COMPARATIVE ANALYSIS OF CYBERSECURITY IN THE EUROPEAN UNION
DOI:
https://doi.org/10.29038/2524-2679-2025-02-136-154Keywords:
cybersecurity, European Union, NIS2, ENISA, disinformation, hybrid threats, digital diplomacyAbstract
Cybersecurity has acquired strategic importance as a key element of national and supranational security. The European Union, comprising more than two dozen countries with varying levels of digital maturity, faces the need to unify its approaches to cyber defence. The article offers a comprehensive analysis of the EU’s cybersecurity policy in the context of the intensification of global hy- brid threats, its institutional framework, legal foundations, and mechanisms for addressing contemporary threats. The functioning of key structures – ENISA, CERT-EU, CSIRT Network, the European Commission, EEAS, and East Strat- Com – and their interaction within the framework of a pan-European approach to cyber resilience are analysed. The evolution of the regulatory framework is considered: from the first NIS Directive to its update in the form of NIS2, as well as the Digital Services Act (DSA) and new initiatives, such as the European Cybersecurity Shield and the Cyber Solidarity Act. Particular attention is paid to the role of the Union’s public diplomacy, hybrid threats, disinformation campaigns, interference in democratic processes, in particular in the context of the Russian- Ukrainian war, and digital sovereignty as a strategic priority. It is proven that the institutional architecture of the Union’s cybersecurity combines regulatory, operational, communication and strategic elements, which allows ensuring the resilience of the digital environment in the face of new threats. The article uses historical, comparative, systemic approaches, content analysis and SWOT analy- sis to identify the strengths and weaknesses of the EU’s cyber policy, as well as to determine its opportunities and threats. A comparative analysis of the policies of the United States, China, NATO and Ukraine is also conducted, which allows assessing the uniqueness of the European Union’s approach to digital security, based on the protection of human rights, multi-level governance and internatio- nal cooperation. The role of Ukraine as an important partner in ensuring common cyber resilience on the eastern flank of Europe is emphasized.
References
1. A Systematic Literature Review on the NIS2 Directive. URL: https://arxiv.org/ html/2412.08084v1 (in English).
2. Ruohonen, J. (2024). The Incoherency Risk in the EU’s New Cyber Security Policies.
URL: https://arxiv.org/abs/2405.12043 (in English).
3. NIS2 in a European country comparison: How are the member states implementing the new EU cybersecurity legislation? URL: https://library.e.abb.com/public/bcdef3200f414d- 0ba7e2f4606bdee5d8/ABB%20NIS2%20EU%20Country%20Comparison%20Study.pdf (in English).
4. Report on the State of the Cybersecurity in the Union. URL: https://www.enisa.euro- pa.eu/publications/2024-report-on-the-state-of-the-cybersecurity-in-the-union (in English).
5. Ludvigsen, K. R. (2025). Creating Cybersecurity Regulatory Mechanisms, as Seen Through EU and US Law. URL: https://arxiv.org/abs/2503.07250 (in English).
6. Cîrnu, Carmen-Elena, Rotună, Carmen-Ionela, Vasiloiu, Ioana-Cristina (2023). Com- parative Analysis on Cyber Diplomacy in EU and US. URL: file:///C:/Users/user/Down- loads/ Comparative_Analysis_on_Cyber_Diplomacy_in_EU_and_%20(1).pdf (in English).
7. European Commission (2020). The EU’s Cybersecurity Strategy for the Digital De- cade. URL: https://digital-strategy.ec.europa.eu/en/library/eus-cybersecurity-strategy-digi- tal-decade-0 (in English).
8. The EU Cyber Solidarity Act. URL: https://digital-strategy.ec.europa.eu/en/policies/ cyber-solidarity (in English).
9. Directive (EU) 2022/2555 of the European Parliament and of the Council (NIS2 Di- rective). URL: https://www.nis-2-directive.com/ (in English).
10. Digital Services Act (EU) 2022/2065. URL: https://eur-lex.europa.eu/legal-content/ EN/LSU/?uri=CELEX%3A32022R2065 (in English).
11. ENISA – European Union Agency for Cybersecurity. Official Reports. URL: https:// www.enisa.europa.eu/publications (in English).
12. Questions and Answers about the East StratCom Task Force. URL: https://www. eeas.europa.eu/eeas/questions-and-answers-about-east-stratcom-task-force_en (in English).
13. EUvsDisinfo.eu platform. URL: https://euvsdisinfo.eu/ (in English).
14. European Court of Auditors (2021). Cybersecurity in the EU: Weak coordina- tion, strong challenges. URL: https://www.eca.europa.eu/en/publications/AAR-2024 (in English).
15. NATO CCDCOE Reports on Strategic Cyber Defence. URL: https://ccdcoe.org/ library/publications/national-cyber-security-strategy-guidelines/ (in English).
16. CERT-UA. The CERT-UA Team has processed 2,543 cyber incidents over 2023. URL: https://cip.gov.ua/en/news/uryadova-komanda-cert-ua-v-2023-roci-opracyuvala- 2543-kiberincidenti (in English).
17. Korystin, O. Ye., Svyrydiuk, N. P. (2023). Assessing Hybrid Threats and Counter- measure Capabilities when Shaping Strategic Communications. URL: file:///C:/Users/user/ Downloads/Assessment_of_hybrid_threats_and_capabilities_to_c.pdf (in Ukrainian).
18. ENISA Threat Landscape 2023. URL: https://www.enisa.europa.eu/ publications/ enisa-threat-landscape-2023 (in English).
19. Kasper, A., Osula, A.-M., Molnár A. (2021). EU cybersecurity and cyber diplo- macy. URL: file:///C:/Users/user/Downloads/oriolbueno,+387469.pdf (in English).
20. State Service of Special Communications and Information Protection of Ukraine. URL: https://cip.gov.ua/en (in English).
21. The National Cybersecurity Strategy (2023). URL: https://bidenwhitehouse.ar- chives.gov/oncd/national-cybersecurity-strategy/ (in English).
22. US Cyber Command reports. URL: https://www.cybercom.mil/ (in English).
23. Cybersecurity Law of the People’s Republic of China (2017). URL: https://digi- china.stanford.edu/work/translation-cybersecurity-law-of-the-peoples-republic-of-china- effective-june-1-2017/ (in English).
