The Incoherency Risk in the EU's New Cyber Security Policies

TL;DR

This paper analyzes four recent EU cyber security policies, highlighting their increased complexity and potential incoherencies that could hinder effective implementation and trust among stakeholders.

Contribution

It provides a critical reflection on the incoherency risks of recent EU cyber security policies, offering insights into their potential drawbacks and areas for improvement.

Findings

Policies increased framework complexity

Potential trust and divergence issues

Bureaucratic and technical conflicts

Abstract

The European Union (EU) has been pursuing new cyber security policies in recent years. This paper presents a short reflection of four such policies. The focus is on potential incoherency, meaning a lack of integration, divergence between the member states, institutional dysfunction, and other related problems that should be at least partially avoidable by sound policy-making. According to the results, the four policies have substantially increased the complexity of the EU's cyber security framework. In addition, there are potential problems with trust, divergence between industry sectors and different technologies, bureaucratic conflicts, and technical issues, among other things. With these insights, the paper not only contributes to the study of EU policies but also advances the understanding of cyber security policies in general.