EU plans $2B investment in cybersecurity research

The EU's executive body, the European Commission, is concerned about the vulnerability of the EU economy to cyberattacks, warning in a report Tuesday that they "could undermine the digital single market and economic and social life as a whole."

The $2 billion cybersecurity public-private partnership (cPPP) is intended boost cross-border research into cybersecurity, and to aid development of security products and services for the energy, health, transport and finance industries, the European Commission said Tuesday.

It's not the Commission's first attempt to coordinate EU member states' cybersecurity strategies. The creation of the EU agency for network and information security (ENISA), the computer emergency response team (CERT-EU) and Europol's European Cyber Crime Centre (EC3) are already steps in this direction.

The Commission is also working on the Network and Information Security Directive. This will require EU member states to identify essential infrastructure operators in the energy, transport, finance, health and communications sectors, and ensure that they address the risk of cyberattack.

By developing the cybersecurity industry in Europe, the Commission also hopes to profit from others' digital insecurity. Delivering the highest level of cybersecurity could become a strong competitive advantage, the Commission noted, as security is one fo the fastest-growing IT activities worldwide.

For now, though, the EU's IT security industry is ill-equipped to look beyond its borders -- or even beyond national borders, the Commission said: It is still too geographically fragmented to compete globally.

The cPPP should be up and running by the third quarter, and accepting bids for its research funding early next year.