POSITION | CYBERSECURITY | REGULATION
Consistent Cyber Regulation for Europe German industry’s 5 demands
October 2019 Executive Summary German and European companies strive to offer products, processes and 23. services that possess Oktober 2017 a degree of cyber-resilience adequate to the likely risk. At the same time, however, one hundred percent cyber security cannot be achieved, let alone guaranteed, because attack vectors are constantly changing, new vulnerabilities are identified and human error can never be completely avoided. This makes it all the more important for companies to ensure that their efforts to strengthen cyber resilience are not thwarted by inconsistent regulations, national unilateral approaches or one-sided requirements. Since often more than one regulation applies to products, processes and services, consistent and coherent requirements are essential for maintaining the international competitiveness of companies. German industry’s demands for consistent European cyber regulation Against the background of an increasing fragmentation of the legal requirements for cyber security for products and services and an increasing need to strengthen the cyber resilience of products, processes, services and systems, German industry advocates the following five principles. They should be taken into account by the EU and national governments in current and upcoming legislative proposals in the area of cyber security: 1. Ensure coherent legal requirements to strengthen Europe's cyber resilience while avoiding competitive disadvantages for European companies 2. Give precedence to European over national unilateral regulatory approaches, in order not to endanger the success of the European Single Market 3. Choose a risk-based approach to ensure adequate and effective protection 4. Actively integrate European standardisation work, according to the principles of the New Legislative Framework (NLF) 5. Actively involve all stakeholders – from hardware and software manufacturers to commercial operators and private users – to holistically strengthen the cyber resilience of products, processes, systems and services
Dr. Thomas Koenen and Steven Heckler | Digitalisation an Innovation Dr. Thomas Holtmann and Bernd Wittenbrink | Environment, Technology, Sustainability