Local and regional leaders call for unified action to counter cyber threats

​While more and more public services become digital and mutually interconnected, the risk of major cyber-attacks or physical attacks on critical infrastructures sharply increases, potentially leading to a ‘digital pandemic’. In order to increase the digital resilience in regions and cities, members of the European Committee of the Regions (CoR) have adopted by unanimity during the plenary session on 30 November an opinion on the Cyber Solidarity Act and Digital Resilience, calling for concrete support from the national and European level for regions and cities undergoing the digital transition, not least to raise the cybersecurity level in smaller municipalities.

Increasing Europe's cybersecurity

Public administrations are a prime target of cyber-attacks, and local and regional leaders stressed that, if the EU is to achieve its goal of a digitally resilient Europe, all levels of government need to join forces together to raise awareness and establish cyber-security policies and guidelines. 

The call forms the heart of the CoR's recommendations to improve the Cyber Solidarity Act that the European Union is currently drafting. Dedicated funds, technical support and upskilling measures are among specific suggestions of the CoR to strengthen capabilities to detect, analyse and process data on cyber threats against public administrations.

The current lack of clear incentives and processes for municipalities and regions to be active partners in strengthening digital resilience represents a risk for the Union and it is therefore crucial to address this gap and integrate regions and cities in increasing the EU's cybersecurity. Various degrees of maturity regarding protection and security measures show significant differences between national and regional authorities. Reducing these differences and ensuring that all players involved have relatively equal abilities and ambitions is key to create an environment in which municipalities and regional authorities can be integral and active partners in increasing the EU's cybersecurity.

Skills and collaboration vital to cope with cyber incidents

Local and regional authorities face a severe shortage of personnel capable of handling cyber-attacks, the opinion warns. It stresses the need for clear strategies to attract professionals, to increase training, and to encourage upskilling in municipal and regional administrations. Regions and cities can also help each other, the opinion suggests, by sharing best practices and exchanging expertise.

The opinion also addresses the need for research and innovation, calling for public- and private-sector leaders to collaborate to build practical roadmaps for collective resilience that would increase access in each region to a high-quality digital infrastructure and effective digital services.

Quote

Rapporteur Pehr Granfalk (SE/EPP), member of Solna Municipal Council, said: “Cyberattacks occur more frequently today and are becoming more sophisticated, with local authorities being among the most vulnerable and preferred targets for hackers. What municipalities and regions do within digital services often has a greater impact on citizens' daily lives than national services do because they are used more frequently. They also affect a larger number of people on a daily basis.”

More information:

The EU Cyber Solidarity Act, proposed by the European Commission in April 2023, aims to strengthen capacities in the EU to detect, prepare for and respond to significant and large-scale cybersecurity threats and attacks. The proposal includes a European Cybersecurity Shield, composed of Security Operation Centres interconnected across the EU, a comprehensive Cybersecurity Emergency Mechanism to improve the EU’s cyber posture, and a Cybersecurity Incident Review Mechanism to review and assess specific significant or large-scale incidents.

The CoR published a study in April 2023 that investigates the state of play of digital resilience across local and regional authorities in the EU and examines the solutions and funds being used at the subnational level to strengthen this resilience. More information here.

In October 2023, the CoR, together with ESPON, launched the LORDIMAS tool, which will serve those in charge at regional, municipal and city level to benchmark their digital maturity against that of their peers. When entering their data, they will receive targeted policy recommendations on how to speed up the digital transformation of their region, village or city. Click here for more information.

Contact:

Theresa Sostmann

Tel. +32 475999415

Theresa.Sostmann@cor.europa.eu