them and validate their compliance.
However, in cases where there is a high dependence on sourcing, the EU should still be capable of operating its digital infrastructures without giving rise to any possible detrimental influence. Hence, Europe needs to maintain the capability to produce its critical products and services independently.
In short, digital strategic autonomy means the capacity for the EU to remain autonomous in specific areas of society where digital technologies are used.
The new challenges brought about by digitalization raise questions on the capacity to retain ownership and control of personal data, technological assets and of political stand. Furthermore, the COVID-19 pandemic highlighted the importance of cybersecurity and the need for the EU to continue to invest in research & development in the digital sector. Within this context, ENISA’s report sets and prioritizes the key research and innovation directions in cybersecurity.
The report identifies seven key research areas:
- Data security;
- Trustworthy software platforms;
- Cyber threat management and response;
- Trustworthy hardware platforms;
- User-centric security practices and tools;
- Digital communication security.
For each of these areas, ENISA introduces the current state-of-play in the EU, includes an assessment of current and expected issues. The analyses included serve the purpose of issuing recommendations on cybersecurity related research topics.
The report is intended for both policymakers and researchers, offering objective-driven strategic guidance on future projects and investments in cybersecurity.