A number of policy options have been considered, both legislative and non-legislative. The following options were retained for an in-depth assessment:
1.Baseline scenario - Collaborative Option - assumes the continuation of the current approach to building cybersecurity industrial and technological capacities in the EU through supporting research and innovation and related collaboration mechanisms under Horizon Europe Programme;
2.Option 1: Cybersecurity Competence Network with a European Cybersecurity Industrial, Technology and Research Competence Centre entity empowered to pursue measures in support of industrial technologies as well as in the domain of research and innovation;
3.Option 2: Cybersecurity Competence Network with a European Cybersecurity Research and Competence Centre limited to research and innovation activities only;
The options discarded at an early stage included 1) No action at all; 2) Network of existing competence centres only and 3) Using an existing agency (ENISA, REA, or INEA).
In view of the general commitment already made by the Commission for the present initiative as well as in view of the important role to be played by Member States, the main distinction between the two policy options analysed in detail lies in their scope as reflected in their legal base: an entity only based on article 187 TFEU (Option 2) would limit the initiative to the sphere of research and innovation, and would typically presume a financial contribution from private actors. On the other hand, an entity based on a double legal base - art. 187 TFEU and art. 173 TFEU (Option 1) - would mean a broader mandate covering also, inter alia, deployment and industrial support and creating stronger synergies with cyber defence. It would also give a more prominent role to Member States – both in terms of their role in the governance as well as in their role as potential procurers of cybersecurity technology.
The analysis showed that Option 1 is best suited to achieve the goals of the initiative while offering the highest economic, societal, and environmental impact and safeguarding the Union’s interests. The main arguments in favour of this Option included the flexibility to allow different cooperation models with the community and the network of competence centres to optimise the use of existing knowledge and resources; ability to structure cooperation of the public and private stakeholders coming from all relevant sectors, including defence; ability to create a real cybersecurity industrial policy by supporting activities related not only to research and development but also to market deployment. Last but not least Option 1 allows as well increasing coherence by acting as an implementation mechanism for cybersecurity-related funding from the Digital Europe Programme and Horizon Europe, and enhancing synergies between the civil and defence dimensions of cybersecurity in relation to the European Defence Fund.
|