The digital front line: Why digital resilience must be an integral part of European security

The Ukraine war is the first hybrid war, blurring the lines between physical and non-physical threats.

What role will digital technology play in this striking paradigm shift? And how vital is it for our societies to be digitally resilient?

The concept of digital resilience emerged during the Covid 19 pandemic. It mainly referred to the ability of organisations and businesses to stay afloat and surf the wave of disruptions caused by the strict governmental measures applied at the time.

The outbreak of the Ukraine war has expanded our perception of resilience with a soaring level of global threats caused by the Russian invasion. There has been over a 40% increase in cyberattacks in 2022 compared to 2021 globally. The healthcare sector was the most targeted industry during the third quarter of 2022, with 1 in 42 organisations impacted by ransomware.

Digital Resilience refers to our ability as a society to use digital technologies to prevent and face crises like pandemics, natural disasters, cyberattacks and hybrid threats.

It cannot be achieved unless we succeed to secure 4 key ingredients, clearly outlined in our latest publication the Digital Front Line: 15 actions to boost Europe’s digital resilience:

1. Acting as one team on cyber governance

The picture of who is responsible for Europe’s cybersecurity is complex. Many different overlapping institutions govern individual aspects, from strategy to skills to crisis response. Cybersecurity is also divided 27 times – with different bodies per member state – and into civil and military camps. Cooperation with international partners and the private sector adds an extra layer of complexity onto an already tangled picture of governance.

It begs the question, who is in charge if a large-scale attack occurs?

The EU recently put forward its new Cyber Defence Policy, which aims to pull together these different strands. However, it is crucial to deepen the involvement of the private sector not only as the main supplier of technology but especially as the first line of defence. Any cyber defence governance should embed Chief Information Security Officers (CISOs) of leading companies into the chain of command in the event of a crisis and especially involve them across information sharing channels.

The Ukraine war has shown more agile ways of public-private cooperation, but also the limitations of an ad-hoc approach where individual companies were sought for help without a proper structure in place.

2. Secured critical infrastructure

Infrastructure is the backbone of any ambitious security strategy.

After World War II, Europe experienced a period of growth and peace, thanks to the Marshall Plan, which supported the rebuilding of roads, airports, and rail tracks. Today, digital infrastructure, such as satellites, 5G, and 6G, has become just as important.

Digital infrastructure has been a key target for the Russian army in Ukraine, making communication with endangered civilians difficult. Private-public collaboration has been crucial in addressing this issue. Today, DIGITALEUROPE and the European Commission are collaborating with the Ukrainian Digital Ministry to collect 50,000 laptops and handheld devices for schools and hospitals in Ukraine to ensure that society can continue to function. In a historic first, the EU agreed to expand the scope of its civil protection mechanism (used to respond to emergencies) to include the delivery of ICT devices and components.

The safety of our digital infrastructure is essential, and it has become a key component in the resilience and security of societies. More needs to be done to boost connectivity in Europe, accelerate the adoption of the cloud and secure the production of critical devices such as servers and phone masts.

3. Resilient supply chains

Europe’s digital resilience is heavily reliant on certain components and raw materials from outside of its borders. The pandemic and the war in Ukraine have brought this into sharp focus, with shortages affecting our economy and ability to defend ourselves. Recent EU proposals such as the EU Chips Act and Critical Raw Materials Act aim to make us more resilient.

At home, several barriers stand in the way. We lack the skills necessary in advanced chip manufacturing or to refine raw materials and the volume of regulation and fragmented nature of national laws are serious brakes to boosting capacity in Europe.

In addition to growing production capacity in Europe we must also grow our trade with likeminded partners and look for new opportunities. Chips, digital infrastructure components and raw materials are examples of global-by-nature industries.

4. Fast-track procurement for SMEs

At a time of rising hybrid threats, Europe’s security is heavily dependent on its ability to offer the right conditions to its innovators to scale up and grow in Europe. Today, businesses and particularly small and medium-sized enterprises (SMEs) face a myriad of challenges to navigate the current public procurement processes and to apply for the available research funding programmes.

Simplified procurement for emerging and disruptive technology starts with reducing bureaucracy. This would allow more non-traditional and smaller companies to access the growing pots of funding set aside for digital resilience. The NATO Defence Innovation Accelerator for the North Atlantic (DIANA) is a model for how to set up funds that are accessible for SMEs.

Finally, the most efficient way to support innovative companies to grow and be profitable in Europe is to reduce regulatory complexity in the EU and remove barriers to scaling. New regulation should prioritise harmonisation with fewer national derogations. What better time to start tackling barriers to growth than 2023, the 30th anniversary of the Single Market.

No government can build digital resilience on its own. As challenges of our hybrid era evolve and become more sophisticated and complex, Europe must be well equipped with the needed tools to tackle any emerging crisis. By teaming up with the private sector, prioritising critical infrastructure and boosting innovation, we can leverage the power of digital to achieve resilience for all./