At a glance: Tackling Cyber Threats

Most international tensions, crises and conflicts have nowadays a cyber component. The intensity of malicious cyber activities reflects dynamics in the physical domain. We see increasing malicious behaviour in cyberspace from both state and non-state actors, targeting our critical infrastructure, supply chains and intellectual property.

EUs reporting bodies have documented a very high volume of incidents, with the European Union Agency for Cybersecurity (ENISA) reporting 11,079 cyber incidents between 2023 and 2024.

The EU has developed a coherent and holistic international cyber policy

  • Working with its partners at bilateral, regional and international level, the EU promotes a global, open, stable and secure cyberspace guided by EU’s core values and grounded in the rule of law;
  • The EU supports third countries in increasing their cyber resilience and ability to tackle cybercrime;
  • The EU has developed an EU Cyber Diplomacy Toolbox to contribute to international security and stability in cyberspace. Over the past years, the Toolbox has been used on multiple occasions to prevent, deter and respond to malicious cyber activities for example by issuing statements to expose such activities or using the horizontal cyber sanctions regime

Furthermore, the EU has made significant progress on cyber defence cooperation, including as regards cyber defence capabilities, notably in the framework of the EU Policy on Cyber Defence, as well as in the context of the Permanent Structured Cooperation (PESCO) and the work of the European Defence Agency.

  • Image
    EU Cybersecurity strategy

EU Cybersecurity strategy

The 2020 Cybersecurity Strategy of the European Union aims to safeguard a global and open Internet, combining security aspects with the protection of European values and fundamental rights.

Within the EEAS, action is focused three main pillars: 

  • Advancing the international rules-based order by contributing to responsible state behaviour in cyberspace.
  • Strengthening the EU’s cyber diplomacy toolbox to prevent, deter and respond to cyber-attacks, including by stepping up cyber defence coordination and cooperation and building cyber defence capabilities. Find out more about the EU Cyber Diplomacy Toolbox here.
  • Strengthening and expanding partnerships and exchanges with international organisations, partner countries, academia, the civil society and private sector, while increasing the scope, scale, effectiveness and efficiency of EU external cyber capacity-building.

     

Advancing international rules-based order in cyberspace

Malicious behaviour in cyberspace from both State and non-State actors is increasing in scale, severity, sophistication and impact. This presents a major challenge and threat to the functioning of our societies, economies, and our way of life. It also affects critical infrastructure and undermines the efforts of States to fully harness the economic, social and sustainable benefits of digitalisation. Additionally, the increasing frequency, scale and severity of ransomware attacks by malicious actors may have an impact on international peace and security.

The EU works closely with Member States in shaping and advancing the international rules-based order in cyberspace, notably via the United Nations Framework of Responsible State Behaviour in Cyberspace. 

The UN Framework is based on four pillars:

  • The application of international law in cyberspace;
  • 11 voluntary non-binding norms of responsible state behaviour;
  • Confidence-Building Measures;
  • Cyber Capacity Building.

As part of their contribution to the UN framework, the EU and its Member States published the Declaration on a Common Understanding of the Application of International Law to Cyberspace, reaffirming that for the EU, cyberspace is not a lawless domain, and that respect for the UN framework of responsible state behaviour in cyberspace is essential to maintaining international peace, security and stability.   

In 2025, the UN Member States agreed by consensus to establish a permanent mechanism to advance responsible state behaviour in cyberspace, the ‘Global Mechanism’. The EU has been coordinating the EU position with its Member States throughout the negotiations and has played an active role in shaping these discussions, with many elements of the Global Mechanism’s mandate, structure, and modalities reflecting proposals put forward by the EU and its Member States. It is to implement and advance the UN Framework for Responsible State Behaviour in Cyberspace, grounded in existing international law and the 11 norms on responsible state behaviour, and to help build capacities of States in doing so. 

  • Image
    UN flag
  • Image
    HR/VP Kaja Kallas at the Press conference

Prevent, deter and respond to cyber threats

The EU’s Cyber Diplomacy toolbox

The Cyber Diplomacy Toolbox allows the EU and its Member States to use all Common Foreign and Security Policy (CFSP) measures to prevent, deter and respond to malicious cyber activities targeting the EU, its Member States and partners. It includes a framework to jointly collect and assess situational awareness, coordinate strategic communication and cooperate and coordinate with international partners to this effect. 

It also enables the development of a sustained, tailored, coherent and coordinated strategies towards persistent cyber threat actors, better addressing the challenges of continued lower level grey-zone threats and activities. The EU has used the Toolbox on various occasions, notably through several public statements, demarches as well as by adopting specific cyber sanctions packages.

Cyber sanctions regime

The EU can impose sanctions to deter and respond to cyber-attacks which constitute an external threat to the EU or its Member States. More specifically, this framework allows the EU, for the first time, to impose sanctions on persons or entities that are responsible for cyberattacks or attempted cyber-attacks, which provide financial, technical or material support for such attacks or otherwise involved in such attacks.

The EU Policy on Cyber Defence

The EU Policy on Cyber Defence promotes better coordination among national and EU cyber defence actors, as well as information exchange and cooperation between different cybersecurity communities: civilian and military, public and private. The Policy also aims to support the development of cyber defence capabilities, enhance our situational awareness and coordinate on the whole range of available defensive options. This strengthens our resilience, responds to cyberattacks and ensures solidarity and mutual assistance.

A flagship proposal of the Policy is the EU Cyber Defence Coordination Centre (‘EU CDCC’). This Centre will increase the cyber situational awareness of the EU and provide a platform to improve coordination and cooperation among Member States and possibly with international partners. 

Partnerships

Cyber threat actors operate across borders and so does the EU’s action.

The EU actively engages with partners worldwide to build bridges and protect the rules-based order – also in cyberspace. 

Engaging with partners and in multilateral formats

The EU works across a wide range of multilateral forums, including the United Nations, the Global Forum for Cyber Expertise, the Counter Ransomware Initiative, the G7 and other like-minded formats. The EU also cooperates with regional organisations such as the OSCE, ASEAN/ARF, the OAS, the AU, Council of Europe and NATO. Additionally, the EU itself periodically holds annual cyber dialogues with partners, including the United States, the United Kingdom, Ukraine, Japan, Republic of Korea, India and Brazil. 

The EU’s strategic partnership with NATO remains essential for Euro-Atlantic security. The EU is fully committed to enhancing this key partnership, including in the area of cyber defence. To facilitate and enhance the work of both organisations on cyber, EU and NATO staff meet periodically in a Structured Dialogue. Detailed information on the EU-NATO work on cyber is published annually in the EU-NATO progress report

Building capacities to be more resilient

This engagement takes place against the backdrop of a complex and rapidly evolving cyber threat landscape, in which close cooperation between the EU, its Member States and its partners is more vital than ever.

In this context, the EU aims to enhance the cyber resilience of its partners through helping to build their capacities. While EU capacity-building efforts are broad, the focus remains on the EU’s neighbourhood (in particular Ukraine, Moldova and the Western Balkans), as well as on partner countries experiencing a rapid digital development. At the same time, the EU also sees a growing demand from the Indo-Pacific, Africa, Latin America and the Caribbean, which it aims to meet.

Multi-stakeholder approach

The EU also maintains close engagement with the private sector, academia, and civil society. For this, the EEAS organises regular dialogues and exchanges, often in cooperation with the EU Institute for Security Studies, most notably via the EU Cyber Direct programme.

  • Image
    EU actively engages with partners worldwide

How is the EU tackling cyber threats? EU Cyber Census 2025

Facing growing threats to their security, including in cyberspace, the EU Member States need to act together for stronger cyber defence capabilities and cooperation, in line with the Joint Communication on the EU Policy on Cyber Defence. 

The 2025 EU Cyber Census tracks the implementation of the EU Policy on Cyber Defence and the related Council conclusions. 

The EU Cyber Census report is EU Classified Information, with the exception of its Executive Summary. The document:

  • provides an overview of common actions for stronger cyber defence capabilities and cooperation, including civil-military cyber cooperation.
  • summarises actions for securing the EU defence ecosystem in order to contribute to the EU’s strategic autonomy, investments in cyber defence capabilities, as well as international partnerships to address common challenges.
  • offers aggregated quantitative insights regarding Member States’ national positions and progress.